DA’s Office Releases Version 2.0 of its Report on Smartphone Encryption & Public Safety
Manhattan District Attorney Cyrus R. Vance, Jr., today hosted the District Attorney’s Office’s 7th Annual Financial Crimes and Cybersecurity Symposium at the Federal Reserve Bank of New York in Manhattan. District Attorney Vance was joined by several leaders in the fight against terror, cyber, and financial crimes, including: keynote speaker Jeh Johnson, U.S. Secretary of Homeland Security; William J. Bratton, former New York City Police Commissioner; John J. Miller, NYPD Deputy Commissioner of Intelligence and Counter-terrorism; Robert Wainwright, Director of Europol; Ian Dyson, Commissioner of the City of London Police; François Molins, Paris Prosecutor; Maria T. Vullo, Superintendent of the New York State Department of Financial Services; Robert L. Capers, U.S. Attorney for the Eastern District of New York; and M. Kendall Day, Chief of the U.S. Department of Justice’s Asset Forfeiture and Money Laundering Section.
“As a world community, the key to defeating cybercrime lies not only in prosecuting it, but preventing it as well,” said District Attorney Vance. “I am grateful to the 350 guests from seven countries who joined us at today’s Symposium in furtherance of this goal. Together with our Global Cyber Alliance partners, I strongly encourage organizations large and small to use the free anti-phishing tool publicly released today at GlobalCyberAlliance.org.”
The annual symposium convenes senior leaders from the financial, cyber, regulatory, technology, and law enforcement communities to share insights and best practices, develop new partnerships, and assess collective efforts to confront emerging threats to citizens and institutions around the world.
Tools to Combat Phishing
In 2015, the Manhattan District Attorney’s Office, City of London Police, and Center for Internet Security announced the formation of the Global Cyber Alliance (“GCA”), a non-profit, multi-sector coalition of organizations dedicated to reducing cyber vulnerability through the exchange of threat data and the development of open-source risk solutions. To date, GCA has more than 120 global partners across 18 countries.
Today, District Attorney Vance announced the release of a free, powerful tool developed by GCA to combat phishing attacks, which is available for organizations of any size to use at GlobalCyberAlliance.org. The solution is a “wizard” that helps organizations implement the anti-phishing “DMARC” (Domain-based Message Authentication, Reporting and Conformance) message authentication mechanism, which protects organizations against “spoofed” or fraudulent emails from a seemingly legitimate email address linked to an individual’s name or organization.
Last month, GCA worked with partners to deploy a beta version of its DMARC tool in their organizations. In the case of one company where the beta tool was implemented, GCA discovered that about 1 out of every 200 emails apparently sent by the company was fraudulent. If DMARC were deployed globally with similar results, it would potentially block more than 500 million compromised emails each day.
Report on Smartphone Encryption and Public Safety
The Manhattan District Attorney’s Office also released today an update to its November 2015 Report on Smartphone Encryption and Public Safety. In the Manhattan District Attorney’s Cyber Lab alone, more than 420 lawfully-seized Apple devices remain inaccessible to investigators as a result of Apple’s implementation of default device encryption in October 2014. As noted in Version 2.0 of the Report, 10% of the “warrant-proof” devices in the District Attorney’s Cyber Lab pertain to homicide or attempted murder cases, and 9% of the devices relate to sex crimes. Version 2.0 of the Report concludes that Apple’s method of data extraction prior to October 2014 was never compromised, and that requiring smartphone makers to retain the ability to extract data does not materially increase users’ risk of being hacked.
The full report can be found here.