Category Archives: Department of Homeland Security

Russian “information operations troops” (“cyber troops”)

Posted on by

Image result for Minister of Defense Sergei Shoigu Image result for russian cyber army

Russian ‘Cyber Troops’: A Weapon of Aggression

Eurasia Daily Monitor: Speaking to the Russian parliament (Duma) last February, Russian Minister of Defense Sergei Shoigu announced the creation of “information operations troops” (“cyber troops”) within the Armed Forces. He emphasized that state “propaganda should be smart, accurate and effective” and that that these new formations “will be much more efficient than the ‘counter-propaganda’ department that operated during the Soviet period” (TASS, February 22). It is dubious, however, that the responsibilities of “cyber troops” will be reduced solely to “propaganda.” Rather, it seems that this unit is to become the main tool of Russia’s offensive cyber operations as a part of “information warfare.” The official history of the Russian cyber troops goes back to 2012, when Dmitry Rogozin (at the time heading the Russian Foundation for Advanced Research Projects in the Defense Industry) addressed the issue publicly for the first time. In 2013, an anonymous source confided that formations of this kind had been established under the umbrella of the Russian Armed Forces (RBC, February 22), but at the time there was no solid evidence available.

Then, in April 2015, the official state news agency TASS reported that a unit of Russian “information operations forces” were deployed to the territory of the Crimean Peninsula (TASS, April 17, 2015). Nonetheless, in the meantime, the Russian side continued to deny the existence of cyber troops. For instance, in January 2017, the first deputy director of the Russian Duma Defense Committee, Alexander Sherin, claimed that “Russia does not have such formations.” Similar statements were made by top-ranking Russian officials related to security and mass communications, such as Viktor Ozerov and Alexey Volin (Interfax, January 16). This silence was interrupted only by Defense Minister Shoigu’s official announcement in February.   Commenting on the main tasks of the cyber troops, Franz Klintsevych, a high-ranking member of the Russian Federation Council (upper house of parliament), identified the disclosure of subversive activities by foreign intelligence services in electronic, paper and TV media outlets. He suggested that the cyber troops would deal with such hacker attacks as their main responsibility. But this assessment fails to fully reflect the true essence and tasks of the new unit. According to Yaakov Kedmi—who used to head Nativ, the former Israeli intelligence service charged with facilitating the immigration of Jews from the Soviet Bloc—“cyber troops” exist in “all serious armies” and are subordinated to their respective defense ministries. Their main tasks are “propagandist” (propaganda and counter-propaganda) and “operational” (activities designed to distract the adversary by providing false information). Yet, he also highlighted that so-called “political propaganda” falls outside the range of responsibilities for such formations (Kommersant, February 22).

Another revealing bit of information on the secretive cyber troops can be found in research conducted by Zecurion Analytics, a Russian software company established in 2001. According to a report the firm published several months ago, Russia may be placed in the top five countries with the “most powerful” cyber troop units, in terms of the number of personnel employed (which Zecurion Analytics estimates at approximately 1,000) and financial expenditures (around $300 million per annum). The company’s head, Vladimir Ylianov, has stated that the main tasks of Russian “cyber troops” include espionage, cyber attacks, and informational warfare (Kommersant, January 1). This assessment, however, also may underestimate the real capabilities of these cyber forces. Thanks to introduction of so-called “research units,” Russian cyber defense is inseparable from the Armed Forces and its resources, which exponentially increases its offensive potential (see EDM, November 30, 2016).

A somewhat different opinion was expressed by pro-Kremlin cyber security specialist Igor Panarin. He hopes that the creation of the cyber troops will allow Russia to overcome its inferiority in the cyber domain compared to other countries, like the United States, and beef up its offensive capabilities. According to the expert, the 2008 Russian-Georgian War in fact demonstrated that Russian failed to act efficiently when it came to offense, and it instead relied on “defense and containment” in its cyber operations. Panarin suggested that unlike the Department of Information and Mass Communication, which was created under the umbrella of the Ministry of Defense in 2016 and tasked with defensive activities, the cyber troops—which could and should act in concert with the Federal Security Service (FSB) and the Foreign Intelligence Service (SVR)—will be specifically charged with conducting offensive operations in the “cyber sphere” (kiber prostranstvo) (Militarynews.ru, February 22). If accurate, this demonstrates Russia’s continuing development of offensive cyber capabilities and a delineation between “cyber” and “information” operations.

Related reading: 3 of 4 Zero-Days Microsoft Patched Yesterday Were Used by Russian Cyberspies

Panarin also outlined a number of supplementary steps Russia needs to take, which included the following elements (Vz.ru, February 28, 2017):

1. The establishment of a State Council (that is to include various governmental structures, public diplomacy organizations, media sources, representatives of business, political parties and non-governmental organizations) tasked with issues related to “information confrontation” (informatsionnoye protivoborstvo—understood as a struggle in the information sphere with the broad aim of achieving information dominance over one’s opponent);

2. The establishment of a position of a “Presidential Advisor” on information operations, tasked with the coordination of informational-analytical units connected with the “cyber troops,” the Ministry of Defense, FSB, Federal Protective Service (FSO), SVR and other key ministries;

3. The creation of a media holding—based on existing media resources of Russian TV Channel One, All-Russia State Television and Radio Broadcasting Company (VGTRK), RT and others—subordinated to the Ministry of Foreign Affairs of the Russian Federation. It is imperative to copy the US experience while implementing this initiative, Panarin alleged; and finally

4. The formation of separate centers of information operations pertaining to the FSB, FSO and SVR.   Panarin’s suggested program should be seen as an extremely ambitious and far-reaching strategy, fully complying with the steps and activities already conducted by the Russian side in the domain of cyber security and information operations. Within this development of the country’s cyber capabilities, the Russian cyber troops should be seen mainly as an offensive operations force, and not as a defensive mechanism.

–Sergey Sukhankin

For reference, here is the testimony before 

 THE SELECT COMMITTEE ON INTELLIGENCE DISINFORMATION A PRIMER IN RUSSIAN ACTIVE MEASURES AND INFLUENCE CAMPAIGNS

 

Trump’s EO on Voter Fraud Commission

Posted on by

Read the text here. The ‘voting rights’ division at the Justice Department may just have an issue with this, but the commission should happen along with a technology fix going into the future. We cannot forget that DHS contacted several states prior to the voting season last Fall concerning registration databases and voting machines. Some states cooperated while others frankly did not only not trust government intrusion but DHS.

Image result for voter fraud

Trump signs executive order launching voter fraud commission

President Trump signed an executive order on Thursday to launch a commission to review alleged voter fraud, a White House official confirmed to Fox News, after months of claiming voter fraud in the 2016 presidential election.

The order, titled “Presidential Commission on Election Integrity,” would establish a bipartisan commission, chaired by Vice President Mike Pence, to review alleged voter fraud and suppression. Kansas Secretary of State Kris Kobach, who has investigated voter fraud in Kansas, will serve as vice chair.

“The commission will also include individuals with knowledge and experience in election management and voter integrity,” White House Deputy Press Secretary Sarah Huckabee-Sanders said on Thursday at the White House daily press briefing. “The commission will review policies and practices that enhance or undermine confidence in elections and identify system vulnerabilities.”

Huckabee-Sanders announced five members to the commission on Thursday: Indiana Secretary of State Connie Lawson (R), New Hampshire Secretary of State Bill Gardner (D), Maine Secretary of State Matthew Dunlap (D), Christie McCormick, commissioner of the election assistance commission, and former Ohio Secretary of State Ken Blackwell(R).

The White House said the commission will review practices that affect the integrity of federal elections–spanning improper registrations, improper voting, fraudulent registrations, fraudulent voting and voting suppression.

“We expect the report to be complete by 2018,” Huckabee-Sanders said. “The experts will follow the facts where they lead–we’ll share updates as we have them.”

Trump originally vowed to create such a commission in January. Days after his inauguration, Trump took to Twitter calling for a “major investigation into VOTER FRAUD,” saying that depending on the results of the investigation, “we will strengthen up voting procedures!” He cited “illegal” voters and “those registered to vote who are dead (and many for a long time)” which he claimed cost him the popular vote, which Hillary Clinton won by 3 million votes.

But on Thursday, Senate Minority Leader Charles Schumer, D-N.Y., slammed the commission.

“Putting an extremist like Mr. Kobach at the helm of this commission is akin to putting an arsonist in charge of the fire department,” Schumer said. “President Trump has decided to waste taxpayer dollars chasing a unicorn and perpetuating the dangerous myth that widespread voter fraud exists.”

Voting experts and many lawmakers have said they haven’t seen anything to suggest that millions of people voted illegally, including House Oversight Committee Chairman Jason Chaffetz. The Utah Republican said his committee won’t be investigating voter fraud.

In a lunch meeting with senators in February, Trump said that he and former Republican Sen. Kelly Ayotte would have won in New Hampshire if not for voters bused in from out of state. New Hampshire officials have said there was no evidence of major voter fraud in the state.

In a February interview with Bill O’Reilly, Trump said the main issue of voter fraud was registration, and vowed to look at the situation “very, very carefully.”

“When you look at the registration and you see dead people that have voted, when you see people that are registered in two states, that have voted in two states, when you see other things, when you see illegals, people that are not citizens and they are on registration roles,” Trump said. “We can be babies, but you take a look at registration, you have illegals, you have dead people, you have this, it’s a really bad situation, it’s really bad.”

The decision to revisit the voter fraud issue comes during a tumultuous week, after Trump on Tuesday fired FBI Director James Comey. The administration cited Comey’s handling of the Clinton email probe, but Democrats also question what role his bureau investigation into Russian meddling in the 2016 race played.

In a House Intelligence Committee hearing on Russian election tampering in March, voter fraud became a topic of questioning — Committee Chairman Devin Nunes, R-Calif., asked Comey if the FBI had any evidence that votes were changed in states like Pennsylvania, North Carolina, Florida, and Ohio, to which Comey answered “No.”

After winning the election, Trump singled out several states and claimed fraud in their voting system, but officials in those states insisted that his claims were unfounded.

No Cyber Policy, Doctrine, Protection, Result of Senate Hearing

Posted on by

President Trump signed another executive order today. This one is on cyber security and protecting infrastructure. Read it here.

Image result for trump signs executive order BusinessInsider

No one wants to participate in the hard debate regarding cyber, where it is noted to be the highest threat for the homeland. At least the Trump White House is taking note, yet this executive order may not be enough or engage the private sector. It is gratifying however that some inside and outside experts are in fact having talks on an international basis with cyber experts. That is always a good thing.

At issue on this topic is the path forward and the estimated costs. Cyber is a battlespace where it should be noted it could cost what conventional military operations costs against adversaries and could take as long if not forever. All government infrastructure is dated, unprotected and there are no measures to correct in a priority ranking.

The other item of note, there is no legal or case law condition where the cyber attackers are prosecuted. Exactly why did Sony not sue North Korea? If there is no consequence, even ceremoniously, then expect more hacks. Of note, to sue and or sanction North Korea, China would have to be included, as the internet connectivity to North Korea is provided by China and further, China trained the hackers in North Korea….sheesh right?

Politico reports: The directive is Trump’s first major action on cyber policy and sets the stage for the administration’s efforts to secure porous federal networks that have been repeatedly infiltrated by digital pranksters, cyber thieves and government-backed hackers from China and Russia.

“The trend is going in the wrong direction in cyberspace, and it’s time to stop that trend and reverse it on behalf of the American people,” White House Homeland Security Adviser Tom Bossert told reporters during a Thursday afternoon briefing.

Cyber specialists say the order breaks little new ground but is vastly improved over early drafts, which omitted input from key government policy specialists. The final version, cyber watchers say, essentially reaffirms the gradually emerging cyber policy path of the past two administrations.

As part of the executive order’s IT upgrade initiative, administration officials will study the feasibility of transitioning to shared IT services and networks across the government. An estimated 80 percent of the $80 billion federal IT budget goes toward taking care of aging systems.

Senior Trump adviser Jared Kushner’s Office of American Innovation will play a significant role in the federal IT modernization effort, multiple people tracking the efforts have told POLITICO. Earlier this month, Trump signed an executive order creating the American Technology Council, with Kushner as director, to help coordinate that effort. More here.

*** Personally, it must be mentioned there is a problem with this operating out of the White House and certainly out of Jared Kushner’s office, he is way too tasked to be effective. Other professionals in the cyber realm agree, the matter of a ‘net’ command and operations that collaborate with the private sector should be it’s own command and separated from NSA.

There was a significant hearing today on The Hill while the FBI hearing was going on. Those on the witness panel included James Clapper, Jim Stavridis and Michael Hayden. The Senate Armed Services Committee hosted this session and it included high rate discussions including why there is no cyber doctrine, why there are no offensive measures and what the highest cyber threats are for the homeland.

NSA Chief Testimony, Cyber Security Threats and Solutions

Posted on by

French presidential candidate Marcon was hacked on Friday before the Sunday voting. Per the NSA Chief, U.S. Tipped Off France on the Russia hacks. The U.S. tipped off France when it saw that Russians were carrying out cyberattacks targeting French President-elect Emmanuel Macron, NSA chief Adm. Mike Rogers told a Senate panel on Tuesday. Macron’s campaign revealed it was hacked just hours before a campaigning blackout in the country ahead of the presidential election on Sunday. Macron ended up handily defeating his rival, Putin-backed Marine Le Pen. “We had become aware of Russian activity. We had talked to our French counterparts and gave them a heads-up—‘Look, we’re watching the Russians. We’re seeing them penetrate some of your infrastructure. Here’s what we’ve seen. What can we do to try to assist?’” Rogers told the Senate Armed Services Committee.

*** Meanwhile….there is no strategy or policy position on U.S. cyber warfare. However…

Next Steps for U.S. Cybersecurity in the Trump Administration: Active Cyber Defense

The failure of the government to provide adequate protection has led many cybersecurity analysts, scholars, and policymakers to suggest that there is a need for private-sector self-help. If the government is unable or unwilling to take or threaten credible offensive actions to deter cyberattacks or to punish those who engage in them, it may be incumbent upon private-sector actors to take up an active defense. In other words, the private sector may wish to take actions that go beyond protective software, firewalls, and other passive screening methods—and instead actively deceive, identify, or retaliate against hackers to raise their costs for conducting cyberattacks. Taking into consideration U.S., foreign, and international law, the U.S. should expressly allow active defenses that annoy adversaries while allowing only certified actors to engage in attribution-level active defenses. More aggressive active defenses that could be considered counterattacks should be taken only by law enforcement or in close collaboration with them.

Key Takeaways

If the government is unable or unwilling to deter cyberattacks, it may be incumbent upon private-sector actors to take up an active defense.

Before the U.S. authorizes private hack back, it must consider not only U.S. laws, but also foreign and international laws governing cyberspace.

Congress should establish a new active cyber defense system that enables the private sector to identify and respond to hackers more effectively.

***

Heritage: Americans want their cyber data to be safe from prying eyes. They also want the government to be able to catch criminals. Can they have both?

It’s an especially pertinent question to ask at a time when concerns over Russian hacking are prevalent. Can we expose lawbreakers without also putting law-abiders at greater risk? After all, the same iPhone that makes life easier for ordinary Americans also makes life easier for criminals.

Manhattan District Attorney Cyrus Vance Jr. has described the operating system of the iPhone as “warrant-proof,” saying criminals are using the devices – encrypted by default – to their advantage. In one instance, he quoted an inmate who, ironically, called the iPhone a “gift from God.”

Divine involvement is a matter of debate, but there’s no question that when it comes to the choice of breaking the cybersecurity of criminals without also endangering the personal data of ordinary Americans, well, the devil is in the details.

This is especially true given the evolving nature of the threat. Even if we wanted to give the government access to all the metadata it wants (when, where, and who called), technology is moving away from phone calls to text messages and other non-telephony applications. Traditional metadata will be of limited use to law enforcement in pursuit of the savvy criminal of the future. Law enforcement needs to develop new strategies and investigative techniques without making us all prey.

It’s nearly impossible to assess the total monetary value for all successfully prosecuted cybercrimes in the U.S., let alone estimate the number of criminal cases that would have fallen apart without access to a smartphone’s data. The Department of Justice doesn’t publish such data. But, according to the 2014 Center for Strategic and International Studies report “Net Losses: Estimating the Global Cost of Cybercrime,” global cybercriminal activity is valued at $400 billion a year. Cybercrime damages trade, reduces competitiveness, and limits innovation and global growth.

The fundamental problem is that no one in the government is responsible for securing the internet for all of us. The Department of Homeland Security is responsible for safeguarding our nation’s critical infrastructure, yet the insecure internet presents cyberthreats to non-enterprise users affect individual security, safety and economic prosperity. Who is responsible for their security?

Some elements of the federal government are so focused on hunting down information against a few horrendous criminals that they don’t seem to realize they’re doing it at the expense of our right to privacy and online protection. We can appreciate their dedication in these noble causes, but the fact remains that the internet has become a host to more and more personal information ever since Steve Jobs introduced the first iPhone.

Since then, the smartphone has evolved to have much more control over our lives, homes and vehicles. There is no sign of less data being held in the cyberspace.

In attempting to square this cyber-circle, the government would be wise to take a cue from the medical profession, which uses the Hippocratic oath to dictate an underlying requirement to refrain from causing harm to patients.

There is no such oath for members of the Department of Justice. They simply affirm that they will faithfully execute their duties without affirming that they will do so without harming the citizenry as a whole.

DOJ lawyers focus on individual prosecutions. That is too narrow of a definition of success. It forces them to use all means they can muster to make their prosecutions successful with little or no consideration of the larger harm their efforts may cause to the population in general.

That is a problem today and will only be magnified in the coming years as technology advances and the gap between those advances and the DOJ’s understanding of them widens. Within this environment, where insecurity breed’s criminality and stopping individual high-value criminals can motivate the DOJ to undermine security, one can only wonder, who is responsible for our security?

The world has changed. A new paradigm is needed to ensure the safety and security of all American’s data predicated on applying airtight security to our data. There is no return to the past. Perhaps the Trump administration will make this need for security a priority in a manner the previous administration did not.

Mexico’s Cartel Kids and a Deadly State

Posted on by

Reuters: The Mexican army says its fight against surging opium production that feeds U.S demand is increasingly complicated by the rise of smaller gangs disputing wild, ungoverned lands planted with ever-stronger poppy strains.

The gangs have engulfed the state of Guerrero in a war to control poppy fields, turning inaccessible mountain valleys of endemic poverty and famous beach resorts into Mexico’s bloodiest spots.

Colonel Isaac Aaron Jesus Garcia, who runs a base in one of the state’s most unruly cities, Ciudad Altamirano, told Reuters on an operation to chop down poppies high in the Guerrero mountains that violence increased two years ago when a third gang, Los Viagra, began a grab for territory.

Bodies are discovered almost daily across the state, tossed by roads, some buried in mass graves. In Ciudad Altamirano, the mayor was killed last year and a journalist gunned down in March at a car wash.

“These fractures (in the gangs) started two years ago, and that caused this violence that is all about monopolizing the production of the drug,” Jesus Garcia said.

From this frontline of the fight against heroin, Jesus Garcia sees a direct link between a record U.S. heroin epidemic that killed nearly 13,000 people in 2015 and violence on his patch.

“The increase of consumers for this type of drug in the United States has been exponential and the collateral effect is seen here,” Jesus Garcia said.

REUTERS/Henry Romero

Heroin use in the United States has risen five-fold in the past decade and addiction has more than tripled, with the biggest jumps among whites and men with low incomes.

Jesus Garcia said the task of seeking out poppy fields in one of Mexico’s poorest and least accessible regions, rising above the beach resorts of Acapulco and Ixtapa, was practically endless.

His 34th Battalion and others send platoons of troops on foot for month-long expeditions every season. They set up camps and fan through treacherous terrain, part of a campaign that destroys tens of thousands of fields a year.

One such field visited by Reuters was deep in a lawless region six hours from Ciudad Altamirano through winding dirt roads thick with dust that rose into the mountains.

It was irrigated by a lawn sprinkler mounted on a pole that spritzed water over less than a hectare of poppies and fertilizer bags were piled nearby, basic farming techniques the soldiers nevertheless said were a sign of growers’ new sophistication.

A dozen troops fanned out, chopping down the flowers with machetes.

HIGHER YIELDS

Army officials said gangs use poppy varieties that produce higher yields and more potent opium from smaller plots, and that its higher value is driving violent competition between gangs.

“Now we see more production of poppy in less terrain, and it has to do with the quantity of bulbs each plant has,” said Lieutenant Colonel Jose Urzua as he showed bulbs oozing valuable gum from slits. He explained opium is often harvested by families.

In these tiny mountain hamlets opium has grown for decades, officials said, but a coffee plague and the U.S. opiate epidemic has led farmers to plant much more.

The harvest has become central to Guerrero’s economy, also dependent on cash sent home by immigrants.

One army official said the field seen by Reuters could produce around 3 kilos (6.6 lb) of opium, fetching up to $950 per kilo from traffickers who sell it for up to $8,000.

“There aren’t many alternatives here,” said a woman selling soft drinks and snacks from a pine shack by a dirt road. Her husband grows poppies, and she said anyone who runs a business faces extortion by gangs.

***   Image result for cnn no way out cartel kids CNN

(CNN)It was the second deadliest conflict in the world last year, but it hardly registered in the international headlines.

As Syria, Iraq and Afghanistan dominated the news agenda, Mexico’s drug wars claimed 23,000 lives during 2016 — second only to Syria, where 50,000 people died as a result of the civil war.
“This is all the more surprising, considering that the conflict deaths [in Mexico] are nearly all attributable to small arms,” said John Chipman, chief executive and director-general of the International Institute for Strategic Studies (IISS), which issued its annual survey of armed conflict on Tuesday.
“The wars in Iraq and Afghanistan claimed 17,000 and 16,000 lives respectively in 2016, although in lethality they were surpassed by conflicts in Mexico and Central America, which have received much less attention from the media and the international community,” said Anastasia Voronkova, the editor of the survey.   
In comparison, there were 17,000 conflict deaths in Mexico in 2015 and 15,000 in 2014 according to the IISS.

Rising death toll

Voronkova said the number of homicides rose in 22 of Mexico’s 32 states during 2016 and the rivalries between cartels increased in violence.
“It is noteworthy that the largest rises in fatalities were registered in states that were key battlegrounds for control between competing, increasingly fragmented cartels,” she said.
“The violence grew worse as the cartels expanded the territorial reach of their campaigns, seeking to ‘cleanse’ areas of rivals in their efforts to secure a monopoly on drug-trafficking routes and other criminal assets.”
Mexican drug cartels take in between $19 billion and $29 billion annually from US drug sales, according to the Department of Homeland Security.
Rivalries between the cartels wreak havoc on the lives of civilians who have nothing to do with narcotics. Bystanders, people who refused to join cartels, migrants, journalists and government officials have all been killed.

Not on news agenda

Jacob Parakilas, assistant head of the US and the Americas Programme at London-based think tank Chatham House, said part of the reason for the relative lack of attention paid to Mexico in the international media is “it’s not a war in the political sense of the word. The participants largely don’t have a political objective. They’re not trying to create a breakaway state. It doesn’t come with the same visuals. There are no air strikes.
“Also this has been going on since the beginning of the modern drug trade in the Americas. It’s not news in that sense. And Mexico is one of the most dangerous countries in the world to be a journalist. They are intentionally targeted in Mexico, which puts a dampener on the ability to report on this.”
Drug kingpin Joaquin "El Chapo" Guzman is facing trial in New York.

Drug kingpin Joaquin “El Chapo” Guzman is facing trial in New York.
There have, however, been significant arrests in relation to the Mexican drug trade in recent times.
Damaso Lopez Nunez, a high-ranking leader of Mexico’s Sinaloa drug cartel, was arrested on May 2 in Mexico City and could face charges in the US, authorities said.
His arrest follows January’s extradition of Joaquin “El Chapo” Guzman, who is accused of running the Sinaloa cartel — one of the world’s largest drug-trafficking organizations.
He awaits trial in New York on 17 counts accusing him of running a criminal enterprise responsible for importing and distributing massive amounts of narcotics and conspiring to murder rivals.

World conflict deaths fall

The number of conflict fatalities globally edged down last year, from 167,000 to 157,000, according to the IISS.
This was the second successive annual drop — 180,000 people were killed in 2014.
The number of deaths in Syria fell from 55,000 in 2015. But there were 1,000 more deaths in Afghanistan last year than 2015 and 4,000 more in Iraq.
Voronkova from the IISS said: “Civilians caught amid conflict arguably suffered more than in the preceding years. Between January and August, 900,000 people were internally displaced in Syria alone.”
The internal displacement figures were 234,000 for Iraq and 260,000 for Afghanistan.