Category Archives: Cyber War

Hey Trump Meet America Under Siege 2017

Posted on by

Add outgoing Secretary of State John Kerry who will not be attending and not providing a reason. Further, in Barack Obama’s last White House press briefing, he refused to comment on his thoughts as to those in his party that will not be attending.

****

In his final press conference as president on Wednesday, Barack Obama declined to comment on the growing list of Democrats who are refusing to attend President-elect Donald Trump’s inauguration on Friday

FOX News’ Kevin Corke asked the 44th president if he supports the dozens of Democratic lawmakers who have vowed to boycott Trump’s inauguration.

“With respect to the inauguration, I’m not going to comment on those issues,” Obama responded. “All I know is I’m going to be there, so is Michelle.”

First lady Michelle Obama seemed to indicate her support for Rep. John Lewis, who is one of the most prominent lawmakers boycotting the inauguration, when she sent a tweet calling him a “great leader” on Monday. More here.

Related reading: A.N.S.W.E.R. Sued over Free Speech Space on Inauguration

Related reading: Here Are All the Members of Congress Who Are Boycotting Trump’s Inauguration — and Why

 

Protesters host ‘Queer Dance Party’ in front of Mike Pence’s DC home

2 Strange Things in DC on the Same Day, Russia Again?

Posted on by

Politico reports: Senate Intelligence Chairman Richard Burr (R-N.C.) said late Friday that his committee would investigate possible contacts between Donald Trump’s campaign and Russia, reversing himself one day after telling reporters that the issue would be outside of his panel’s ongoing probe into Moscow’s election-disruption efforts.
In a statement issued jointly with the committee’s top Democrat, Virginia Sen. Mark Warner, Burr said the committee would use “subpoenas if necessary” to secure testimony from Obama administration officials as well as Trump’s team on Russia’s cyberattacks and on other efforts at election meddling.

While members of Congress received a briefing on Russian intrusions, what more do they know that is not being reported? Could the two items below be part of Russian interference?

C-SPAN Feed Mysteriously Broadcasts Russia Today

IBT: In a strange moment of startling symmetry with the current state of American politics, C-SPAN—the public affairs network that regularly broadcasts proceedings of the House of Representatives and Senate—was interrupted by a broadcast of Russia Today.

The state-funded Russian news network briefly took over the online feed of C-SPAN1, which had been broadcasting a discussion in Congress regarding the Securities and Exchange Commission Regulatory Accountability Act.

As Rep. Maxine Waters, D-Calif., was speaking the feed suddenly cut from the House floor to a broadcast of RT. The feed cut in with a commercial break before returning to the RT news desk, where an anchor spoke of a suicide bombing.

C-Span confirmed the incident in a statement to IB Times: “This afternoon the online feed for C-SPAN was briefly interrupted by RT programming. We are currently investigating and troubleshooting this occurrence. As RT is one of the networks we regularly monitor, we are operating under the assumption that it was an internal routing issue. If that changes we will certainly let you know.”

Multiple C-SPAN watchers made mention of the sudden change on Twitter, including Deadspin editor Timothy Burke, who captured the moment the C-SPAN feed switched to RT.

The takeover reportedly lasted about 10 minutes before the C-SPAN feed returned. The interruption does not appear on the saved broadcast hosted on the network’s website.

Viewers who caught the original broadcast and the subsequent clip shared on Twitter assumed the interruption was the result of Russian hacking.

Despite the initial assertion from people on social media implicating Russia of hacking C-SPAN, the network viewed it as a likely technical problem.

IB Times also reached out to Russia Today but has not yet received a response.

The apparent takeover of the C-SPAN feed comes after reports of Russian hackers interfering with the U.S. presidential election. According to recent reports, Russian president Vladimir Putin was directly involved in the hacking efforts, which resulted in the theft and publication of private emails belonging to the Democratic National Committee and John Podesta, the chairman of the Hillary Clinton campaign.

U.S. intelligence chiefs are in apparent agreement that Russia attempted to influence the outcome of the election to benefit Donald Trump.

****

CBS: CIA Director nominee Mike Pompeo is on Capitol Hill Thursday for his hearing in front of the Senate Intelligence Committee — but that hearing was put on hold when the lights unexpectedly went out.

Committee Chairman Richard Burr (R-N.C.) gave brief opening remarks and introduced Pompeo, saying that if confirmed he will lead “what I believe to be one of our nation’s most treasured assets.”

Next, Vice Chairman Mark Warner (D-Virginia) began speaking, saying he looked forward to hearing Pompeo’s thoughts on a number of the challenges facing the CIA in 2017.

“The agency you have been nominated to head is facing a number of challenges brought on by a changing world and which will require great leadership to drive organizational adaptation to meet,” Warner said.

As Warner began to address concerns over Russian election interference, at about 10:15 a.m., the lights went out — and C-SPAN’s cameras cut out completely.

Warner initially continued with his remarks, but ultimately took a recess because of the power issue. The hearing was moved to another room.

Cruz: Obama ‘rolled over’ on hacking and Trump gets Advice

Posted on by

He is right and the proof most recently was in February of 2016, with the posted Executive Orders.

WASHINGTON — Through two executive orders signed Tuesday, President Obama put in place a structure to fortify the government’s defenses against cyber attacks and protect the personal information the government keeps about its citizens.

The orders came the same day as Obama sent to Congress a proposed 2017 budget that includes $19 billion for information technology upgrades and other cyber initiatives.

In September of 2015, Obama held a meeting on cyber with China’s Xi. Perhaps there was no formal sanction or punishment of China due in part to the U.S. debt they hold. Obama also held meetings with key Congressional leaders in 2015 on the issue of cyber. Going back to 2013, Obama held sessions with corporate CEO’s to discuss efforts to improve cybersecurity amid growing concerns within the administration over attacks from China targeting American businesses.

The president will discuss efforts to address the cyber threat facing the country and get the executives’ feedback on how the government and private sector can forge a relationship to improve cybersecurity in the United States, according to The White House. The meeting will be held in the Situation Room and attendees include AT&T CEO Randall Stephenson and Northrup Grumman CEO Wesley Bush.

Not until February of 2016, did Obama launch the Cybersecurity National Action Plan which was headed by Tom Donilon, his National Security Advisor and Sam Palmisano, former CEO of IBM. There was no traction and given the recent cyber intrusions, there is likely a LOT of ‘ooops’ coming from the White House and should. No corporation, bank, government agency or other private entity ever wants to publically announced they have been hacked or their vulnerability, as it only invites more cyber chaos but the United States including top government agencies and the White House along with the State Department have all been victim of both Russian and Chinese cyber attacks of various forms.

***

Sen. Ted Cruz says he hopes the incoming Trump administration is tougher on dealing with cyberattacks than the “weakness” he saw from President Obama on hacking by Russia and other foreign adversaries.

“One of the reasons these cyberattacks are so prevalent is that Barack Obama and his administration have rolled over for eight years,” Cruz said Thursday on “The Mike Gallagher Show.”

“They have shown nothing but weakness and appeasement in the face of those attacks. This is something I hope and believe will change with the new administration,” he said.

Cruz insisted neither Russian hacking nor WikiLeaks revelations last year about the Democratic Party significantly influenced Donald Trump’s victory in the presidential election.

“I think that there’s no evidence whatsoever that Russia’s efforts against us, which have been longstanding, did anything to affect the campaign,” said Cruz, who competed against Trump in last year’s GOP primaries.

“It’s, frankly, patently absurd,” Cruz added of claims Russia or WikiLeaks helped Trump win. “You can’t credibly argue that [WikiLeaks’] disclosures impacted the election because most voters never heard it.” More here from TheHill.

****

Task Force Issues Cybersecurity Advice to Donald Trump

‘From Awareness to Action: A Cybersecurity Agenda for the 45th President’

A task force co-chaired by two U.S. lawmakers and a former federal CIO is issuing a 34-page report recommending a cybersecurity agenda for the incoming Trump administration. The report recommends the new administration jettison outdated ways the federal government tackles cybersecurity, noting: “Once-powerful ideas have been transformed into clichés.”

The report from the CSIS Cyber Policy Task Force – From Awareness to Action: A Cybersecurity Agenda for the 45th President – will be formally unveiled on Jan. 5. It comes from the think tank Center for Strategic and International Studies, which sponsored the Commission on Cybersecurity for the 44th Presidency that made recommendations to then-President-elect Barack Obama in 2008.

“In the eight years since that report was published, there has been much activity, but despite an exponential increase in attention to cybersecurity, we are still at risk and there is much for the next administration to do,” the new report’s introduction states.

Cybersecurity Goals for Trump Administration

The task force outlined five major issues President-elect Donald Trump and his administration should address, including:

  1. Deciding on a new international strategy to account for a very different and dangerous global security environment.
  2. Making a greater effort to reduce and control cybercrime.
  3. Accelerating efforts to secure critical infrastructures and services and improving cyber hygiene across economic sectors. As part of this, the Trump administration must develop a new approach to securing government agencies and services and improve authentication of identity.
  4. Identifying where federal involvement in resource issues, such as research or workforce development, is necessary, and where such efforts are best left to the private sector.
  5. Considering how to organize the U.S. effort to defend cyberspace. Clarifying the role of the Department of Homeland Security is crucial, and the new administration must either strengthen DHS or create a new cybersecurity agency.

Ditching Outmoded Security Practices

Task force members recommend the new administration should get rid of outdated ways the federal government tackles cybersecurity. The report notes: “Statements about strengthening public-private partnerships, information sharing or innovation lead to policy dead ends. … Once-powerful ideas have been transformed into clichés. Others have become excuses for inaction.”

As an example, the task force cites the National Strategy for Trusted Identities in Cyberspace, a government initiative unveiled in 2011, which envisioned a cyber-ecosystem that promotes trust and security while performing sensitive transactions online. The task force contends NSTIC “achieved little,” asserting that such initiatives fail because they aren’t attuned to market forces. “There are few takers for a product or service for which there is no demand or for which there are commercial alternatives.”

The task force makes recommendations on dozens of policies and technologies.

On encryption, for instance, it suggests that the president develop a policy that supports the use of strong encryption for privacy and security while specifying the conditions and processes under which assistance from the private sector for lawful access to data can be required. It also states that the president should direct the National Institute of Standards and Technology to work with encryption experts, technology providers and internet service providers to develop standards and ways to protect applications and data in the cloud and provide secure methods for data resiliency and recovery.

“Ultimately,” the report says, “encryption policy requires a political decision on risk. Untrammeled use of encryption increases the risk from crime and terrorism, but societies may find this risk acceptable given the difficulty of imposing restrictions. No one in our groups believed that risk currently justifies restrictions.”

Battling Cybercrime

In battling cybercrime, the task force sees “active defense,” a term it says has become associated with vigilantism, hack back and cyber privateers, as only a stopgap measure to address the private sector’s frustration over the apparent impunity of trans-border criminals. The Trump administration should seek ways to help companies move beyond their traditional perimeter defenses and focus on identifying federal actions that could disrupt cybercriminals’ business model or expand the work of federal agencies and service providers against botnets, according to the report.

To make cybercrime less profitable, the task force recommends the new administration identify actions that would impede the monetization of stolen data and credentials. Other recommendations include accelerating the move to multifactor authentication and identifying better ways to counter and disrupt botnets, a growing risk as more devices become connected to the internet. The task force says this could be done by expanding the ability to obtain civil injunctions for use against botnets and raising the penalties for using botnets against critical infrastructure.

The role of the military to protect civilian critical infrastructure turned out to be among the most contentious issues the group debated. A few task force members said that the Defense Department should play an expanded and perhaps leading role in critical infrastructure protection, according to the report. Most members, though, believed that this mission must be assigned to a civilian agency, not to DoD or a law enforcement agency such as the FBI.

“While recognizing that the National Security Agency, an element of DoD, has unrivaled skills, we believe that the best approach is to strengthen DHS, not to make it a ‘mini-NSA,’ and to focus its mission on mitigation of threats and attacks, not on retaliation, intelligence collection or law enforcement,” the report states.

Organizing Government Cybersecurity

DHS is the focal point in cybersecurity protection among civilian agencies as well as civilian-led critical infrastructure. The task force recommends that an independent agency be established within DHS focused exclusively on cybersecurity.

The task force says Trump should quickly name a new cybersecurity coordinator and elevate the White House position two notches to assistant to the president from special assistant to the president. Also, the group says Trump should back away from his pledge to conduct a cybersecurity review, as was done at the beginning of the Obama administration.

The task force co-chairs are:

  • Rep. Michael McCaul, R-Texas, chairman of the House Homeland Security Committee and co-founder of the Congressional Cybersecurity Caucus;
  • Sen. Sheldon Whitehouse, D-R.I., sponsor of legislation to require federal law enforcement and national security agencies to account for cyberattacks;
  • Karen Evans, a cybersecurity adviser to the Trump transition team who’s national director of the U.S. Cyber Challenge and formerly served as White House administrator for e-government and information technology, a position now known as U.S. CIO; and
  • Sameer Bhalotra, co-founder and CEO of the cybersecurity startup Stackrox and a senior associate at CSIS.

CSIS Senior Vice President James Lewis, the think tank’s cybersecurity expert, served as the task force project director.

How bad is it?

USAToday:

Exhibit A: The Social Security Administration system still runs on a platform written in the 1960s in the COBOL programming language, and takes 400 people just to maintain, Obama said.

“If we’re going to really secure those in a serious way, then we need to upgrade them,” Obama told reporters Tuesday after meeting with advisers on the issue. “And that is something that we should all be able to agree on. This is not an ideological issue. It doesn’t matter whether there’s a Democratic President or a Republican President. If you’ve got broken, old systems — computers, mainframes, software that doesn’t work anymore — then you can keep on putting a bunch of patches on it, but it’s not going to make it safe.”

To implement those upgrades, Obama created two new entities Tuesday: The first, a Commission on Enhancing National Cybersecurity, will be made up of business, technology, national security and law enforcement leaders who will make recommendations to strengthen online security in the public and private sectors. It will deliver a report to the president by Dec. 1.

The second, a Federal Privacy Council, will bring together chief privacy officers from 25 federal agencies to coordinate efforts to protect the vast amounts of data the federal government collects and maintains about taxpayers and citizens.

Obama’s cybersecurity adviser, Michael Daniel, said the structure allows the administration to move forward even without additional authority from Congress by “driving our executive authority to the limit.”

The administration’s plan will look at cybersecurity both inside and outside the government. There will be more training and shared resources among government agencies, 48 dedicated teams to respond to attacks, and student loan forgiveness to help recruit top technical talent.

But the will plan also promote better security practices throughout the economy, by encouraging through multi-factor authentication that uses additional information in addition to a password. The government is also looking to reduce its use of Social Security numbers the unique identifier for all Americans.

Across the government, the Obama administration wants to spend $19 billion on cybersecurity in 2017, a 35% increase over 2016. But the plan does not rely on an increase in funding. “We can do quite a bit of it even without the additional resources,” Daniel said.

The White House said it also plans to create the new position of Chief Information Security Officer to coordinate modernization efforts across the government, including a a $3.1 billion Information Technology Modernization Fund. “That’s a key role that many private-sector companies have long implemented, and it’s a good practice for the federal government,” said Tony Scott, the U.S. Chief Information Officer.

The president is expected to meet with national security advisers Tuesday morning to launch the new effort.

Cyber Hacking Tools for Sale on Underground Network

Posted on by

Executive Editor Fionnuala Sweeney sits down with Steve Grobman, Chief Security Officer with the Intel Security Group. When it comes to America’s security in the cyberspace, the U.S. government and the private sector haven’t always seen eye to eye.

****

Stop the denial about Russian intrusion…..how about taking the United States out of the debate and examine other countries… you must also remember that all payments and or salaries are often paid for using Bitcoin….un-traceable. Have you thought about Islamic State migrating to hacking operations using ransomware?

****

Brit cyber warriors fight off two hacking attempts against the state every day

The National Cyber Security Centre has foiled 86 attacks in its first month – most of which are suspected to have come from China, North Korea, Russia, Iran and criminal gangs

Cyber warriors are fighting off more than two major hacking attempts against the British state every day.

Top targets include the Bank of England , the Ministry of Defence , nuclear bases, security services and infrastructure such as transport, the NHS and power systems.

Chief suspects are China, North Korea, Russia, Iran and major criminal gangs.

The National Cyber Security Centre foiled 68 major attacks in the first month after it was launched in October.

China is suspected of trying to steal technology or probing our security and finance systems while Russian is feared to be testing security and military networks.

It is believed North Korea may be doing all the above and Iran is suspected of acting for other countries, including Syria .

Retail, technology and security firms have also been hit. Senior security sources say a major theft of aerospace technology cost hundreds of millions of pounds.

It is thought cyber experts have responded to many of the attacks by hacking into systems used by the attackers. A source said: “This is the new front line.”

The NCSC was formed as part of a £1.9billion government crackdown.

At its launch Chancellor Philip Hammond said we had to hit back against “foreign actors” or face having planes grounded or being left in darkness.

Going back to 2012, was this fella part of a Kremlin authorized hack operation? If not, is he a proxy? Note what corporations and operations had cyber intrusions…

A Russian man was arrested in Cyprus last week for allegedly launching two distributed denial-of-service attacks on Amazon.com in June 2008.

Dmitry Olegovick Zubakha, a 25-year-old man from Moscow, was indicted last year by a Seattle grand jury for conspiracy to intentionally cause damage without authorization to a protected computer and possession of more than 15 unauthorized access devices.

In addition to the attack on Amazon, Zubakha was linked to similar attacks on Priceline.com and eBay.

Along with fellow hacker Sergey Logashov, Zubakha is alleged to have launched the attack using a botnet of computers under the control of multiple users. The duo brazenly took credit for the attacks on hacker forums, according to the indictment.

In addition to their denial-of-service attacks, law enforcement also traced 28,000 stolen credit-card numbers back to both men, which helped lead to the arrest.

“Amazon is willing to expend dollars and energy beyond even what can be economically justified in order to bring cybercriminals to justice,” said company spokesperson Mary Osako in a statement.

If found guilty on all charges, Zubakha could face up to 37 years in prison and $750,000 in fines. Intentionally causing damage to a protected computer with a resulting loss of more than $5,000 is punishable by up to 10 years in prison. Logashov was also charged with the same count.

The arrest in Cyprus was a complex undertaking, with the U.S. Secret Service, the U.S. Attorney’s Office for the Western District of Washington and the Seattle Police Department all working together with global officials.

“The [three agencies] talking to each other is a direct result of the birth of the Department of Homeland Security,” security consultant Robert Siciliano told the E-Commerce Times.

American authorities are seeking Zubakha’s extradition.

According to the indictment, the first of two attacks lasted four and a half hours on June 6, 2008, before Amazon was able to intervene. Amazon’s servers were working overtime, on a magnitude of between 600 and 1,000 percent of normal traffic. The second attack began on June 9 of the same year and lasted until June 12.

Zubakha was also charged with aggravated identity theft for using the credit card of a Lake Stevens, Wash.,  resident illegally.

“This defendant could not hide in cyberspace,” said U.S. Attorney Jenny A. Durkan, head of the Justice Department’s Cybercrime and IP Enforcement Committee. “I congratulate the international law enforcement agencies who tracked him down and made this arrest.”

Logashov is still at large.

 

Netanyahu will not Attend Paris Peace Summit

Posted on by

Did any of those votes at the UN for the recent resolution endorsed by John Kerry, Samantha Power and the Obama White House remember this?

Now would be a good time to refer to an earlier post on this site:

Documents: Mahmoud Abbas Former KGB, Syria

 

The documents reveal an extensive relationship between the Soviet Union and the nascent Palestinian nationalist movement that began in the late 1960s. At the time, the Soviets established a covert channel with Yasser Arafat’s terror-inclined guerilla group, the Palestinian Liberation Organization, or PLO. Abbas held an integral role in these backdoor communications, functioning as liaison. Accordingly, the PLO closely collaborated with the KGB, receiving Soviet arms to launch asymmetrical warfare against the State of Israel. More from DailyWire.

January 15, there is a Peace Summit in Paris, Prime Minister Netanyahu will not attend. Below could be the reason for that decision.

TEL AVIV, January 2. /TASS/. A meeting of Palestine’s major forces Fatah and Hamas alongside representatives of other factions seeking to restore unity among the Palestinians will be held in Moscow on January 15, Wasel Abu Yousef, a PLO (Palestine Liberation Organization) Executive Committee member, said cited by Israel’s The Jerusalem Post daily on Monday.  

“The Russians will host a meeting of Fatah, Hamas and other Palestinian officials in Moscow in the middle of January to discuss reconciliation,” Yousef said.  

The PLO official added that the talks in Russia would be held simultaneously with an international peace conference in Paris scheduled for the same day, January 15.  

“The Palestinian leadership wants to demonstrate that it is working on both the peace process through the Paris conference and reconciliation by way of the Moscow meeting,” he said.  

On June 3, 2016 Deputy Foreign Minister Mikhail Bogdanov, the special presidential envoy for the Middle East and Africa, at the first international conference on the Israeli-Palestine settlement in Paris called “the split among Palestinians” as “another negative factor hampering the peace progress.”  

“This issue should be resolved as the priority task so that the Palestinians present a single and united delegation at the talks on the final status,”  Bogdanov said at the time.  

“Russia fully supports efforts on soonest restoration of inter-Palestinian unity on the basis of PLO (Palestine Liberation Organization) and Arab Peace Initiative, holds dialogue with representatives of the whole range of Palestinian forces, first of all Fatah and Hamas, in the interests of achieving appropriate agreements. We hope that such approach is shared by other members of the international community,” the diplomat concluded.  

In May 2011, a first meeting behind closed doors took place at a health resort near Moscow in an attempt to reconcile major Palestinian groups, including Fatah and Hamas. High-ranking officials of key Palestinian movements arrived in Russia after Fatah and Hamas had sealed a deal in Cairo to form a Palestinian government of “professionals.”  

A split between Palestine’s two major forces, Fatah and Hamas, occurred after the parliamentary elections in Palestine in 2006 when Hamas won. In June 2007, its militants seized power in Gaza Strip. Since then, Palestine has been divided into two parts: Fatah controls West Bank and Hamas controls the Gaza Strip.