Estimating the Costs of Cyber Attacks Against the U.S., Billions

Image result for cyber attacks against the united states 2018

photo

Cyberattacks cost the United States between $57 billion and $109 billion in 2016

The report published by the White House Council of Economic Advisers examines the cyberattacks cost that malicious cyber activities cause to the U.S. economy.

The report analyzed the impact of malicious cyber activities on public and private entities, including DoS attacks, sabotage, business disruption, and theft of proprietary data, intellectual property, and sensitive financial and strategic information.

Damages and losses caused by a cyber attack may spill over from the initial target to economically linked organizations. More exposed are critical infrastructure sectors, at attack against companies and organization in this industry could have a severe impact on the US economy.

The document warns of nation-state actors such as Russia, China, Iran, and North Korea, that are well funded and often conduct sophisticated targeted attacks for both sabotage and cyber espionage.

***

The forecast of the cost damage in coming years….

In part from Forbes: In 2015, the British insurance company Lloyd’s estimated that cyber attacks cost businesses as much as $400 billion a year, which includes direct damage plus post-attack disruption to the normal course of business. Some vendor and media forecasts over the past year put the cybercrime figure as high as $500 billion and more.

From 2013 to 2015 the cyber crime costs quadrupled, and it looks like there will be another quadrupling from 2015 to 2019. Juniper research recently predicted that the rapid digitization of consumers’ lives and enterprise records will increase the cost of data breaches to $2.1 trillion globally by 2019, increasing to almost four times the estimated cost of breaches in 2015.

The World Economic Forum (WEF) says a significant portion of cybercrime goes undetected, particularly industrial espionage where access to confidential documents and data is difficult to spot. Those crimes would arguably move the needle on the cyber crime numbers much higher.

Large banks, retailers, and federal agencies make the headlines when they are hacked – but all businesses are at risk. According to Microsoft, 20% of small to mid sized businesses have been cyber crime targets.

For anyone who wants to tally their own bill from cyber crime, check out Cyber Tab from Booz Allen. It is an anonymous, free tool that helps information security and other senior executives understand the damage to companies inflicted by cyber crime and attacks. More here.

 

Diplomacy to Address Russian Olympic and War Cheating and Lies?

C’mon really? The Russians cheat, steal and lie. Why would any Western ally trust any part of the Kremlin or operatives dispatched worldwide? Russian nefarious ‘active measure’ plots are global and so easy to achieve. The question is why?

The International Olympic Committee is no exception when it comes to going easy on Russia, buckling to pressure from Moscow. Russia has made legitimate and clean athletes in the games a mockery. The IOC was forced to defend its decision to include Russian athletes in these Pyeongchang Games on Monday morning after curler Alexander Krushelnytsky reportedly failed a drug test, jeopardizing the bronze medal he won last week in mixed doubles and inviting increased scrutiny on the IOC’s handling of the situation.

Image result for ioc photo

First: a Russia-linked group calling itself “Fancy Bears” published a set of apparently stolen emails. They purportedly belong to officials from the International Olympic Committee, the United States Olympic Committee, and third-party groups associated with the organizations. It’s not the first time Russia has lashed out at the IOC and the anti-doping agencies in the last few years. And with a month left until the games begin, it may not be the last.

The emails appear to span from the end of 2016 to the spring of 2017, and focus on correspondence between antidoping investigators who helped uncover a wide-scale, systematic doping scheme carried out by Russian athletes. It’s not clear yet whether the emails are entirely authentic; Russian hacking groups have snuck false information into their leaks before. But the World Anti-Doping Agency Wednesday indirectly acknowledged that the emails were real, but not current.

“The Fancy Bears are a criminal organization which seeks to undermine the work of WADA and its partners,” says WADA spokesperson Maggie Durand. “Everything that they have posted today is dated.”

The hack appears to be retaliation for kicking the Russia out of 2018 PyeongChang games, at which only a handful of the country’s athletes will be allowed to compete. More here.

Second: (Reuters) – A Russian medalist at the Pyeongchang Winter Olympics is suspected of having tested positive for a banned substance, a source at the Games said on Sunday, in a potential major blow to Russia’s efforts to emerge from a drug-cheating scandal. Alexander Krushelnitsky, a bronze-medalist along with his wife in mixed-doubles curling, is suspected of having tested positive for meldonium, the source said. Meldonium increases blood flow which improves exercise capacity in athletes. Russia has been accused of running a state-backed, systematic doping program for years, an allegation Moscow denies. As a result, its athletes are competing at Pyeongchang as neutral “Olympic Athletes from Russia” (OAR).

Third: Seems to be a systemic condition when it comes to doping by Russian athletes regardless of the sport and or location. Remember Maria Sharapova and tennis? In 2017, Maria Sharapova makes her return after a 15-month suspension for use of meldonium this week, with the tennis star serving as the most high-profile of those sanctioned for use of the drug. After hundreds of positive tests in Olympic sports last year, Sharapova remains one of the relative few to be suspended for its use. While the facts of her case differ from the issues the World Anti-Doping Agency faced in determining how long it stays in an athlete’s body, her presence among those testing positive drew attention to WADA’s ban of the drug.

Image result for russia chemical weapons syria photo

Fourth: And it goes to the militant battlefield as well. Russia and the United States have clashed at the United Nations Security Council over allegations the Syrian government has again used chemical weapons in rebel-held areas of the country.

U.S. Ambassador Nikki Haley on February 5 accused Russia of blocking an investigation of possible chemical weapons use by President Bashar al-Assad’s army in attacks in rebel-held Eastern Ghouta over the weekend despite “obvious evidence from dozens of victims.”

“Russia has delayed the adoption of this statement, a simple condemnation of Syrian children being suffocated by chlorine gas,” Haley said. “This council has been outspoken on ending Syria’s use of chemical weapons, and yet, they continue.”

Russia, which has been conducting military operations in support of Assad since September 2015, rejected the allegations as “slander.”

Finally: If anyone watched the hearing and ODNI Dan Coats summary –>

The nation’s top intelligence officials said Tuesday that Russia is targeting the 2018 elections as it seeks to undermine America’s political process and sow partisan division with cyber attacks and other digital disruption.

“Frankly, the United States is under attack,” Director of National Intelligence Dan Coats told the Senate Intelligence Committee, adding that Russia is attempting to “degrade our democratic values and weaken our alliances.”

In unequivocal language, Coats said Russian President Vladimir Putin was emboldened by Russia’s interference in the 2016 presidential elections and is targeting the midterms.

“There should be no doubt that (Putin) views the past effort as successful,” said Coats who was joined Tuesday by the nation’s other top intelligence officials, including CIA Director Mike Pompeo, National Security Agency Director Mike Rogers and FBI Director Christopher Wray.

The national intelligence director’s comments came against the backdrop of congressional and criminal investigations into Russia’s alleged interference in the presidential election and whether the Kremlin coordinated its activities with Donald Trump‘s campaign.

13 Russians Indicted, Election Interference

Hoorah for Rosenstein and Mueller!

Rosenstein: “No Allegations That Any American Had Any Knowledge” Of Russian Election Influence Operation

The Department of Justice indictment is here.

Image result for internet research agency Internet Research Agency, St. Petersburg, Russia NBC

The Department of Justice has issued charges against 13 Russian nationals involved with the Internet Research Agency, an organization at the center of fake news and trolling during the 2016 presidential election.

The US Justice Department has filed charges against 13 Russian nationals and three Russian groups for interfering with the 2016 presidential election.

In an indictment released on Friday (.pdf), the Justice Department called out the Internet Research Agency, a notorious group behind the Russian propaganda effort across social media. Employees for the agency created troll accounts and used bots to prop up arguments and sow political chaos during the 2016 presidential campaign.

Facebook, Twitter and Google have struggled to deal with fake news, trolling campaigns and bots on their platforms, facing the scorn of Capitol Hill over their mishandlings.

The indictment lists 13 Russian nationals tied to the effort. Prosecutors said the efforts began as early as 2014 to interfere with US politics, with trolls posing as Americans, creating false personalities and spreading fake news across Facebook, Twitter and YouTube.

“These groups and pages, which addressed divisive U.S. political and social issues, falsely claimed to be controlled by US activists when, in fact, they were controlled by defendants,” the indictment said.

 

U.S Ethics Office: we know how to rebuild the public’s trust

Ah what?

February 5, 2018

When we become public servants– custodians of the people’s government–we take an oath.

We take an oath to faithfully perform our duties, an oath to protect and defend the Constitution of the United States.

The success of our Constitution, the success of our government, depends on the trust of the people that we serve. Today, our fellow citizens are suspicious of their government. A recent Transparency International report found that a clear majority of the American People think that corruption is getting worse.1

Fortunately, we know how to rebuild the public’s trust.

We build their trust by doing our jobs, faithfully.

We build their trust by acting solely for the public good and eliminating conflicts of interests.

We build their trust by telling the truth.

The good news is that most of you are carrying out the people’s business with honor and integrity.  You’re keeping your oath. Thank you. Remember what is at stake and take pride in your service.

On the other hand, those who are doing things that undermine the public’s trust, even if they don’t violate a rule, need to stop. Nothing you could gain economically or politically could possibly justify putting our democracy at risk. These are perilous times.

So, keep your oath and earn the public’s trust. We, as public servants, hold our positions of trust “for such a time as this.”

But then…get a load of this document citing how bad things are and what is at the core of the matter.

Image result for u.s. office of ethics

So, if things are so great…then why these issues below?

Financial Conflicts of Interest & Impartiality
An executive branch employee’s personal or “imputed” financial interests or other circumstances may require that the employee be disqualified from working on a particular Government matter, be prohibited from holding specified property, or be prohibited from accepting a payment from a non-Federal source.
Learn More ›

Gifts and Payments
An executive branch employee generally may not give (or solicit contributions for) a gift to an official superior or accept a gift from another employee who receives less pay; generally may not solicit or accept a gift from a “prohibited source” or given because of the employee’s official position, and may be prohibited from accepting a payment from a non-Federal source.
Learn More ›

Use of Government Position & Resources
An executive branch employee is required to act impartially; may not make improper use of Government position, title, or authority; and may not use Government property, nonpublic information, or time (including the time of a subordinate) for other than authorized purposes.
Learn More ›

Outside Employment and Activities
An executive branch employee may be required to seek approval before engaging in an outside activity; may be disqualified from working on a particular Government matter while engaged in the activity; may be prohibited from accepting compensation for an activity; or may be prohibited from engaging in a particular outside activity.
Learn More ›

Post-Government Employment
An executive branch employee may be disqualified from working on a particular Government matter while seeking post-Government employment and, after leaving Government service, a former employee is prohibited from engaging in certain activities.
Learn More ›

Selected Employee Categories
Executive branch ethics provisions generally apply only to Government “employees”; may apply only to certain categories of employees or may apply differently to certain categories of employees or not at all; and generally do not apply to “representatives” serving on an advisory committee or to independent contractors.
Learn More ›

Enforcement
When ethics officials find evidence that an employee has violated an ethics criminal statute or regulation, they must refer that evidence to the appropriate authority for action.
Learn More ›

*** A program called Integrity? Yup…

Integrity

Integrity is an electronic financial disclosure system created by the U.S. Office of Government Ethics (OGE).

What is the purpose of financial disclosure?

Financial disclosure reports are the primary tool used to identify and resolve potential conflicts of interest between an employee’s official duties and his or her private financial interests and affiliations.

Why did OGE create Integrity?

The Stop Trading on Congressional Knowledge Act of 2012, as amended, directed the President, acting through the Director of OGE, to develop an electronic system for filing executive branch public financial disclosure reports. As a result, OGE developed a system named Integrity to collect, manage, process, and store financial disclosures.

Who uses Integrity?

Senior officials in the executive branch who are required to file public financial disclosure reports use Integrity to file their reports. OGE and agency ethics officials use Integrity to review financial disclosure reports for conflicts of interest and manage the executive branch financial disclosure program.

What are the benefits of Integrity?

Integrity was designed to help produce quality reports, enhance oversight, and promote transparency.

  • Integrity produces quality reports by helping filers more quickly, easily, and completely report required information.
  • Integrity enhances oversight of the executive branch ethics program by allowing OGE to monitor agencies’ progress in administering their individual financial disclosure programs.
  • Integrity promotes transparency by producing a clear and concise public financial disclosure report that allows the public to have confidence that their government leaders are making decisions free from conflicts of interest.

List of Companies, Amicus Brief Against Trump’s Sanctuary City Policy

The Senate defeated a GOP proposal based on President Donald Trump’s immigration framework.
The plan would have offered a path to citizenship for “Dreamers” and increased border security while also cutting legal immigration.
The vote was 39-60, with 60 votes needed for approval.

I say GOOD. It was fraught with loopholes and the actual number of illegals in question remained unknown.

Meanwhile, there is more going on with the whole sanctuary city thing. Hold on, you wont like this.

In 2017, State Atty. Gen. Xavier Becerra on Wednesday filed a brief in support of a Santa Clara County lawsuit challenging President Trump’s executive order targeting “sanctuary” cities that refuse to help federal authorities enforce immigration laws.

The amicus brief cites Trump’s threat to withhold federal funds from sanctuary cities and counties as well as the state’s interest in protecting state laws and policies that promote public safety and protect the constitutional rights of residents, Becerra said.

*** It gets worse… to read how the brief is cherry-picked on facts, go here.

So, there is a pile of companies that have filed an amicus brief against the Trump administration position on sanctuary cities.

The full list of tech companies (and a few others) that signed the amicus brief opposing President Trump’s executive order on immigration.

The full brief is available online.

1. AdRoll, Inc.

2. Aeris Communications, Inc.

3. Airbnb, Inc.

4. AltSchool, PBC

5. Ancestry.com, LLC

6. Appboy, Inc.

7. Apple Inc.

8. AppNexus Inc.

9. Asana, Inc.

10. Atlassian Corp Plc

11. Autodesk, Inc.

12. Automattic Inc.

13. Box, Inc.

14. Brightcove Inc.

15. Brit + Co

16. CareZone Inc.

17. Castlight Health

18. Checkr, Inc.

19. Chobani, LLC

20. Citrix Systems, Inc.

21. Cloudera, Inc.

22. Cloudflare, Inc.

23. Copia Institute

24. DocuSign, Inc.

25. DoorDash, Inc.

26. Dropbox, Inc.

27. Dynatrace LLC

28. eBay Inc.

29. Engine Advocacy

30. Etsy Inc.

31. Facebook, Inc.

32. Fastly, Inc.

33. Flipboard, Inc.

34. Foursquare Labs, Inc.

35. Fuze, Inc.

36. General Assembly

37. GitHub

38. Glassdoor, Inc.

39. Google Inc.

40. GoPro, Inc.

41. Harmonic Inc.

42. Hipmunk, Inc.

43. Indiegogo, Inc.

44. Intel Corporation

45. JAND, Inc. d/b/a Warby Parker

46. Kargo Global, Inc.

47. Kickstarter, PBC

48. KIND, LLC

49. Knotel

50. Levi Strauss & Co.

51. LinkedIn Corporation

52. Lithium Technologies, Inc.

53. Lyft, Inc.

54. Mapbox, Inc.

55. Maplebear Inc. d/b/a Instacart

56. Marin Software Incorporated

57. Medallia, Inc.

58. A Medium Corporation

59. Meetup, Inc.

60. Microsoft Corporation

61. Motivate International Inc.

62. Mozilla Corporation

63. Netflix, Inc.

64. NETGEAR, Inc.

65. NewsCred, Inc.

66. Patreon, Inc.

67. PayPal Holdings, Inc.

68. Pinterest, Inc.

69. Quora, Inc.

70. Reddit, Inc.

71. Rocket Fuel Inc.

72. SaaStr Inc.

73. Salesforce.com, Inc.

74. Scopely, Inc.

75. Shutterstock, Inc.

76. Snap Inc.

77. Spokeo, Inc.

78. Spotify USA Inc.

79. Square, Inc.

80. Squarespace, Inc.

81. Strava, Inc.

82. Stripe, Inc.

83. SurveyMonkey Inc.

84. TaskRabbit, Inc

85. Tech:NYC

86. Thumbtack, Inc.

87. Turn Inc.

88. Twilio Inc.

89. Twitter Inc.

90. Uber Technologies, Inc.

91. Via

92. Wikimedia Foundation, Inc.

93. Workday

94. Y Combinator Management, LLC

95. Yelp Inc.

96. Zynga Inc.

ADDED Feb. 6, 2017

97. Adobe Systems Inc.

98. Affirm, Inc.

99. Ampush LLC

100. Brocade Communications Systems Inc.

101. Bungie, Inc.

102. Casper Sleep, Inc.

103. Cavium, Inc.

104. Chegg, Inc.

105. ClassPass Inc.

106. Coursera

107. EquityZen Inc.

108. Evernote

109. Gusto

110. Handy Technologies, Inc.

111. HP Inc.

112. IAC/InterActive Corp.

113. Linden Lab

114. Managed by Q Inc.

115. MobileIron

116. New Relic, Inc.

117. Pandora Media, Inc.

118. Planet Labs Inc.

119. RPX Corporation

120. Shift Technologies, Inc.

121. Slack Technologies, Inc.

122. SpaceX

123. Tesla, Inc.

124. TripAdvisor, Inc.

125. Udacity, Inc.

126. Zendesk, Inc.

127. Zenefits