Posted tagged ‘Cyber security’

WikiLeaks publishes thousands of documents, claims they come from CIA cyber center

March 7, 2017

WikiLeaks publishes thousands of documents, claims they come from CIA cyber center, Washington ExaminerKyle Feldscher, March 7, 2017

WikiLeaks on Tuesday began releasing information it says is the largest ever publication of documents from the CIA, starting with more than 8,700 documents from the agency’s high-security network.

In a press release, WikiLeaks said the CIA “lost control of the majority of its hacking arsenal including malware, viruses, trojans, weaponized ‘zero day’ exploits, malware remote control systems and associated documentation.”

That loss of control allowed much of the CIA’s hacking capability to become public and was given to WikiLeaks.

According to the statement, Tuesday’s release shows the “scope and direction” of the CIA’s global hacking program. That program is meant to target American and European products such as the Apple iPhone, Android phones, the Microsoft Windows computer software system and Samsung TVs, which can be turned into microphones.

WikiLeaks says its source “details policy questions that they say urgently need to be debated in public, including whether the CIA’s hacking capabilities exceed its mandated powers and the problem of public oversight of the agency. The source wishes to initiate a public debate about the security, creation, use, proliferation and democratic control of cyberweapons.

“There is an extreme proliferation risk in the development of cyber ‘weapons,’ ” said Julian Assange, founder of WikiLeaks. “Comparisons can be drawn between the uncontrolled proliferation of such ‘weapons,’ which results from the inability to contain them combined with their high market value, and the global arms trade.

“But the significance of ‘Year Zero’ [the first part of the release] goes well beyond the choice between cyberwar and cyberpeace. The disclosure is also exceptional from a political, legal and forensic perspective.”

Trump Will Keep Vow on Jerusalem Embassy Move, Giuliani Says

January 27, 2017

Trump Will Keep Vow on Jerusalem Embassy Move, Giuliani Says, Bloomberg, Michael Arnold and Jonathan Ferziger, January 26, 2017

(President Trump is not doing everything first. How odd. He must be very lazy. — DM)

trumpsalutesPresident Donald Trump salutes as he exits Marine One at the White House, Jan. 26. Photographer: Drew Angerer/Getty Images

President Donald Trump will keep his pledge to move the U.S. embassy in Israel to Jerusalem, former New York City Mayor Rudolph Giuliani said, despite Palestinian warnings that such a step would spark violence and sabotage the prospect of renewed peace talks.

Traveling to Israel with messages from Trump to Prime Minister Benjamin Netanyahu, Giuliani said the new U.S. president and his advisers will probably take “six months or so” to develop a new strategy for American peace efforts in the Middle East. How and when the U.S. moves the embassy will be discussed when Netanyahu visits the White House in early February, Giuliani said.

“I think you’ve got to wait a little bit, but it will get done,” Giuliani said of the embassy move, speaking in an interview at the Tel Aviv offices of Greenberg Traurig LLP. He heads the law firm’s global Cybersecurity, Privacy and Crisis Management practice.

The fate of Jerusalem is among the most sensitive issues Israelis and Palestinians will need to address in any future peace negotiations. Israel took the eastern part of Jerusalem from Jordan in the 1967 Middle East War and considers all of the city as its capital, while the Palestinians want the eastern portion as the capital of their hoped-for state.

Trump realizes the embassy decision “implicates four or five countries and how they’re going to react,” Giuliani said. “He needs to know how the prime minister of Israel is going to react and how he wants to see something like this done.”

Warm Relationship

Trump on Thursday told Fox News it was too early for him to speak publicly on the issue. Giuliani, who was known during his tenure for a hard-line attitude toward even petty crime in New York City, dismissed Palestinian warnings that moving the embassy would ignite the whole region.

“I think this country is capable of dealing with waves of violence,” the former mayor said.

Giuliani predicted Netanyahu and Trump would have a “very, very good, collaborative relationship,” as opposed to what he described as the “hostile relationship” between President Barack Obama and the Israeli leader.

The changed atmosphere was already evident in the first week of Trump’s tenure. While construction plans beyond Israel’s 1967 border were a recurring source of friction with the Obama administration, Trump was silent this week as Israeli officials approved plans for 2,500 housing units in the West Bank and hundreds of apartments in eastern Jerusalem.

Hanan Ashrawi, a member of the Palestine Liberation Organization’s Executive Committee, called the building plans a “flagrant violation of international law” and accused Israel of “exploiting the inauguration of the new American administration to escalate its violations and the prevention of any existence of a Palestinian state.”

Cybersecurity

Trump considered Giuliani for attorney general and secretary of state before ultimately naming him to head a committee on cybersecurity. Giuliani said he discussed cyberdefense with Netanyahu and other Israeli officials Thursday and will return in a few months for more substantive talks on the subject. Israel is among the global leadersin the field.

“We realize in the United States that we have a cybersecurity defense problem,” Giuliani said. His committee is tasked with organizing private-sector experts into groups that can help address the government’s cyber priorities, he said.

White House to End Defense Sequester, Boost Military’s Cyber Capabilities

January 23, 2017

White House to End Defense Sequester, Boost Military’s Cyber Capabilities, Washington Free Beacon, January 23, 2017

(Now that we have a President who will use the military to the nation’s benefit, it needs additional resources. There is no truth to any rumor that Hillary Clinton will be hired as a cyber security expert.– DM)

President Donald Trump sits at his desk as he waits for White House Chief of Staff Reince Priebus, left, to deliver three executive orders for his signature, Monday, Jan. 23, 2017, in the Oval Office of the White House in Washington. (AP Photo/Evan Vucci)

President Donald Trump sits at his desk as he waits for White House Chief of Staff Reince Priebus, left, to deliver three executive orders for his signature, Monday, Jan. 23, 2017, in the Oval Office of the White House in Washington. (AP Photo/Evan Vucci)

Donald Trump’s administration will end the defense sequester and direct U.S. military leaders to develop defensive and offensive cyber capabilities to bolster the armed forces.

The military budget, missile defense, and cyber defense are priorities for the new White House, according to a statement on its website laying out Trump’s plan to “make our military strong again.”

Military leaders have spotlighted how reductions in defense spending have compromised the future military readiness of the joint force. In congressional testimony last fall, service leaders disclosed that their forces would not be able to defend the United States against current and future threats if sequestration continued.

According to the White House, Trump plans to end the defense sequester and send a new budget to Congress outlining his plan to rebuild the military. It is unclear how much defense spending Trump will propose, but the White House said he will commit to providing military leaders “with the means to plan for our future defense needs.” The Pentagon operates on a roughly $600 billion annual budget.

The Budget Control Act of 2011 implemented a package of automatic spending cuts to defense and discretionary domestic spending. The cuts, designed to take place over a decade, are expected to erode defense spending by roughly $1 trillion.

Some Republican members of Congress have been vocal about the need to reverse cuts that have squeezed the defense budget, as well as force drawdowns authorized during the Obama administration. Sen. John McCain (R., Ariz.), who chairs the Senate Armed Services Committee, unveiled a plan last week that would boost national defense spending by $430 billion over five years, repeal the Budget Control Act, and increase the services’ force levels.

Defense Secretary James Mattis, who was confirmed by the Senate to lead the Pentagon on Friday, will be responsible for plans to bolster the military. Mattis underscored his commitment to ending the defense sequester during his confirmation hearing earlier this month, saying the military could not deter potential adversaries like Russia and China at present.

The Trump administration also plans to develop a “state-of-the-art missile defense system” to protect against missile threats from Iran and North Korea, given their development of ballistic missiles and nuclear weapons.

The United States last year deployed a missile defense system in Romania to protect NATO allies against missile threats from Iran and other rogue states. It plans to deploy the advanced THAAD anti-missile system to South Korea as soon as possible. Both Russia and China regard the U.S. missile defense shield as a threat, and have agreed to work on countermeasures against U.S. anti-missile technology.

Trump also intends to make cyber defense a priority of the U.S. military, according to the White House. Cyber attacks have become a source of serious concern among congressional lawmakers and the media as a result of the intelligence community’s conclusions about the Russian government’s hacking campaign aimed at the U.S. presidential election.

The intelligence community concluded in an unclassified report released this month that Russia used cyber attacks and disinformation to undermine the election and damage Democratic nominee Hillary Clinton.

“Cyberwarfare is an emerging battlefield, and we must take every measure to safeguard our national security secrets and systems,” the White House website states. “We will make it a priority to develop defensive and offensive cyber capabilities at our U.S. Cyber Command, and recruit the best and brightest Americans to serve in this crucial area.”

The Pentagon’s inspector general concluded at the end of last year that the department faces significant challenges in cyber security after it uncovered a “wide range of cyber security weaknesses” in Defense Department systems during fiscal year 2016.

Trump, who has sharply criticized the intelligence community’s conclusions about Russia, has already said he will appoint a team to develop a strategy to combat cyber attacks within 90 days of taking office.

Humor | Trump drops threat to investigate Clinton, forces her into 10-year-long cyber awareness training

November 27, 2016

Trump drops threat to investigate Clinton, forces her into 10-year-long cyber awareness training, Duffel Blog, November 26, 2016

cybergirl

WASHINGTON — After more than two years of investigations into the use of a private email server by former Secretary of State Hillary Clinton, President-elect Donald Trump and his Republican colleagues have decided to punish her with what critics are describing as “absolute torture.”

Though Trump said on Tuesday that he would drop any further investigation into Clinton’s use of a private email server, the President-elect said that she would instead be forced to endure up to 10 years of cyber awareness training instead.

”Secretary Clinton has proven she does not understand how to properly handle classified material,” Rep. Trey Gowdy (R-S.C.) said. “So she will be required to complete the annual Cyber Awareness training required for all military personnel. She will do so everyday, excluding weekends and holidays, for the next 10 years.”

Many Republicans and other top officials were stunned by the announcement.

”A fate worse than death,” said Republican House Speaker Paul Ryan.

”I wouldn’t wish that shit on my worst enemy,” said retired Marine Gen. James ”Mad Dog” Mattis, who is considered a frontrunner for Defense Secretary. ”I have always believed that the punishment should fit the crime but this, this is almost barbaric.”

”All I have to say is HA!” said Lance Cpl. Conrad Bowman. Bowman is an intelligence analyst with 1st Battalion, 8th Marines.

At press time, Clinton was reportedly asking close aides what difference does it make while mindlessly clicking through a suicide awareness brief.

FULL EVENT: Donald Trump Speaks at Retired American Warriors PAC Event 10/3/16

October 4, 2016

FULL EVENT: Donald Trump Speaks at Retired American Warriors PAC Event 10/3/16 via YouTube

(Trump focuses on cyber security. The text of his remarks is available here. — DM)

National Security Professionals and Cyber Experts Call for Pentagon Intervention on Surrender of the Internet

September 28, 2016

National Security Professionals and Cyber Experts Call for Pentagon Intervention on Surrender of the Internet, Center for Security Policy, September 26, 2016

csp

Washington, D.C.: Dozens of experienced national security professionals and experts on cyber threats and warfare joined forces today to urge the Secretary of Defense and Chairman of the Joint Chiefs of Staff to oppose the transfer of the last vestige of U.S. control of the Internet to a non-profit organization in less than a week.

As things stand now, on 1 October, President Obama intends to transfer all responsibilities for naming and numbering domain addresses on the Internet to a non-profit organization known as the Internet Corporation for Assigned Names and Numbers (ICANN). Should that happen, the United States will no longer have any control over the addresses that serve to make all websites accessible and allow users to connect to the Internet. Currently, the U.S. Department of Commerce’s National Telecommunications and Information Administration (NTIA) reviews all new addresses and authorizes them to be posted to the authoritative root server (the “A Server”) by Verisign.

In the attached letter to Defense Secretary Ashton Carter and Joint Chiefs of Staff Chairman Gen. Joseph Dunford, current and former leaders in industry, national security, homeland and cyber security express strong concerns about the likely implications of such a step and seek a one-year delay to allow full consideration of these issues:

The Internet Assigned Numbers Authority function is critical to our nation’s ability to effectively defend our national assets and civilian population and ensure integrity in our cyberwarfare capabilities….DoD is reliant upon private sector critical infrastructure for its operations, and the integrity and security of the IP addresses associated with these assets are equally important to the protection of the American people.

Of…immediate concern to us…is the prospect that the United States might be transferring to future adversaries a capability that could facilitate, particularly in time of conflict, cyberwarfare against us. In the absence of NTIA’s stewardship, we would be unable to be certain about the legitimacy of all IP addresses or whether they have been, in some form or fashion, manipulated, or compromised. Given the reliance of the U.S. military and critical infrastructure on the Internet, we must not allow it to be put needlessly at risk.

The signatories, headed by storied leaders of the defense industrial sector and cyberspace, CACI International’s Executive Chairman, J.P. “Jack” London, and the former Chairman of Network Solutions, Michael A. Daniels, represent several centuries’ worth of experience in safeguarding America and its computer systems. They conclude with the bottom line: “There is, to our knowledge, no compelling reason for exposing the national security to such a risk by transferring our remaining control of the Internet in this way at this time.”

To learn more about what is at stake and the necessity of the executive branch and/or the Congress preventing this needless and avoidable disaster, contact Jody Westby, CEO of Global Cyber Risk LLC, at 202-255-2700 or westby@globalcyberrisk.com.

Here is the letter:

September 26, 2016

Hon. Ashton B. Carter
Secretary of Defense The Pentagon
Washington, D.C. 20301

General Joseph F. Dunford, Jr.
Chairman, Joint Chiefs of Staff The Pentagon
Washington, D.C. 20301

Dear Secretary Carter and Chairman Dunford:

As individuals with extensive, first-hand experience with protecting our national security, we write to urge you to intervene in opposition to an imminent action that would, in our judgment, cause profound and irreversible damage to the United States’ vital interests.

On October 1st, the contract between the Commerce Department’s National Telecommunications and Information Administration (NTIA) and the Internet Corporation for Assigned Names and Numbers (ICANN) will expire. Upon expiration, the President will allow the Government’s remaining control over the Internet to transfer to ICANN. This includes the Internet Assigned Numbers Authority (IANA) function and NTIA’s review of all Internet Protocol addresses and authorization for them to be placed on the authoritative root server (the A Server). In simple terms, nothing now is accessible on the Internet until it has undergone an IP address assignment and NTIA review and NTIA has authorized Verisign to post the address to the A server.

The IANA function is critical to our nation’s ability to effectively defend our national assets and civilian population and ensure integrity in our cyberwarfare capabilities. As Congress has considered this transfer of authority, it has stated that ICANN should ensure that .mil and .gov remain exclusive to DoD and that all IP addresses assigned to DoD are used exclusively by the Government. That ignores the fact that DoD is reliant upon private sector critical infrastructure for its operations, and the integrity and security of the IP addresses associated with these assets are equally important to the protection of the American people.

In the absence of U.S. Government involvement in IANA, it seems possible that, over time, foreign powers – including potentially or actually hostile ones – will be able to influence the IANA process. Even coercing the delay in approving IP addresses could impact military capabilities. From a broader view, given the well-documented ambition of these actors to restrict freedom of expression and/or entrepreneurial activity on the Internet, such a transfer of authority to ICANN could have far-reaching and undesirable consequences for untold numbers of people worldwide.

Of more immediate concern to us, however, is the prospect that the United States might be transferring to future adversaries a capability that could facilitate, particularly in time of conflict, cyberwarfare against us. In the absence of NTIA’s stewardship, we would be unable to be certain about the legitimacy of all IP addresses or whether they have been, in some form or fashion, manipulated, or compromised. Given the reliance of the U.S. military and critical infrastructure on the Internet, we must not allow it to be put needlessly at risk.

Indeed, there is, to our knowledge, no compelling reason for exposing the national security to such a risk by transferring our remaining control of the Internet in this way at this time.

In light of the looming deadline, we feel compelled to urge you to impress upon President Obama that the contract between NTIA and ICANN cannot be safely terminated at this point. At a minimum, given the irreversible character of this decision and its potential for grave and enduring harm to our national security and other vital interests, the decision should be delayed.

Sincerely,

J.P. “Jack” London
Executive Chairman CACI International, Inc.

Michael A. Daniels
Former Chairman, Network Solutions

Jody R. Westby
CEO, Global Cyber Risk LLC and
Former Chief Administrative Officer & Counsel, In-Q-Tel

Adm. James A. “Ace” Lyons, USN (Ret.) Former Commander-in-Chief
U.S. Pacific Fleet

Frank J. Gaffney, Jr.
Former Assistant Secretary of Defense (Acting)

Lt. Gen. William “Jerry” Boykin, USA (Ret.)
Former Deputy Under Secretary of Defense for Intelligence

Hon. Pete Hoekstra
Former Chairman, House Intelligence Committee

Oliver “Buck” Revell
Associate Deputy Director (Ret.) Federal Bureau of Investigation

Lt. Gen. Thomas McInerney, USAF (Ret.)
Former Deputy Chief of Staff, United States Air Force

Hon. Michelle Van Cleave
Former Counter-Intelligence Executive

Rep. Brian Babin (TX-36)
Chairman, House of Representatives’ Committee on Science Space and Technology Subcommittee

Hon. Jon Kyl
Former Senate Minority Whip

Dr. Lani Kass
Former Director, Air Force Chief of Staff’s Cyber Task Force

Hon. Charles E. Allen
Former Under Secretary of the Department of Homeland Security for Intelligence and Analysis

Lt. Gen. C. E. McKnight, Jr., USA (Ret.)
Former Director, Command and Control Systems for Nuclear Forces, Joint Chiefs of Staff

Hon. John G. Grimes
Former Assistant Secretary, Networks & Information Integration and
DoD, Chief Information Officer

Lt. Gen. Robert J. Elder, USAF (Ret.)
Former Commander, U.S. Air Force Network Operations

Rep. Dave Brat (VA-7)

Vice Adm. Robert R. Monroe, USN (Ret.)
Former Director, Defense Nuclear Agency

Maj. Gen. Henry Canterbury, USAF (Ret.)
Former Operations and Readiness, Air Staff Pentagon

Daniel J. Gallington
Former General Counsel Senate Select Committee on Intelligence

Maj. Gen. Harold “Punch” Moulton, USAF (Ret.)
Former Director of Operations, U.S. European Command

Maj. Gen. Kenneth R. Israel, USAF (Ret.)
Former Director of Defense Airborne Reconnaissance Office

Andrew McCarthy
Former Chief Assistant U.S. Attorney Southern District of New York

Hon. Paula A. DeSutter
Former Assistant Secretary of State and Professional Staff Member, U.S. Senate Select Committee on Intelligence

Rear Adm. Philip S. Anselmo, USN (Ret.)
Former Director of Command Control Communications Computers and Intelligence (C4I)

Rear Adm. Pierce J. Johnson, USN (Ret.)
Former Chief of Staff, U.S. Regional Headquarters, Lisbon (Portugal)

Lt. Gen. C. Norman Wood, USAF (Ret.)
Former Director, Intelligence Community Staff

Dan Goure
Former Director of the Office of Strategic Competitiveness in the Office of the Secretary of Defense

Thomas H. Handel
Former Executive Director, Naval Information Warfare Activity (now Navy Cyber Warfare Development Group)

Vice Adm. Edward W. Clexton, Jr., USN (Ret.)
Former Deputy Commander, U.S. Atlantic Fleet, Commander, Carrier Strike Group, and Deputy Commander in Chief, US Naval and Marine Forces, Europe

Vice Adm. Jerry L. Unruh, USN (Ret.)
Former Commander, U.S. Third Fleet

Rear Adm. Albert A. Gallotta, Jr., USN (Ret.)
Vice Commander, Naval Electronics Systems Command

Rear Adm. H. Winsor Whiton, USN (Ret.)
Former Commander of the Naval Security Group and former Deputy Director of the National Security Agency for Plans, Policy, and Programs

Lt. Gen. Bennett L. Lewis, USA (Ret.)
Former Deputy Assistant Secretary of Defense, Mobilization and Director, Defense Mobilization Systems Planning Activity

Lt. Gen. Tex Brown, USAF (Ret.)
Former Assistant Vice Chief of Staff, U.S. Air Force

Rear. Adm. Charles R. Kubic, CEC, USN (Ret.)
Former Commander, First Naval Construction Division

Rear Adm. Phillip R. Olson, USN (Ret.)
Former President of the U.S. Navy Board of Inspection and Safety

Victoria Coates
National Security Advisor to Sen. Ted Cruz

Morgan Wright
Senior Fellow, Center for Digital Government

Mike Steinmetz
President & CEO, Digital Executive LTD

Brig. Gen. Peyton Cole, USAF (Ret.)
Former Executive Secretary, U.S. Department of Defense

Capt. David E. Meadows, USN (Ret.)
Former Deputy Commander Naval Security Group

Capt. Scott W. Witt, USN (Ret.)
Former Chief, Weapons and Space, National Security Agency

Capt. Michael Sare, USN (Ret.)
Former Navy Cryptologist / Cyber Warfare Officer

Katherine C. Gorka
President, Council on Global Security

Col. R. J. Peppe, USAF (Ret.)
Former Chief, Selection Board Secretariat

Michael J. Jacobs
Former Information Assurance Director, NSA

Gwyn Whittaker
Former CEO, Mosaic, Inc.

Lynn Schnurr
Former Army Chief Information Officer and Defense Intelligence Senior Executive Service

Frederick Fleitz
Senior VP, Center for Security Policy and former CIA Analyst

Daniel J. Bongino
Former Secret Service Agency, Presidential Protection Division

Col. F. E. Peck, USAF (Ret.)

Lt. Col. Jim Webster, USAF (Ret.)

Lt. Col. Floyd H. Damschen, USAF (Ret.)

Col. Raymond C. Maestrelli, DDS USAF (Ret.)

Col. Ed Leonard, USAF (Ret.)

Maj. Gen. Gary L. Harrell, USA (Ret.)

Christian Whiton
Former State Department Senior Advisor

Maj. Gen. John Miller, USAF (Ret.)

Maj. Gen. Timothy A. Peppe, USAF (Ret.)

Col. Richard W. Dillon, USA (Ret.)

Lt. Col. Ronald King, USA (Ret.)

David P. Goldman
Columnist, Asia Times and PJ Media Capt.

James H. Hardaway, USN (Ret.)

Lt. Gen. Gordon E. Fornell, USAF (Ret.)

Rear Adm. Thomas F. Brown III, USN (Ret.)

Col. Daniel Pierre, USAF (Ret.)

S.C. Robinson, Ret.
Section Manager, Y-12 National Security Complex

Richard T. Witton, Jr. (Ret.)

Col. Michael R. Cook (Ret.)

Roger Kimball Editor and author

Larry Cox
President, Western Slopes Security Services

Angie Lienert
President & CEO, IntelliGenesis LLC

Col. Willard Snell, USAF (Ret.)

David Winks
Managing Director, AcquSight, Inc.

Maj. Gen. Michael Snodgrass, USAF (Ret.)

Obama eyes takeover of presidential election security

August 3, 2016

Obama eyes takeover of presidential election security, Washington ExaminerPaul Bedard, August 3, 2016

Amid new claims from Republican Donald Trump that the fall election may be “rigged” against him, the Obama administration is considering taking a step toward nationalizing the cyber security of the process, according to Homeland Security Secretary Jeh Johnson.

“We should carefully consider whether our election system, our election process, is critical infrastructure like the financial sector, like the power grid,” Johnson told a media breakfast Wednesday.

“There’s a vital national interest in our election process, so I do think we need to consider whether it should be considered by my department and others critical infrastructure,” he said at the breakfast hosted by the Christian Science Monitor.

DHS plays a vital security role in 16 areas of critical infrastructure. DHS describes it this way: “There are 16 critical infrastructure sectors whose assets, systems, and networks, whether physical or virtual, are considered so vital to the United States that their incapacitation or destruction would have a debilitating effect on security, national economic security, national public health or safety, or any combination thereof.”

A White House policy directive adds, “The federal government also has a responsibility to strengthen the security and resilience of its own critical infrastructure, for the continuity of national essential functions, and to organize itself to partner effectively with and add value to the security and resilience efforts of critical infrastructure owners and operators.”

Johnson did not identify any current problems with security of the elections, but did note that there are thousands of localities that conduct elections differently.

“There’s no one federal election system. There are some 9,000 jurisdictions involved in the election process,” he said.

“There’s a national election for president, there are some 9,000 jurisdictions that participate, contribute to collecting votes, tallying votes and reporting votes,” he said.

Without giving many details of what his department of the administration had in mind, he did say that in the short term he would likely reach out to the 9,000 jurisdictions with advice on how to conduct security of the election.