Category Archives: Russia

Estimating the Costs of Cyber Attacks Against the U.S., Billions

Posted on by

Image result for cyber attacks against the united states 2018

photo

Cyberattacks cost the United States between $57 billion and $109 billion in 2016

The report published by the White House Council of Economic Advisers examines the cyberattacks cost that malicious cyber activities cause to the U.S. economy.

Paganini: How much cost cyber attacks to the US? According to a report published by the White House Council of Economic Advisers last week, the cyberattacks cost between $57 billion and $109 billion in 2016, and things can go worse in the future.

“This report examines the substantial economic costs that malicious cyber activity imposes on the U.S. economy. Cyber threats are ever-evolving and may come from sophisticated adversaries. Due to common vulnerabilities, instances of security breaches occur across firms and in patterns that are difficult to anticipate.” states the report.

“Firms in critical infrastructure sectors may generate especially large negative spillover effects into the wider economy.”

The report analyzed the impact of malicious cyber activities on public and private entities, including DoS attacks, sabotage, business disruption, and theft of proprietary data, intellectual property, and sensitive financial and strategic information.

Damages and losses caused by a cyber attack may spill over from the initial target to economically linked organizations. More exposed are critical infrastructure sectors, at attack against companies and organization in this industry could have a severe impact on the US economy.

The document warns of nation-state actors such as Russia, China, Iran, and North Korea, that are well funded and often conduct sophisticated targeted attacks for both sabotage and cyber espionage.

“Finally, and perhaps most important, if a firm owns a critical infrastructure asset, an attack against this firm could cause major disruption throughout the economy.” reads the report.

“Insufficient cybersecurity investment in these sectors exacerbates the risks of cyberattacks and data breaches. The economic implications of attacks against critical infrastructure assets are described in more detail later in the paper. “

US cyberattacls cost

The reports also warn of devastating cyberattacks that would target sectors that are internally interconnected and interdependent with other sectors.

The report offered little in the way of new recommendations on improving cybersecurity, but noted that the situation is hurt by “insufficient data” as well as “underinvestment” in defensive systems by the private sector.

“Cyber connectivity is an important driver of productivity, innovation, and growth for the U.S. economy, but it comes at a cost. Companies, individuals, and the government are vulnerable to malicious cyber activity.” concludes the report. “Effective public and private-sector efforts to combat this malicious activity would contribute to domestic GDP growth. However, the ever-evolving nature and scope of cyber threats suggest that additional and continued efforts are critical, and the cooperation between public and private sectors is key.” 

***

The forecast of the cost damage in coming years….

In part from Forbes: In 2015, the British insurance company Lloyd’s estimated that cyber attacks cost businesses as much as $400 billion a year, which includes direct damage plus post-attack disruption to the normal course of business. Some vendor and media forecasts over the past year put the cybercrime figure as high as $500 billion and more.

From 2013 to 2015 the cyber crime costs quadrupled, and it looks like there will be another quadrupling from 2015 to 2019. Juniper research recently predicted that the rapid digitization of consumers’ lives and enterprise records will increase the cost of data breaches to $2.1 trillion globally by 2019, increasing to almost four times the estimated cost of breaches in 2015.

The World Economic Forum (WEF) says a significant portion of cybercrime goes undetected, particularly industrial espionage where access to confidential documents and data is difficult to spot. Those crimes would arguably move the needle on the cyber crime numbers much higher.

Large banks, retailers, and federal agencies make the headlines when they are hacked – but all businesses are at risk. According to Microsoft, 20% of small to mid sized businesses have been cyber crime targets.

For anyone who wants to tally their own bill from cyber crime, check out Cyber Tab from Booz Allen. It is an anonymous, free tool that helps information security and other senior executives understand the damage to companies inflicted by cyber crime and attacks. More here.

 

Diplomacy to Address Russian Olympic and War Cheating and Lies?

Posted on by

C’mon really? The Russians cheat, steal and lie. Why would any Western ally trust any part of the Kremlin or operatives dispatched worldwide? Russian nefarious ‘active measure’ plots are global and so easy to achieve. The question is why?

The International Olympic Committee is no exception when it comes to going easy on Russia, buckling to pressure from Moscow. Russia has made legitimate and clean athletes in the games a mockery. The IOC was forced to defend its decision to include Russian athletes in these Pyeongchang Games on Monday morning after curler Alexander Krushelnytsky reportedly failed a drug test, jeopardizing the bronze medal he won last week in mixed doubles and inviting increased scrutiny on the IOC’s handling of the situation.

Image result for ioc photo

First: a Russia-linked group calling itself “Fancy Bears” published a set of apparently stolen emails. They purportedly belong to officials from the International Olympic Committee, the United States Olympic Committee, and third-party groups associated with the organizations. It’s not the first time Russia has lashed out at the IOC and the anti-doping agencies in the last few years. And with a month left until the games begin, it may not be the last.

The emails appear to span from the end of 2016 to the spring of 2017, and focus on correspondence between antidoping investigators who helped uncover a wide-scale, systematic doping scheme carried out by Russian athletes. It’s not clear yet whether the emails are entirely authentic; Russian hacking groups have snuck false information into their leaks before. But the World Anti-Doping Agency Wednesday indirectly acknowledged that the emails were real, but not current.

“The Fancy Bears are a criminal organization which seeks to undermine the work of WADA and its partners,” says WADA spokesperson Maggie Durand. “Everything that they have posted today is dated.”

The hack appears to be retaliation for kicking the Russia out of 2018 PyeongChang games, at which only a handful of the country’s athletes will be allowed to compete. More here.

Second: (Reuters) – A Russian medalist at the Pyeongchang Winter Olympics is suspected of having tested positive for a banned substance, a source at the Games said on Sunday, in a potential major blow to Russia’s efforts to emerge from a drug-cheating scandal. Alexander Krushelnitsky, a bronze-medalist along with his wife in mixed-doubles curling, is suspected of having tested positive for meldonium, the source said. Meldonium increases blood flow which improves exercise capacity in athletes. Russia has been accused of running a state-backed, systematic doping program for years, an allegation Moscow denies. As a result, its athletes are competing at Pyeongchang as neutral “Olympic Athletes from Russia” (OAR).

Third: Seems to be a systemic condition when it comes to doping by Russian athletes regardless of the sport and or location. Remember Maria Sharapova and tennis? In 2017, Maria Sharapova makes her return after a 15-month suspension for use of meldonium this week, with the tennis star serving as the most high-profile of those sanctioned for use of the drug. After hundreds of positive tests in Olympic sports last year, Sharapova remains one of the relative few to be suspended for its use. While the facts of her case differ from the issues the World Anti-Doping Agency faced in determining how long it stays in an athlete’s body, her presence among those testing positive drew attention to WADA’s ban of the drug.

Image result for russia chemical weapons syria photo

Fourth: And it goes to the militant battlefield as well. Russia and the United States have clashed at the United Nations Security Council over allegations the Syrian government has again used chemical weapons in rebel-held areas of the country.

U.S. Ambassador Nikki Haley on February 5 accused Russia of blocking an investigation of possible chemical weapons use by President Bashar al-Assad’s army in attacks in rebel-held Eastern Ghouta over the weekend despite “obvious evidence from dozens of victims.”

“Russia has delayed the adoption of this statement, a simple condemnation of Syrian children being suffocated by chlorine gas,” Haley said. “This council has been outspoken on ending Syria’s use of chemical weapons, and yet, they continue.”

Russia, which has been conducting military operations in support of Assad since September 2015, rejected the allegations as “slander.”

Finally: If anyone watched the hearing and ODNI Dan Coats summary –>

The nation’s top intelligence officials said Tuesday that Russia is targeting the 2018 elections as it seeks to undermine America’s political process and sow partisan division with cyber attacks and other digital disruption.

“Frankly, the United States is under attack,” Director of National Intelligence Dan Coats told the Senate Intelligence Committee, adding that Russia is attempting to “degrade our democratic values and weaken our alliances.”

In unequivocal language, Coats said Russian President Vladimir Putin was emboldened by Russia’s interference in the 2016 presidential elections and is targeting the midterms.

“There should be no doubt that (Putin) views the past effort as successful,” said Coats who was joined Tuesday by the nation’s other top intelligence officials, including CIA Director Mike Pompeo, National Security Agency Director Mike Rogers and FBI Director Christopher Wray.

The national intelligence director’s comments came against the backdrop of congressional and criminal investigations into Russia’s alleged interference in the presidential election and whether the Kremlin coordinated its activities with Donald Trump‘s campaign.

13 Russians Indicted, Election Interference

Posted on by

Hoorah for Rosenstein and Mueller!

Rosenstein: “No Allegations That Any American Had Any Knowledge” Of Russian Election Influence Operation

The Department of Justice indictment is here.

Image result for internet research agency Internet Research Agency, St. Petersburg, Russia NBC

The Department of Justice has issued charges against 13 Russian nationals involved with the Internet Research Agency, an organization at the center of fake news and trolling during the 2016 presidential election.

The US Justice Department has filed charges against 13 Russian nationals and three Russian groups for interfering with the 2016 presidential election.

In an indictment released on Friday (.pdf), the Justice Department called out the Internet Research Agency, a notorious group behind the Russian propaganda effort across social media. Employees for the agency created troll accounts and used bots to prop up arguments and sow political chaos during the 2016 presidential campaign.

Facebook, Twitter and Google have struggled to deal with fake news, trolling campaigns and bots on their platforms, facing the scorn of Capitol Hill over their mishandlings.

The indictment lists 13 Russian nationals tied to the effort. Prosecutors said the efforts began as early as 2014 to interfere with US politics, with trolls posing as Americans, creating false personalities and spreading fake news across Facebook, Twitter and YouTube.

“These groups and pages, which addressed divisive U.S. political and social issues, falsely claimed to be controlled by US activists when, in fact, they were controlled by defendants,” the indictment said.

More here.

 

Where is the Legislation/Law Mandating Against Cyber Intrusions?

Posted on by

No one in Washington DC or media talks about the ever constant cyber attacks against all things United States.

There have been countless hearings on The Hill about Russian operations against the election architecture in the United States as well as other allied countries. While Russia is one of the top threats, Iran and North Korea are also guilty, yet China likely ranks number two behind Russia.

So, anti-Trump people inside the Beltway blame the Trump White House for the lack of leadership on the issue(s) especially when it comes to protections on the voter-roll databases at the state level and the learning curve of vulnerabilities of the voting machines themselves. So…where are these lawmakers and the bills they have introduced for debate, committee and eventual passage in both Houses of Congress anyway?

Who is protecting data across the board, our data? Where is the Department of Homeland Security and the FBI on the matter? Both those agencies were assigned to collaborate with threatened State Elections Commissions during the General election. Remember that?

This all began during the Obama administration where the ultimate punishment was to expel Russian diplomatic officials, close two dachas and the Russian compound in San Francisco. Has that sent a message to Moscow and fixed the problem(s)? NO….

There are thousands of experts outside the Federal government that do offer assistance with investigations and attributions and they too can offer some in sight into legislative frameworks and yet no one knows if that has been forthcoming.

*** Russian Attacks Will Continue

UPDATE: As the nation’s top intelligence chiefs testified before the Senate Intelligence Committee Tuesday, spelling out the very real threat Russia continues to pose to our democracy, Director of National Intelligence Dan Coats admitted “there is no single agency leading the United States’ efforts to respond to and combat Russian election meddling.”

Multiple Senators on the panel expressed their concern for President Trump’s ongoing unwillingness to acknowledge Russian interference in the 2016 election, echoing a common sentiment among national security experts that an absence of leadership at the top is hindering U.S. efforts to fight back.

CNN:

… Coats said Tuesday “there should be no doubt” that Russia sees the 2018 US elections as a target.

Coats and the other top national security officials told the Senate Intelligence Committee on Tuesday that they still view Moscow as a threat to the 2018 elections, a stance that appears at odds with President Donald Trump’s repeated dismissals of Russian election meddling.

“We expect Russia to continue using propaganda, social media, false-flag personas, sympathetic spokesmen and other means to influence, to try to build on its wide range of operations and exacerbate social and political fissures in the United States,” Coats said at a hearing on worldwide threats. “There should be no doubt that Russia perceives its past efforts as successful and views the 2018 US midterm elections as a potential target for Russian influence operations.”

(…)

Sen. Angus King, I-Maine, pressed on the disparity between the intelligence community’s viewpoint and the president’s — urging the intelligence chiefs to persuade the president to accept their findings that Russia interfered in the 2016 election.

“My problem is, I talk to people in Maine who say the whole thing is a witch hunt and a hoax ‘because the President told me’,” King said. “There’s no doubt, as you all have testified today, we cannot confront this threat, which is a serious one, with a whole of government response when the leader of the government continues to that deny it exists.”

The Atlantic:

John Sipher, a former chief of station for the CIA who served for 28 years in Russia, Europe, and Asia, told me that the intelligence community will continue to be focused on Russia’s threat “no matter what the White House says or doesn’t say.” Ultimately, though, it will be up to Trump to implement meaningful changes.

“The IC is not the most important in this case,” Sipher said, referring to the intelligence community. “They may uncover what the Russians are up to but they can’t really defend against it or take actions to deter it, unless the President supports a covert action effort to screw with the Russians, like with a cyber attack.”

“Tightening up our social media, protecting voter-registration systems and procedures—those things are beyond the ability or mandate of the IC,” Sipher said. “And I don’t think we have done nearly enough to deter or defend against Russian attacks.

US intel chiefs unanimous that Russia is targeting 2018 elections (CNN)

Russia Will Meddle in the Midterms (The Atlantic)

No Agency Leading U.S. Response to Russian Election Meddling, Says Intel Chief (The Daily Beast)

As the Senate Intelligence Committee hears from the nation’s top intelligence and national security officials on worldwide threats, a prepared written assessment warns of ongoing Russian efforts to undermine democracy.

NBC News:

“Foreign elections are critical inflection points that offer opportunities for Russia to advance its interests both overtly and covertly,” says the assessment. “The 2018 US mid-term elections are a potential target for Russian influence operations.”

(…)

“We assess that the Russian intelligence services will continue their efforts to disseminate false information via Russian state-controlled media and covert online personas about US activities to encourage anti-US political views,” the statement says.

“Moscow seeks to create wedges that reduce trust and confidence in democratic processes, degrade democratization efforts, weaken US partnerships with European allies, undermine Western sanctions, encourage anti-US political views, and counter efforts to bring Ukraine and other former Soviet states into European institutions.”

In his opening statement, Vice Chairman Mark Warner (D-VA) noted President Trump’s absence of leadership on the issue.

Sen. Mark Warner, D-Va., the top Democrat on the committee, said in prepared remarks that “the President inconceivably continues to deny the threat posed by Russia. He didn’t increase sanctions on Russia when he had a chance to do so. He hasn’t even Tweeted a single concern. This threat demands a whole-of-government response, and that needs to start with leadership at the top.”

U.S. intel agencies expect Russia to escalate election meddling efforts (NBC News)

Worldwide Threat Assessment (pdf)

Do You Know What CTIIC is? You Should

Posted on by

First…there is no policy as admitted in a Senate Intelligence Hearing of the heads of the intelligence agencies and confirmed by Senator Angus King (Maine).

Image result for CTIIC

CTIIC is the federal lead for intelligence support in response to significant cyber incidents, working—on behalf of the IC—to integrate analysis of threat trends and events, build situational awareness, and support interagency efforts to develop options for degrading or mitigating adversary threat capabilities.

The idea of creating a cyber threat framework came from observations among the US policy community that cyber was being described by different agencies in a variety of ways that made consistent understanding difficult. There are over a dozen analytic models being used across government, academia, and the private sector. Each model reflects the priorities and interests of its developer, but the wide disparities across models made it difficult to facilitate efficient situational analysis that was based on objective data.

 

The framework will be scalable and facilitate data sharing at “machine speed.” Implementation within the USG will include processes to reduce or eliminate double-counting of threat data.

resources

So….
In 2017 Equifax confirmed it has suffered a massive data breach, cyber criminals stole sensitive personal records of 145 million belonging to US citizens and hundreds of thousands Canada and in the UK.

Attackers exploited the CVE-2017-5638 Apache Struts vulnerability. The vulnerability affects the Jakarta Multipart parser upload function in Apache and could be exploited by an attacker to make a maliciously crafted request to an Apache web server.

The vulnerability was fixed back in March, but the company did not update its systems, the thesis was also reported by an Apache spokeswoman to the Reuters agency.

Compromised records include names, social security numbers, birth dates, home addresses, credit-score dispute forms, and for some users also the credit card numbers and driver license numbers.

Now experts argue the Equifax hack is worse than previously thought, according to documents provided by Equifax to the US Senate Banking Committee the attackers also stole taxpayer identification numbers, phone numbers, email addresses, and credit card expiry dates belonging to some Equifax customers.

This means that crooks have all necessary data to arrange any king of fraud by steal victims’ identities. More here.

Further, the Trump administration appears to omitted any reference to the Chinese cyber threat domestically….here is a clue on their activity and how they cannot be trusted…and we have not even mentioned Russia..

In 2012 Chinese companies Huawei and ZTE  were considered high threat risks to the United States and sadly, both were introduced again at this same Senate hearing on February 13, 2018.

China’s government has denied reports that it spied on the servers at the African Union’s Chinese-built headquarters for more than five years, gaining access to confidential information.

In an investigation published by French newspaper Le Monde, China, which also paid and built the computer network at the AU, allegedly inserted a backdoor (in French) that allowed it to transfer data. The hack wasn’t detected until Jan. 2017 when technicians noticed that between midnight and 2 am every night, there was a peak in data usage even though the building was empty. After investigating, it was found that the continental organization’s confidential data was being copied on to servers in Shanghai.

China’s ambassador to the AU dismissed the reports as “absurd” and “preposterous.” Kuang Weilin told reporters in Ethiopia that it was “very difficult to understand” Le Monde’s claims and that the story was certain to “create problems for China-Africa relations.”

The revelations come as African presidents convene in Addis Ababa to attend the continental summit on governance. In 2012, when the AU building was completed, it was signified as a symbolic gesture aimed at solidifying Sino-Africa relations. The landmark 20-story office tower overlooking a pearl-shaped conference center was “a gift” from the Chinese government to help African nations integrate better and improve their institutional capacity.

But the alleged data theft puts a spin on that rosy affair and might strain the relationship between the two sides. China is heavily involved in Africa, with its companies and entrepreneurs conducting trade and investing heavily in African countries. Chinese aid has also been blamed for propping up authoritarian regimes, constructing shoddy roads and infrastructure built by imported Chinese workers, and focusing mainly on countries home to oil, minerals, and other resources that China needs. But China is also cultivating the next generation of African leaders, with Beijing taking thousands of African leaders, bureaucrats, students, and business people to China for training and education. More here.

For sure there is no policy and lawmakers are dumbfounded on introducing any kind of offensive or consequential legislation. Hello Angus?