Posts Tagged ‘cybersecurity’

Pentagon Puts Cyberwarriors on the Offensive, Increasing the Risk of Conflict

June 18, 2018

The Pentagon has quietly empowered the United States Cyber Command to take a far more aggressive approach to defending the nation against cyberattacks, a shift in strategy that could increase the risk of conflict with the foreign states that sponsor malicious hacking groups.

Until now, the Cyber Command has assumed a largely defensive posture, trying to counter attackers as they enter American networks. In the relatively few instances when it has gone on the offensive, particularly in trying to disrupt the online activities of the Islamic State and its recruiters in the past several years, the results have been mixed at best.

The national security adviser, John R. Bolton, eliminated the position of White House cybersecurity coordinator after taking over in April. Credit Saul Loeb/Agence France-Presse — Getty Images

By David E. Sanger
The New York Times

But in the spring, as the Pentagon elevated the command’s status, it opened the door to nearly daily raids on foreign networks, seeking to disable cyberweapons before they can be unleashed, according to strategy documents and military and intelligence officials.

The change in approach was not formally debated inside the White House before it was issued, according to current and former administration officials. But it reflects the greater authority given to military commanders by President Trump, as well as a widespread view that the United States has mounted an inadequate defense against the rising number of attacks aimed at America.

Read the rest at the source:


It is unclear how carefully the administration has weighed the various risks involved if the plan is acted on in classified operations. Adversaries like Russia, China and North Korea, all nuclear-armed states, have been behind major cyberattacks, and the United States has struggled with the question of how to avoid an unforeseen escalation as it wields its growing cyberarsenal.

Another complicating factor is that taking action against an adversary often requires surreptitiously operating in the networks of an ally, like Germany — a problem that often gave the Obama administration pause.

The new strategy envisions constant, disruptive “short of war” activities in foreign computer networks.

It is born, officials said, of more than a decade of counterterrorism operations, where the United States learned the best way to take on al-Qaida or the Islamic State was by destroying the militants inside their bases or their living rooms.

The objective, according to the new “vision statement” quietly issued by the command, is to “contest dangerous adversary activity before it impairs our national power.”

Pushing U.S. defenses “as close as possible to the origin of adversary activity extends our reach to expose adversaries’ weaknesses, learn their intentions and capabilities, and counter attacks close to their origins,” the document says. “Continuous engagement imposes tactical friction and strategic costs on our adversaries, compelling them to shift resources to defense and reduce attacks.”

Another Pentagon document, dated May 2017, provides a legal basis for attacking nuclear missiles on the launchpad using “nonkinetic options” — meaning a cyberattack or some other means that does not involve bombing a missile on the pad or otherwise blowing it up.

As the Defense Department elevated the Cyber Command to a status equal to the European Command and the Joint Special Operations Command, among others, it declared that most of its 133 “cyber mission teams” were combat-ready after years of development.

But most of those teams protect Defense Department networks. Offensive cyberaction by the United States has been relatively rare, a reflection of the time it takes to mount operations and the fact that only the president can approve any use of a cyberweapon that is likely to have significant effects.

Those operations have included disabling another nation’s nuclear facilities or its missiles, as the United States has attempted in Iran and North Korea, or disrupting the communications of groups like the Islamic State.

The president’s sole authority to authorize the use of those weapons is similar to his authority to launch nuclear weapons, a recognition that cyberweapons, even if less powerful than nuclear arms, can have broad, unintended effects.

Under the Trump administration, the traditional structure of White House oversight of U.S. offensive and defensive cyberactivities is being dismantled.

U.S. intelligence agencies have identified cyberthreats as the No. 1 risk facing the United States — it has ranked ahead of terrorism for years now in the annual assessment provided to Congress, even before the Russian intrusion into the election.


Thousands hold peaceful protests in Vietnam against Chinese economic zones

June 17, 2018

Thousands of people in central Vietnam demonstrated peacefully on Sunday against government plans to lease new economic zones to foreign investors, witnesses told Reuters, a few days after protesters in a nearby province clashed with police.

Protesters fear the leases may be snapped up by investors from powerful neighbor China, with which Vietnam has a rocky history, and were also upset about a recently-passed cybersecurity law that they worry would limit free speech.

Public protests in Vietnam are usually quickly quelled by the police. The ruling Communist Party, despite sweeping economic reform and increasing openness to social change, retains tight media censorship and tolerates little criticism.

Vietnam has seen a surge in protests over plans to allow foreign companies 99-year land leases at strategic sites.
Vietnam has seen a surge in protests over plans to allow foreign companies 99-year land leases at strategic sites. PHOTO:STR/EPA

Security on Sunday was tight in many cities and provinces in Vietnam, with large presence of police in public areas.

But in central Ha Tinh province, thousands of people attending a Sunday mass protested peacefully against the laws, three witnesses told Reuters, confirming livestream footages on Facebook.

Protesters held signs that said “No leasing land to Chinese communists for even one day” or “Cybersecurity law kills freedom”. The protest in Ha Tinh province lasted for two hours on Sunday morning without clash with the police, witnesses said.

Earlier this week the Vietnamese government vowed to punish “extremists” it said had instigated rare clashes with police where protesters hurling bricks and Molotov cocktails at police and damaging some government buildings in Binh Thuan province.

Vietnam’s National Assembly chairwoman on Friday said the lawmakers condemned “the acts of abusing democracy, distorting the truth, provoking, causing social disorder and greatly affecting the people’s life,” she said in a televised session.

General Secretary Nguyen Phu Trong in a talk with Hanoi citizens on Sunday called for the people to be calm and trust the Communist party and the government, state-run radio news website Voice of Vietnam reported.

“(We) do this for the nation, for the people and no other purpose and no one is that foolish to hand over land to foreigners for them to come and mess things up,” Trong was quoted as saying.

Report: China hacked sensitive US Navy data

June 9, 2018

China’s government hacked 614 gigabytes of data from the US Navy, according to a Washington Post report. The relevations come as a former CIA officer was convicted for sharing information with China in exchange for cash.

US-Flugzeugträger USS Carl Vinson auf Südchinesischem Meer (Getty Images/AFP/L. Pham)

Chinese government hackers stole a large amount of sensitive data from a US Navy contractor, including plans to develop a new type of submarine-launched anti-ship missile, the Washington Postreported on Friday.

The hackers targeted a contractor who works for the Naval Undersea Warfare Center, a military entity based in Newport, Rhode Island, the unnamed officials said without identifying the contractor, according to the Post.

Read more: Donald Trump’s EU trade dilemma: United against China or alone against the world?

The hacked data comprised 614 gigabytes containing information about a project known as Sea Dragon, as well as signals and sensor data, submarine radio room information relating to cryptographic systems and the Navy submarine development unit’s electronic warfare library, the newspaper reported.

The hacking occurred in January and February, the officials told the Post, speaking on condition of anonymity about an ongoing investigation that is being led by the Navy with assistance from the Federal Bureau of Investigation.

“Per federal regulations, there are measures in place that require companies to notify the government when a ‘cyber incident’ has occurred that has actual or potential adverse beffects on their networks that contain controlled unclassified information. It would be inappropriate to discuss further details at this time,” the US Navy said in response to questions from Reuters.

The Post said it had agreed to withhold some details about the missile project after the Navy said their release could potentially harm national security.

Read more: Opinion: Is Germany courting China and abandoning the US?

The revelation of the hack comes as tensions between Beijing and Washington continue to rise over a range of issues including trade and military matters.

Last month the Pentagon withdrew China’s invitation to join maritime exercises in the Pacific because of Beijing’s “continued militarization” of the South China Sea.

Former CIA officer convicted

Also on Friday, a former CIA officer was convicted on espionage charges for providing China with top secret information in exchange for $25,000 (€21,200), the US Justice Department said.

Kevin Mallory was charged under the Espionage Act last in 2017 after he was discovered with more than $16,000 in undeclared cash on a return flight from Shanghai.

A federal jury in Virginia found Mallory, 61, guilty of delivering defense information to aid a foreign government and other charges. He will face a maximum penalty of life in prison when he is sentenced on September 21, the department said in a statement.

Read more: From the world’s workshop to the world’s tech hub: China’s economic leap forward

Officials found four documents, including three containing classified information, on a Samsung Galaxy smartphone that Mallory was given for secret communications by Michael Yang, a man Mallory met when he went to Shanghai in March and April 2017, according to court documents.

Mallory told the FBI in a voluntary interview that Yang worked for the People’s Republic of China Intelligence Service, the statement said.

One of the documents on the phone “contained unique identifiers for human sources who had helped the US government,” it said.

Federal prosecutors said mallory’s actions were far from isolated as China tries to gather classified US information.

“The People’s Republic of China has made a sophisticated and concerted effort to steal our nation’s secrets,” Assistant Attorney General Demers said. “Today’s conviction demonstrates that we remain vigilant against this threat and hold accountable all those who put the United States at risk through espionage,” he added.

law/bw (AFP, AP, Reuters)


China hacked a Navy contractor and secured a trove of highly sensitive data on submarine warfare

June 9, 2018
June 8 at 3:04 PM
The Washington Post

Chinese government hackers have compromised the computers of a Navy contractor, stealing massive amounts of highly sensitive data related to undersea warfare — including secret plans to develop a supersonic anti-ship missile for use on U.S. submarines by 2020, according to American officials.

The breaches occurred in January and February, the officials said, speaking on the condition of anonymity to discuss an ongoing investigation. The hackers targeted a contractor who works for the Naval Undersea Warfare Center, a military organization headquartered in Newport, R.I., that conducts research and development for submarines and underwater weaponry.

The officials did not identify the contractor.

China’s first home-built  aircraft carrier leaves Dalian in northeast China for sea trials last month. (Li Gang/Xinhua/AP)

Taken were 614 gigabytes of material relating to a closely held project known as Sea Dragon, as well as signals and sensor data, submarine radio room information relating to cryptographic systems, and the Navy submarine development unit’s electronic warfare library.

The Washington Post agreed to withhold certain details about the compromised missile project at the request of the Navy, which argued that their release could harm national security.

China is rapidly modernizing its forces in an attempt to match the U.S. might in Asia. 

The data stolen was of a highly sensitive nature despite being housed on the contractor’s unclassified network. The officials said the material, when aggregated, could be considered classified, a fact that raises concerns about the Navy’s ability to oversee contractors tasked with developing ­cutting-edge weapons.

The breach is part of China’s long-running effort to blunt the U.S. advantage in military technology and become the preeminent power in East Asia. The news comes as the Trump administration is seeking to secure Beijing’s support in persuading North Korea to give up nuclear weapons, even as tensions persist between the United States and China over trade and defense matters.

The Navy is leading the investigation into the breach with the assistance of the FBI, officials said. The FBI declined to comment.

On Friday, the Pentagon inspector general’s office said that Defense Secretary Jim Mattis had asked it to review contractor cybersecurity issues arising from The Post’s story.

Cmdr. Bill Speaks, a Navy spokesman, said, “There are measures in place that require companies to notify the government when a ‘cyber incident’ has occurred that has actual or potential adverse effects on their networks that contain controlled unclassified information.”

Speaks said that “it would be inappropriate to discuss further details at this time.”

Altogether, details on hundreds of mechanical and software systems were compromised — a significant breach in a critical area of warfare that China has identified as a priority, both for building its own capabilities and challenging those of the United States.

“It’s very disturbing,” said former senator James M. Talent (R-Mo.), who is a member of the U.S.-China Economic and Security Review Commission. “But it’s of a piece with what the Chinese have been doing. They are completely focused on getting advanced weapons technology through all kinds of means. That includes stealing secrets from our defense contractors.” Talent had no independent knowledge of the breach.

Undersea priority

The Sea Dragon project is an initiative of a special Pentagon office stood up in 2012 to adapt existing U.S. military technologies to new applications. The Defense Department, citing classification levels, has released little information about Sea Dragon other than to say that it will introduce a “disruptive offensive capability” by “integrating an existing weapon system with an existing Navy platform.” The Pentagon has requested or used more than $300 million for the project since late 2015 and has said it plans to start underwater testing by September.

Military experts fear that China has developed capabilities that could complicate the Navy’s ability to defend U.S. allies in Asia in the event of a conflict with China.

The Chinese are investing in a range of platforms, including ­quieter submarines armed with increasingly sophisticated weapons and new sensors, Adm. Philip S. Davidson said during his April nomination hearing to lead U.S. Indo-Pacific Command. And what they cannot develop on their own, they steal — often through cyberspace, he said.

“One of the main concerns that we have,” he told the Senate Armed Services Committee, “is ­cyber and penetration of the dot-com networks, exploiting technology from our defense contractors, in some instances.”

In February, Director of National Intelligence Daniel Coats testified that most of the detected Chinese cyber operations against U.S. industry focus on defense contractors or tech firms supporting government networks.

In recent years, the United States has been scrambling to develop new weapons or systems that can counter a Chinese naval buildup that has targeted perceived weaknesses in the U.S. fleet. Key to the American advantage in any faceoff with China on the high seas in Asia will be its submarine fleet.

“U.S. naval forces are going to have a really hard time operating in that area, except for submarines, because the Chinese don’t have a lot of anti-submarine warfare capability,” said Bryan Clark, a naval analyst at the Center for Strategic and Budgetary Assessments. “The idea is that we are going to rely heavily on submarines in the early effort of any conflict with the Chinese.”

China has made closing the gap in undersea warfare one of its three top military priorities, and although the United States still leads the field, China is making a concerted effort to diminish U.S. superiority.

“So anything that degrades our comparative advantage in undersea warfare is of extreme significance if we ever had to execute our war plans for dealing with China,” said James Stavridis, dean of the Fletcher School of Law and Diplomacy at Tufts University and a retired admiral who served as supreme allied commander at NATO.

The U.S. military let its anti-ship weaponry languish after the Cold War ended because with the Soviet Union’s collapse, the Navy no longer faced a peer competitor on the seas. But the rapid modernization and buildup of the Chinese navy in recent years, as well as Russia’s resurgent forces at sea, have prompted the Pentagon to renew heavy investment in technologies to sink enemy warships.

The introduction of a supersonic anti-ship missile on U.S. Navy submarines would make it more difficult for Chinese warships to maneuver. It also would augment a suite of other anti-ship weapons that the U.S. military has been developing in recent years.

Ongoing breaches

For years, Chinese government hackers have siphoned information on the U.S. military, underscoring the challenge the Pentagon faces in safeguarding details of its technological advances. Over the years, the Chinese have snatched designs for the F-35 Joint Strike Fighter; the advanced Patriot PAC-3 missile system; the Army system for shooting down ballistic missiles known as Terminal High Altitude Area Defense; and the Navy’s new Littoral Combat Ship, a small surface vessel designed for near-shore operations, according to previous reports prepared for the Pentagon.

In some cases, suspected Chinese breaches appear to have resulted in copycat technologies, such as the drones China has produced that mimic U.S. unmanned aircraft.

Speaks, the Navy spokesman, said: “We treat the broader issue of cyber-intrusion against our contractors very seriously. If such an intrusion were to occur, the appropriate parties would be looking at the specific incident, taking measures to protect current information, and mitigating the impacts that might result from any information that might have been compromised.”

The Pentagon’s Damage Assessment Management Office has conducted an assessment of the damage, according to the U.S. officials. The Office of the Secretary of Defense declined to comment.

Theft of an electronic warfare library, Stavridis said, could give the Chinese “a reasonable idea of what level of knowledge we have about their specific [radar] platforms, electronically and potentially acoustically, and that deeply reduces our level of comfort if we were in a close undersea combat situation with China.”

Signals and sensor data is also valuable in that it presents China with the opportunity to “know when we would know at what distance we would be able to detect their submarines,” he said — again a key factor in undersea battles.

Investigators say the hack was carried out by the Chinese Ministry of State Security, a civilian spy agency responsible for counterintelligence, foreign intelligence and domestic political security. The hackers operated out of an MSS division in the province of Guangdong, which houses a major foreign hacking department.

Although the Chinese People’s Liberation Army is far better-known than the MSS when it comes to hacking, the latter’s personnel are more skilled and much better at hiding their tracks, said Peter Mattis, a former analyst in the CIA counterintelligence center. The MSS, he said, hacks for all forms of intelligence: foreign, military and commercial.

In September 2015, in a bid to avert economic sanctions, Chinese President Xi Jinping pledged to President Barack Obama that China would refrain from conducting commercial cyberespionage against the United States. Following the pact, China appeared to have curtailed much, although not all, of its hacking activity against U.S. firms, including by the People’s Liberation Army.

Both China and the United States consider spying on military technology to fall outside the pact. “The distinction we’ve always made is there’s a difference between conducting espionage in order to protect national security and conduct military operations, and the theft of intellectual property for the benefit of companies inside your country,” said Michael Daniel, the White House cybersecurity coordinator under Obama.

National Security: Debbie Wasserman Schultz Calls House Chief Administrative Officer “F—-ng Islamophobe” In Defense of IT Aide Accused in Cybersecurity Case

June 5, 2018

Ex-Democratic National Committee head Debbie Wasserman Schultz said she intervened in a Pakistani land deal involving her thenIT aide Imran Awan, according to two House employees. The dispute came after Awan’s father was charged with fraud in relation to the deal, and the mysterious exertion of political influence resulted in Pakistani authorities instead targeting the elderly alleged victims, according to a local report.

And when a House Office of Inspector General cybersecurity investigation found that Awan made “unauthorized access” to House servers, including the House Democratic Caucus’ shortly before the election, Wasserman Schultz became “frantic, not normal,” “making the rounds” to House officials in an attempt to kill the investigation, one House employee told The Daily Caller News Foundation.

Image result for Debbie Wasserman Schultz, photos

Awan told people Wasserman Schultz chose the name for his daughter, Leza — a Jewish name — and that the Florida congresswoman’s daughter regularly rode a horse that Awan kept at a boarding facility, sources with knowledge of the relationship told TheDCNF.

Wasserman Schultz cornered House Chief Administrative Officer Phil Kiko and called him a “fucking Islamophobe,” saying “you will not so much as take away their parking spots,” the two House employees said Kiko told them.

The congresswoman also told Kiko she had invited Awan’s whole family to her daughter’s bat mitzvah and said she had “helped him with a land deal,” the sources said. A spokesman for Kiko declined to comment on this story.

A 2009 article in the Pakistani publication Dawn, headlined “Influential expat shields father from long arm of law,” said Awan’s father was facing criminal fraud charges involving a land deal, but Awan used political connections to pressure the police into targeting the alleged victims instead.

Awan’s father purchased “huge chunks of land from different farmers in 2008,” but all the checks bounced, the report said. “The police high-ups are ‘ominously’ indifferent to proceed against Awan,” and it’s “noteworthy” how they were “complying with the desires of” Awan, who the paper described as a “White House employee.”

“About a dozen farmers of Chak 7-JB, Panjor, including five siblings — all aged between 57 and 70 — have given up hope of justice after they sold their agricultural lands to Ashraf Awan of Bole De Jhugi, who is father of White House employee Shahid Imran,” Dawn reported. Imran Awan also goes by Shahid Imran Awan, Virginia court records show.

The police harassed the 19 would-be victims, including the five elderly brothers and even their lawyer, and charged them with “frivolous” cases, apparently to get them to stop trying to get the money they say they were owed, the paper said.

“Mohammad Abid, a victim of [Ashraf] Awan’s alleged high-profile swindling, said that [Ashraf] Awan’s son had easy access to the corridors of power and that’s why he was able to [pressure] the police to dance to his tunes,” Dawn reported.

The article details a series of people who say they were then subject to retaliation, including widow Bushra Bibi who said “now Imran was threatening her with dire consequences.”

A third source, who’s familiar with Imran Awan, told TheDCNF that Awan recounted the intervention in the foreign criminal matter and that Awan said it was Wasserman Schultz who intervened. A fourth source — a fellow House IT aide — previously told TheDCNF that Awan said now-Chicago Mayor Rahm Emanuel was involved.

Dr. Zafar Iqbal, one of the alleged victims, told TheDCNF that “Imran came to Pakistan to get [his father] out of jail, since he had some [connections] in the Congress.”

Ashraf Awan’s business partner in the land deal, Rashid Minhas, told TheDCNF that the elder Awan gave a USB to a Pakistani senator who is a former head of a Pakistani intelligence agency, and that Imran claimed his IT position in Congress gave him the power to “change the U.S. president.” Minhas is in prison for an unrelated fraud charge.

On July 25, 2016, the House Inspector General notified the Committee on House Administration that investigators had detected major cybersecurity violations by the Awan family. Awan, his wife, two brothers, his brother’s wife, and even his elderly father were all being paid by various Democrats to manage their servers, with many of the members from Wasserman Schultz’s Florida.

The finding came at a critical time for Democrats: It was three days after WikiLeaks published the first emails from a hacked on the DNC, setting the stage for Wasserman Schultz to lose her position as party chair and for Democrats to begin electioneering on a theme of Russian hacking.

In February 2017, Kiko and the House’s top law enforcement official, Paul Irving, outlined serious violations in a letter to the committee, and the family was banned from the House computer network. The letter also noted that the House Democratic Caucus server disappeared soon after the IG report named it as key evidence.

But Wasserman Schultz refused to fire Awan, with her spokesman saying he would work on “websites” and “printers,” which a cybersecurity expert previously told TheDCNF would presumably involve network access.

The congresswoman also added Awan’s wife, Hina Alvi, to her payroll in late 2016, after the investigation was in full swing, but before the family was banned from the network. Wasserman Schultz kept paying her until March 17 — 12 days after Alvi went to Pakistan with $12,000 in a suitcase.

Her actions so rattled the Administration Committee’s Democratic staff director, Jamie Fleet, that he planted a negative story in Politico that revealed Wasserman Schultz, his fellow Democrat, was continuing to pay the suspect, two House sources said. The story also said Wasserman Schultz had a “friendly personal relationship” with Awan and Alvi.

Fleet did not respond to a request for comment.

Kiko said in an April 2018 hearing spurred by the scandal that he was powerless to stop members who refused to fire a bad actor. (RELATED: Hearing Reveals Congress Provided ‘No Supervision’ Of IT Aides, Missed Red Flags, But Members Block Proposed Reforms)

“Termination, now it’s the member’s responsibility … We can revoke everything but they could still be employed,” he said. He added that his office should have the authority to override members who would want to keep a rule-breaker on the government network.

Wasserman Schultz became fixated on finding out everything investigators knew about Awan, the House sources said. House investigators briefed her extensively with significant evidence about Awan and his family, including improper computer evidence.

Yet Wasserman Schultz said in a statement,  “my office was provided no evidence to indicate that laws had been broken, which over time, raised troubling concerns about due process, fair treatment and potential ethnic and religious profiling.”

Wasserman Schultz was defending someone investigators allegedly told her was suspected of cybersecurity violations, despite having resigned from her position as DNC head following a devastating hack during the 2016 election.

Despite Wasserman Schultz’s relationship with Awan, in April 2017 — two months after he was banned from the computer network — the IT aide appeared to put the congresswoman at risk. Capitol Police found a laptop with the username RepDWS in a phone booth at midnight along with a copy of Awan’s ID, a letter to prosecutors and a note that said “attorney client privilege,” according to a police report. Awan’s ID caused police to tie it to a criminal suspect and seize it, but the note kept them from looking at it.

That led to a tense exchange recorded on video in May 2017, in which Wasserman Schultz threatened the chief of the Capitol Police with “consequences” for not returning the laptop. When he refused, she mulled attempting to restructuring the Capitol Police’s entire board so that her committee would have more leverage over it.

House sources told TheDCNF these exchanges were only a public glimpse into numerous such interactions, which were frequently profane, with every official she could buttonhole. One source said she also went to the Department of Justice and “made a stink.”

Wasserman Schultz hired the House’s former top lawyer, Bill Pittard — who had recently quit the House — to try to block prosecutors from seeing evidence, TheDCNF previously reported. Awan obtained legal representation from two lawyers who began their careers in Miami — one with experience in espionage cases and the other a former aide to Hillary Clinton. Wasserman Schultz’ district includes much of Miami.

One of Awan’s lawyers told a judge he felt “very strongly” that prosecutors should not be able to look at the RepDWS laptop, mounting an attorney-client privilege argument. Prosecutors did not challenge the argument before the judge.

In August 2017, Imran and Hina were charged with four felony counts for gathering up money under allegedly false circumstances before wiring $300,000 to Pakistan in January. Prosecutors said the timing suggests that the Awans had learned of their investigation, which a spokeswoman for Speaker of the House Paul Ryan, AshLee Strong, told TheDCNF was supposed to be secret. Capitol Police “requested that the shared employees be allowed to continue to use their IT credentials until February [2017] because they didn’t want to tip off the employees,” she said.

Wasserman Schultz’s brother is a prosecutor in the same office handling the case and has tweeted about it.

Gowen said the wire transfer instead had to do with the land deal, which he told the Washington Examiner was “quickly souring.”

Wasserman Schultz did not respond to a request for comment.

Trump’s lack of cyber leader may make U.S. vulnerable

June 5, 2018

Experts and lawmakers worry the nation is rudderless on the vital issue of cybersecurity.

The absence of senior cybersecurity leaders in President Donald Trump’s administration may be leaving the United States more vulnerable to digital warfare and less prepared for attacks on election systems, according to lawmakers and experts worried about White House brain drain under national security adviser John Bolton.

Both Republicans and Democrats are expressing concern that the White House is rudderless on cybersecurity at a time when hostile nations’ hackers are moving aggressively, inspiring fears about disruptive attacks on local governments, power plants, hospitals and other critical systems.

Image result for cyber, art, photos

POLITICO spoke with nearly two dozen cyber experts, lawmakers and former officials from the White House, the intelligence community and the departments of Justice, Homeland Security, Defense and State about Bolton’s decisions to oust the White House’s homeland security adviser and eliminate its cyber coordinator position. The overwhelming consensus is that Bolton’s moves are a major step backward for the increasingly critical and still-evolving world of cyber policy.

The widely respected cyber policy expert Tom Bossert, Trump’s former homeland security adviser, resigned in April just after Bolton joined Trump’s White House staff. Late last week, Trump named Doug Fears, a former Coast Guard Atlantic region chief of staff, as his new homeland security adviser, but while several sources praised Fears’ handling of disaster response issues, they noted that he is not a cybersecurity expert.

On May 15, Bolton eliminated the post of White House cybersecurity coordinator following the departure of Rob Joyce, who had held the job since shortly after Trump’s inauguration. Bolton’s staff has said cutting the cyber position would “streamline” decision-making in the National Security Council by reducing a layer of management. But other people familiar with the post say it’s setting up the U.S. for problems.

The leadership void erodes “confidence [that] we’re going to be ready, when we get hit by a cyber incident, to react with anything approaching swiftness and decisiveness,” said Chris Painter, who was the State Department’s top cyber diplomat from 2011 to 2017 — a post that former Secretary Rex Tillerson also eliminated early in Trump’s presidency. Painter said he worries about this indecisiveness “being detected by our adversaries.”

Michael Daniel, former President Barack Obama’s cyber coordinator, said the gap in the White House “represents a significant weakness.” And Greg Garcia, DHS’s first assistant secretary for cybersecurity during the George W. Bush administration, said everything that had been moving forward in the federal government regarding cybersecurity is “going to suffer a bit without some central coordination authority.”

As for Fears, said Daniel, “I don’t think that his appointment fundamentally addresses the void in White House leadership on cybersecurity matters . … That’s not his area of expertise, so this Administration still has a problem in that regard.”

Last week, nearly two dozen Senate Democrats sent a letter to Bolton calling the elimination of the cyber coordinator “a step in the wrong direction.” On May 16, the day after the National Security Council announced Bolton’s decision, eight House Democrats implored Trump to name a coordinator who could serve as “a visible figurehead that other government agencies, the private sector, and our allies can turn to for guidance.”

And on May 24, Maine Sen. Susan Collins became the first Republican lawmaker to voice concerns, urging the White House to publish a cyber strategy and saying a coordinator would be vital to its implementation.

Sen. Mike Rounds (R-S.D.), who chairs the Armed Services cyber subcommittee, recently requested a meeting with Bolton to discuss the situation.

“A lot of us are concerned that cyber leadership is missing,” said Rep. Bennie Thompson (D-Miss.), the top Democrat on the Homeland Security Committee. “It’s difficult to execute a mission with no one at the top.”

The White House and its allies defended the moves, saying they didn’t imply any lack of focus on cybersecurity. The Trump administration has taken public steps on cyber issues since Bossert and Joyce’s departures, issuing two alerts from the FBI and DHS about Russian and North Korean hacking.

“Cybersecurity is one of Ambassador Bolton’s highest priorities,” an NSC spokesman told POLITICO, adding that the administration “is focused on addressing the nation’s many cybersecurity challenges, not in laboring beneath layers of unnecessary and time consuming bureaucracy.”

Panic over the restructuring in the NSC is premature, said Rep. John Ratcliffe (R-Texas), chairman of the House Homeland Security cyber subcommittee. “How do we know that the organization chart isn’t going to be restructured and they’re going to create a new, different position that they feel is better suited to address cybersecurity as a priority?”

Fears, the new homeland security adviser, “clearly has a steep learning curve on cybersecurity issues,” said Ari Schwartz, a former top White House cyber official. But Schwartz and others said Fears was competent and well-respected, which would serve him well in coordinating agency discussions.

Still, said Jay Healey, a cyber conflict scholar at Columbia University, “unless Doug Fears insists on reestablishing a senior role for cybersecurity, he will be using [his] disaster recovery experience to deal with one cyber crisis after another.”

Jeanette Manfra, the DHS assistant secretary for cybersecurity and communications, downplayed the negative consequences of eliminating the coordinator role. Speaking at a recent conference, she said agencies were ready for “a different type of governance” in which they made more policy decisions themselves.

Still, worries about the gaps in the White House’s cyber leadership have seeped into the private sector.

One former congressional staffer recalled meeting with a senior financial services executive when Bossert’s resignation became public. “He was despondent,” said the former staffer, who requested anonymity to discuss a private meeting. The executive, who “kept shaking his head,” told the staffer that the financial sector had “essentially written [the White House] out” of its incident response plan “because there was ‘nobody to work with.’”

Security researchers, on whom the government often depends for insights into evolving threats, were also frustrated. “The elimination of the [coordinator] position after [Joyce’s] departure confirms my worst fears — the administration is absolutely unwilling to listen to cybersecurity experts,” said former NSA hacker Jake Williams, the founder of the security firm Rendition InfoSec.

Since the Obama administration created the White House cyber coordinator role in 2009, the position has been key in resolving conflicts among agencies, preparing Cabinet leaders to make major policy decisions and responding to crises, according to cyber experts and former government officials who spoke to POLITICO.

Those experts conceded that agencies’ day-to-day operations will proceed normally — including the bulk of DHS’s work on election security and protection of critical infrastructure such as banks and the electric grid, and the Pentagon’s various operations in cyberspace.

But they said it will likely become increasingly difficult to bring agencies together to formulate big-picture strategies, such as how best to use America’s potent cyber capabilities — the intelligence community and the military often spar over this issue — how to more effectively deter adversaries like Russia from launching cyberattacks, and how to improve existing efforts like DHS’s security partnerships with states. Other debates requiring input from multiple agencies, such as how hard the government should press tech companies to use warrant-compatible encryption, will also stall, they said.

“If you don’t have those individuals really pounding the table … to drive that policy process,” said Lisa Monaco, Obama’s second homeland security adviser, “you’re not going to get those options surfaced, teed up, and decisions made.”

Michael Bahar, a former Democratic staff director on the House Intelligence Committee and top lawyer at the NSC, stressed that the coordinator’s role is far from trivial, especially in forming and executing an “an all-of-government strategy” across various agencies. “Because the bad guys or adversaries are certainly not waiting around for us to restructure,” he said.

The White House maintains that government-wide discussions on cyber have not suffered.

“With the existing structure, the administration continues to hold malicious cyber actors accountable, modernize federal networks, plan for tomorrow’s cyber-workforce and promote cybersecurity to both the public and industry,” said the NSC spokesman.

But recent events have bolstered experts’ concerns that an NSC devoid of top cyber officials might have trouble resolving agency disagreements about the language of key reports or major executive orders. Already, White House turmoil delayed by three weeks the publication of key strategy documents that Trump asked agencies to put together in a May 2017 executive order. Several of those reports finally appeared last week, but without any accompanying message from the White House explaining how it would use the documents to develop new policies.

“It is hard to imagine the indefinite postponement of a marquee event such as that would have happened if Bossert/Joyce were still at the [White House],” said a tech industry lobbyist familiar with internal administration dynamics, who requested anonymity to speak candidly.

Daniel, the former Obama cyber coordinator, also feared that the gaps will cause “operational impacts” if one agency wants to launch a campaign — like a botnet takedown, a series of arrests or a military strike — that will affect the priorities and interests of other agencies.

“Those may not be getting resolved very quickly,” he said, “and so operations may have to be put on hold.”

But on the other hand, some experts worry that agencies will begin acting more boldly on their own if they see delays and gridlock in the NSC process. That “increases the risk that consequential [agency] decisions fly under the NSC’s radar, thus increasing the risk that the White House becomes blindsided by decisions made without its full awareness and input,” said DJ Rosenthal, a former Justice Department and intelligence community official who served as director for counterterrorism at the NSC.

The lack of a cybersecurity coordinator may become especially acute in a crisis. For instance, Monaco pointed to Daniel’s role in leading the response to the massive hack of the Office of Personnel Management that came to light in 2015, which exposed highly sensitive security clearance documents on more than 20 million current and former federal employees and applicants. That break-in was widely believed to be the work of Chinese hackers.

“Those discussions had to come together, at the first instance, [through] the cyber coordinator, and then ultimately to [Cabinet secretaries],” Monaco said. “But you needed one person driving that.”

Monaco also praised Daniel for his handling of Heartbleed, a major security bug that required rapid evaluations of federal computer systems. In the current White House, she said, “who is the sole person responsible for [ensuring] that agencies across the federal government are making sure that they are not vulnerable to those types of … legacy vulnerability?”

Experts also worry that the lack of a coordinator will complicate the administration’s efforts to protect elections.

DHS has been “leaning forward” in its day-to-day consultations with states to prepare for this year’s midterm elections, said Frank Cilluffo, director of the George Washington University Center for Cyber and Homeland Security, but he said the government lacks a more strategic approach. “Disinformation, active measures — that’s more than just a DHS mission,” he said. “That’s an FBI mission. That can be an intelligence mission overseas.”

White House officials must knit all those efforts together, he said.

Jeh Johnson, Obama’s second homeland security secretary, said the government needs “senior people leading the cybersecurity charge. … At the White House level, there appears to be no one running traffic control.”

The lack of a cyber coordinator will also hamper the administration’s efforts to promote international norms and build alliances on digital security issues, said Painter, who played a key role in getting the G-20 to formally disavow cyber-enabled intellectual property theft. That “never would have gotten done” without the involvement of senior White House officials, he said.

The same was true of a 2015 deal in which China and the U.S. both agreed not to hack each other’s computer systems for economic gain. “That was about two years of consistent pressure not just by me but by the highest levels of our government,” he said.

And White House officials have been key to resolving debates between the military and the intelligence community on how and when to use their increasingly powerful cyber tools, the experts said. The Pentagon often wants to loudly and publicly disrupt enemy networks, while the spies would prefer to keep their capabilities secret and use them for intelligence collection.

Developing national strategies to deter nation-states or criminal hackers from carrying out cyberattacks in the first place also requires White House coordination. In addition, the coordinator and homeland security adviser have been key to promoting the White House’s broad cybersecurity agenda to the public, through interviews and at industry conferences.

Several experts made the analogy to the corporate world: If boards of directors are focused cybersecurity, C-suite executives have to focus on it, which means mid-level managers have to focus on it, too.

“That’s how you create a culture of cybersecurity,” said Bahar, the former NSC and House Intelligence staffer. “If you don’t have it at the board level, or the equivalent in government, then you risk not having cyber receive sufficient attention that it needs.”

Martin Matishak contributed to this report.

Vietnam set to tighten clamps on Facebook and Google, threatening dissidents

May 19, 2018

Image result for google reflected in eyeball, photo

A struggle over internet laws in Vietnam is pitting a government keen on maintaining tight control against U.S. technology companies trying to fight off onerous new rules – with the country’s online dissidents among the biggest losers.

The latest conflict centers on new cybersecurity legislation set for a vote by Vietnamese lawmakers later this month. It aims to impose new legal requirements on internet companies, and hardens policing of online dissent.


By Mai Nguyen and Jonathan Weber


Facebook, Google and other global companies are pushing back hard against provisions that would require them to store data on Vietnamese users locally and open offices in the country. But they have not taken the same tough stance on parts of the proposed law that would bolster the government’s crackdown on online political activism.

Vietnam offers a case study in the conflicting pressures the likes of Facebook and Google confront when operating in countries with repressive governments. It also shows how authoritarian regimes try to walk a line in controlling online information and suppressing political activism without crippling the digital economy.

Such tensions are playing out across Southeast Asia, where the enormous popularity of Facebook and Google has created lucrative business opportunities and outlets for political dissent. With that, though, has come both government censorship and a way to get propaganda to large audiences efficiently.

The region is particularly important for Facebook and Google because most Internet users in China are blocked from accessing them.

An industry group called the Asia Internet Coalition (AIC) is leading efforts to soften the proposed cyber law in Vietnam. Jeff Paine, managing director of the AIC, said he and others were able to raise concerns about the law directly with Vietnamese Prime Minister Nguyen Xuan Phuc and other top government officials when they visited Singapore last month.

The discussions took place as part of a seminar about internet issues that included academics, industry officials and the high-level Vietnamese delegation, according to Paine. He said there was “a healthy dialogue” that focused mostly on how Vietnam can leverage the next stages of the digital revolution.

But he said there was no discussion of content restrictions.

The Vietnamese government did not respond to a request from Reuters for comment for this article.

Political activists in Vietnam rely on social media to rally support, and the new cyber law comes on the heels of an April letter from more than 50 rights groups and activists to Facebook Chief Executive Mark Zuckerberg accusing the company of working too closely with the Vietnamese government to stifle dissent.

Facebook and Google say they have to abide by local laws in the countries where they operate.

Facebook’s latest “transparency report,” released Tuesday, shows that in the second half of last year, the company began blocking content in Vietnam for violations of local law for the first time. The company reported 22 such instances – though it said they were prompted by “private reports of defamation” rather than direct government requests.

Google last year also blocked YouTube videos at the request of the government for the first time. Updated figures released Friday show the company was asked to remove more than 6500 videos in 2017, mostly for criticizing the government, and that it complied with a majority of the requests.

The transparency reports do show that the companies don’t automatically do the bidding of the government. Facebook said it had received 12 government requests for Facebook user account data in 2017 and complied with only 4 of them, all of which were “emergency” requests. The company defines an emergency as involving “imminent risk of serious physical injury or death.”

In cases where content is alleged to violate local law, both companies say takedown requests are subject to legal review, and when they comply the material is only blocked locally.

Direct government censorship requests don’t tell the whole story though.

Facebook also removes content and blocks accounts for violating its own global “community standards,” which bar material and behaviors ranging from posting pornography to hate speech and inciting violence.

“The first thing we do when a government tells us about content that violates laws is we look at whether it violates our standards,” said Monika Bickert, Facebook’s vice president of global policy management. The company this week began providing data on community standards violations but does not break it down by country.

“My account was blocked for 8 months,” said Le Van Dung, an independent journalist in Vietnam who signed the letter to Zuckerberg. “I sent letters to Facebook management for months but there’s only an automatic reply saying they have completed your request.”

His account was restored last month, the day after the appeal to Zuckerberg was sent, he said.

Facebook said Dung’s account was correctly removed for violating community standards provisions barring “spam” activities and was restored by mistake. Dung denies engaging in spam. He did, though, have more than one account. Multiple accounts are not allowed on Facebook and fall within the company’s definition of spam behavior.

Rights activist Le Van Dung live streams on Facebook in a coffee shop in Hanoi


Vietnam has had tough internet regulations in place since 2013. They ban any postings that are anti-government, harm national security, cause “hatred and conflicts” or “hurt the prestige of organizations and individuals.”

The rules also ban social media users who “spread fake or untruthful information.”

New rules implemented in 2017 tightened the screws further. One turning point, according to Yee Chung Seck, an attorney in the Ho Chi Minh City office of the international law firm Baker McKenzie, was an April 2017 meeting convened by the government to discuss a range of Internet ills including disinformation, hate speech and bullying.

That came just after the government called on all companies doing business in the country to stop advertising on YouTube, Facebook and other social media until they found a way to halt the publication of “toxic” anti-government information.

Yet another decree implemented last month stated that social media platforms had to remove illegal content within three hours of it being reported by the government, though Paine said the rule applies only to domestic companies.

Still, Facebook and Google don’t seem to be under any imminent threat given how deeply they have penetrated into Vietnam society.

About 55 million of Vietnam’s 96 million people are regular social media users, according to research by Simon Kemp, a digital media consultant based in Singapore.

Facebook, YouTube and Google Search are far and away the most popular internet destinations, Kemp’s data shows. Facebook is also the most popular platform for online shopping in Vietnam.

And the government is eager to nurture the country’s digital economy: smartphones and all that they enable, especially e-commerce and online banking, are transforming economies across Asia, and no one wants to be left behind.

“They love that part of the story,” said Chung.

But the government also wants more control, including local data storage and local corporate offices – a provision company officials privately fear is designed to allow the government to intimidate companies by exposing individuals to arrest.

Both Facebook and Google serve Vietnam from their regional headquarters in Singapore.

The new law also gives more power to Vietnam’s Ministry of Public Security, which is tasked with crushing dissent in the communist-ruled country.

Facebook said it expected the new rules would require it to restrict more content. Google declined to comment.



For the rights activists, there appears to be little hope of relief.

For example, just this month, a Facebook user in Vietnam was sentenced to four-and-a-half years in jail for posts which “distorted the political situation,” according to a statement posted on an official Communist Party website.

Still, Facebook remains an important tool for activists in Vietnam – a country where government criticism is rarely tolerated and the battle between the authorities and dissidents is a game of cat-and-mouse.

“Sometimes we use Facebook to distract authorities, like we pretend to discuss an important meeting, which obviously won’t happen,” activist Nguyen Lan Thang said. “Then we watch from afar and laugh as they surround our fake meeting spot,” Thang added.


(Additional reporting by James Pearson; Editing by Martin Howell)

When Russia Becomes the U.S.S.R. on Steroids, Israel Can Become a Target Too

April 29, 2018

It seems Russia’s interest in Israel has only increased – in part due to the danger it will help ruin Moscow’s plan for Syria. And Netanyahu’s government shouldn’t forget the Chinese threat, either

Russian President Vladimir Putin and Prime Minister Benjamin Netanyahu attend an event marking the International Holocaust Victims Remembrance Day, Moscow, Russia, January 29, 2018.
Russian President Vladimir Putin and Prime Minister Benjamin Netanyahu attend an event marking the International Holocaust Victims Remembrance Day, Moscow, Russia, January 29, 2018.\ MAXIM SHEMETOV/ REUTERS

Israel can become a target tooAlmost in passing at the Knesset Foreign Affairs and Defense Committee last July, Israel Defense Forces chief Gadi Eisenkot mentioned the possibility of foreign intervention in Israel’s democratic processes.

Eisenkot didn’t name the country that’s likely to intervene, but the examples he listed – cyberattacks and incitement campaigns in the United States, France and Ukraine, most of them during election campaigns – pointed to one address: Russia. Shortly afterward, Haaretz reported that the National Cyber Security Authority was drawing up a program to prevent foreign intervention in elections.

Meanwhile, we’re hearing that the next Knesset election might take place this year, well before the deadline of November 2019. At the same time, it seems Russia’s interest in Israel has only increased – due to Israel’s geographic location, the danger that it will help ruin Moscow’s plan for a new order in Syria, and the many Israelis who immigrated from the Soviet Union and its successor states.

Across its borders in recent years, Russia has improved its access to what it calls “hybrid warfare,” which combines military force with political influence, propaganda campaigns and psychological warfare.

>> Everyone’s talking about Russia’s S-300. Should Israel be worried? >>

Russian intervention in the U.S. presidential election is a central part of the investigation by special counsel Robert Mueller. The information Mueller is gleaning is being released only bit by bit – in court documents and selective leaks to the media. It’s subject to contradictory interpretations. According to extreme views, Donald Trump’s victory in November 2016 was the product of a Kremlin plot.

There are many claims of unusual intervention by Russia, from concealed ties with Trump’s campaign staff to the hacking of Democratic Party computers, which badly embarrassed Hillary Clinton at a crucial moment in the election campaign. But it’s possible that the Democrats’ emphasis on Russian intervention is designed to provide an explanation for the election’s inconceivable result.

Still, the events in the United States, the information gradually being revealed about the Russian campaigns of incitement and deception in European countries, the poisoning of a former Russian spy and his daughter in England, Moscow’s unqualified support for the murderous Assad regime – all this paints a very clear picture. Russia has returned to the international stage and considers itself an equal to the United States, despite Washington’s huge economic and military advantage.

And to gain dominance once again, the Russians are increasingly using all the tried and true methods of the Cold War (not that the Americans are innocent of using very similar methods). Cyberattacks, along with sophisticated propaganda and disinformation on social media, ramp up the consequences. This is already the Soviet Union on steroids, both because its rivals’ secrets are more accessible than in the past, and because it’s easier today to spread the messages to the general public.

At the same time, the Russians are helping to weaken Westerners’ confidence in the effectiveness and justness of their democracies. When Russia’s RT television films Syrians who deny that a chemical slaughter was carried out by the Assad regime, when on Twitter the Russian ambassador in London mocks the claims about the poisoning of the former spy, the purpose is the same. The propaganda isn’t designed to convince Westerners of the justness of the Kremlin’s ways, it’s to confuse their perception of reality to the point where they’ll no longer believe in anything.

With these rules of the game, which are being applied in a broad international arena, Israel is also a possible target. It’s not only the degree of the danger of the Iranian nuclear program or the strengthening of Hezbollah where Israel and Russia don’t see eye to eye. Russia is also fighting to weaken the standing of the United States in Israel, and of course America is Israel’s main strategic pillar.

“The Russians have an available target audience here and an ability to influence. The question is whether they’ll have any interest in doing so,” a defense official said. “Russia is the most sophisticated player in influence campaigns, but we haven’t seen evidence yet that it’s conducting such campaigns in Israel.”

One problem in protecting ourselves from influence campaigns is Russia’s plethora of methods, while our means of preventing them are divided among various government authorities. We can take the government’s promises at face value and believe that things are being handled properly. But it seems that the Knesset Foreign Affairs and Defense Committee, for example, should recall Eisenkot’s warning and examine whether we’re prepared for such campaigns, even before the election is announced.

When committee members visited Russia a few months ago to meet with their parliamentary counterparts, security experts advised them not to take their personal smartphones with them. “You’re liable to return with a friend for life,” they were told. Moscow may not believe in tears, but it certainly seems to believe in the advantages of technology.

China’s involvement a mixed bag

All the same, in the near future, a subcommittee of the Foreign Affairs and Defense Committee will discuss the regional influence of another great power, China. Like Russia, China has in recent years shown increased interest in the Middle East, but it uses entirely different means. The Chinese strategy favors economic influence: large acquisitions and huge infrastructure projects. This week Bloomberg reported that private and state-owned companies have invested $318 billion in the past decade to acquire assets in Europe, from vital infrastructure to high-tech firms and soccer clubs.

Part of that is happening in Israel. Chinese companies, possibly with government subsidies from Beijing, have won large long-term infrastructure bids and are acquiring assets. In the long term, these steps also give them leverage to guarantee China future acquisitions at good terms.

Israel is responding enthusiastically to the Chinese approaches. Prime Minister Benjamin Netanyahu often talks about the tremendous economic potential of the Chinese market, and in 2013 the government decided to encourage economic relations and made the National Economic Council responsible for coordinating the process.

In recent years Chinese companies have been building the Tel Aviv light rail. They’re also involved in the Trans-Israel Highway, dug the Carmel Tunnels, are expanding the Ashdod and Haifa ports and have been put in charge of maintaining part of the Haifa Port for the next 20 years.

In isolated cases, the government decided to restrict their activity. Dorit Salinger, the supervisor of capital markets, insurance and savings, halted Chinese acquisitions of the Clal and Phoenix insurers. Intervention by security organizations prevented the sale of part of cellular communications provider Pelephone to a Chinese company and halted Chinese participation in a construction project at Ben-Gurion Airport.

These steps, which are partial and uncoordinated, are related to Israel’s understanding of potential risks. As reported in Haaretz, China showed its bargaining power when it stopped a process in which a former Israeli defense official was supposed to testify on the use of Palestinian terror money via a Chinese bank. When the success of Netanyahu’s visit to China was on the agenda, Israel retreated and reconciled itself to the situation.

It seems Israel must be aware of the possible risks, both large and small. For example, was there any examination of putting China in charge of the Tel Aviv light rail, which passes only a few meters from the General Staff’s base at Defense Ministry headquarters? And what’s the significance of putting a foreign company in charge of a complex system of control, monitoring and cameras for years to come?

Other Western countries are more aware of these risks. Australia has passed laws requiring a special permit for foreign investments topping $150 million, and the United States has expanded legislation – with China in mind – requiring security permits (from the FBI among others) for large acquisitions by foreigners.

The Americans also forbid federal employees from using Chinese technology such as Huawei smartphones for fear that information-gathering components will be embedded in them. Israeli defense officials are thought to be exercising caution on this issue, although security sources refuse to confirm that there is a specific policy.

The Chinese authorities aren’t hostile to Israel, and the impression is that the Chinese admire Israeli creativity and initiative. But considering the difference in size between the parties, China also seems to be indifferent to the strategic considerations that preoccupy Israel. Israel must do a better job preparing for the challenge posed by Chinese influence in the region, just as it’s beginning to understand the Russian challenge. And this isn’t because of Sinophobia; it’s simply realism.

Brig. Gen. (res.) Assaf Orion, head of the Israel-China research program at the Institute for National Security Studies, tells Haaretz that “China and to a great extent Russia present Israel with a new type of national-security challenge. These are countries with patience and the ability to plan and learn in depth and for the long term.”

As Orion puts it, “Relations with them represent an economic opportunity that Israel must learn how to exploit, while being aware of the differences in interests and the risks. That requires the government to organize differently, because the balance of power here is to our detriment and we haven’t acquired experience in tackling such challenges.”

British Intelligence: ‘Absolute protection from cyber attacks not possible’

April 22, 2018

Russian flag is seen on the laptop screen in front of a computer screen on which cyber code is displayed

The head of GCHQ’s cyber defence unit says it is a matter of “when, not if” Britain faces a “serious cyber attack” CREDIT: KACPER PEMPEL


The Telegraph
21 APRIL 2018 • 9:31PM

Britain’s spy agencies cannot offer “absolute protection” against Russian cyber attacks and are instead focused on preventing assaults that would “most impact on our way of life”, in the wake of the Salisbury poisoningGCHQ is warning.

Writing in The Sunday Telegraph, Ciaran Martin, the head of the agency’s cyber defence unit, says it is a matter of “when, not if” Britain faces a “serious cyber attack”.

He added that its focus was now on building “resilience” in “the systems we care about the most”, believed to be Britain’s power and water supplies, internet and transport networks, and health service.

The Sunday Telegraph understands that senior representatives of utility, transport and internet firms and the NHS have attended intelligence briefings at the National Cyber Security Centre (NCSC) on the specific methods – known as “attack vectors” – being used by Russia to target Britain’s critical national infrastructure, following the nerve agent attack in Salisbury last month.

Separately, the NCSC is understood to have written to the Government setting out urgent actions that departments and individual officials should take to protect Whitehall from cyber assaults.

Ciaran Martin
Ciaran Martin, the head of the agency’s cyber defence unit CREDIT: WOLFGANG RATTAY

These are in response to retaliatory measures against the Kremlin following the attempted assassination of Sergei Skripal and his daughter Yulia in Salisbury with a nerve agent last month.

Mr Martin, the NCSC’s chief executive, confirmed GCHQ was on “heightened alert” for “follow-up activity” following the Salisbury attack – an explicit link the agency fell short of making when it issued an unprecedented joint warning with the FBI last week about cyber attacks by the Russian Government.

“Turning off the lights and the power supply by cyber attack is harder than Hollywood films sometimes make out,” he writes.

“But we’ve seen enough malicious cyber attacks across the world, including against UK health services by a North Korean group last year, to know how services can be disrupted.

“Absolute protection is neither possible nor desirable; it’s about having more resilience in the systems we care about the most, those where loss of service would have the most impact on our way of life.

“We have said that it is a matter of when, not if, the UK faces a serious cyber attack. So last week we presented detailed plans to Government departments about the priority areas where the NCSC will work with them, industry and law enforcement to improve the cyber resilience of the most important systems.”

The Sunday Telegraph understands that, in addition to setting out the “priority areas” it will focus on protecting, the NCSC provided the Government with fresh advice on preventing attacks, based on the latest intelligence about attempted intrusions by Russian hackers.

The advice is believed to have ranged from highly technical measures that should be taken by particular departments, to more basic preventative steps that could be adopted by all civil servants.

Separately, the agency is understood to have called in representatives of organisations involved in the UK’s critical national infrastructure for a series of briefings on ongoing activity in recent days, with the sessions including information on the warning signs to look out for, and advice on how to guard against the threats.

“Deepfake” — Using artificial intelligence to make anyone say or do anything on video — Next big danger for Facebook, Google, others

April 22, 2018

Times of India


  • Deepfake is the new frontier in fake news where artificial intelligence is used to make anyone say or do anything on video.
  • Desktop tools like FakeApp make deepfakes absurdly easy, a matter of hours to make. And it has already resulted in a spurt of AI porn.

No automatic alt text available.

Recently, someone claiming to represent an Indian political party approached an artificial intelligence engineer with a special request: Create “deepfakes” for propaganda.

Deepfake is the new frontier in fake news + where artificial intelligence is used to make anyone say or do anything on video. Last week, the usually quiet Barack Obama popped up in an online video calling US president Donald Trump “a total and complete dips**t”.

Well, Obama never said those things, and the video turned out to be what is called a deep fake, a type of video featuring realistic face swapping. It was created by director Jordan Peele in partnership with Buzzfeed as a warning about not automatically trusting anything on the internet.

Digital fakery is not new — we know photos can be morphed, videos can be edited. Face swapping tech is not new either. But now, with deep learning by machines, these tricks can be automated, and the tools are accessible to many more people, says Rishabh Srivastava of Loki Technologies, a machine learning startup.

Current forensic tools won’t detect this fakery: Cyber expert

Subodh Kumar, a professor at IIT Delhi who specialises in computer graphics and visualisation, explains that the idea is for a neural network to learn the points of the face, then find and learn the function that will describe each image. “It creates a succinct representation of the face — mathematically, not geometrically — and then a symmetric function that gives you back the image. So you do that for person X from the many images in a video, and reverse map it for person Y,” he says. By finding points of correspondence, you can overlay one face on another, then blend it to look smooth.

The big problem is that current forensic tools will not be able to detect this fakery, explains cybersecurity expert Akash Mahajan. “With deep learning, when you have recurrent multiple steps, it is hard to trace back the trail the machine took to reach the output,” he says. So the hoaxslayers and fact-checkers we now have, or even forensics experts who look for audio glitches, shadows and visual discrepancies to spot fakes, won’t be able to help.

Desktop tools like FakeApp make deepfakes absurdly easy, a matter of hours to make. And it has already resulted in a spurt of AI porn. Late last year, a Reddit user called Deepfakes showed how you could transpose a celebrity’s face onto someone else’s body, while keeping the expressions of the original.

Even a few Bollywood actresses like Priyanka Chopra have been deepfaked, in violation of their rights and dignity. Crude splice and dice videos are already commonplace — Arvind Kejriwal’s speech was allegedly faked during the Punjab election to suggest he wanted people to vote for the Congress — but AI could bring a new sophistication to these attempts. “We are vigilant to the danger of deepfakes, but the media and the public are not,” says Ankit Lal, social media head of the Aam Aadmi Party. “Some media organisation could get a deepfaked video of Arvind (Kejriwal) or any other politician and run it as the truth: that is the danger we anticipate,” he adds.

Of course, right now it doesn’t take deepfakery to dupe people, points out Pankaj Jain of SM Hoax Slayer.

“People will believe even a celebrity picture with a fake quote, as recently happened with Amitabh Bachchan,” he says. While this gullibility is generally true, and people tend to believe what we want to believe, realistic video footage is usually taken as documentary proof. It could be hugely destabilising if phony videos are passed off as truth on social media.

“While we have not seen deepfakes of Indian politicians on open platforms like Facebook and Google yet, it’s hard to know if they have been spread on closed platforms like WhatsApp,” says Srivastava. It’s entirely likely to happen soon, given the flood of misinformation that already exists.

In today’s world, when machines can recombine audio and video to create an alternative reality, seeing is not believing.