Author Topic: Cyberwar, Cyber Crime, and American Freedom  (Read 277279 times)

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72250
    • View Profile
Re: Cyberwar, Cyber Crime, and American Freedom
« Reply #450 on: July 23, 2017, 07:07:44 PM »
What are you doing?

G M

  • Power User
  • ***
  • Posts: 26643
    • View Profile
Re: Cyberwar, Cyber Crime, and American Freedom
« Reply #451 on: July 23, 2017, 07:11:33 PM »
What are you doing?


Moving away from an urban death zone.


Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72250
    • View Profile
Re: Cyberwar, Cyber Crime, and American Freedom
« Reply #452 on: July 23, 2017, 07:17:27 PM »
Silly me, I was thinking electronically  :lol: e.g. storing this forum in some sort of device, unconnected to the internet so this forum can be resurrected with our work of all these years saved.

G M

  • Power User
  • ***
  • Posts: 26643
    • View Profile
Re: Cyberwar, Cyber Crime, and American Freedom
« Reply #453 on: July 23, 2017, 08:20:37 PM »
Silly me, I was thinking electronically  :lol: e.g. storing this forum in some sort of device, unconnected to the internet so this forum can be resurrected with our work of all these years saved.


I'm planning on scenarios that put immediate concerns much lower on Maslow's hierarchy of needs.

G M

  • Power User
  • ***
  • Posts: 26643
    • View Profile
Grid threats require 'imagining the unimaginable' — report
« Reply #454 on: July 24, 2017, 07:12:58 AM »
https://www.eenews.net/energywire/stories/1060057718/search

SECURITY
Grid threats require 'imagining the unimaginable' — report
Peter Behr, E&E News reporter Published: Friday, July 21, 2017
Power grid at sunset. Photo credit: Pixabay

A new National Academy of Sciences report has stark warnings for the U.S. electric power network. Pixabay
The U.S. electric power network is poorly equipped to restore electricity service to large areas blacked out by natural disasters or hostile attacks, a National Academy of Sciences panel warned yesterday in a report that looks into dark future scenarios that it says the nation and the public have not fully faced up to.

"The electricity system, and associated supporting infrastructure, is susceptible to widespread uncontrolled cascading failure, based on the interconnected and interdependent nature of the networks," the panel concluded in a 297-page report ordered by Congress and funded by the Department of Energy. "Despite all best efforts, it is impossible to avoid occasional, potentially large outages caused by natural disasters or pernicious physical or cyber attacks."

The panel, headed by M. Granger Morgan, an engineering professor at Carnegie Mellon University, proposed a long list of actions needed to create a "resilient" power grid that could recover from an unprecedented blow.

Morgan said the challenge should be a top priority, not in the sense of "do it tomorrow, or we're toast. But in the time scale of months, it's quite urgent."

"At present, planning for all types of hazards to public infrastructure is a disorganized and decentralized activity," the report said. "Too often in the past, the United States has made progress on the issue of resilience by 'muddling through,'" but that response is no longer tolerable, the report said. Multiple threats to the grid require authorities and industry to start "imagining the unimaginable" and planning for lower-probability but potentially catastrophic events.

The report comes as Energy Secretary Rick Perry's leadership team is completing a high-level review of power grid reliability and is working on a report on cybersecurity threats called for by President Trump. Both reports will set policy benchmarks for how the Trump administration will prioritize and fund federal responses to grid threats.

Travis Fisher, the DOE political appointee heading the reliability study, minimized the risk of a state-sponsored, large-scale cyber outage in a 2015 paper issued by the Institute for Energy Research, a pro-fossil-fuels advocacy organization. "Even though cyber threats do exist and are concerning, fears of catastrophic damage from a cyber attack are likely overblown," Fisher wrote then, saying that would-be attackers are deterred by the certainty of a U.S. in-kind response.

Some grid executives and federal security officials have said the same, but most cyber professionals conclude that the grid's exposure to potential attack is expanding constantly. Responding to a question yesterday, DOE spokeswoman Shaylyn Hynes said the IER paper "is not relevant to the grid study or cyber study."

The panel, whose members included academics, DOE laboratory scientists and a former regional grid chief executive, said the responsibility for recovery from a widespread power outage starts at the top.

Fragmented responsibility

"No single entity is responsible for, or has the authority to implement a comprehensive approach to assure the resilience of the nation's electricity system," the report said. "Even in federal programs focused explicitly on increasing grid resilience, planning and implementation of research and policy responses are fragmented across federal agencies. It is impossible to describe all of the relevant efforts succinctly."

The panel challenged DOE to fill that gap, leading longer-term federal, state and community actions to increase the grid's recovery capability. "No other entity in the United States has the mission to support such work," it said.

While many recommendations centered on the federal government, others pointed at the power industry.

"There has been a tendency among utilities and other commercial entities not to share information about cyber breaches and to look inward rather than seeking help, which limits potential for collaboration across organizations. Most utilities are not likely to have adequate internal staff directly experienced in large-scale cyber restoration," the report said.

It also urged more research on how electric vehicles, customer-owned solar power and microgrids could help the grid recover. In worst-case scenarios, customers might have to endure lengthy recoveries in which power is rationed, the study said. Families that have home systems able to use limited power supplies to run refrigerators and furnaces might avoid evacuation after a disaster, the authors said.

The report urged more financial support for DOE offices that fund research, development and demonstration programs on cybersecurity defenses and power grid monitoring and control systems. Trump's fiscal 2018 budget request proposed 41 percent spending cuts for both DOE's Office of Electricity Delivery and Energy Reliability and its Office of Energy Efficiency and Renewable Energy, two centers of that research.

"If funding is not provided by the federal government, the committee is concerned that this gap would not be filled either by states or by the private sector," the panel said.

It called on DOE to lead in the stockpiling of crucial grid power transformers, to complement industry programs.

Much more technology is needed to deal with wide-area outages, the panel said, including control room software to help grid operators recognize and respond to fast-moving outages. "During a major event such as Hurricane Katrina or Superstorm Sandy, thousands of alarms can overwhelm the system operator" in control rooms, it said. "Artificial intelligence could help quickly prioritize these alarms."

Several recommendations addressed what the panel saw as a lack of understanding among government officials and the public about the consequences of a widespread emergency — including deliberate, targeted blackouts of some areas to protect vital equipment that would be needed to bring the grid back up.

In an uncontrolled, cascading grid collapse, parts of the interstate grid would automatically break into smaller subdivisions called "islands," resulting in significant outages, the panel said. Planned "islanding" in an emergency could limit the damage and speed recovery, the report said.

DOE and DHS should create a "visioning" process to portray and assess plausible large-area, long-duration grid disruptions that could have major impacts on the public, to help hospitals, communications providers, first responders and other critical resources prepare, the report said.

The Federal Energy Regulatory Commission and the North American Energy Standards Board should do more to coordinate operations of natural gas pipelines and the power companies that depend on gas to run generators, it said.

The recovery challenge must be recognized at the state level, too, the panel said.

In one case in point, a new cybersecurity strategy issued last week by Connecticut Gov. Dannel Malloy (D) describes critical infrastructure as the state's "Achilles' heel," noting that "experts have called our electric grid the glass jaw of American industry." The document concludes, "There are potential attackers, vulnerable places they could attack and many ways to amplify the effects of a cyber attack by combining it with other emergencies."

"I can't give you concrete, specific, best solutions for all these problems," said Art House, Connecticut's chief cybersecurity risk officer and a former utility regulator there. "But I think that what we have to do is recognize the vulnerability, recognize that there has to be a culture of cybersecurity, and then go about finding the answers to it."

Twitter: @PeteBehrEENews Email: pbehr@eenews.net

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72250
    • View Profile
Chinese Cyberwar capabilities
« Reply #455 on: August 09, 2017, 09:00:30 PM »
https://fas.org/sgp/crs/homesec/R43604.pdf
___________________________________________________

https://www.csmonitor.com/World/Passcode/Passcode-Voices/2017/0320/How-China-is-preparing-for-cyberwar


Preparing for informationized wars

The 2015 Chinese Military Strategy White Paper states that the PLA must prepare for “informationized local wars” against technologically advanced adversaries. As a result, Chinese hackers breach Defense Department networks in order to better understand US military capabilities, accelerate the modernization of the People’s Liberation Army, and prepare of military conflict and the disruption of US forces.

Two PLA groups, Units 61938 and 61486, have reportedly stolen information from over two dozen Defense Department weapons programs, including the Patriot missile system and the US Navy’s new littoral combat ship. The most high-profile case has been the hacking of defense contractors involved in the F-35, which have forced the redesign of specialized communications and antenna arrays for the stealth aircraft. Department of Defense officials say that the most sensitive flight control data were not taken because they were stored offline, but the fuselage of China’s second stealth fighter jet, the J-31, is very similar to that of the F-35. In response to a question about attacks on defense contractors, Lieutenant General Vincent Stewart, director of the Defense Intelligence Agency, told a congressional hearing, “I do not believe we are at this point losing our technological edge, but it is at risk based on some of their cyberactivities,” referring to China.

Chinese hackers also break into US networks in preparation for a potential military conflict. Chinese military analysts often write of the PLA’s need to seize information dominance at the beginning stages of a conflict with a technologically advanced adversary through cyber attacks against command and control computers as well as satellite and communication networks. The PLA would also attempt to disrupt US forces in the Western Pacific through attacks on transportation and logistics systems. Preparing for these attacks requires cyber espionage.

Chinese military writings also suggest that cyberattacks can have a deterrent effect, given American dependence on banking, telecommunication, and other critical networks. A highly disruptive or destructive attack on these networks might reduce the chances that the United States might get involved in a regional conflict. Some Chinese intrusions into critical infrastructure may intentionally leave evidence behind to act as a warning that the US homeland may not be immune to attack in the case of a conflict over Taiwan or the South China Sea.
______________________________________

http://www.indiandefencereview.com/spotlights/acupuncture-warfare-chinas-cyberwar-doctrine-and-implications-for-india/

If there is another conflict with China, it can be visualised that the war will begin in cyberspace much before a single shot is fired or the first missile is launched. In fact, frequent hacking attempts, some of them successful, are ongoing on a daily basis even now when there is peace at the border

Read more at:
http://www.indiandefencereview.com/spotlights/acupuncture-warfare-chinas-cyberwar-doctrine-and-implications-for-india/

G M

  • Power User
  • ***
  • Posts: 26643
    • View Profile
http://www.eiscouncil.com/EarthEx

Today’s lifeline infrastructures are interconnected and resourced on unprecedented scales, with supply chains spanning the nation and, increasingly, the world.  With this growing integration and global reach, they have brought us remarkable capabilities.

At a price.   

Concerns have grown over the potential for severe malicious or natural “Black Sky” hazards associated with subcontinent scale, long duration power outages, with cascading failure of all our other increasingly interdependent infrastructures.  This creates a grim and difficult dilemma:  Restoration of any sector will only be possible with at least minimal operation of all the others. 
To deal with this deadlock, careful sector by sector and cross-sector resilience planning is crucial.  However, such plans, to be effective, must be exercised.  With the diversity and the national and global scale of the infrastructures we now depend on, this requires an unprecedented, multi-sector, national and international exercise series.

WHAT IS EARTH EX?
EARTH EX is an evolving, distributed, collaborative partner-developed exercise designed to meet this need.

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72250
    • View Profile
« Last Edit: September 22, 2017, 05:16:35 AM by Crafty_Dog »

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72250
    • View Profile
WSJ on the SEC hack
« Reply #458 on: September 22, 2017, 05:16:59 AM »
The SEC’s Cyber Embarrassment
The agency that lectures private companies can’t secure its own files.
Photo: istock/Getty Images
By The Editorial Board
Sept. 21, 2017 7:16 p.m. ET
16 COMMENTS

The Securities and Exchange Commission let slip Wednesday evening—nearly half way into a 4,000-word statement on cybersecurity—that it learned last month that a hacking “incident previously detected in 2016 may have provided the basis for illicit gain through trading.” In journalism, this is known as burying the lead.

The SEC’s four-line disclosure provides few details other than that the breach affected its EDGAR system, which receives and processes more than 1.7 million electronic filings a year. Hackers were able to exploit a software vulnerability in the system to obtain nonpublic information. The agency says the weakness was patched promptly, though its investigation is “ongoing.”

So the SEC waited weeks after learning that its filing system had been penetrated for potentially illicit gain to disclose the break-in. And then it discreetly dropped the news into a lengthy memo advising companies and exchanges about their regulatory obligations to manage and disclose cyber risks.

A few questions: Why didn’t the agency report the incident when it occurred last year—and exactly when?—and what took it so long to figure out that the hack might have resulted in illegal trading activity?

The SEC provides no explanation but notes that there are “frequent attempts by unauthorized actors to disrupt access to our public-facing systems, access our data, or otherwise cause damage to our technology infrastructure” and “in certain cases cyber threat actors have managed to access or misuse our systems.” This suggests that there been other successful hacks that the SEC has not disclosed, perhaps because it doesn’t have evidence that they resulted in securities fraud.

One hypothesis is that the SEC was worried that disclosing the hack would raise questions about the security of its Consolidated Audit Trail, a centralized database that will give the agency access to “significant, nonpublic, market sensitive data and personally identifiable information.” The system, in the works for seven years, is supposed to come online this fall. But executives from U.S. financial exchanges have warned that it will be a rich target for hackers.

The SEC might also fear undermining its authority on cybersecurity. In 2014 the SEC issued regulations requiring exchanges and clearinghouses to “take corrective action with respect to systems disruptions, compliance issues and intrusions” and notify the SEC. It has also threatened legal action against public companies that don’t make adequate disclosures.

Yet the SEC has been rebuked several times by the Government Accountability Office and its own Inspector General for lax cyber controls. A 2014 review by its IG found that some SEC laptops that may have contained non-public information couldn’t be located. Agency staff have also transmitted non-public information through non-secure personal email accounts.

The SEC disclosure is particularly embarrassing in the wake of the Equifax data breach, which is being investigated by federal and state regulators amid much political outrage. Before regulators in glass houses take legal action against private companies, they can at least secure their own cyber walls.

ccp

  • Power User
  • ***
  • Posts: 19755
    • View Profile
no way to stop determined hackers
« Reply #459 on: September 24, 2017, 06:20:59 AM »
As I have said for years from my own experience.

But no one cares unless you piss off the Democrat Party bosses:

https://www.hackread.com/hacking-offline-computer-and-phone/

ccp

  • Power User
  • ***
  • Posts: 19755
    • View Profile

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72250
    • View Profile
Russians penetrate NSA!
« Reply #461 on: October 06, 2017, 11:52:20 AM »
WSJ
By Gordon Lubold and
Shane Harris
Updated Oct. 5, 2017 7:31 p.m. ET
994 COMMENTS

WASHINGTON—Hackers working for the Russian government stole details of how the U.S. penetrates foreign computer networks and defends against cyberattacks after a National Security Agency contractor removed the highly classified material and put it on his home computer, according to multiple people with knowledge of the matter.

The hackers appear to have targeted the contractor after identifying the files through the contractor’s use of a popular antivirus software made by Russia-based Kaspersky Lab, these people said.

The theft, which hasn’t been disclosed, is considered by experts to be one of the most significant security breaches in recent years. It offers a rare glimpse into how the intelligence community thinks Russian intelligence exploits a widely available commercial software product to spy on the U.S.

The incident occurred in 2015 but wasn’t discovered until spring of last year, said the people familiar with the matter.

The stolen material included details about how the NSA penetrates foreign computer networks, the computer code it uses for such spying and how it defends networks inside the U.S., these people said.

Having such information could give the Russian government information on how to protect its own networks, making it more difficult for the NSA to conduct its work. It also could give the Russians methods to infiltrate the networks of the U.S. and other nations, these people said.

The breach is the first known incident in which Kaspersky software is believed to have been exploited by Russian hackers to conduct espionage against the U.S. government. The company, which sells its antivirus products in the U.S., had revenue of more than half a billion dollars in Western Europe and the Americas in 2016, according to International Data Corp. Kaspersky says it has more than 400 million users world-wide.

The revelation comes as concern over Russian infiltration of American computer networks and social media platforms is growing amid a U.S. special counsel’s investigation into whether Donald Trump’s presidential campaign sought or received assistance from the Russian government. Mr. Trump denies any impropriety and has called the matter a “witch hunt.”

Intelligence officials have concluded that a campaign authorized by the highest levels of the Russian government hacked into state election-board systems and the email networks of political organizations to damage the candidacy of Democratic presidential nominee Hillary Clinton.

A spokesman for the NSA didn’t comment on the security breach. “Whether the information is credible or not, NSA’s policy is never to comment on affiliate or personnel matters,” he said. He noted that the Defense Department, of which the NSA is a part, has a contract for antivirus software with another company, not Kaspersky.

In a statement, Kaspersky Lab said it “has not been provided any information or evidence substantiating this alleged incident, and as a result, we must assume that this is another example of a false accusation.”

Kremlin spokesman Dmitry Peskov in a statement didn’t address whether the Russian government stole NSA materials using Kaspersky software. But he criticized the U.S. government’s decision to ban the software from use by U.S. agencies as “undermining the competitive positions of Russian companies on the world arena.”

Sen. Jeanne Shaheen, (D., N.H.) on Thursday asked the Senate Armed Services Committee to hold hearings on the issue. “As you are aware, I have been concerned about the serious dangers of using Kaspersky software due to the company’s strong ties to the Kremlin,” she wrote in a letter to Sen. John McCain (R., Ariz.), the committee chairman.

She urged Mr. McCain to “expeditiously” schedule a hearing with the NSA’s director, Adm. Michael Rogers, and other administration officials.

The Kaspersky incident is the third publicly known breach at the NSA involving a contractor’s access to a huge trove of highly classified materials. It prompted an official letter of reprimand to Adm. Rogers by his superiors, people familiar with the situation said.

Adm. Rogers came into his post in 2014 promising to staunch leaks after the disclosure that NSA contractor Edward Snowden the year before gave classified documents to journalists that revealed surveillance programs run by the U.S. and allied nations.

The Kaspersky-linked incident predates the arrest last year of another NSA contractor, Harold Martin, who allegedly removed massive amounts of classified information from the agency’s headquarters and kept it at his home, but wasn’t thought to have shared the data.

Mr. Martin pleaded not guilty to charges that include stealing classified information. His lawyer has said he took the information home only to get better at his job and never intended to reveal secrets.

The name of the NSA contractor in the Kaspersky-related incident and the company he worked for aren’t publicly known. People familiar with the matter said he is thought to have purposely taken home numerous documents and other materials from NSA headquarters, possibly to continue working beyond his normal office hours.

The man isn’t believed to have wittingly aided a foreign government, but knew that removing classified information without authorization is a violation of NSA policies and potentially a criminal act, said people with knowledge of the breach. It is unclear whether he has been dismissed from his job or faces charges. The incident remains under federal investigation, said people familiar with the matter.

Kaspersky software once was authorized for use by nearly two dozen U.S. government agencies, including the Army, Navy and Air Force, and the departments of Defense, State, Homeland Security, Energy, Veterans Affairs, Justice and Treasury.


NSA employees and contractors never had been authorized to use Kaspersky software at work. While there was no prohibition against these employees or contractors using it at home, they were advised not to before the 2015 incident, said people with knowledge of the guidance the agency gave.

For years, U.S. national security officials have suspected that Kaspersky Lab, founded by a computer scientist who was trained at a KGB-sponsored technical school, is a proxy of the Russian government, which under Russian law can compel the company’s assistance in intercepting communications as they move through Russian computer networks.

Kaspersky said in its statement: “As a private company, Kaspersky Lab does not have inappropriate ties to any government, including Russia, and the company has never helped, nor will help, any government in the world with its cyberespionage efforts.”

Suspicions about the company prompted the Department of Homeland Security last month to take the extraordinary step of banning all U.S. government departments and agencies from using Kaspersky products and services. Officials determined that “malicious cyber actors” could use the company’s antivirus software to gain access to a computer’s files, said people familiar with the matter.

The government’s decision came after months of intensive discussions inside the intelligence community, as well as a study of how the software works and the company’s suspected connections to the Russian government, said people familiar with the events.

They said intelligence officials also were concerned that given the prevalence of Kaspersky on the commercial market, countless people could be targeted, including family members of senior government officials, or that Russia could use the software to steal information for competitive economic advantage.

“The risk that the Russian government, whether acting on its own or in collaboration with Kaspersky, could capitalize on access provided by Kaspersky products to compromise federal information and information systems directly implicates U.S. national security,” the DHS said Sept. 13 in announcing the government ban.

All antivirus software scans computers looking for malicious code, comparing what is on the machine to a master list housed at the software company. But that scanning also gives makers of the software an inventory of what is on the computer, experts say.

“It’s basically the equivalent of digital dumpster diving,” said Blake Darché, a former NSA employee who worked in the agency’s elite hacking group that targets foreign computer systems.

Kaspersky is “aggressive” in its methods of hunting for malware, Mr. Darché said, “in that they will make copies of files on a computer, anything that they think is interesting.” He said the product’s user license agreement, which few customers probably read, allows this.

“You’re basically surrendering your right to privacy by using Kaspersky software,” said Mr. Darché, who is chief security officer for Area 1, a computer security company.

“We aggressively detect and mitigate malware infections no matter the source and we have been proudly doing it for 20 years,” the company said in its statement. “We make no apologies for being aggressive in the battle against malware and cybercriminals.”

U.S. investigators believe the contractor’s use of the software alerted Russian hackers to the presence of files that may have been taken from the NSA, according to people with knowledge of the investigation. Experts said the software, in searching for malicious code, may have found samples of it in the data the contractor removed from the NSA.

But how the antivirus system made that determination is unclear, such as whether Kaspersky technicians programed the software to look for specific parameters that indicated NSA material. Also unclear is whether Kaspersky employees alerted the Russian government to the finding.

Investigators did determine that, armed with the knowledge that Kaspersky’s software provided of what files were suspected on the contractor’s PC, hackers working for Russia homed in on the machine and obtained a large amount of information, said the people familiar with the matter.

The breach illustrates the chronic problem the NSA has had with keeping highly classified secrets from spilling out, former intelligence personnel say. They say they were rarely searched while entering or leaving their workplaces to see if they were carrying classified documents or removable storage media, such as a thumb drive.

Then-Defense Secretary Ash Carter and then-Director of National Intelligence James Clapper pushed President Barack Obama to remove Adm. Rogers as NSA head, due in part to the number of data breaches on his watch, according to several officials familiar with the matter.

The NSA director had fallen out of White House favor when he traveled to Bedminster, N.J., last November to meet with president-elect Donald Trump about taking a job in his administration, said people familiar with the matter. Adm. Rogers didn’t notify his superiors, an extraordinary step for a senior military officer, U.S. officials said.

Adm. Rogers wasn’t fired for a number of reasons, including a pending restructuring of the NSA that would have been further complicated by his departure, according to people with knowledge of internal deliberations. An NSA spokesman didn’t comment on efforts to remove Adm. Rogers.

Write to Gordon Lubold at Gordon.Lubold@wsj.com and Shane Harris at shane.harris@wsj.com

Appeared in the October 6, 2017, print edition as 'Russian Hackers Stole NSA Spy Secrets.'

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72250
    • View Profile
Change Wave: Trust busters
« Reply #462 on: October 10, 2017, 07:29:21 PM »
October 10, 2017
Trust Busters

This year’s Nobel prize winner for economics, Richard Thaler, had won a measure of fame before this award. He played a central role in persuading many economists that human behavior, and thus irrational behavior, was often predictable and could be ‘nudged’ to change decision-making.

As obvious as this sounds today, it was a great departure from classical economics, which firmly stuck to the belief that people behave, OMG, rationally.

“In order to do good economics, you have to keep in mind that people are human,” Thaler said at a news conference after the Nobel announcement.

This recalls an insight shared by another Nobel winner, physicist Richard Feynman, who said that “reality must take precedence over public relations, for nature cannot be fooled.”

Cass Sunstein, (Marc:  :-o :-o :-o) who co-wrote a book titled “Nudge” with Thaler, which helped to popularize his ideas on behavioral economics, wrote this yesterday:

“Focusing on what he called ‘mental illusions,’ Thaler explained that human beings make a lot of blunders. With clear examples, a sense of play and a little math, he showed that people just don’t act in the way predicted by standard economic theory.”

Thaler’s influence and insights, along with those of Daniel Kahneman and Amos Tversky – the godfathers of behavioral economics – have been widely embraced well beyond the profession.

Facebook, for example, led a team of researchers in 2012 for an experiment on emotional priming, without the awareness of the 700,000 users involved, to see whether manipulation of their news feeds would affect the positivity or negativity of their own posts.   When this became known in 2014 it was generally seen as an unacceptable form of psychological manipulation. But Facebook defended the research on the grounds that its users’ consent to their terms of service was sufficient to imply consent to such experiments.

Now, we’ve just learned that Facebook revealed 3,000 ads bought by a Russian operative reached 10 million of its users. As it turns out, a big multiple of that audience was exposed to the ads purchased by a single Russian troll farm called the Internet Research Agency.  The actual reach encompasses all the activity of the Russian-controlled accounts – each post, each ‘like,’ each comment and also all of the ads. With this understanding, the effect of each ad organically metastasized to poison a population of potentially hundreds of millions on the social media site.

“This is cultural hacking,” said Jonathan Albright, research director at Columbia University’s Tow Center for Digital Journalism. “They are using systems that were already set up by these platforms to increase engagement. They’re feeding outrage –and it’s easy to do, because outrage and emotion is how people share.”

Facebook is not an isolated case. Google has uncovered evidence that Russian operatives exploited the company’s platforms in an attempt to interfere in the 2016 election.   Google, which runs the world’s largest online advertising business, has found that tens of thousands of dollars were spent on ads by Russian agents who aimed to spread disinformation across Google’s widely-used products, including YouTube and Gmail.

The ads do not appear to be from the same Kremlin-affiliated troll farm that bought ads on Facebook. This suggests that the Russian effort to spread disinformation online may be a much broader problem than Silicon Valley companies have unearthed so far.

Meanwhile, Twitter shut down 201 accounts associated with the Internet Research Agency, disclosing that the account for the Kremlin-linked news site RT spent $274,100 on its platform in 2016.

Russia’s bag of tricks isn’t isolated to social media. Hackers working for the Russian government stole details of how the US penetrates foreign computer networks and defends against cyberattacks, after a National Security Agency contractor removed the highly classified material and put it on his home computer.

The theft, which occurred in 2015, is considered to be one of the most significant security breaches in recent years. It appears that Russian intelligence targeted the contractor after identifying the files through the contractor’s use of a popular antivirus software made by Russia-based Kaspersky Lab.

Most troubling, however, is that serious data breaches are becoming everyday occurrences.

In December, six months before it was taken over by Verizon for $4.5 billion, Yahoo revealed that a data theft incident in 2013 had affected around 1 billion user accounts. However, the company disclosed this week that new intelligence indicates every Yahoo account that existed at the time was affected by the breach.

The massive Equifax data breach, which exposed the sensitive personal information of nearly 146 million Americans, happened because of a mistake by a single employee, the credit reporting company’s former CEO told members of Congress last week.   On multiple occasions, he referred to an ‘individual’ in Equifax’s technology department who had failed to heed security warnings and did not ensure the implementation of software fixes that would have prevented the breach.

US government agencies have also publicly confronted digital crimes perpetuated on sensitive data.

A major headache for the IRS in recent years has been identity theft, which has resulted in a wave of tax fraud. After digital thieves had stolen taxpayers' information from social-media platforms or large-scale security breaches, they file fake tax returns in a bid to collect refund checks.

The SEC recently discovered a vulnerability in its corporate filing database that could cause the system to collapse. A September 22 memo reveals that the SEC’s EDGAR database, containing financial reports from US public companies and mutual funds, could be at risk of ‘denial of service’ attacks, a type of cyber intrusion that floods a network, overwhelming it and forcing it to close.

In other words, if hackers wanted to, they could “basically take down the whole EDGAR system” by submitting a malicious data file, said one cyber security expert with experience securing networks of financial regulators.

Organizational Behavior: Humans are Prime Element in Cybersecurity

451 Research found that reports of ‘significant’ security incidents are dramatically higher at larger companies than smaller ones. A survey revealed that while 17% of companies with less than 1,000 employees experienced a notable breach, it climbs to 44% for organizations with more than 10,000 people.
 
Reasons for the disparity between the biggest and smallest firms may be due to the greater level of investment in security monitoring at larger organizations, enabling them to better detect breaches than less-equipped groups.

It could also be that hackers are more inclined to target large companies because the prizes are greater, and the human vulnerabilities can be exploited more readily.   
The top pain points are User Behavior (34%), followed by Organizational Politics/Lack of Attention to Information Security (21%) and Staffing Information Security (21%), according to 451 Research.

The top security concerns over the last 90 days were Hackers/Crackers with Malicious Intent (53%) and Compliance (49%).

In the words of one information security respondent: The real concern is the people and not the tech – “[The greatest insider threat] is always going to be people … People are the only wild-card. The technology can be trusted.”

Naturally, a challenge for organizations is finding and hiring skilled cybersecurity professionals, who are especially important when it comes to security analytics and operations. It takes highly experienced pros to investigate security incidents, synthesize threat intelligence, or perform proactive hunting exercises.

In order to address the security skills gap, slightly more than half of the 451 Research respondents plan to train existing staff and 44% will hire contractors.
While 35% said they would hire new staff, very large organizations with more than 10,000 employees were nearly twice as likely (51% vs. 26%) compared to very small organizations with less than 250 employees.

‘Plastics’ once had seized the day for college grads, today it’s ‘cybersecurity.’

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72250
    • View Profile

G M

  • Power User
  • ***
  • Posts: 26643
    • View Profile
Hillary level cybersecurity
« Reply #464 on: October 15, 2017, 06:36:16 AM »
https://pjmedia.com/instapundit/278161/

OCTOBER 12, 2017
CYBERWAR: Cyberattack Captures Data on U.S. Weapons in Four-Month Assault.

A cyberattacker nicknamed “Alf” gained access to an Australian defense contractor’s computers and began a four-month raid that snared data on sophisticated U.S. weapons systems.

Using the simple combinations of login names and passwords “admin; admin” and “guest; guest” and exploiting a vulnerability in the company’s help-desk portal, the attacker roved the firm’s network for four months. The Australian military referred to the breach as “Alf’s Mystery Happy Fun Time,” referring to a character from the soap opera “Home and Away.”

The incident, detailed by a senior Australian intelligence official in a speech on Wednesday, was the third major breach of sensitive U.S. military and intelligence data to come to light in the past week.

On Tuesday, a South Korean lawmaker said North Korean hackers had accessed a military database and stolen top-secret files, including a plan for a decapitation strike against top leaders in Pyongyang. That followed reports that hackers working for the Russian government stole details of how the U.S. penetrates foreign computer networks and defends its own.

The identity and affiliation of the hackers in the Australian attack weren’t disclosed, but officials with knowledge of the intrusion said the attack was thought to have originated in China.

Doesn’t anybody take security seriously?

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72250
    • View Profile
Re: Cyberwar, Cyber Crime, and American Freedom
« Reply #465 on: October 15, 2017, 10:50:09 AM »
Is security even possible?

G M

  • Power User
  • ***
  • Posts: 26643
    • View Profile
Re: Cyberwar, Cyber Crime, and American Freedom
« Reply #466 on: October 15, 2017, 10:53:42 AM »
Is security even possible?


Yes, but it takes serious effort and investment.

G M

  • Power User
  • ***
  • Posts: 26643
    • View Profile
Assume everything is compromised
« Reply #467 on: October 16, 2017, 08:05:21 AM »
http://www.zdnet.com/article/wpa2-security-flaw-lets-hackers-attack-almost-any-wifi-device/

PART OF A ZDNET SPECIAL FEATURE: CYBERWAR AND THE FUTURE OF CYBERSECURITY

WPA2 security flaw puts almost every Wi-Fi device at risk of hijack, eavesdropping
Security experts have said the bug is a total breakdown of the WPA2 security protocol.

 Zack Whittaker
By Zack Whittaker for Zero Day | October 16, 2017 -- 10:00 GMT (03:00 PDT) | Topic: Cyberwar and the Future of Cybersecurity

2

(Image: file photo)

SECURITY 101

 Tips for protecting your privacy from hackers and spies
Tips for protecting your privacy from hackers and spies

Take these simple steps to help protect yourself against hackers and government surveillance.

Read More

A security protocol at the heart of most modern Wi-Fi devices, including computers, phones, and routers, has been broken, putting almost every wireless-enabled device at risk of attack.

The bug, known as "KRACK" for Key Reinstallation Attack, exposes a fundamental flaw in WPA2, a common protocol used in securing most modern wireless networks. Mathy Vanhoef, a computer security academic, who found the flaw, said the weakness lies in the protocol's four-way handshake, which securely allows new devices with a pre-shared password to join the network.

That weakness can, at its worst, allow an attacker to decrypt network traffic from a WPA2-enabled device, hijack connections, and inject content into the traffic stream.

In other words: hackers can eavesdrop on your network traffic.

The bug represents a complete breakdown of the WPA2 protocol, for both personal and enterprise devices -- putting every supported device at risk.

"If your device supports Wi-Fi, it is most likely affected," said Vanhoef, on his website.

News of the vulnerability was later confirmed on Monday by US Homeland Security's cyber-emergency unit US-CERT, which about two months ago had confidentially warned vendors and experts of the bug, ZDNet has learned.

The warning came at around the time of the Black Hat security conference, when Vanhoef presented a talk on networking protocols, with a focus on the Wi-Fi handshake that authenticates a user joining a network.

The cyber-emergency unit has since reserved ten common vulnerabilities and exposures (CVE) records for the various vulnerabilities.

Cisco, Intel, Juniper, Samsung, and Toshiba are among the companies affected.

At its heart, the flaw is found in the cryptographic nonce, a randomly generated number that's used only once to prevent replay attacks, in which a hacker impersonates a user who was legitimately authenticated. In this case, an attacker can trick a victim into reinstalling a key that's already in use. Reusing the nonce can allow an adversary to attack the encryption by replaying, decrypting, or forging packets.


The flaw is "exceptionally devastating" for Android 6.0 Marshmallow and above, said Vanhoef. A patch is expected in the next few weeks.

"The core of the attack, hence its name, is that the attacker tricks the connected party into reinstalling an already-in-use key," Alan Woodward, a professor at the University of Surrey, told ZDNet.

Despite the ire many have with branded, or popularized vulnerabilities -- Heartbleed, Shellshock, and Poodle to name a few -- many renowned security and cryptographic experts are warning not to underestimate the severity of the flaw.

"It's not a trivial attack," said Woodward. He warned that the scale of the attack is "huge."



It's not the first attack that's hit WPA2. WPA2 was developed, ironically, as a way to replace a similar protocol, WEP, which was cracked just a few years after its debut in 1997.

Several researchers, including Vanhoef, have demonstrated valid attacks against the protocol. By far the most notable was in 2011 when a security researcher showed that an attacker could recover the code used in Wi-Fi Protected Setup, a feature that let users authenticate with a one-push button on the router, which could be easily cracked.

Like similar attacks against WPA2, an attacker needs to be within a close physical proximity of a vulnerable device, such as a router or even a cash register or point-of-sale device.

That's not to downplay the seriousness of the attack, however.

The downside is that nowadays, a hacker can launch an attack from hundreds of feet from a vulnerable device, Kenneth White, a security researcher, told ZDNet.


A table of vulnerable software. (Image: Mathy Vanhoef)

Matthew Green, a cryptography teacher at Johns Hopkins University, said in a tweet that this is "probably going to turn into a slew of TJ Maxxes," referring to a cyberattack on the department store, where hackers cracked the Wi-Fi password that connected the cash registers to the network.

White explained, however, that sites and services that provide content over strict HTTPS (known as HSTS) will encrypt traffic from the browser to the server.

In other words, it's still safe to access sites that encrypt your data over an insecure network.

Although Vanhoef said it wasn't clear if any attacks had been seen in the wild.

Several router and network equipment makers were briefed prior to Monday's announcement, including Cisco, HPE, and Arris. We reached out to all three but did not hear back at the time of writing.

Aruba, Ubiquiti, and Eero are said to have patches available, according to sources we spoke to at the time of writing. It's not known if others have -- but we will update as we find out.

But many products and device makers will likely not receive patches -- immediately, or ever. Katie Moussouris‏, founder of Luta Security, said in a tweet that Internet of Things devices will be some of the "hardest hit."

Until patches are available, Wi-Fi should be considered a no-go zone for anything mission critical, a feat almost impossible in today's age of ubiquitous and blanket wireless network access.

Contact me securely

Zack Whittaker can be reached securely on Signal and WhatsApp at 646-755–8849, and his PGP fingerprint for email is: 4D0E 92F2 E36A EC51 DAAE 5D97 CB8C 15FA EB6C EEA5.

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72250
    • View Profile
Stratfor: Hacking, another weapon in the Asymmetrical Arsenal
« Reply #468 on: January 25, 2018, 06:40:40 AM »
Hacking: Another Weapon in the Asymmetrical Arsenal
By Scott Stewart
VP of Tactical Analysis, Stratfor
Hacking is far more affordable than traditional warfare.


 

Iran's Islamic Revolution could play out, in part, online. On Jan. 4, the Carnegie Endowment for International Peace published a report describing the country as a "third-tier cyberthreat." The report's authors note that despite Iran's success with cyberattacks such as Shamoon and a spear-phishing campaign that hit Deloitte and several other companies, Iranian attacks generally feature poor tradecraft. As a result, investigators haven't had much trouble tracking cyber operations back to the Islamic republic, whether because the attack code contained Farsi terms or because its associated IP address traced to Iran. Iranian spear-phishing attacks, likewise, frequently suffer from their perpetrators' poor command of the English language.

But even if its capabilities pale in comparison with those of Russia or China, Iran is still a cyberthreat, albeit a third-tier one. The Carnegie Endowment's report about the country's adoption and use of an asymmetrical weapon such as hacking called to mind the way governments and their agents have come to embrace and employ terrorism. Looking at the manner in which state sponsors, proxies and non-state actors have practiced terrorism can offer a useful framework for understanding how countries could turn hacking into a more dangerous tool of asymmetrical warfare.

Augmenting, Not Replacing, Terrorism

Before we begin though, I want to be clear: Hacking will not replace terrorism as an asymmetrical weapon. Terrorism is not going anywhere, and it remains a popular tool for state and non-state actors alike, as a glance at the battlefields in Syria, Afghanistan and Libya will attest. Instead, cyberattacks are a supplement to terrorism — just another wrench in the toolbox of Machiavellian statecraft. Many of the features that make terrorism attractive as a conduit for state power also apply to cyberattacks.

Both tactics offer the state employing them plausible deniability, for example. Iran exemplifies this strategy with its robust support of a global network of militant organizations. Among them, the Lebanese paramilitary group Hezbollah executed attacks throughout the 1980s under the banner of the Islamic Jihad Organization, the Revolutionary Justice Organization and the Organization of the Oppressed on Earth. By operating variously under so many different names, Hezbollah managed to create confusion while deflecting blame from its senior leaders and clerics and while hiding the role of its benefactors in Iran and Syria. Pakistan has taken a similar approach, throwing its support behind militant groups in India and Afghanistan and sheltering senior al Qaeda figures within its own borders. The shadowy operations of their terrorist proxies largely keep these sponsor states free from blame, though not necessarily suspicion, for attacks. And even when evidence reveals a country's role in terrorism — such as Iran's involvement in the Israeli Embassy bombing in Argentina in 1992 or Pakistan's part in the 2008 attack in Mumbai, India — the repercussions are usually too slight to offset the perceived benefit of this asymmetrical weapon.

So far, state-sanctioned cyberattacks have met with even less blowback. Though the exploits have caused significant disruptions for their targets — many of them major corporations — the state actors behind them have gotten off scot-free. More troubling is the lack of consequences for hacks against government and political targets. Authorities have implicated nation-states in high-profile attacks on institutions such the U.S. Office of Personnel Management and the Democratic National Committee. Yet despite the preponderance of evidence against them, the countries behind these hacks have faced little in the way of punishment. The low costs associated with cyberattacks doubtless will encourage more states to use this tactic, like terrorism before it.

Beyond the legal and political price, the financial cost of hacking, like that of terrorism, is also far more affordable than the cost of traditional warfare. A successful terrorist act or cyberattack, moreover, can have a disproportionate effect on its target, relative to the time and effort required to conduct it. Consider the staggering number of people affected by the attack on the credit reporting agency Equifax, for instance, or the enduring fallout of Russia's cyber meddling in foreign elections. In the realm of cyberattacks, a small investment can yield an outsize return.

The Tool Is Only as Good as the Craftsman

But a weapon is only as effective as the person (or country) wielding it. Just as levels of terrorist tradecraft vary widely from one state-sponsored militant group to the next, the skills and abilities of state-backed cyber operatives differ. Concerns are growing that as cyberattacks mature as an asymmetrical weapon, countries will emerge as state sponsors of hacking that can help propagate the technique. Along with the conventional weapons it sells to Iran and Syria, for example, Russia may one day supply them with cyber tools and training. Signs suggest that the United States and Israel have already collaborated on a cyber operation: the Stuxnet attack that debilitated Iran's uranium enrichment site in 2010.

Like state sponsors of terrorism, state hacker-backers could provide operatives with training and protection to carry out attacks. They might even arm proxy groups with cyber tools, much as Libya trained, sheltered and equipped terrorist groups such as the Abu Nidal Organization. Transferring knowledge in this way could enhance the skills and abilities of cyber operatives the world over. The Soviet-trained bombmakers of the Provisional Irish Republican Army, after all, passed their know-how on to fellow militant groups, including the Revolutionary Armed Forces of Colombia, and former Russian weapons scientists have helped nurture North Korea's nuclear program. In much the same way, cybermercenaries who have worked with Russian or Chinese hacking groups could provide training and tools to client states and proxy organizations far and wide. Countries such as Russia provide legal cover for patriotic criminal hackers as it is. The rise of state-sponsored proxy hackers could also make the world of cyberattacks even murkier.

To develop advanced cyber capabilities, though, a state needs many of the same assets necessary for building a first-tier military: a robust higher education system, investment in research and development, public-private cooperation, and scalability among them. Countries like Iran and North Korea, which fall short in some of these areas, will have a hard time cultivating or attracting world-class cyber talent as a result. But what they lack in resources, these states make up for in ambition and drive, as they have demonstrated in their quest for nuclear weapons. With a little outside expertise, this relentless focus could help them overcome their constraints and turn a third-tier cyberthreat such as Iran into a far more serious menace.

Scott Stewart supervises Stratfor's analysis of terrorism and security issues. Before joining Stratfor, he was a special agent with the U.S. State Department for 10 years and was involved in hundreds of terrorism investigations.



Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72250
    • View Profile
POTB: Russia tried and failed to sow discord in America. Then came Social Media
« Reply #469 on: February 22, 2018, 05:52:46 AM »
Let's use this thread for discussion of this issue:
==========================================
A surprisingly lucid article from Pravda on the Beach. (LA Times))

Russia tried and failed to sow discord in America. Then it discovered social media
By David Pierson
Feb 22, 2018 | 4:00 AM
Russia tried and failed to sow discord in America. Then it discovered social media
If your goal is to spread dissent and increase partisan polarization, you'd be hard pressed to find a better tool than Facebook or Twitter. (Dreamstime / TNS)

Russia has been trolling the United States for decades.

It bankrolled American authors who claimed Lee Harvey Oswald assassinated President Kennedy under the direction of the FBI and CIA; it planted articles arguing Martin Luther King Jr. was not radical enough; and it spread a conspiracy theory that the U.S. manufactured the AIDS virus.

None of these disinformation campaigns succeeded in undermining American stability, in part because the Soviets didn't have access to what may be the world's most powerful weapon for fomenting fear, outrage and unverified information: social media.

The indictments last week by special counsel Robert S. Mueller III against 13 Russians and three Russian companies accused of interfering in the 2016 presidential election laid bare the way America's biggest tech platforms have altered the centuries-old game of spycraft and political warfare.

Russian operatives couldn't have asked for better tools than Facebook and Twitter to spark conflict and deepen divisions within Americans, experts say. Never before could they fan propaganda with such ease and speed and needle the people most vulnerable to misinformation with such precision.

"They're using the same playbook; it's just a new medium," said Clint Watts, a former FBI agent and a senior fellow at the Center for Cyber and Homeland Security at George Washington University. "Social media is where you do this stuff now. It wasn't possible during the Cold War."

At the root of the strategy are the algorithms social networks employ to encourage more engagement — the comments, likes and shares that generate advertising revenue for their makers.

The problem, researchers say, is that humans typically gravitate toward things that make us angry online. Outrage generates more stimuli in our brains, increasing the odds we respond to news and posts that tick us off. The algorithms know this and serve up such content accordingly.

"Online platforms have profoundly changed the incentives of information sharing," Yale psychologist M.J. Crockett wrote in a paper for Nature Human Behavior. "Because they compete for our attention to generate advertising revenue, their algorithms promote content that is most likely to be shared, regardless of whether it benefits those who share it — or is even true."

Since the platforms insist they aren't media companies, they're under no legal obligation to verify what's posted. That allows falsehoods to spread faster, not in the least part, because most people don't actually read the links they share, according to a 2016 study by researchers at Columbia University and the French National Institute.

Social media companies argue that they help bring people together. Yet studies suggest anonymity and fake accounts are having a corrosive effect on discourse. People who would never dare shout someone down in public can do so freely from behind the safety of their screens. And the access to information in real-time — highlighted under "trending topics" or amplified with a hashtag — ensures there's never a shortage of issues to shout about.

The result is a feedback loop in which social media algorithms reward the loudest and angriest voices — often on some of the nation's most sensitive topics, be it gun control, abortion or race. Reasoned debate is made even more difficult because users are often siloed with like-minded people.

"It further inflames a topic or debate," said Karen North, a social media expert who teaches at USC's Annenberg School for Communication and Journalism. "And there's no incentive to compromise."

Nuance, on the other hand, is rarely rewarded. One of Facebook's ideas for expanding the scope of human emotions included adding emojis such as a heart and frowning face next to the obligatory "like" button. For Twitter, it meant doubling the limit of any tweet to 280 characters.

That would have been fine for internet users in the early days of social media more than a decade ago when tech companies had a better excuse to operate under the naive assumption that people would behave online the same way they do in the real world, said Jonathon Morgan, chief executive of New Knowledge, a company that tracks online disinformation.

"Social media was built around engagement that was very fast and almost like low-fidelity social contact," Morgan said. "What's changed over the years is that most people now get their information from these platforms, which were designed for frivolous interaction. There's a disconnect when people look for substance where it doesn't exist."

It was in this environment that Russian operatives allegedly plied their trade, according to the indictment filed Friday.

They established hundreds of accounts posing as politically active Americans on Facebook, Instagram and Twitter, investigators allege. They parroted both sides of the political spectrum in an effort to heighten acrimony, and launched Facebook groups to ensnare more unwitting supporters, according to the indictment. The activism even spilled out into the real world after the operatives organized dueling rallies in New York for and against then president-elect Trump, authorities say.

"They've been doing this stuff on their own population since the 1990s," said Watts, the former FBI agent.

It wasn't until the Arab Spring, Watts said, that Russia gained a greater appreciation for the power of social media. If these tools could help activists coordinate a revolt, it wouldn't be hard to imagine what they could do in the hands of the state, he said.

The platforms, slow to publicly acknowledge the meddling, have since cooperated with authorities and contacted users who engaged with Russian trolls. They've vowed to disclose backers of political ads to prevent a repeat of the Russian campaign. Twitter has also deleted thousands of automated bots.

But experts expect the likes of Facebook and Twitter to continue to be targeted by Russian operatives as long as Washington refrains from taking punitive action against Moscow for its interference.

"There's really no reason for Russia to stop trying to influence election outcomes through the use of social media," said Kimberly Marten, a professor of political science at Barnard College, Columbia University. "There is no meaningful response to what Russia is trying to do, beyond attempting to punish the perpetrators."

If misinformation continues to flood social media and technology companies fail to improve their moderation, the sole remedy may be in media literacy, Marten said.

"The only way we can address the problem effectively overall is to improve our own elementary and high school educational systems, so that as many people as possible become critical readers and thinkers, able to call out any fake news they read on social media," Marten said.

For now, it appears Russian influence campaigns aren't missing a beat.

Such networks have directed their accounts to pile onto divisive issues like the clamor earlier this year to release a controversial memo by House Intelligence Chairman Devin Nunes, according to the Alliance for Securing Democracy, a project of the nonpartisan German Marshall Fund think tank. More recently, Russian accounts have reportedly perpetuated a conspiracy theory that a Florida school shooting survivor is a paid actor.

In a sign that the tech platforms remain ill-equipped to deal with the onslaught, a YouTube video pushing that conspiracy theory was the top trending video on the platform at one point Wednesday.

Morgan of New Knowledge said the Russian interference campaign will inspire others to exploit social media as long as the platforms remain vulnerable.

"The solution available in the short term is to stop a particular behavior," Morgan said. "But to stop it in a general way will require years of redesigning the platforms. By then, the adversaries will be one step ahead. They've opened a can of worms and we probably have to accept things will never be the same."

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72250
    • View Profile
WSJ: The Loophole that Left FB Vulnerable to Russki Propaganda
« Reply #470 on: February 22, 2018, 08:15:53 AM »
The Big Loophole That Left Facebook Vulnerable to Russian Propaganda
The tech company’s filters can’t adequately detect misinformation distributed through altered images
How Russia Turned a Student Journalist's Web Post Into Fake News
A photograph and post by USC student journalist Tiana Lowe was doctored and used in a misinformation campaign. Photo illustration: Heather Seidel/The Wall Street Journal
By Georgia Wells,
Shelby Holliday and
Deepa Seetharaman
Feb. 22, 2018 10:44 a.m. ET
2 COMMENTS

A decade ago, at a pro-immigration march on the steps of the Capitol building in Little Rock, Ark., community organizer Randi Romo saw a woman carrying a sign that read “no human being is illegal.” She took a photograph and sent it to an activist group, which uploaded it to photo-sharing site Flickr.

Last August, the same image—digitally altered so the sign read “give me more free shit”—appeared on a Facebook page, Secured Borders, which called for the deportation of undocumented immigrants. The image was liked or shared hundreds of times, according to cached versions of the page.

This use of doctored images was a crucial and deceptively simple technique used by Russian propagandists to spread fabricated information during the 2016 election, one that exposes a loophole in tech company defenses. Facebook Inc. and Alphabet Inc.’s GOOGL +0.57% Google have traps to detect misinformation, but struggle—then and now—to identify falsehoods posted directly on their platforms, in particular through pictures.
A photo taken at a pro-immigration rally by Randi Romo, left, and the altered image as it appeared on a Russia-linked Facebook page, Secured Borders.

Facebook disclosed last fall that Secured Borders was one of 290 Facebook and Instagram pages created and run by Russia-backed accounts that sought to amplify divisive social issues, including immigration. Last week’s indictment secured by special counsel Robert Mueller cited the Secured Borders page as an example of how Russians invented fake personas in an effort to “sow discord in the U.S. political system.”

The campaigns conducted by some of those accounts, according to a Wall Street Journal review, often relied on images that were doctored or taken out of context.

Algorithms designed by big technology companies are years away from being able to accurately interpret the content of many images and detect indications they might have been distorted or taken out of context. Facebook says detecting even text-based content that violates its standards is still too difficult to automate exclusively. Facebook and Google continue to rely heavily on users to flag posts that contain potentially false information. On Wednesday, for example, YouTube said it mistakenly promoted a conspiratorial video falsely accusing a teenage witness in last week’s Florida school shooting of being an actor.

Automated systems are generally set up to suppress links to fake news articles. Falsehoods posted directly, such as within status updates, images and videos, escape scrutiny. Moreover, the companies are generally reluctant to remove content that is said to be false, to avoid refereeing the truth.

Users, meanwhile, are less likely to doubt the legitimacy of images, making distorted pictures unusually effective weapons in misinformation campaigns, says Claire Wardle, a research fellow and expert in social media and user-generated content at Harvard University’s Shorenstein Center.

Last week’s indictment described how a Russian organization called the Internet Research Agency issued guidance to its workers on ratios of texts in their posts and how to use graphics and videos.

“I created all these pictures and posts, and the Americans believed that it was written by their people,” one of the co-conspirators emailed a relative in September, the indictment said.

The Russian entities often added small icons known as watermarks to the corners of their doctored photos, which branded their impostor social-media accounts and lent an air of authenticity to the pictures.

“In a world where we’re kind of scrolling through on these small smartphone screens, images are incredibly powerful because we’re a lot less likely to stop and think, ‘does this look real?’ ” said Dr. Wardle, who also leads First Draft News , a nonprofit dedicated to fighting digital misinformation that works with tech companies on some projects.

Facebook is working to fix its platform and prevent further manipulation ahead of the U.S. midterm elections in November—an effort Facebook leaders have described as urgent. The company, along with Google and Twitter Inc., TWTR -2.34% has been under fire from lawmakers and other critics over the handling of Russian meddling in the presidential election.

“It’s abhorrent to us that a nation-state used our platform to wage a cyberwar intended to divide society,” Facebook executive Samidh Chakrabarti said in a blog last month, adding that the company should have done more to prevent it. “Now we’re making up for lost time.”

Facebook is refocusing to become what it calls “video first” and expects video will dominate its news feed within a few years, which suggests its challenges will only intensify.

The company plans to expand its program for tracking and suppressing links to fake news articles to include doctored images and videos, according to a Facebook spokesman. Facebook discussed the idea earlier this month with fact-checking groups it has been working with to check news stories, along with plans to build more tools to help identify when photos are taken out of context.

People tend to share images and videos more than plain text. During three months around the U.S. presidential election, tweets that included photos were nearly twice as likely to be retweeted than text-only tweets, according to researchers at Syracuse University studying how information spreads on social networks.

Tiana Lowe, a student at the University of Southern California, took a photo that was later used in a misleading way by a Russia-linked Facebook page.

On April 17, University of Southern California student Tiana Lowe spotted a racist sign hanging in front of a student housing complex near campus. On a piece of cardboard, the words “No Black People Allowed” appeared next to a drawing of the Confederate flag and the hashtag #MAGA, for President Donald Trump’s campaign slogan.

Ms. Lowe snapped a photo on her iPhone. In a story that day for the campus news site, the Tab, she questioned whether the incident was a hoax, writing that the sign had been hung by a black neighbor who was unaffiliated with the university following a dispute with the housing complex’s residents. USC’s Department of Public Safety said the man admitted to placing the sign. (The Tab, an independent campus news site, is partially funded by News Corp , owner of the Journal.)

The following day, a modified version of the photo appeared on a popular Facebook page, Blacktivist. The image was cropped, altered and watermarked with a Blacktivist logo, and the #MAGA hashtag was digitally removed. Information that could be used to identify the house, such as the phone number for the property’s leasing office, was cut out.

The Blacktivist page, which last Friday’s indictment said was controlled by Russian entities, cast the significance of the photo in a different light. The caption next to the photo made no mention of a hoax, instead portraying it as a racist act.

“Why racial intolerance still has a place in our country?” it read. “Racially-charged incidents continue to happen and it must receive national attention.” The Blacktivist page had more than 300,000 followers at the time.

“It had clearly been framed and repackaged as an act of white supremacy rather than a hate-crime hoax,” says Ms. Lowe. She became aware of the reuse of her photo two days later when a conservative college news site, the College Fix, picked up the Blacktivist post.

Ms. Lowe says she wrote a comment on the Blacktivist post saying the information had been taken out of context, and she tweeted a screenshot of the post calling Blacktivist “fake news.” She didn’t file a formal complaint with Facebook and didn’t learn more about Blacktivist until Facebook revealed months later it was linked to Russia.

Tech companies can detect exact or near-exact copies of images, videos and audio for copyright enforcement. Spotting doctored photos or videos is a different challenge because tracking those changes requires keeping tabs on the original image, which isn’t always available, says Krishna Bharat, who helped create Google News and now advises and invests in startups. Running a comparative analysis can be expensive, and there are legitimate reasons someone might crop, touch-up or add a new element to a photo.

Around the time last summer that Secured Borders posted Ms. Romo’s photo of the mother supposedly asking for handouts, the group also posted a meme that suggested millions of illegal immigrants may have voted in the 2008 election. It depicted a man who appeared to be Hispanic holding a document, implying that he had illegally voted.

The image originated in a newscast two years earlier on Los Angeles television station KTLA about a state program to provide driver’s licenses to illegal immigrants. A KTLA executive said he wasn’t aware that Secured Borders had used an image from the newscast.

When misleading content is flagged, tech companies wrestle with what to do next. Facebook, Twitter and Alphabet’s YouTube say they only remove content that violates their standards, such as promoting hate speech, spam or distributing child pornography. Misinformation by itself doesn’t count. Doctored images or status updates containing falsehoods can remain up if the posts don’t otherwise violate their policies.

When Facebook in September removed the 290 Russia-backed pages on Facebook and its photo-sharing platform Instagram, it said it did so because the accounts misrepresented their identity, not because of the veracity of the content.

One of the misleading photos disseminated by a Russia-backed page has remained on social media because Instagram said it doesn’t violate its content policies.
A photo of a Nigerian boy boxer taken by August Udoh, left, was used with inaccurate information on a Russia-backed Instagram page, BlackMattersUS.

BlackMattersUS, a Russia-backed page purporting to promote the black community, posted a misleading photo that was reshared on Instagram as recently as January 2017. It shows a young black boy with overlaid text saying that, because of homicide, suicide and incarceration, “the black male is effectively dying at the rate of an endangered species.” The BlackMattersUS account was taken down by Instagram, but because the image was shared by other legitimate accounts, the post remained online as of mid-February.

The meme—a photo with text on top, which is tougher for software to read than plain text—includes no citation of research or statistics. The image’s claim that black adult females greatly outnumber black adult males is false, census data indicate.

The authentic photo was part of a 2013 series on “dambe” boxers in northern Nigeria by Nigerian photographer August Udoh, who wasn’t aware his work was used by BlackMattersUS. “The thing is, the message itself is not even related to the image,” says Mr. Udoh. “How do you put those two together and make propaganda out of it? It’s crazy.”

Ms. Romo, the photographer of the pro-immigration march, says she discovered her photo had been manipulated by the Russia-backed account only when she got a call from a Journal reporter. “We are living in the greatest era of information access,” she says. “People will watch cat videos endlessly, but they won’t take a minute to ascertain whether what they are being told is true or not.”

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72250
    • View Profile
Chinese campaign to fire McMaster
« Reply #471 on: February 24, 2018, 10:24:34 AM »
BTW folks, let's keep in mind that Breitbart may be better since Bannon is gone, but it still remains for it to prove itself as a reputable site.  Please read the article with care before posting here.

http://www.breitbart.com/national-security/2018/02/23/gaffney-warns-china-waging-unrestricted-financial-cyber-war-on-u-s-fire-mcmaster-to-combat-threat/


G M

  • Power User
  • ***
  • Posts: 26643
    • View Profile

ccp

  • Power User
  • ***
  • Posts: 19755
    • View Profile
Palantir-- predictive policing model-- funded by CIA venture capital?
« Reply #474 on: February 27, 2018, 06:22:25 PM »
CIA venture capital?

Why is James Carville and wife Matalin involved in this?

https://www.theverge.com/2018/2/27/17054740/palantir-predictive-policing-tool-new-orleans-nopd

sound a lot swampy to me.

Peter Thiel... Every time I read an article his name pops up.
« Last Edit: February 27, 2018, 10:59:00 PM by Crafty_Dog »

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72250
    • View Profile


DougMacG

  • Power User
  • ***
  • Posts: 19441
    • View Profile
The Russian conspiracy with the Left - opposing US energy production
« Reply #477 on: March 07, 2018, 08:25:44 AM »
Moving my comments over to this thread:

Credit to John Hinderaker of Powerline (among others) for pointing this out and a Congressional report linked below for documenting it.  Why (other than the ubiquitous Leftist media agenda) is there no interest in all the other ways that the Russians and Soviets have interfered in the politics of our country.

See their ads.  They KNOW the American Left.  I don't want to use the word unpatriotic for the Left but one should pause when your interests overlap perfectly with our enemies.  The irony with Russia pretending to oppose energy production is that they are energy producers.  Our new energy independence diminishes their economic and geopolitical power.  Good, but not without a fight from the Left.  

Interesting that the accused Russian stooge Trump got ANWR opened!  And the pipeline approved, oil drilling on federal lands, missile defense back to east Europe, etc.
while the Russians and Dems join together on most issues.
--------------------------------------
http://www.powerlineblog.com/archives/2018/03/how-russia-tried-to-block-us-energy-production.php
HOW RUSSIA TRIED TO BLOCK US ENERGY PRODUCTION
Russia’s supposed “meddling” in the 2016 election has been an endless topic of news coverage, but for some reason our press has shown little interest in other instances of Russian meddling–the nuclear freeze movement of the 1980s, for example, or more recently, Russia’s effort to discredit fracking and rouse popular opposition to pipeline construction.

Last Thursday, the Majority Staff of the United States House of Representatives Committee on Science, Space, and Technology released a report titled “Russian Attempts to Influence U.S. Domestic Energy Markets by Exploiting Social Media.” It doesn’t seem to have gotten as much attention as it deserves.
https://science.house.gov/sites/republicans.science.house.gov/files/documents/SST%20Staff%20Report%20-%20Russian%20Attempts%20to%20Influence%20U.S.%20Domestic%20Energy%20Markets%20by%20Exploiting%20Social%20Media%2003.01.18.pdf

The House report notes Russia’s strong interest in depressing petroleum production in the U.S. (“American energy represents a direct threat to Russian energy interests.”) Russia has defended its interests by funding American environmental organizations:

Russian-sponsored agents funneled money to U.S. environmental organizations in an attempt to portray energy companies in a negative way and disrupt domestic energy markets.
***
Anders Fogh Rasmussen, then-Secretary General of NATO, told reporters in 2014, “Russia, as part of their sophisticated information and disinformation operations, engaged actively with so-called nongovernmental organizations—environmental organizations working against shale gas—to maintain dependence on imported Russian gas.”

Could we have a little accountability here? Which environmental organizations took money from Russia to try to weaken the American energy sector? Did they do it wittingly or unwittingly? What was the Russian money used for? Our press has shown a remarkable lack of curiosity about these basic questions.

Russia tried to discredit fracking and encourage opposition to pipeline construction:

Russia’s efforts to influence U.S. energy policy are well documented in the public domain. U.S. presidential candidates, European officials, and the U.S. intelligence community have all publicly noted that Russia and its government corporations are funding a covert anti-fracking campaign to suppress the widespread adoption of fracking in Europe and the U.S., all in an effort to protect the influence of the Russian oil and gas sector.
***
In January 2017, the Office of the Director of National Intelligence released a report that contained “clear evidence that the Kremlin is financing and choreographing anti-fracking propaganda in the United States.” The report found that the Russian-sponsored news agency RT (formerly Russia Today) “r[an] anti-fracking programing, highlighting environmental issues and the impacts on public health,” which “is likely reflective of the Russian Government’s concern about the impact of fracking and the U.S. natural gas production on the global energy market and the potential challenges to [Russian energy companies’] profitability,” such as state-controlled Russian energy giant Gazprom.

The Russians used social media, including Facebook, Twitter and Instagram, to push their messages, which generally played well with American liberals:

The Russian content targeting pipelines was not limited to the [Dakota Access Pipeline]. Russian posts also targeted several other pipelines, including Sabal Trail, Keystone XL, Colonial, Bayou Bridge, and Enbridge Line 5. Additionally, the efforts of the Russian agents went beyond stirring up existing controversy surrounding the pipelines. Russian agents attempted to incite Americans to take action against pipeline efforts by promoting links and references to online petitions. Numerous tweets, for example, encouraged viewers to follow links to petitions aimed at stopping the Dakota Access, Sabal Trail, and Enbridge Line 5 pipelines. This demonstrates that Russian agents attempted to directly influence the American energy industry. Russians, through [social media] posts, engaged in a concerted effort to undermine U.S. energy production.

These are some of the Russians’ social media posts. This one got a remarkable 1,794 likes on Instagram:


This one peddles fake news about “green energy” in Iowa. Once again, the number of likes is striking:


Russia cynically tried to block the Dakota Access pipeline by feigning sympathy with Native Americans. Here’s a question: who paid for the Dakota Access protests? Was it Russia, or American liberals? Both, presumably. Were their motives the same, or different?


More along the same lines, from the Russians’ “Blacktivist” account:


Russia promoted “climate change” as a way to block U.S. fossil fuel development:


The Russians also used energy issues to sow regional discord, through a much smaller pro-drilling effort on social media. But their interests lay, obviously, in the other direction. Here, the Russians show a good sense of how American liberals think:


Russia’s anti-fracking and anti-pipeline campaign went farther than its participation in the presidential election. Russia not only spread propaganda through RT and American social media, it also donated money to allegedly respectable American environmental organizations. How much? We don’t know.

What we do know is that the effort to suppress American energy production meant a lot more to Russia’s rulers than its mischievous support for Bernie Sanders and Donald Trump, and opposition to Marco Rubio and Hillary Clinton. We know that the Russians spent only a few million dollars on their election “meddling.” How much did they spend to support American liberals in their effort to block U.S. energy development? We don’t know, but I, for one, would be very interested to find out.

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72250
    • View Profile
Re: Cyberwar, Cyber Crime, and American Freedom
« Reply #478 on: March 07, 2018, 09:59:03 AM »
Thank you Doug.

Gents, this IS a real issue, and it continues to grow rapidly.

Our thoughts?

DougMacG

  • Power User
  • ***
  • Posts: 19441
    • View Profile
Re: Cyberwar, Cyber Crime, and American Freedom
« Reply #479 on: March 07, 2018, 11:04:14 AM »
"Gents, this IS a real issue, and it continues to grow rapidly.
Our thoughts?"

It is very hard to recognize fake news, fake movements, fake polling, fake grass roots support, fake internet comments, for certain.  Much of twitter's alleged followers are faked to raise the perceived importance of a writer's message.  Russian ads look like Soros ads (presumably legal), move-on.org ads, Tom Steyer ads, etc.  The foreign influence just makes the homegrown resistance look larger, more popular and more people join in, especially young people.  The Russian troll opinions look no worse than the Nobel Krugman view, it just makes more of them, more noise.  The Russian fake climate crap is no worse than what is happening inside our agencies by credentialed scientists.

Besides the Facebook BS, read the comments on any news or opinion site.  Yes, one or two foreign trolls add to the chaos but the chaos is already beyond help.

Somehow the people occasionally break through noise and choose truth.  Answering the Russian cyberbombs on Keystone is no different than answering the Left, same message, on Keystone.  Pipelines are 5 times safer than moving fuel by rail, truck or boat and oil is what powers ambulances, fire trucks and people.  A war on cops doesn't help black neighborhoods.  A unilateral freeze doesn't stop the Soviet threat whether it comes from a wrongheaded friend or a foreign enemy and American strength never was a danger in the world.  Lack of American strength is the danger.

We will fight the cyber wars but we also need to message and persuade better.  Bad ideas need to be defeated, loud and clear, over and over.

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72250
    • View Profile
Re: Cyberwar, Cyber Crime, and American Freedom
« Reply #480 on: March 07, 2018, 12:04:57 PM »
Well reasoned.

Question:  What policy do we set about foreign forces pretending to be American?

a) Are they less likely to be honest? acting in good faith?
b) Do they skew the American people's sense of the political correlation of forces within the country?
c) if nothing, then how is this different than "open borders"?
d) and?
« Last Edit: March 07, 2018, 12:13:03 PM by Crafty_Dog »


Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72250
    • View Profile


G M

  • Power User
  • ***
  • Posts: 26643
    • View Profile

DougMacG

  • Power User
  • ***
  • Posts: 19441
    • View Profile
There were people indicted this year for hacking into major US systems on behalf of an adversarial government
They weren't Russians.
They were Iranians!


https://pbs.twimg.com/media/DdzjUl2U8AAurMs.jpg

G M

  • Power User
  • ***
  • Posts: 26643
    • View Profile
I wonder how much of this was funded by the pallets of cash sent to them by Obama.



There were people indicted this year for hacking into major US systems on behalf of an adversarial government
They weren't Russians.
They were Iranians!


https://pbs.twimg.com/media/DdzjUl2U8AAurMs.jpg

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72250
    • View Profile
Re: Cyberwar, Cyber Crime, and American Freedom
« Reply #487 on: June 15, 2018, 08:05:58 PM »
Anthony wrote:

""...As described in Chapter Five, the Midyear team did not seek to obtain every device or the contents of every email account that it had reason to believe a classified email traversed. Rather, the team focused the investigation on obtaining Clinton's servers and devices. Witnesses stated that, due to what they perceived to be systemic problems with handling classified information at the State Department, to expand the investigation beyond former Secretary Clinton's server systems and devices would have prolonged the investigation for years. They further stated that the State Department was the more appropriate agency to remediate classified spills by its own employees..." - Page 84 of 568, A Review of Various Actions by the Federal Bureau of Investigation and Department of Justice in Advance of the 2016 Election

https://l.facebook.com/l.php?u=https%3A%2F%2Fwww.justice.gov%2Ffile%2F1071991%2Fdownload&h=AT0ivOj177tSyfwU5DcQOSY9HRblHrJ5DkemSvpwLZH7NtgIv_ZK2S5cMAiePXgkcag3cy2FxIclSUpwN89ey3oLT10oy-AjgayH3R5vklOKaf6vcn6RJZHbIewiQynbyvBJbvUQ-4Q"


Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72250
    • View Profile
WSJ: Russians hack US utilities
« Reply #488 on: July 25, 2018, 06:58:00 AM »
Russian Hackers Reach U.S. Utility Control Rooms, Homeland Security Officials Say
Blackouts could have been caused after the networks of trusted vendors were easily penetrated
Officials of the Department of Homeland Security said hackers have reached the control rooms of U.S. electric utilities. Photo: Andrew Harrer/Bloomberg News
By Rebecca Smith
July 23, 2018 7:21 p.m. ET


Hackers working for Russia claimed “hundreds of victims” last year in a giant and long-running campaign that put them inside the control rooms of U.S. electric utilities where they could have caused blackouts, federal officials said. They said the campaign likely is continuing.

The Russian hackers, who worked for a shadowy state-sponsored group previously identified as Dragonfly or Energetic Bear, broke into supposedly secure, “air-gapped” or isolated networks owned by utilities with relative ease by first penetrating the networks of key vendors who had trusted relationships with the power companies, said officials at the Department of Homeland Security.

“They got to the point where they could have thrown switches” and disrupted power flows, said Jonathan Homer, chief of industrial-control-system analysis for DHS.

DHS has been warning utility executives with security clearances about the Russian group’s threat to critical infrastructure since 2014. But the briefing on Monday was the first time that DHS has given out information in an unclassified setting with as much detail. It continues to withhold the names of victims but now says there were hundreds of victims, not a few dozen as had been said previously.

It also said some companies still may not know they have been compromised, because the attacks used credentials of actual employees to get inside utility networks, potentially making the intrusions more difficult to detect.

Experts have been warning about the Russian threat for some time.

“They’ve been intruding into our networks and are positioning themselves for a limited or widespread attack,” said Michael Carpenter, former deputy assistant secretary of defense, who now is a senior director at the Penn Biden Center at the University of Pennsylvania. “They are waging a covert war on the West.”

Russia has denied targeting critical infrastructure.

Mr. Homer said the cyberattack, which surfaced in the U.S. in the spring of 2016 and continued throughout 2017, exploited relationships that utilities have with vendors who have special access to update software, run diagnostics on equipment and perform other services that are needed to keep millions of pieces of gear in working order.

The attackers began by using conventional tools—spear-phishing emails and watering-hole attacks, which trick victims into entering their passwords on spoofed websites—to compromise the corporate networks of suppliers, many of whom were smaller companies without big budgets for cybersecurity.

Once inside the vendor networks, they pivoted to their real focus: the utilities. It was a relatively easy process, in many cases, for them to steal credentials from vendors and gain direct access to utility networks.
Newsletter Sign-up

Then they began stealing confidential information. For example, the hackers vacuumed up information showing how utility networks were configured, what equipment was in use and how it was controlled. They also familiarized themselves with how the facilities were supposed to work, because attackers “have to learn how to take the normal and make it abnormal” to cause disruptions, said Mr. Homer.

Their goal, he said: to disguise themselves as “the people who touch these systems on a daily basis.”

DHS is conducting the briefings—four are planned—hoping for more industry cooperation. One thing the agency is trying to learn is whether there are new infections, and whether the Russians have figured out ways to defeat security enhancements like multifactor authentication.

In addition, DHS is looking for evidence that the Russians are automating their attacks, which investigators worry could presage a large increase in hacking efforts. “To scale, they’re eventually going to have to automate,” Mr. Homer said.

“You’re seeing an uptick in the way government is sharing threats and vulnerabilities,” said Scott Aaronson, a cybersecurity expert for Edison Electric Institute, the utility industry trade group. He said information sharing and penetration detection have gotten much better since the Dragonfly attacks began.

It isn’t yet clear whether the hackers used their access to prepare the battlefield for some future, devastating blow, investigators said. For example, many experts fear that a skilled technician could use unfettered access to change some equipment’s settings. That could make them unreliable in unexpected ways, causing utility engineers to do things that would result in extensive damage and potentially lengthy blackouts.

Write to Rebecca Smith at rebecca.smith@wsj.com

Appeared in the July 24, 2018, print edition as 'Russia Hacks Its Way Into U.S. Utilities.'

DougMacG

  • Power User
  • ***
  • Posts: 19441
    • View Profile
Re: WSJ: Russians hack US utilities
« Reply #489 on: July 25, 2018, 08:48:42 AM »
I can't believe we put a utility shut-off switch on the internet.

Let's not share the next-generation internet technology with the Russians or the Chinese.

The minute they shut down any of our grid we should go live with our hacking on their networks with some messages they do not want disseminated, such as a documentary exposing the assassinations of Putin's political opponents, or scandals and abuse in the Chinese politburo.  Mutual assured destruction.

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72250
    • View Profile
Stratfor: Norks play long game
« Reply #490 on: September 18, 2018, 12:16:25 PM »
    A U.S. federal investigation has shown that Pyongyang has been planning its cyberattacks far in advance, typically with the aim of stealing money rather disrupting its enemies.
    North Korea and others rely on invasive surveillance to increase the potency of their attacks, yet such action increases the chances that hackers will be detected ahead of time.
    Investigations into hacking can force assailants to alter their tactics and operations, but they are not enough to stop them outright.

In July, we noted that the Islamic republic has been playing the numbers game in the world of cyberattacks, using relatively rudimentary tactics in a shotgun approach that targets thousands of individuals in the hopes that a small percentage become victims. Now, the recent release of a U.S. Department of Justice criminal complaint depicts a similar, yet very different, threat from North Korea over the past four years.

In addition to laying out in technical detail why North Korea was the mostly likely perpetrator of attacks on Sony Pictures in 2014, Bangladesh Bank in 2016, the WannaCry attacks in 2016 and 2017, and dozens of other lower-profile attacks in between, the complaint revealed many new insights into how the North Koreans allegedly crafted their operations to conduct those attacks. The operations that North Korea and Iran are suspected of shared much in terms of targeting and tactics, but one key difference provides insight into how the two countries approach their cyber campaigns. Whereas Iran tends to play the numbers game, North Korea plays the long game, preparing attacks months — or sometimes over a year — in advance. The differences in style between the two threats highlight the relevance of the cyberattack cycle and the important role preparation and surveillance play in such attacks. But even if the investigation has lifted the lid on some of the biggest state-sponsored hacks in recent years, it is unlikely to ever stop countries such as North Korea from refining their craft and homing in on other victims.
The Big Picture

As the United States and North Korea attempt to reach a settlement to their nearly 70-year-old conflict, new details from an investigation conducted by the U.S. Department of Justice on alleged North Korean cyberattacks portray a well-organized and determined threat.
See 2018 Annual Forecast
A Common Modus Operandi

The cyberattack cycle is quite similar to the criminal and terrorist attack cycles, and Iranian and North Korean operations are similar in the target selection, planning, attack and exploitation phases of the cycle. For example, both have targeted U.S. defense contractors and financial institutions (These are popular targets for most other hackers as well). Iran's distributed denial-of-service attacks on U.S. financial institutions from 2011 to 2013 cost millions of dollars in lost business, and the campaign was inexpensive for the Islamic republic. A series of North Korean attacks on financial institutions around the world reportedly earned the economically struggling regime hundreds of millions of dollars.
A chart showing the various stages of a cyberattack.

The tactics of both were similar, too. They relied on phishing, spear-phishing and watering-hole attacks, all of which attempt to trick their victims into downloading malware by posing as legitimate links or files. More specifically, both countries have used spear-phishing emails disguised as job applications. Iran's biggest cyber success, the 2012 Shamoon attack against Saudi Arabian Oil Co., and North Korea's $81 million theft from Bangladesh Bank both started with malware disguised as resumes and cover letters emailed to employees. And while Tehran has typically sought to create a disturbance with such attacks on financial institutions — in contrast to Pyongyang's quest to gain cash or political retribution — both have demonstrated a penchant for purely disruptive attacks. Indeed, while North Korea's 2017 WannaCry campaign was disguised as a ransomware attack, it quickly became apparent that its true intent was disruption.
Surveillance the North Korean Way

The differences between North Korea and Iran, however, emerge in their approaches to surveillance. In non-intrusive surveillance, hackers often conduct passive research on a targeted network, while in intrusive surveillance, they gain illegal access to the targeted network to monitor activity from the inside. Breaking into the network frequently represents a precursor to the main attack, whose goals might be to steal information or money or to deliver a piece of malware that wipes hard drives and renders computers worthless. Without question, Iranian hackers engage in their fair share of intrusive surveillance, and it is safe to assume that Iranian groups are currently embedded in networks around the world, seeking ways to exploit their access. The recent Department of Justice criminal complaint, however, indicates that North Korea has devoted much more time to conducting invasive surveillance in support of its attacks.

For example, North Korean operators apparently had began scanning servers associated with Sony Pictures Entertainment by September 2014, at least two months before Sony became aware of any hacking attempts. Leading up to the hack, North Korean operators operating under pseudonyms targeted multiple individuals associated with "The Interview," a controversial movie depicting the assassination of Kim Jong Un, which put Sony Pictures on Pyongyang's radar. The operators sent corrupted links to individuals on social media, as well as spear-phishing emails imitating legitimate warnings from Facebook and Google, in an attempt to steal login credentials. By early October 2014, the hackers had established a foothold in Sony's systems, and within another month, they had succeeded in stealing sensitive information and compromising networks, forcing Sony to disconnect about 8,000 workstations to prevent the spread of malware.

The operation against Bangladesh Bank lasted even longer. North Korean hackers started conducting surveillance against the financial institution 16 months before absconding with $81 million from its accounts in February 2016. As part of its non-intrusive surveillance, North Korean cyberattack teams began researching banks in Bangladesh in October 2014. By February 2015, the hackers had moved to intrusive surveillance by successfully spear-phishing at least two accounts at the bank, allowing them to establish a backdoor to the lender's network the following month.

During the 11 months that the North Korean hackers had access to Bangladesh Bank's servers, they presumably watched and took note of processes. They studied how the bank printed copies of each message pertaining to wire transfers using SWIFT; they were also mindful of who directed the transactions and when they sent the transfers, as well as the language they used. And thanks to the 11 months of invasive surveillance, the North Korean operators identified vulnerabilities in Bangladesh Bank's internal workings, leading them to develop a plan to direct $951 million in transfers from the lender to accounts they opened elsewhere in Asia. To do so, they developed code that would prevent the printing of any SWIFT messages in the bank's office that might alert employees about unauthorized transfers and delete itself once the operation was completed. Then, just days before the transactions, the hackers moved laterally through the network to gain access to the bank's SWIFT account. The operatives conducted the transfers just ahead of the Chinese New Year, when banks and businesses across the Asia-Pacific typically close.
A timeline depicting how North Korean operatives hacked Bangladesh Bank.
Cutting Corners

In the end, the operators only managed to steal $81 million, but they would have stolen much more if not for some elementary failures. A typo in one transfer order blocked the theft of $20 million, while the hackers accidentally used credentials stolen from a bank in South America several times before realizing their mistake and entering the correct credentials to enter the Bangladesh Bank accounts. This helped investigators connect the perpetrators of the Bangladesh Bank robbery to the attack on the South American bank (among others).

In conducting their numerous attacks, the North Korean hackers did what any organization would do to cut costs and increase efficiency: They repurposed and reused infrastructure across attacks. Naturally, the operatives obfuscated their identities through multiple layers of additional email addresses and proxy servers such as virtual private networks (VPNs) or other compromised computers, but the hackers essentially used the same handful of email accounts, social media handles, devices and IP addresses linked to China and North Korea in multiple attacks. The charges brought against North Korean hackers ultimately relied on these similarities to connect the attacks and link them back to North Korea, making it harder for Pyongyang to deny its involvement. Just like criminals and terrorists, hackers also make mistakes and cut corners. And just how understanding criminal and terrorist attack cycles can increase awareness of a pending attack — and, ideally, thwart it before it causes damage — understanding how that cycle applies to cyberattacks can help individuals, companies and state institutions remain safe online.

With invasive surveillance, the stakes are high for the malefactor and potential victim alike.

With invasive surveillance, the stakes are high for the malefactor and potential victim alike: The longer prospective assailants have to conduct invasive surveillance on a target, the more damaging the attack can be — even as the length of such surveillance increases the likelihood of detection. In terms of cyberattacks, a software update, virus scan or even a machine reboot can identify a threat or cause it to lose access. Accordingly, hackers must always weigh the advantage of conducting more surveillance against the risk of detection, which rises the longer they linger in a network.
The Upshot

The good news for potential targets is that they can deprive hackers of the luxury of prolonged, invasive surveillance if they monitor their networks vigilantly. The bad news is that hackers from countries such as North Korea (as well as Iran, China and Russia) will continue to pose a threat — either through the numbers game or the long game. Because many of the underlying accounts, IP addresses and devices linked to previous attacks are now public information, North Korean hackers will have to rebuild their capabilities if they wish to continue operating anonymously.

However, none of the state-backed foreign individuals or groups facing U.S. charges is ever likely to face prosecution given the protection they receive from their governments, meaning they will go on to restructure their operations and improve their craft. As it is, $13.5 million was stolen from an Indian bank through a combination of fraudulent SWIFT transfers and unauthorized ATM withdrawals just last month. The heist, a highly complex and organized attack that was a long time in the making, has been linked to Pyongyang — suggesting that North Korean hackers are already back in business and busy working on their next project.

DougMacG

  • Power User
  • ***
  • Posts: 19441
    • View Profile
Mike Pence speech on cyber security
« Reply #491 on: October 10, 2018, 06:40:28 AM »
Here’s the full text of Mike Pence’s cybersecurity speech

Vice President Mike Pence speaks during the Department of Homeland Security's Cybersecurity Summit on July 31, 2018, in New York City. Homeland Security Secretary Kirstjen Nielsen said, "Cyberattacks now exceed the danger of physical attacks. ... This has forced us to rethink homeland security."
At the first-ever National Cybersecurity Summit in New York City on July 31, Vice President Mike Pence gave an in-depth speech about what the Trump administration is doing, and what it says past administrations didn’t do, to address cybersecurity. The text below is from the official speech posted on the White House website.

THE VICE PRESIDENT: Well, thank you, Secretary Nielsen. And thank you for that kind introduction and for your leadership at the Department of Homeland Security. Would you all join me in thanking Secretary Kirstjen Nielsen for her leadership and for bringing together this historic summit today? (Applause.)

To the Secretary and to Secretary Perry, Director Wray, Director Alles, to all the public servants that are gathered here, and to all the leaders of industry and academia who’ve come from near and far: It is my honor to welcome you all at the close of the events today at the first-ever National Cybersecurity Summit. Thank you all for being here today. (Applause.)

 Cyber Command chief prepared to conduct operations in response to election meddling
Cyber Command chief prepared to conduct operations in response to election meddling
During a press conference at the White House August 2, Gen. Paul Nakasone said that he was tracking foreign adversaries and was prepared to conduct operations against those attempting to undermine the U.S. midterm elections.

By: Justin Lynch
And I bring greetings and gratitude for your participation in this conference from a great champion of American security, President Donald Trump. I’m here today on behalf of the President because cybersecurity is a major focus of this administration.

Over the last year, at the President’s direction, we’ve taken unprecedented action to strengthen our digital infrastructure and defenses because we know that cybersecurity has never been more important to the American people.


America depends on the digital world more with every passing day, as all the industry leaders here know too well. It’s opened countless new doors of opportunity, created extraordinary new sources of prosperity, and unleashed a new era of entrepreneurship and innovation that has infused nearly every aspect of our lives and our society.

 Federal officials raise alarm about election security
Federal officials raise alarm about election security
President Donald Trump has directed a “vast, government-wide effort” to protect American elections after Russian attempts to interfere in 2016, the White House said Thursday.

By: Zeke Miller
Yet while this revolution has spurred new opportunities, as you all have discussed here today, it has also spawned new threats.

Criminal terrorists, foreign adversaries constantly prowling this digital domain represent a threat to this nation. And America’s digital infrastructure is under constant cyberattack.

The federal government alone experiences hundreds of thousands of digital assaults every day. And across the entire country, the number of attacks on our digital infrastructure is impossible to calculate. Our digital foes are targeting every facet of our society.

They threaten our families’ privacy, like the hackers who breached the credit bureau Equifax last year and made off with the Social Security numbers and other personal information of nearly 150 million Americans.


 Leaked chats show alleged Russian spy seeking hacking tools
Leaked chats show alleged Russian spy seeking hacking tools
Six years ago, a Russian-speaking cybersecurity researcher received an unsolicited email from Kate S. Milton.

By: Raphael Satter, The Associated Press, Matthew Bodner, The Associated Press
They extort our hard-earned money, as we saw in the North Korean “WannaCry” attack that held more than 200,000 devices in 150 countries hostage, demanding a ransom.

Foreign interests also routinely steal trade secrets from some of our most important industries. As our administration’s recent 301 trade investigation found, for many years, China has directed bureaucrats and businesses to find and steal our nation’s intellectual property and advanced technologies, especially those pertaining to our national defense.

Our cyber adversaries also seek to infiltrate our critical infrastructure, including our electrical grid, power stations, so that in some future conflict they might have the opportunity to shut down the nerve center of American energy and our national life.

They also target our economy. A single Russian malware attack last year cost a major American shipping company roughly $400 million. And in 2016, cyberattacks, it is estimated, cost our economy as much as $109 billion.

U.S. officials: Election safety is a top priority
▶ Play
In an August 2 White House briefing, Director of National Intelligence Dan Coats and DHS Secretary Kirstjen Neilsen explain what is being done to protect U.S. elections.
Cyber attackers also go after government at every level, such as in March, when criminal hackers hobbled the city of Atlanta and crippled many basic services for several days.


And as the American people know all too well, our adversaries increasingly use the digital world to manipulate, to divide, to chip away at our most cherished values.

In the face of these threats, the American people demand, and deserve, the strongest possible defense. And we will give it to them. (Applause.)

But sadly, previous administrations have let the American people down when it came to cyber defense. At the outset of this administration, it became clear from early on: In a very real sense, we inherited a cyber crisis. The last administration all but neglected cybersecurity, even though the digital threats were growing more numerous and more dangerous by the day. In 2014, a foreign government actually hacked into the White House network itself, and yet, in the face of constant attacks like that, the last administration too often chose silence and paralysis over strength and action.

But make no mistake about it: Those days are over. At President Trump’s direction, our administration has taken decisive action to fortify America’s cybersecurity capabilities. We’re also forging new partnerships, evidenced by this conference today, all across our society and also with state and local governments and with great corporations so well represented here.

We’ve secured vital new funding for cybersecurity. In our first year in office, we allocated an additional $1.2 billion for digital defense, and next year, our administration has requested a record $15 billion to secure America’s cyber frontiers. And we’ll continue to work with Congress to provide the resources we need to defend our nation from the threats we face in the digital domain.

But this critical issue requires more than new funding. America also needs a central hub for cybersecurity. And today we call on the United States Senate to follow the lead of the House of Representatives and, before the end of this year, enact legislation to create a new agency under the authority of DHS. The time has come for the Cybersecurity and Infrastructure Security Agency to commence. Thank you.

This agency will bring together the resources of our national government to focus on cybersecurity. And it’s an idea whose time has come.

In addition to funding and reforms, our administration is hardening federal networks as never before. We’re taking renewed action to identify and eliminate weaknesses that our adversaries could exploit.

For example, the federal government has long allowed Kaspersky Lab, a Russian anti-virus software, to be installed on federal devices, even though it has a direct relationship with the Russian government and intelligence services. This threat existed for many years, but our administration ended the threat last year when we banned Kaspersky Lab software from the entire federal government.

We’ve also dramatically increased information sharing with innovators, developers, and network defenders. America’s intelligence and law enforcement agencies have an unparalleled ability to discover weaknesses in digital products and software.

But while the last administrations almost always held on to this administration[information], in this White House I’m proud to report that we’ve significantly improved how much we share with the private sector and the speed with which we share it. Today, nearly a third of the threat indicators we share with businesses aren’t available from any other source, and will continue on that track.

And finally, our administration is putting the finishing touches on our National Cyber Strategy. This strategy will make clear that the United States will bring every element of our national power to bear to protect the integrity and security of the American digital domain.

Our actions have already made our adversaries’ actions more costly. And as we continue to reinforce our cyber defenses, we will deter them as never before. But as you well know, we can’t prevent every assault or attack in the digital sphere. The sheer size and magnitude of the danger, combined with the rapid evolution, means that some attempts will simply slip through the cracks.

Be assured, our government will continue to ensure the resilience of our digital infrastructure so that when these breaches may occur, we can get back on our feet fast, chart a path forward, learn from our vulnerability, and prevent the next attack.

But when it comes to stopping our cyber adversaries, resilience, though, isn’t enough. We also must be prepared to respond. And in this White House, I’m proud to report, we are.

Our administration has taken action to elevate the United States Cyber Command to a “combatant command,” putting it on the same level as the commands that oversee our military operations around the world. Gone are the days when America allows our adversaries to cyberattack us with impunity. Our goal remains: American security will be as dominant in the digital world as we are in the physical world.

But for all that we’ve done, and for all that we’re doing, there’s still much more work ahead. And what bring us all here today is the recognition that we cannot do it alone. Strengthening American cybersecurity does not belong solely to our national government in Washington, D.C. The greatest progress happens from the bottom up, not from the top down. And so beyond our government-wide approach, we need you. We need you to continue to partner with us for a nationwide approach, for together we can protect America’s digital domain. (Applause.)

You know, it’s been said “cybersecurity is a team sport.” It requires seamless collaboration between the federal government, state and local leaders, but also innovators, entrepreneurs, academic experts. In a word, it requires all of you in this room and all of those that you represent all across the nation.

We’ve already taken important steps, I’m pleased to report, to improve our partnerships at every level. And, in addition to this conference today, where you’ve heard much about those efforts, I’m particularly excited with the new initiative that Secretary Nielsen announced this morning: the National Risk Management Center.

This new center will be the gateway for American companies who want to work with the federal government more closely to strengthen our shared cybersecurity. And let me take this moment to thank all of you who have already expressed your intention to join this critical initiative.

Just a few weeks ago, in the Situation Room, I personally met with the President’s National Security Telecommunications Advisory Committee, also known as NSTAC, which brings together key industry leaders to develop recommendations on cyber policy.

I learned then, and will learn more in just a few short weeks, that NSTAC will soon launch a cybersecurity “moonshot” initiative to focus our national energies and skills on digital dominance. Those leaders that day informed me that America won the race to the moon. And, under this administration, in partnership with all of you, America will lead the way to cybersecurity and strength.

Now, the examples that I mentioned today are all essential to the security and prosperity of the American people. But as we gather today, the American people also deserve to know that our democracy is secure as well. So before I close, let me speak to our administration’s unprecedented action to safeguard the integrity of our elections.

While other nations certainly possess the capability, the fact is Russia meddled in our 2016 elections. That is the unambiguous judgment of our intelligence community, and, as the President said, we accept the intelligence community’s conclusion.

Russia’s goal was to sow discord and division and to weaken the American people’s faith in our democracy. And while no actual votes were changed, any attempt to interfere in our elections is an affront to our democracy, and it will not be allowed.

The United States of America will not tolerate any foreign interference in our elections from any nation state — not from Russia, China, Iran, North Korea, or anyone else. As President Trump said, “We’re not going to have it.”

To that end, over the past year, President Trump has directed our administration to create, as well, a whole-of-government approach to strengthen election security. As recently as last week, the President convened a National Security Council meeting for updates on the progress that we’ve made.

As the President has said, we’ve taken a “firm stance,” and we’ve backed it up with “strong action.”

The FBI has formed the Foreign Influence Task Force to identify secret foreign attempts to infiltrate our society and undermine our democracy.

The Department of Homeland Security has launched the Election Information Sharing Analysis Center. This project, which all 50 states and more than 900 counties have already joined, will help prevent attacks before they happen, identify them when they’re underway, and stop them before they can do any lasting damage.

Working with the Congress, we’ve also made $380 million available to states to help them ensure the security of their election systems, including upgrading voting machines and the most up-to-date and secure technology.

We’re deploying new sensors to monitor election networks and identify potential intrusions at the state and local level. Thirty-seven states have opted into this program, but before this November, we intend to expand a further twenty-two states and counties, as they request.

Our administration has also launched a “National Cyber Situational Awareness Room” that offers states a virtual connection between DHS and election offices on Election Day itself. In my home state of Indiana, as well as Ohio, North Carolina, and West Virginia, this system was used in the May 8th primary, and we’re working hard to expand this project for other states so that it’s ready before the midterm elections in November.

We’ve also been working to help state and local governments rapidly respond to cyberattacks. Less than two weeks ago, Finney County, Kansas, reached out to DHS for help after a malware attack forced them to shut down not just their election network, but the entire county’s network. Federal officials worked earnestly, hand-in-hand, with county officials to identify and ultimately eliminate this dangerous intrusion. This action was a model of the collaboration that we need to ensure the security of our elections, and we commend the state, and local, and federal officials that made it happen.

Now, make no mistake about it: Our administration recognizes that elections are administered and conducted at the state and local level. This administration has already been a champion of federalism and respected the purview and the authority of our state and local officials. Yet it concerns us that many states still don’t have concrete plans to upgrade their voting systems, and 14 states are struggling to replace outdated voting machines that lack paper trails before the next presidential election.

And so today, not just as Vice President, but as a former governor, I want to urge, with great respect, every state to take renewed action. Take advantage of the assistance offered by our administration. Do everything in your power to strengthen and protect your election systems. You owe your constituents that, and the American people expect nothing less.

This is a time for vigilance and resolve, and I can assure you our administration will continue to take strong action. We have already done more than any administration in American history to preserve the integrity of the ballot box, and we’ve just begun.

We will continue to work tirelessly to prevent foreign nations and malign actors from hacking into our election infrastructure with the potential of changing votes or election outcomes. As the President has said, we will “repel…any efforts to interfere in our elections.”

When anyone violates our laws, we will bring them to justice and utilize every element of our national power to respond, because our democracy demands and deserves the most vigorous defense we can give it.

And I want to assure you, we will do this in a manner that respects the God-given liberties enshrined in our Constitution, including the freedom of speech and the freedom of the press.

We will never stifle voices in a free society, but we can expose malign and fraudulent voices when they seek to undermine confidence in our democracy, and this we will do. Our administration will always make efforts to shed light on foreign attempts to interfere or sow malign influence in our elections in our society.

Our 16th President, Abraham Lincoln, probably said it best when he said, “Give the people the facts, and the Republic will be saved.” When the American people have the facts, they always uphold our most cherished institutions and values. And this is just as true today as it has ever been in our nation’s long and storied history.

So thank you again for being here and being a part of this important and historic gathering. You do the nation a great credit by participating in today’s discussion, and more important, by following through on the discussion with a greater partnership and collaboration in cybersecurity.

The truth is, cybersecurity is unlike any challenge we’ve ever faced. It is a work that’s never done. It is a process that is continuous. And so must our collaboration be.

Technologies are shifting by the minute, from the Internet of Things to 5G to artificial intelligence to quantum computing, and each advance is accompanied not only by new opportunities, but new challenges. And just as the threats are evolving, our defenses, too, must evolve. The only way to be strong and secure is if we stand strong and secure together on behalf of the American people.

Cybersecurity, then, is a shared responsibility. And I believe that cybersecurity is a civic duty. You’ve already distinguished yourselves as leaders and patriots in this cause long before this conference today by your efforts on behalf of the American people. And the President and I need you to continue to be advocates in your industry and among your peers for greater cybersecurity collaboration. The American people deserve nothing less.

Keep talking with your peers about how they need to enlist in this fight. Tell them that they have an obligation to identify the weaknesses in their own networks and platforms, because the weakest link creates the greatest vulnerability.

Tell them we need them to buy American when it comes to digital products and services, not just to support American jobs and innovation, but to support American security. Tell them they need to share their insights, ideas, and innovations that will strengthen our collective security.

And above all else, tell them what you’ve heard here today at this conference. Tell them we need to work together on an increasing basis, not just with our national government, but with state and local governments, to ensure the continued security and prosperity of our nation.

The American people are counting on all of us. They deserve to know that their homes are free from prying eyes, their personal information is safe and secure, that their bank accounts can’t be robbed, that the lights will turn on when they flip the switch in the morning, and the American people deserve to know that our democracy cannot be corrupted, and that our nation is stronger and more secure, even in the midst of a technological revolution than it’s ever been before. This, we can do together.

So thank you for the opportunity to address you today, to wrap up what I trust has been a meaningful and productive dialogue. But I hope you will not feel that you’ve come here today and done your part by this attendance. I hope you leave here today with a burden on your heart to do more.

The truth is, as the Old Book says, we should “not grow weary in doing good, for in due season we will reap a harvest if we do not give up.” So don’t grow weary. Don’t grow weary in standing up for the security of the American people in the cyber domain.

With the trust of the American people, with the patriotism and collaboration of all of you gathered here who work together with us on this vital issue, with the leadership of President Donald Trump, and, I know, with the support and the prayers of the American people, we will defend our nation. We will defend our nation on this cyber frontier. And I know, as Americans have always done, we will do it together.


Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72250
    • View Profile
Re: Cyberwar, Cyber Crime, and American Freedom
« Reply #493 on: November 10, 2018, 11:35:48 AM »
 :-o :-o :-o

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72250
    • View Profile
Cyber Minutemen in Estonia
« Reply #494 on: December 07, 2018, 02:26:54 PM »


G M

  • Power User
  • ***
  • Posts: 26643
    • View Profile
Re: CISA and the shutdown
« Reply #496 on: January 11, 2019, 05:44:08 AM »
https://thehill.com/policy/national-security/424649-worries-mount-as-cybersecurity-agency-struggles-amid-shutdown

Americans murdered and raped last year by cybercrime? How about illegal aliens? Which is the most immediate threat?

DougMacG

  • Power User
  • ***
  • Posts: 19441
    • View Profile
Re: CISA and the shutdown
« Reply #497 on: January 11, 2019, 08:22:39 AM »
Q:  "Americans murdered and raped last year by cybercrime? How about illegal aliens? Which is the most immediate threat?"

A:  Both.

Cybersecurity [I didn't know we had any] should NOT be part of any 20% 'non-essential' shutdown.  Somebody screwed up on that!  Isn't the military funded?  Military intelligence should be ready to step in and take up the slack on all foreign threats.  Or use executive power to move military funds to those needs. 

I must confess having similar defeatist reaction to the story, who needs digital security when we just  leaving the door open.  But we do need digital security - 24/7!   The neglect of our security in both cases is unacceptable, threatening to the integrity and sovereignty our nation.

Thank you Bigdog for bringing this to our attention.

As Cher said to Speaker Pelosi, don't die on this hill.  Make a compromise, open the government and put new agreements in place of what areas must be funded first during the inevitable future disputes.

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72250
    • View Profile
Re: Cyberwar, Cyber Crime, and American Freedom
« Reply #498 on: January 11, 2019, 12:29:50 PM »
Very glad to have you with us again BD :-)

G M

  • Power User
  • ***
  • Posts: 26643
    • View Profile
Re: CISA and the shutdown
« Reply #499 on: January 11, 2019, 05:41:06 PM »
Q:  "Americans murdered and raped last year by cybercrime? How about illegal aliens? Which is the most immediate threat?"

A:  Both.

Cybersecurity [I didn't know we had any] should NOT be part of any 20% 'non-essential' shutdown.  Somebody screwed up on that!  Isn't the military funded?  Military intelligence should be ready to step in and take up the slack on all foreign threats.  Or use executive power to move military funds to those needs. 

I must confess having similar defeatist reaction to the story, who needs digital security when we just  leaving the door open.  But we do need digital security - 24/7!   The neglect of our security in both cases is unacceptable, threatening to the integrity and sovereignty our nation.

Thank you Bigdog for bringing this to our attention.

As Cher said to Speaker Pelosi, don't die on this hill.  Make a compromise, open the government and put new agreements in place of what areas must be funded first during the inevitable future disputes.

Gosh darn it, aside from the NSA, the US Mil cyber commands, the FBI and all the other multi-billion taxpayer dollar (And national debt) funded agencies, we were just one more multi-billion dollar agency aware from being protected!

Orange Man Bad! Amiright, Bigdog?