Where is the Legislation/Law Mandating Against Cyber Intrusions?

Posted on February 14, 2018February 14, 2018 by Denise Simon

No one in Washington DC or media talks about the ever constant cyber attacks against all things United States.

There have been countless hearings on The Hill about Russian operations against the election architecture in the United States as well as other allied countries. While Russia is one of the top threats, Iran and North Korea are also guilty, yet China likely ranks number two behind Russia.

So, anti-Trump people inside the Beltway blame the Trump White House for the lack of leadership on the issue(s) especially when it comes to protections on the voter-roll databases at the state level and the learning curve of vulnerabilities of the voting machines themselves. So…where are these lawmakers and the bills they have introduced for debate, committee and eventual passage in both Houses of Congress anyway?

Who is protecting data across the board, our data? Where is the Department of Homeland Security and the FBI on the matter? Both those agencies were assigned to collaborate with threatened State Elections Commissions during the General election. Remember that?

This all began during the Obama administration where the ultimate punishment was to expel Russian diplomatic officials, close two dachas and the Russian compound in San Francisco. Has that sent a message to Moscow and fixed the problem(s)? NO….

There are thousands of experts outside the Federal government that do offer assistance with investigations and attributions and they too can offer some in sight into legislative frameworks and yet no one knows if that has been forthcoming.

*** Russian Attacks Will Continue

UPDATE: As the nation’s top intelligence chiefs testified before the Senate Intelligence Committee Tuesday, spelling out the very real threat Russia continues to pose to our democracy, Director of National Intelligence Dan Coats admitted “there is no single agency leading the United States’ efforts to respond to and combat Russian election meddling.”

Multiple Senators on the panel expressed their concern for President Trump’s ongoing unwillingness to acknowledge Russian interference in the 2016 election, echoing a common sentiment among national security experts that an absence of leadership at the top is hindering U.S. efforts to fight back.

CNN:

… Coats said Tuesday “there should be no doubt” that Russia sees the 2018 US elections as a target.

Coats and the other top national security officials told the Senate Intelligence Committee on Tuesday that they still view Moscow as a threat to the 2018 elections, a stance that appears at odds with President Donald Trump’s repeated dismissals of Russian election meddling.

“We expect Russia to continue using propaganda, social media, false-flag personas, sympathetic spokesmen and other means to influence, to try to build on its wide range of operations and exacerbate social and political fissures in the United States,” Coats said at a hearing on worldwide threats. “There should be no doubt that Russia perceives its past efforts as successful and views the 2018 US midterm elections as a potential target for Russian influence operations.”

(…)

Sen. Angus King, I-Maine, pressed on the disparity between the intelligence community’s viewpoint and the president’s — urging the intelligence chiefs to persuade the president to accept their findings that Russia interfered in the 2016 election.

“My problem is, I talk to people in Maine who say the whole thing is a witch hunt and a hoax ‘because the President told me’,” King said. “There’s no doubt, as you all have testified today, we cannot confront this threat, which is a serious one, with a whole of government response when the leader of the government continues to that deny it exists.”

The Atlantic:

John Sipher, a former chief of station for the CIA who served for 28 years in Russia, Europe, and Asia, told me that the intelligence community will continue to be focused on Russia’s threat “no matter what the White House says or doesn’t say.” Ultimately, though, it will be up to Trump to implement meaningful changes.

“The IC is not the most important in this case,” Sipher said, referring to the intelligence community. “They may uncover what the Russians are up to but they can’t really defend against it or take actions to deter it, unless the President supports a covert action effort to screw with the Russians, like with a cyber attack.”

“Tightening up our social media, protecting voter-registration systems and procedures—those things are beyond the ability or mandate of the IC,” Sipher said. “And I don’t think we have done nearly enough to deter or defend against Russian attacks.

US intel chiefs unanimous that Russia is targeting 2018 elections (CNN)

Russia Will Meddle in the Midterms (The Atlantic)

No Agency Leading U.S. Response to Russian Election Meddling, Says Intel Chief (The Daily Beast)

As the Senate Intelligence Committee hears from the nation’s top intelligence and national security officials on worldwide threats, a prepared written assessment warns of ongoing Russian efforts to undermine democracy.

NBC News:

“Foreign elections are critical inflection points that offer opportunities for Russia to advance its interests both overtly and covertly,” says the assessment. “The 2018 US mid-term elections are a potential target for Russian influence operations.”

(…)

“We assess that the Russian intelligence services will continue their efforts to disseminate false information via Russian state-controlled media and covert online personas about US activities to encourage anti-US political views,” the statement says.

“Moscow seeks to create wedges that reduce trust and confidence in democratic processes, degrade democratization efforts, weaken US partnerships with European allies, undermine Western sanctions, encourage anti-US political views, and counter efforts to bring Ukraine and other former Soviet states into European institutions.”

In his opening statement, Vice Chairman Mark Warner (D-VA) noted President Trump’s absence of leadership on the issue.

Sen. Mark Warner, D-Va., the top Democrat on the committee, said in prepared remarks that “the President inconceivably continues to deny the threat posed by Russia. He didn’t increase sanctions on Russia when he had a chance to do so. He hasn’t even Tweeted a single concern. This threat demands a whole-of-government response, and that needs to start with leadership at the top.”

U.S. intel agencies expect Russia to escalate election meddling efforts (NBC News)

Worldwide Threat Assessment (pdf)

State Dept Proposes Lead Agency on Economic/Cyber Bureau

Posted on February 6, 2018February 6, 2018 by Denise Simon

This sounds great until one considers there is no lawful cyber policy against any nation, rogue or otherwise where there are consequences for hacks, malicious malware or cyber theft. Meanwhile, all cyber units within the Federal government as well as independent outside corporations are well aware of China, North Korea, Russia and proxies are the constant and proven cyber threats to the United States without punishment.

Further, there are two details that are omitted in the summary below, the global actions of cybercurrencies and how governments are plotting regulations but more the global economic agenda. There is no way to stop a borderless world.

The 2016 State Department posture on foreign cyber threats is here.

Image result for tillerson russia cyber photo

Tillerson proposes new unified bureau at State to focus on cyber

Secretary of State Rex Tillerson is proposing the consolidation of two separate offices at the State Department to form a single bureau that will focus on a wide range of cyber issues.

A State Department spokesperson told The Hill that the two offices, the Office of the Cybersecurity Coordinator and the Bureau of Economic Affairs’ Office of International Communications and Information Policy, would be unified in order to form the proposed Bureau for Cyberspace and the Digital Economy.

“The combination of these offices in a new Bureau for Cyberspace and the Digital Economy will align existing resources under a single Department of State official to formulate and coordinate a strategic approach necessary to address current and emerging cyber security and digital economic challenges,” Tillerson said in a Tuesday letter to House Foreign Affairs Committee Chairman Ed Royce (R-Calif.).

“The Department of State must be organized to lead diplomatic efforts related to all aspects of cyberspace,” the secretary added.

The decision comes after Tillerson faced scrutiny from both parties last year over his decision to fold the standalone Office of Cybersecurity Coordinator into an economic-focused bureau as part of his broad efforts to reorganize the agency.

Royce first relayed the news during a cyber diplomacy briefing on Tuesday that focused on the need to engage the international community on cybersecurity-related issues.

“The proposal will elevate the stature of the department official leading cyberspace policy to one that is confirmed by the U.S. Senate — an assistant secretary — to lead high-level diplomatic engagements around the world,” the secretary argued.

Last year, Royce introduced a bill, titled the Cyber Diplomacy Act, that seeks to restore a State Department office specifically focusing on cyber diplomacy efforts. The House passed the bill last month, which also calls for the official leading the cyber office to have the rank of ambassador.

Royce said Tillerson’s proposal is a “welcomed” move, but continued to vouch for the Cyber Diplomacy Act to “help keep America safe and strong.”

“Cyberspace is vital to America’s national security, and to our economy. That’s why I have long called for the State Department to have a high-ranking diplomat who can confront the full range of challenges we face online,” Royce said in a statement in response to Tillerson’s letter.

“The Foreign Affairs Committee will continue to work with the department and our colleagues in the Senate to ensure this assistant secretary and bureau is empowered to engage on the full range of cyber issues, dealing with security, human rights, and the economy,” he continued.

A State Department spokesperson said the proposal is part of an effort to spearhead cyber policy and address cybersecurity on a global scale.

“The State Department recognizes its leadership role of diplomatic efforts related to all aspects of cyberspace and the need to have an effective platform from which to engage relevant global stakeholders and exercise that leadership role,” the spokesperson said.

Under Tillerson’s proposal, the cyber bureau would seek to establish a “global deterrence framework” in an effort to outline how countries can respond when other nations “engage in malicious cyber activities.”

It would also seek to develop strategies against adversaries, promote programs that help with cyber threat prevention and responses, establish partnerships to keep the nature of the Internet open with a cross-border flow of data and open lines of dialogue for diplomatic officials to further engage on such issues.

At the start of the hearing, Royce emphasized the importance of the State Department’s role in cybersecurity issues as other countries attempt to impose control over cyberspace.

“The department’s role becomes essential when you consider that it’s not just computer networks and infrastructure that the United States needs to protect. The open nature of the internet is increasingly under assault by authoritarian regimes, like China, that aggressively promote a vision of ‘cyber sovereignty,’ which emphasizes state control over cyberspace,” Royce said in his opening remarks.

Three cyber experts testified before the lawmakers for roughly three hours on Tuesday, including the State Department’s former top cyber diplomat.

Chris Painter, the agency’s former cybersecurity coordinator, had already emphasized the need for the State Department to assume a key role in cyber policy before Tillerson’s proposal became public.

“[G]iven the international nature of the threats and the technology itself, that the State Department should play a leading role in that effort and that effective cyber diplomacy,” Painter told the lawmakers.

“For the U.S. to continue to lead, as it must, cyber issues must be re-prioritized and appropriately resourced at the State Department. Moreover, it is important that the position of the individual leading these efforts be at a very high-level — not buried in the bureaucracy or reporting through any one functionally or perspective limited chain of command,” he added.

Under the proposal, an assistant secretary will lead the new bureau and report to the Under Secretary for Economic Growth, Energy and the Environment.

Painter praised Tillerson’s plan after Royce relayed Tillerson’s proposal at the hearing. But he argued that it “makes a lot more sense” for the assistant secretary to report to the undersecretary for political affairs rather than economic affairs.

“I applaud the fact that they’ve taken action. I think it’s great they’re elevating it. That’s exactly what should be done,” Painter said.

In July, Painter left his top position shortly before Tillerson alerted Congress about his plans to close the cybersecurity office.

White House First Draft on Nuclear Weapons First Use

Posted on January 17, 2018January 17, 2018 by Denise Simon

WASHINGTON — A newly drafted United States nuclear strategy that has been sent to President Trump for approval would permit the use of nuclear weapons to respond to a wide range of devastating but non-nuclear attacks on American infrastructure, including what current and former government officials described as the most crippling kind of cyberattacks.

For decades, American presidents have threatened “first use” of nuclear weapons against enemies in only very narrow and limited circumstances, such as in response to the use of biological weapons against the United States. But the new document is the first to expand that to include attempts to destroy wide-reaching infrastructure, like a country’s power grid or communications, that would be most vulnerable to cyberweapons.

The draft document, called the Nuclear Posture Review, was written at the Pentagon and is being reviewed by the White House. Its final release is expected in the coming weeks and represents a new look at the United States’ nuclear strategy. The draft was first published last week by HuffPost.

It called the strategic picture facing the United States quite bleak, citing not only Russian and Chinese nuclear advances but advances made by North Korea and, potentially, Iran.

As an aside, Reuters is reporting that President Donald Trump complained on Wednesday that Russia was helping North Korea to evade international sanctions, signaling frustration with a country he had hoped to forge friendly relations with after his 2016 election win.

Image result for nuclear posture review photo

But back to the nuclear posture review and first strike options.

The draft document is here.

trump nuclear posture review cyberattacks

Russia and China are reportedly working on fourth-generation nuclear weapons, nuclear weapons in which certain nuclear effects are enhanced and others diminished, for example, nuclear weapons with enhanced radiation or electromagnetic-pulse effects.18

According to General Paul Selva, Vice Chairman of the Joint Chiefs of Staff, Russia is “developing new nonstrategic nuclear weapons.”19

It is very hard to harden the infrastructure, whether civilian or military, when one does not properly understand how these effects might impact current systems. Yield-producing experiments would help the U.S. better understand what kind of shielding and hardening its systems might need in order to remain survivable in the case of a nuclear attack. There are also countries, such as North Korea, India, and Pakistan, that have (recently, in the case of North Korea) conducted relatively large underground nuclear weapon tests.

History teaches that unless regularly exercised, skills to conduct a meaningful nuclear warhead experiment atrophy quickly. The United States agreed to a nuclear-test moratorium between 1958 and 1961. In just three years, the skills needed to conduct a meaningful experiment had deteriorated, and lessons learned had to be painfully re-learned. The United States conducted its last yield-producing nuclear weapon test in 1992. It seems likely that the nation would not be able to perform a meaningful nuclear weapons test even if it needed to, for instance, if an error in the stockpile were discovered that required an experiment to ensure that this error was corrected.20

The concern does not have to do with the U.S. ability to detonate a nuclear weapon as much as it does with the U.S. ability to prepare the grounds, people, and necessary technical equipment to collect data from the test itself. There are fewer and fewer people in the United States who have hands-on experience with such equipment and its instrumentation. As with many hard skills, these can be only properly learned by doing.

There is no demonstrated link between the number of U.S. nuclear weapons and the number of nuclear-armed states. Countries have their own reasons for pursuing nuclear weapons.

U.S. experts with nuclear-testing experience are worried about “the steady degradation of U.S. nuclear test readiness” and question whether the Department of Energy has “any realistic appreciation for what nuclear testing involves or how to stay prepared to do it again within 24–36 months, as legally required by Presidential Decision Directive 15 (1993).”21

The United States lacks specialized skills and equipment to conduct a meaningful nuclear weapons test. Even more seriously, it lacks the skills that would allow such a test to be conducted. Reconstitution of this important capability is not a viable option as the whole process would have to be reinvented. Read the summary argument for why this review is required.

Hawaii False Alarm vs. U.S. Interceptors and Don’t Travel Warnings

Posted on January 15, 2018January 15, 2018 by Denise Simon

WASHINGTON — The final ground-based interceptor for the Ground-based Midcourse Defense system — designed to protect the homeland from intercontinental ballistic missiles threats from North Korea and Iran — is now in place at Fort Greely, Alaska, the U.S. Missile Defense Agency has confirmed.

Image result for Ground-based Midcourse Defense photo

“MDA and Boeing emplaced the 44th interceptor in its silo at the Missile Defense Complex at Ft. Greely on Thursday, Nov. 2,” the agency said in a statement sent to Defense News.

The agency planned to have all 44 required interceptors in the ground and ready to respond to threats by the end of 2017. The Pentagon and the MDA have indicated in recent months a serious move to build up beyond 44 interceptors. In September, the Pentagon proposed reprogramming $136 million in fiscal 2017 to start raising the number of ground-based interceptors from 44 to 64 in a new Missile Field 4 at Fort Greely. The boost was part of a $416 million reprogramming request targeting missile defense needs. And the White House submitted a supplemental budget request for FY18 on Nov. 6 that asked for further funding to increase the number of ground-based interceptors by 20 and to build an additional missile field at the Alaska base.

While the left is quick to blame President Trump on the matter of a nuclear North Korea, including Congresswoman Tulsi Gabbard and those in Hollywood, Kim Jung Un has been collaborating and testing nuclear weapons and missiles long before Trump entered the White House. They omit the fact that in the last 8 years, Obama did nothing….NOTHING.

Americans can travel to North Korea, if they wish — but it may just be a death wish, the U.S. State Department cautioned.

The State Department last week issued a stark warning to people setting out for the Hermit Kingdom, cautioning that anyone heading to the dangerous dictatorship should prepare for the possibility of not returning.

“The U.S. government is unable to provide emergency services to U.S. citizens in North Korea as it does not have diplomatic or consular relations with North Korea,” the State Department published Wednesday on its website.

Those who wish to travel to North Korea must be approved for a special validation, which are handed out on “very limited circumstances.” U.S. travelers given the approval to experience Kim Jong Un’s regime should then prepare for the worst — including drafting a will and making funeral and property arrangements with family and friends.“Draft a will and designate appropriate insurance beneficiaries and/or power of attorney; discuss a plan with loved ones regarding care/custody of children, pets, property, belongings, non-liquid assets (collections, artwork, etc.), funeral wishes, etc.,” according to the recommendations. More here.

“On December 28, there was a large number of personnel (~100 to 120) observed in seven different formations whose purpose is unknown in the Southern Support Area,” it adds.

“It is rare to observe personnel in this area,” the report says.

The report concludes that such activities “underscore North Korea’s continued efforts to maintain the Punggye-ri site’s potential for future nuclear testing.”

News of apparent active nuclear test site comes just days after North Korean officials met with South Korean officials for the first time in more than two years. More here.

*** Image result for hawaii false alarm missile photo

Meanwhile there is the matter of the false alarm in Hawaii….

Hawaii Gov. David Ige claimed Saturday that alert was the result of an official simply “[pressing] the wrong button” during an employee shift change, but broader questions remain. Why didn’t I get the notification here in San Diego, well within the range of intercontinental ballistic missiles that North Korea has tested in recent months? And assuming you weren’t lucky enough to be on a beach in Hawaii when the alert went out, why didn’t the average U.S. citizen receive one where they live?

To understand today’s scare, it’s important to understand how our national emergency alert system functions. The National Incident Management System (NIMS) is the systematic approach laid out by the federal government for departments and agencies at all levels of government, nongovernmental organizations, and the private sector to prevent, respond to, recover from, and mitigate any and all kinds of incidents, no matter the size or scope. NIMS dictates that the initial authority for disaster response resides at the county level, so that’s where most Mass Notification Systems that participate in the Emergency Alert System network reside.

The Emergency Alert System network is layered between federal, state, county, and local authorities through a system called the Integrated Public Alert and Warning System (IPAWS) and controlled through the IPAWS Program Management Office at FEMA. The IPAWS PMO encourages partners to regularly test public alert and warning systems; in fact, the IPAWS Modernization Act of 2015, ratified in April 2016, requires IPAWS PMO to test the system not less than once every three years.

All systems compatible with IPAWS use the Common Alerting Protocol, an international standard, to send public alerts and warnings between systems and jurisdictions. State and local agencies, like Hawaii’s Emergency Management Agency (HI-EMA), have their own systems, produced by a variety of manufacturers, to alert the public when a natural or manmade disaster is occurring or imminent. These mass notification systems use a variety of mediums to communicate danger to wide (or very narrow) swaths of people: they’re capable of desktop alerts, text messaging, reverse 9-1-1, email, Wireless Emergency Alerts, announcement or siren over a loudspeaker, and more. All systems in use on bases, municipalities, and other agencies are IPAWS compatible but not all can send information two-way; most of the bases operate in a receive-only manner.

Related: Ballistic Missile False Alarm That Sparked Panic In Hawaii Caused By Wrong Button, Officials Say »

These systems, the modern version of the CONELRAD (Control of Electromagnetic Radiation) method of emergency broadcasting established in 1951 at the outset of the Cold War, are powerfully effective in their ubiquity and power. Mass notification systems happen to be excellent tools for public awareness, and required testing can take any form. On many military bases, for example, the systems are tested each morning and night by using loudspeakers to play colors. Pretty smart, eh?

The specific kind of alert that Hawaiians received while they slept in or ate breakfast this morning was a Wireless Emergency Alert (WEA). WEAs use a different technology than voice calls or text messages and can only be used in three situations: 1. Alerts issued by the President; 2: Alerts involving imminent threats to safety or life; or 3: Amber Alerts. Participating carriers may block all but Presidential alerts.

The good news about WEAs are that they are location specific: even if you happened to be a tourist visiting Hawaii this morning, you would’ve received the alert (so long as your carrier participates). Carriers who do not participate are required to notify consumers, but the major carriers have all opted in. But the big problem, obviously, is that they’re more subject to human error than their military counterparts.

Now, civilian agencies probably don’t have the capability to detect ballistic missile launches, so in a real-life incident that message would have to come from the military, likely U.S. Pacific Command (PACOM) headquartered right there in Hawaii. PACOM would notify their base Emergency Operations Center (EOC) who would pass it up to the Regional EOC. Of note, the bases usually don’t have control of the WEA tech and can notify only those registered in their systems (but can receive all IPAWS notifications). Because of that, the base or regional EOC would have to notify Hawaii EMA for transmission. That didn’t happen today because there wasn’t a ballistic missile inbound.

The governor of Hawaii claims that during a shift change, an operator simply hit the wrong button. Well, it doesn’t exactly work that way. These alerts are not actuated by physically pushed buttons because the number of buttons that would require, for all of the different types of alerts, would be unwieldy. An operator would either type in the desired alert (or select from canned messages), select which communications mediums they’d like to use and the populations they’d like to alert, and then hit “send” and then again confirm that they really want to send that message. The canned messages might be available as electronically selectable on a computer screen (like a Windows button) but a “confirm” dialogue would still be required.

Time will tell what really happened, but as a Certified Emergency Manager (CEM) who helped set up the Mass Notification System for a major military base, I know that what likely occurred was a serious breach in procedure at Hawaii EMA. The authority who issued today’s alert and then took 40 minutes to send a retraction on WEA. PACOM immediately released a message saying that there was no threat, so why didn’t Hawaii EMA immediately send a retraction via WEA? There are serious implications associated with false alerts. What happens when an alert about a tsunami, wildfire, or active shooter are real and people ignore them?

Maybe we were hacked, as some have alleged, but probably not. No matter what happened, someone must be held accountable for this egregious breach of professionalism — and that person is almost definitely sitting at HI-EMA. Let’s hope that this scare motivates agencies across the nation to take a look at their own procedures. And let’s hope Gov. Ige holds his team accountable. Hat tip.

N Korea Nuke Sites Go Further Underground

Posted on January 12, 2018January 12, 2018 by Denise Simon

“Significant tunneling” excavation is underway at North Korea’s Punggye-ri nuclear test site and shows the regime’s continued efforts to maintain the site for potential future nuclear testing, a think tank specializing in tracking North Korean activities reported Thursday.

It follows reports in October that the test site is unstable and experienced tunnel collapses that have killed several hundred North Korean laborers.

The report on the 38 North website was based on an analysis of new commercial satellite images released of Punggye-ri, where the North Koreans have conducted the last six underground nuclear tests. It said throughout December 2017, there were “mining carts and personnel” as well as what appeared to be a “spoil pile” that had been greatly expanded at the test facility’s west portal.

The test site’s north portal, used in the last five nuclear tests, “remains dormant,” but there’s new activity at the west portal, according to the 38 North, a think tank at the Johns Hopkins School of Advanced International Studies. Yet, it said there appears to be draining going on at the entrance to this portal.

Punggye-ri Nuclear Test Site
by JamesMartinCNS
on Sketchfab

The last nuclear test at Punggye-ri was conducted in September. Pyongyang claimed that blast was a miniaturized hydrogen weapon designed for an intercontinental ballistic missile.

DigitalGlobe | 38 North | Getty Images

On December 28, 2017, large numbers of personnel are observed at the Southern Support Area, located south of the Command Center Area.

In October, Japan’s Asahi TV reported that as many as 200 North Korean workers may have been killed in a tunnel collapse at the nuclear test site. Also, at least four defectors from North Korea have shown signs of radiation exposure, Reuters reported last month.

In Thursday’s report, 38 North said about 100 to 200 people were observed in satellite images taken Dec. 28 in a “Southern Support Area,” which it said rarely has such activity. And it said “the purpose of their activities is unknown.”

The new analysis of the Punggye-ri satellite imagery was done by Frank Pabian, Joseph Bermudez Jr. and Jack Liu, the 38 North website said. They concluded that the recent activity is a sign that the regime will maintain the facility.

The recent activity at the Punggye-ri nuclear test site comes on the heels of North and South Korean negotiators meeting Tuesday at the Demilitarized Zone. It was the first high-level talks between the two countries since late 2015.

The negotiations resulted in Pyongyang agreeing to send a delegation of athletes to the upcoming Winter Olympic Games in PyeongChang, South Korea. The two sides also agreed to reinstate a military hotline and to hold future talks, although no deal was reached on denuclearization.

Also, South Korea’s Yonhap news agency reported Thursday that Chinese President Xi Jinping had a 30-minute phone conversation with South Korean President Moon Jae-in and they jointly agreed “to continue working together to peacefully resolve the North Korean nuclear issue.”