Category Archives: Gangs and Crimes

Do You Know What CTIIC is? You Should

Posted on by

First…there is no policy as admitted in a Senate Intelligence Hearing of the heads of the intelligence agencies and confirmed by Senator Angus King (Maine).

Image result for CTIIC

CTIIC is the federal lead for intelligence support in response to significant cyber incidents, working—on behalf of the IC—to integrate analysis of threat trends and events, build situational awareness, and support interagency efforts to develop options for degrading or mitigating adversary threat capabilities.

The idea of creating a cyber threat framework came from observations among the US policy community that cyber was being described by different agencies in a variety of ways that made consistent understanding difficult. There are over a dozen analytic models being used across government, academia, and the private sector. Each model reflects the priorities and interests of its developer, but the wide disparities across models made it difficult to facilitate efficient situational analysis that was based on objective data.

 

The framework will be scalable and facilitate data sharing at “machine speed.” Implementation within the USG will include processes to reduce or eliminate double-counting of threat data.

resources

So….
In 2017 Equifax confirmed it has suffered a massive data breach, cyber criminals stole sensitive personal records of 145 million belonging to US citizens and hundreds of thousands Canada and in the UK.

Attackers exploited the CVE-2017-5638 Apache Struts vulnerability. The vulnerability affects the Jakarta Multipart parser upload function in Apache and could be exploited by an attacker to make a maliciously crafted request to an Apache web server.

The vulnerability was fixed back in March, but the company did not update its systems, the thesis was also reported by an Apache spokeswoman to the Reuters agency.

Compromised records include names, social security numbers, birth dates, home addresses, credit-score dispute forms, and for some users also the credit card numbers and driver license numbers.

Now experts argue the Equifax hack is worse than previously thought, according to documents provided by Equifax to the US Senate Banking Committee the attackers also stole taxpayer identification numbers, phone numbers, email addresses, and credit card expiry dates belonging to some Equifax customers.

This means that crooks have all necessary data to arrange any king of fraud by steal victims’ identities. More here.

Further, the Trump administration appears to omitted any reference to the Chinese cyber threat domestically….here is a clue on their activity and how they cannot be trusted…and we have not even mentioned Russia..

In 2012 Chinese companies Huawei and ZTE  were considered high threat risks to the United States and sadly, both were introduced again at this same Senate hearing on February 13, 2018.

China’s government has denied reports that it spied on the servers at the African Union’s Chinese-built headquarters for more than five years, gaining access to confidential information.

In an investigation published by French newspaper Le Monde, China, which also paid and built the computer network at the AU, allegedly inserted a backdoor (in French) that allowed it to transfer data. The hack wasn’t detected until Jan. 2017 when technicians noticed that between midnight and 2 am every night, there was a peak in data usage even though the building was empty. After investigating, it was found that the continental organization’s confidential data was being copied on to servers in Shanghai.

China’s ambassador to the AU dismissed the reports as “absurd” and “preposterous.” Kuang Weilin told reporters in Ethiopia that it was “very difficult to understand” Le Monde’s claims and that the story was certain to “create problems for China-Africa relations.”

The revelations come as African presidents convene in Addis Ababa to attend the continental summit on governance. In 2012, when the AU building was completed, it was signified as a symbolic gesture aimed at solidifying Sino-Africa relations. The landmark 20-story office tower overlooking a pearl-shaped conference center was “a gift” from the Chinese government to help African nations integrate better and improve their institutional capacity.

But the alleged data theft puts a spin on that rosy affair and might strain the relationship between the two sides. China is heavily involved in Africa, with its companies and entrepreneurs conducting trade and investing heavily in African countries. Chinese aid has also been blamed for propping up authoritarian regimes, constructing shoddy roads and infrastructure built by imported Chinese workers, and focusing mainly on countries home to oil, minerals, and other resources that China needs. But China is also cultivating the next generation of African leaders, with Beijing taking thousands of African leaders, bureaucrats, students, and business people to China for training and education. More here.

For sure there is no policy and lawmakers are dumbfounded on introducing any kind of offensive or consequential legislation. Hello Angus?

State Dept Proposes Lead Agency on Economic/Cyber Bureau

Posted on by

This sounds great until one considers there is no lawful cyber policy against any nation, rogue or otherwise where there are consequences for hacks, malicious malware or cyber theft. Meanwhile, all cyber units within the Federal government as well as independent outside corporations are well aware of China, North Korea, Russia and proxies are the constant and proven cyber threats to the United States without punishment.

Further, there are two details that are omitted in the summary below, the global actions of cybercurrencies and how governments are plotting regulations but more the global economic agenda. There is no way to stop a borderless world.

The 2016 State Department posture on foreign cyber threats is here.

Image result for tillerson russia cyber photo

Tillerson proposes new unified bureau at State to focus on cyber

Secretary of State Rex Tillerson is proposing the consolidation of two separate offices at the State Department to form a single bureau that will focus on a wide range of cyber issues.

A State Department spokesperson told The Hill that the two offices, the Office of the Cybersecurity Coordinator and the Bureau of Economic Affairs’ Office of International Communications and Information Policy, would be unified in order to form the proposed Bureau for Cyberspace and the Digital Economy.

“The combination of these offices in a new Bureau for Cyberspace and the Digital Economy will align existing resources under a single Department of State official to formulate and coordinate a strategic approach necessary to address current and emerging cyber security and digital economic challenges,” Tillerson said in a Tuesday letter to House Foreign Affairs Committee Chairman Ed Royce (R-Calif.). 

“The Department of State must be organized to lead diplomatic efforts related to all aspects of cyberspace,” the secretary added.

The decision comes after Tillerson faced scrutiny from both parties last year over his decision to fold the standalone Office of Cybersecurity Coordinator into an economic-focused bureau as part of his broad efforts to reorganize the agency.

Royce first relayed the news during a cyber diplomacy briefing on Tuesday that focused on the need to engage the international community on cybersecurity-related issues.

“The proposal will elevate the stature of the department official leading cyberspace policy to one that is confirmed by the U.S. Senate — an assistant secretary — to lead high-level diplomatic engagements around the world,” the secretary argued.

Last year, Royce introduced a bill, titled the Cyber Diplomacy Act, that seeks to restore a State Department office specifically focusing on cyber diplomacy efforts. The House passed the bill last month, which also calls for the official leading the cyber office to have the rank of ambassador.

Royce said Tillerson’s proposal is a “welcomed” move, but continued to vouch for the Cyber Diplomacy Act to “help keep America safe and strong.”

“Cyberspace is vital to America’s national security, and to our economy. That’s why I have long called for the State Department to have a high-ranking diplomat who can confront the full range of challenges we face online,” Royce said in a statement in response to Tillerson’s letter.

“The Foreign Affairs Committee will continue to work with the department and our colleagues in the Senate to ensure this assistant secretary and bureau is empowered to engage on the full range of cyber issues, dealing with security, human rights, and the economy,” he continued.

A State Department spokesperson said the proposal is part of an effort to spearhead cyber policy and address cybersecurity on a global scale.

“The State Department recognizes its leadership role of diplomatic efforts related to all aspects of cyberspace and the need to have an effective platform from which to engage relevant global stakeholders and exercise that leadership role,” the spokesperson said.

Under Tillerson’s proposal, the cyber bureau would seek to establish a “global deterrence framework” in an effort to outline how countries can respond when other nations “engage in malicious cyber activities.”

It would also seek to develop strategies against adversaries, promote programs that help with cyber threat prevention and responses, establish partnerships to keep the nature of the Internet open with a cross-border flow of data and open lines of dialogue for diplomatic officials to further engage on such issues.

At the start of the hearing, Royce emphasized the importance of the State Department’s role in cybersecurity issues as other countries attempt to impose control over cyberspace.

“The department’s role becomes essential when you consider that it’s not just computer networks and infrastructure that the United States needs to protect. The open nature of the internet is increasingly under assault by authoritarian regimes, like China, that aggressively promote a vision of ‘cyber sovereignty,’ which emphasizes state control over cyberspace,” Royce said in his opening remarks.

Three cyber experts testified before the lawmakers for roughly three hours on Tuesday, including the State Department’s former top cyber diplomat.

Chris Painter, the agency’s former cybersecurity coordinator, had already emphasized the need for the State Department to assume a key role in cyber policy before Tillerson’s proposal became public.

“[G]iven the international nature of the threats and the technology itself, that the State Department should play a leading role in that effort and that effective cyber diplomacy,” Painter told the lawmakers.

“For the U.S. to continue to lead, as it must, cyber issues must be re-prioritized and appropriately resourced at the State Department. Moreover, it is important that the position of the individual leading these efforts be at a very high-level — not buried in the bureaucracy or reporting through any one functionally or perspective limited chain of command,” he added.

Under the proposal, an assistant secretary will lead the new bureau and report to the Under Secretary for Economic Growth, Energy and the Environment.

Painter praised Tillerson’s plan after Royce relayed Tillerson’s proposal at the hearing. But he argued that it “makes a lot more sense” for the assistant secretary to report to the undersecretary for political affairs rather than economic affairs.

“I applaud the fact that they’ve taken action. I think it’s great they’re elevating it. That’s exactly what should be done,” Painter said.

In July, Painter left his top position shortly before Tillerson alerted Congress about his plans to close the cybersecurity office.

 

Guilty Pleas, Human Smuggling Network Ft. Hood

Posted on by

Primer:

BROWNSVILLE – A 51-year-old man in the U.S. illegally pled guilty to human smuggling charges.

Victoriano Zamora-Jasso is said to have supplied immigrants to 47-year-old Arnold Garcia, of Harlingen, who would then contact active-duty soldiers stationed at Fort Hood to help transport and deliver people in the county illegally further north.

The illegal operation took place from March to September of 2014.

The soldiers would conceal immigrants under their military gear to get through the immigration checkpoint in Sarita.

Garcia and all the soldiers were sentenced in 2015 and 2016.

Sentencing for Zamora-Jasso is scheduled for May 9.

He faces up to 10 years in prison and a possible $250,000 fine.

*** So, here is a case of an illegal alien that was granted access and permission to join the U.S. military….you know, taking an oath and stuff and he established a network at Ft.Hood….with other illegals? ….sheesh

Former Fort Hood, Texas, soldier pleads guilty to alien smuggling

US Army soldier was also previously deported

BROWNSVILLE, Texas — A solider based in Fort Hood, Texas, pleaded guilty Jan. 29 for his role in a conspiracy to transport and harbor illegal aliens, and illegally re-entering the United States after having been deported.

This guilty plea was announced U.S. Attorney Ryan K. Patrick, Southern District of Texas. This case was investigated by U.S. Immigration and Customs Enforcement’s (ICE) Homeland Security Investigations (HSI) with assistance from U.S. Customs and Border Protection’s (CBP).

Image result for Victoriano Zamora-Jasso photo

Victoriano Zamora-Jasso aka “Tata,” 51, from Mexico living in Houston made an appearance Jan. 29 in federal court on the eve of jury selection.

According to court records, in early 2014 Zamora-Jasso began supplying illegal aliens to Arnold Gracia, 47, from Harlingen, Texas.  Gracia then made arrangements with others to transport the illegal aliens through the immigration checkpoint in Sarita, Texas.  Gracia recruited the following then active-duty soldiers stationed at Ft. Hood to transport and deliver the illegal aliens further north: Brandon Troy Robbins, 23, from San Antonio; Eric Alexander Rodriguez, 24, from Odem, Texas; Christopher David Wix, 23, from Abilene, Texas; and Yashira Perez-Morales, 27, from Watertown, New York.

The conspiracy continued from about March through September 2014. The soldiers concealed the illegal aliens under their military gear in which they made many successful trips during the course of the conspiracy.

Zamora-Jasso was indicted in 2016 and arrested after a traffic stop in Conroe, Texas, in July 2017. In court, he admitted his involvement in the conspiracy.  He also admitted that he is a previously convicted illegal alien who illegally re-entered the United States after having been deported in 2013.

Gracia and all the soldiers were previously sentenced in 2015 and 2016 with Gracia receiving a 73-month sentence; Robbins, Rodriguez, Wix and Perez-Morales received sentences of 20, 12 months, 12 months and a day, and five years’ probation to include an $8,000 fine.

Judge Rolando Olvera has scheduled Zamora-Jasso’s sentencing for May 9. At that time, he faces up to 10 years imprisonment and a possible $250,000 maximum fine. He remains in custody pending sentencing.

Assistant U.S. Attorneys Oscar Ponce and Angel Castro, Southern District of Texas, are prosecuting this case.

DoJ Sessions’ Letter of Subpoena to Sanctuary Cities

Posted on by
Primer: In part from the New York Times/

Over the past year, the local jurisdictions have pushed back hard on the administration’s attempts to force them to abandon their stance by cutting off federal funding to them, with some like Chicago filing lawsuits against the Justice Department.

Mr. Emanuel’s office has called the Justice Department’s actions “misguided.” And district court judges in California and Illinois have filed preliminary nationwide injunctions blocking the department from denying grant money to sanctuary cities.

On Wednesday, 15 attorneys general filed a brief in support of the Chicago lawsuit, saying that the administration’s efforts to pull federal funds from sanctuary jurisdictions infringes on their right to set their own law enforcement policies.

“The Trump administration cannot strip a city or a police department of these critical funds, simply because they don’t like its policies,” Eric T. Schneiderman, the New York attorney general, said in a statement. More here.

Image result for sanctuary cities photo

Department of Justice
Office of Public Affairs
FOR IMMEDIATE RELEASE
Wednesday, January 24, 2018

Justice Department Demands Documents and Threatens to Subpoena 23 Jurisdictions As Part of 8 U.S.C. 1373 Compliance Review

The Department of Justice today sent the attached letters to 23 jurisdictions, demanding the production of documents that could show whether each jurisdiction is unlawfully restricting information sharing by its law enforcement officers with federal immigration authorities.

All 23 of these jurisdictions were previously contacted by the Justice Department, when the Department raised concerns about laws, policies, or practices that may violate 8 U.S.C. 1373, a federal statute that promotes information sharing related to immigration enforcement and with which compliance is a condition of FY2016 and FY2017 Byrne JAG awards.

The letters also state that recipient jurisdictions that fail to respond, fail to respond completely, or fail to respond in a timely manner will be subject to a Department of Justice subpoena.

“I continue to urge all jurisdictions under review to reconsider policies that place the safety of their communities and their residents at risk,” said Attorney General Jeff Sessions. “Protecting criminal aliens from federal immigration authorities defies common sense and undermines the rule of law. We have seen too many examples of the threat to public safety represented by jurisdictions that actively thwart the federal government’s immigration enforcement—enough is enough.”

Failure to comply with section 1373 could result in the Justice Department seeking the return of FY2016 grants, requiring additional conditions for receipt of any FY2017 Byrne JAG funding, and/or jurisdictions being deemed ineligible to receive FY2017 Byrne JAG funding.

The following jurisdictions received the document request today:

  • Chicago, Illinois;
  • Cook County, Illinois;
  • New York City, New York;
  • State of California;
  • Albany, New York;
  • Berkeley, California;
  • Bernalillo County, New Mexico;
  • Burlington, Vermont;
  • City and County of Denver, Colorado;
  • Fremont, California;
  • Jackson, Mississippi;
  • King County, Washington;
  • Lawrence, Massachusetts;
  • City of Los Angeles, California;
  • Louisville Metro, Kentucky;
  • Monterey County, California;
  • Sacramento County, California;
  • City and County of San Francisco, California;
  • Sonoma County, California;
  • Watsonville, California;
  • West Palm Beach, Florida;
  • State of Illinois; and
  • State of Oregon.
Attachment(s):
Download 23 Letters
Topic(s):
Immigration
Component(s):
Office of the Attorney General
Press Release Number:
18-81

Russian Trolls, DAVOS and President Trump

Posted on by

So, while President Trump has again changed his schedule to attend the DAVOS World Economic Forum, there are some key items on the agenda.

With cybersecurity a top concern at the annual World Economic Forum meeting in Davos, Switzerland, Yahoo Finance asked experts: What is the topic or topics that business and government leaders should be focusing on when it comes to cybersecurity and policy in 2018?

Jason Glassberg, co-founder of Casaba Security, responded that currently the most pressing topics are “cryptocurrency ecosystems, election security, ‘DevSecOps’ (this may sound dull, but think: IoT, cars, airline computer systems, smart homes, smart cities, Intel chips, Juniper routers, Huawei, the Internet, basically everything digital under the sun), increased regulation, cyber warfare, and attribution.”

Glassberg broke down each of these six issues:

Cryptocurrency is obviously a major financial story these days. Everybody and their brother is looking into how to capitalize on it. These markets are notoriously murky, however – fraud and scams are rampant, as are the cyber attacks. So how do you make it safe? How do you take a Wild West gunslinging town, and turn it into the suburbs? It’s a tough issue, and I think we’ll have to look at the gambling industry as an example. The key to this is establishing better security within this ecosystem for the real players. The next step is finding a way to guarantee losses due to theft, similar to the FDIC [Federal Deposit Insurance Corporation] or SIPC [Securities Investor Protection Corporation].

Election security needs no introduction. But while everybody has been freaking out about voter suppression via phony Facebook ads, the reality is that the 2016 election interference was just a sample. It was a nation-state gently dipping its toe in the water, but deciding not to go all the way in. If a country wanted to get serious about election attacks, it could go much further. This is what we need to be prepared for.

It would be possible for a serious player to delete or alter voter registration databases, DDoS the servers used to run those database or the actual voting machines; not to mention, hack the voting machines themselves. The latter would definitely cross a red line, if for instance we found out that Russia had re-tabulated voting machines to directly affect the outcome of an election. But what if the attack was a little less black-and-white? For instance, what if the machines were just infected with random malware that didn’t actually do anything, other than make itself known to the IT team? That would send shockwaves through the system and call into question the voting results, even though the votes weren’t actually affected. This is what we need to be thinking about.

DevSecOps is one of those terms that causes people’s eyes to glaze over when they hear it (if they ever do), but it’s actually very relevant to our lives today. What it refers to is incorporating security into the software or hardware development process. This is hugely significant today because as we’re seeing with the Internet of Things devices that are flooding the market, and the connected cars that are rolling out onto our public streets, software security is usually not the first priority of these manufacturers.

But not to just pick on those two markets, the reality is that DevSecOps is a problem for every industry on the planet, even the security field. Businesses aren’t doing enough to bake in rigorous security into the DNA of their products from the very beginning. Too often they are relying on software updates and patches to fix the problem after the fact, and that is never an ideal solution. This will continue to become a bigger issue in the months and years ahead.

Increased regulation is another issue that businesses could face, as governments try to contend with the growing risk of data breaches and attacks on key infrastructure, whether it’s the GDPR [General Data Protection Regulation] in Europe or the Singapore Cybersecurity Bill. In my own opinion, I think that companies that store consumer data (whether it’s credit card numbers or credit reports), as well as private infrastructure entities like telecom and power companies, are probably most at risk of higher costs due to regulation.

Cyber warfare is another pressing issue today, as more countries are investing in offensive cyber operations. This often puts businesses in the crosshairs and it sticks government in a tough position too because there is no easy solution for preventing or responding to these incidents. A key question when it comes to cyber warfare is do we engage in “active defense”?

That is more commonly referred to as hack-back, but it’s a more complex concept than simply tit-for-tat cyber retaliation. Active defense can mean anything from advanced investigative techniques to disabling the servers behind an attack or turning a city’s lights off for 30 minutes in order to send a message to a rival nation. How we deter and respond to cyber warfare tactics will be a key question for policymakers and businesses over the next five to 10 years.

Attribution is another ongoing issue for governments and businesses, and it’s related directly to the cyber warfare question, although it also encompasses cybercrime as well. What’s also key with attribution is that the pressure to solve these cases could lead to encroachments on digital privacy. In fact, I’d be very surprised if that did not happen. Potential targets here include Tor, VPNs, and encryption tools in general.”