FDIC Latest Agency To Claim It Was Hacked By A Foreign Government
Furnished content.
Another federal entity is reporting being hacked. And it's pointing its fingers (and the FBI, which is now investigating) at Chinese military hackers.The FBI is investigating how hackers infiltrated computers at the Federal Deposit Insurance Corporation for several years beginning in 2010 in a breach senior FDIC officials believe was sponsored by China's military, people with knowledge of the matter said.The security breach, in which hackers gained access to dozens of computers including the workstation for former FDIC Chairwoman Sheila Bair, has also been the target of a probe by a congressional committee. Caught in the middle of all this are the financial transactions of millions of Americans, in addition to whatever sensitive government information might have been located on the FDIC's computers.But claiming the Chinese were involved seems premature, even according to Reuter's own reporting, which relies heavily on a bunch of anonymous government officials discussing documents no one at Reuters has seen.Last month, the banking regulator allowed congressional staff to view internal communications between senior FDIC officials related to the hacking, two people who took part in the review said. In the exchanges, the officials referred to the attacks as having been carried out by Chinese military-sponsored hackers, they said. The staff was not allowed to keep copies of the exchanges, which did not explain why the FDIC officials believe the Chinese military was behind the breach. About the only thing confirmed is the FBI's presence, and that too relies on anonymous officials "familiar with the matter" who described the investigation as ongoing. That being said (anonymously), it's safer to assume the FBI is checking this out than it is to assume it was a state-sponsored attack. But there seems to be a new and undeniable urge to make attributions as quiickly as possible, even if the evidence doesn't conclusively point to anyone in particular.What hasn't changed is the long delay between discovery and announcement. This hack happened more than five years ago and the FDIC spent nearly two years purging the system of the suspected hackers. Then it waited until it was being investigated by the FBI and Congress before acknowledging the security breach.And it's not as though the FDIC has gotten everything locked down, despite being more than six years removed from a major breach.This year, the FDIC has reported to Congress at least seven cybersecurity incidents it considered to be major which occurred in 2015 or 2016.An annual report by the regulator said there were 159 incidents of unauthorized computer access during fiscal year 2015, according to a redacted copy obtained by Reuters under a Freedom of Information Act request.Rather than major breaches by hackers, however, these incidents included security lapses such as employees copying sensitive data to thumb drives and leaving the agency.Twenty of the incidents were confirmed data breaches, according to an FDIC document provided to Reuters by the U.S. House of Representatives Committee on Science, Space and Technology. That represents a higher number than was previously reported by the regulator under reporting guidelines for major incidents. In response to these continued incidents, the FDIC has taken the bold step of… banning thumb drives. It appears the lengthy delays between discovery and disclosure will remain in place. In response to the Reuters report, a round of "no comments" was offered from a variety of government officials, as well as the contractor hired by the FDIC to rid its computers of invaders.An earlier investigation by the House Science Committee does offer some support for the Chinese military hackers theory, but the only conclusion it reached was that the hack appeared to be China-based. Committee members were less than impressed with the FDIC's reluctance to cooperate with the probe and suspected staffers of trying to shield the new FDIC chairman from criticism. The Inspector General's report couldn't find any evidence confirming this assumption, but the 2013 report did find that top FDIC officials weren't even briefed on the discovered breach until more than a year after it was discovered. So, it's not just secrecy between branches of government. It's also secrecy within a single government body. And never mind the millions of Americans potentially affected. They'll always find out last.
Permalink | Comments | Email This Story
Read more here
posted at: 12:00am on 28-Dec-2016
path: /Policy | permalink | edit (requires password)
Sufferin' Trademarks: The Trademark Dispute Over The Word Succotash
Furnished content.
If there is a common theme that runs through much of the posts we do on trademark disputes, it's that the ultimate responsibility for them lies at the feet of a USPTO that's only too willing to grant privilege on words and terms when it should not. The examples of this abound, from a video game trademark on the term "candy" to trademarks being granted in the entertainment market for the word "live."And now we can add to this list that the USPTO apparently granted a trademark for the restaurant industry to a company on the word "succotash." This came to light when that company, Knead Hospitality + Design, sent a cease and desist notice to Beth Barden, who runs a restaurant in Kansas City that goes by the name Succotash.Barden learned via email that Knead Hospitality + Design filed a trademark registration for Succotash and requested she remove the trademark symbol from her website. But the D.C. company's move has bigger implications: The filing gives it the nationwide right to use that trademark in connection with bar, catering and restaurant services. If Barden wanted to expand or franchise outside the Kansas City area, she could be subject to trademark infringement, said Cheryl Burbach, a partner in Hovey Williams LLP, an Overland Park intellectual property law firm."All of a sudden, your name isn't yours anymore," Barden told the Kansas City Business Journal. "It's a little terrifying because clearly they have more money than I have, more opportunity to fight this thing than I do." Now, notably, Barden's restaurant is over a decade old, while Knead Hospitality + Design came to be only in 2014. As such, Barden likely has all sorts of protections available to her via common law trademark rights. She has hired an attorney to fight the C&D... and to get Knead's registration cancelled. And that really should happen, because allowing a trademark in the restaurant industry that consists entirely of the name of a common dish is insane. So insane, in fact, that that's the reason why Barden herself never even bothered to attempt to register the trademark herself.Barden said she never registered a Succotash trademark because she didn't think a common vegetable dish could be trademarked. Even so, Barden is considered a senior user who owns prior common law trademark rights in the Kansas City area. Knead filed its trademark application on March 14, 2015, well after Barden began using the name in Kansas City. Her naiveté would be quite sweet, had it not led to her now having to pay an attorney to keep a trademark bully with a mark that never should have been granted in the first place at bay. Which brings us all the way back to the original point: if the USPTO can't be bothered to think about a trademark application for long enough to realize it never should have granted this particular mark, the time for new oversight is at hand.
Permalink | Comments | Email This Story
Read more here
posted at: 12:00am on 28-Dec-2016
path: /Policy | permalink | edit (requires password)
|
|