Posts Tagged ‘National Security Agency’

U.S. cybersecurity “deserves action” within the first 100 of the Trump Administration, National Commission says

December 3, 2016

The Associated Press

A national commission on Friday delivered urgent recommendations to improve the nation’s cybersecurity, weeks before US president-elect Donald Trump takes office. The report follows the worst hacking of US government systems in history and accusations by the Obama administration that Russia meddled in the US presidential election by hacking Democrats.

The Presidential Commission on Enhancing National Cybersecurity, which was expected to spell out actions the US can take over the next 10 years, instead urged more immediate actions within two to five years. It suggested the Trump administration consider some items “deserving action” within the first 100 days.

The commission recognised that what we’ve been doing over the last 15 to 20 years simply isn’t working, and the problem isn’t going to be fixed simply by adding more money
STEVEN CHABINSKY, COMMISSION MEMBER

It recommended that Trump create an assistant to the president for cybersecurity, who would report through the national security adviser, and establish an ambassador for cybersecurity, who would lead efforts to create international rules. It urged steps, such as getting rid of traditional passwords, to end the threat of identity theft by 2021 and said Trump’s administration should train 100,000 new cybersecurity workers by 2020.

Other ideas included helping consumers to judge products using an independent “nutritional label” for technology products and services.

“The commission recognised that what we’ve been doing over the last 15 to 20 years simply isn’t working, and the problem isn’t going to be fixed simply by adding more money,” said Steven Chabinsky, a commission member and the global chair of the data, privacy and cybersecurity practice for White & Case LLP, an international law firm.

He said the group wanted the burden of cybersecurity “moved away from every computer user and handled at higher levels”, including internet providers and product developers who could ensure security by default and design “for everyone’s benefit”.

The White House requested the report in February and intended it to serve as a transition memo for the next president. The commission included 12 of what the White House described as the brightest minds in business, academia, technology and security. It was led by Tom Donilon, Obama’s former national security adviser.

The panel studied sharing information with private companies about cyber threats, the lack of talented American security engineers and distrust of the US government by private businesses, especially in Silicon Valley. Classified documents stolen under Obama by Edward Snowden, a contractor for the National Security Agency, revealed government efforts to hack into the data pipelines used by US companies to serve customers overseas.

One commissioner, Herbert Lin of Stanford University, said some senior information technology managers distrust the federal government as much as they distrust China, widely regarded as actively hacking in the US.

 President Barack Obama and, from left, Commerce Secretary Penny Pritzker, former IBM CEO Sam Palmisano, former National Security Adviser Tom Donilon, and Homeland Security Secretary Jeh Johnson. Photo: AP

President Barack Obama said in a written statement after meeting with Donilon that his administration will take additional action “wherever possible” to build on its efforts make progress before he leaves office next month. He urged Trump and the next Congress to treat the recommendations as a guide.

“Now it is time for the next administration to take up this charge and ensure that cyberspace can continue to be the driver for prosperity, innovation, and change both in the United States and around the world,” Obama said.

It was not immediately clear whether Trump would accept the group’s recommendations. Trump won election on promises to reduce government regulations, although decades of relying on market pressure or asking businesses to voluntarily make their products and services safer have been largely ineffective.

Now it is time for the next administration to take up this charge and ensure that cyberspace can continue to be the driver for prosperity, innovation, and change both in the United States and around the world
US PRESIDENT BARACK OBAMA

Trump’s presidential campaign benefited from embarrassing disclosures in hacked emails stolen from the Democratic National Committee, Hillary Clinton’s campaign staff and others, and Trump openly invited Russian hackers to find and release tens of thousands of personal emails that Clinton had deleted from the private server she had used to conduct government business as secretary of state. He also disputed the Obama administration’s conclusion that Russia was responsible for the Democratic hackings.

Though Trump is a prolific user of online social media services, especially Twitter, he is rarely seen using a computer. His campaign manager, Kellyanne Conway, tweeted a photograph on Monday of Trump working on an Apple laptop inside his office at Trump Tower. And he testified in a deposition in 2012 that he did not own a personal computer or smartphone, and in another deposition earlier this year said he deliberately does not use email.

Trump has already promised his own study by a “Cyber Review Team” of people he said he will select from military, law enforcement and private sectors. He said his team will develop mandatory cyber awareness training for all US government employees, and he has proposed a buildup of US military offensive and defensive cyber capabilities that he said will deter foreign hackers.

The new report suggested that the government should remain the only organisation responsible for responding to large-scale attacks by foreign countries.

Obama has a mixed legacy on cybersecurity.

Under Obama, hackers stole personal data from the US Office of Personnel Management on more than 21 million current, former and prospective government employees, including details of security-clearance background investigations for federal agents, intelligence employees and others. The White House also failed in its efforts to convince Congress to pass a national law – similar to laws passed in some states – to require hacked companies to notify affected customers.

But the Obama administration also became more aggressive about publicly identifying foreign governments it accused of hacking US victims, arrested some high-profile hackers overseas, successfully shut down some large networks of hacked computers used to attack online targets, enacted but never actually used economic sanctions against countries that hacked American targets and used a sophisticated new cyberweapon called Stuxnet against Iran’s main nuclear enrichment facilities.

Congress passed a new law in late 2015 to encourage companies and the government to share information about online threats.

NSA Director Mike Rogers Could Be Removed in Restructuring

November 21, 2016

.

By LUIS MARTINEZ and BENJAMIN SIEGEL

President Obama is considering a recommendation by Defense Secretary Ash Carter and Director of National Intelligence James Clapper to separate the commands of the National Security Agency and U.S. Cyber Command that could lead to the removal of Admiral Mike Rogers who heads both commands.

Rogers’ potential removal as the head of the National Security Agency was first reported by the Washington Post.

The White House, the Defense Department and the Office of the Director of National Intelligence declined to comment on the reports.

According to a U.S. official, in September Carter and Clapper recommended to Obama a split between the commands of the National Security Agency and U.S. Cyber Command that would result in the removal of Admiral Mike Rogers as the head of both commands.

The NSA is responsible for collecting international signals intelligence. U.S. Cyber Command (CYBERCOM) is responsible for the defense of military computer networks, but can also conduct offensive cyber operations, as it has done recently against ISIS’ cyber networks.

If the recommendation to split the commands is approved it could result in separate individuals respectively heading the NSA and Cyber Command. Rogers assumed leadership of both commands in April, 2014, a term that would likely end next April.

In an unusual move, on Thursday Rogers met with President-elect Donald Trump. No readout was given of what they discussed.

Should U.S. Cyber Command become a new combatant command, it would be up to the Defense Secretary to recommend the four star officer to head the new head of the command. Though it is a four star command, in a complex arrangement U.S. Cyber Command falls under U.S. Strategic Command, one of the nine combatant commands.

If President Obama agrees with the recommendation, Admiral Rogers or another military officer could be named to head Cyber Command and a civilian could head the NSA.

A new head of the NSA would require the input of both the Defense Secretary and the Director of National Intelligence.

In response to the possibility that Rogers could be removed as the head of the NSA, Rep. Devin Nunes, R-California, chairman of the House Permanent Select Committee on Intelligence, sent a letter to Carter and Clapper praising Rogers performance.

“Since Admiral Rogers was appointed as NSA Director in April 2014, I have been consistently impressed with his leadership and accomplishments,” Nunes said. “His professionalism, expertise and deckplate leadership have been remarkable during an extremely challenging period for NSA. I know other members of Congress hold him in similarly high esteem.”

Nunes asked Carter and Clapper “to provide a full explanation of the allegations contained in the Post article” and said he would convene an open hearing “at the earliest possible opportunity.”

“I’ll give them the benefit of the doubt if they can provide documentation and correspondence where they’ve had concerns with the admiral’s performance,” Nunes said in an interview with ABC News. “My guess is, I’ll hear crickets.”

The California Republican says he believes the leak behind the initial story was “100-percent politically motivated,” following Rogers visit with Trump in New York City, and referred to the administration, Defense Department the Office of the Director of National Intelligence as “sad, pathetic losers” for the charges about Rogers’s performance.

Nunes, who is a member of Trump’s transition team, said Rogers would be a “qualified candidate” to join the incoming administration.

Of the debate over separating the commands of the NSA and U.S. Cyber Command, Nunes said the issue is “quite complicated” and “not something that should be rushed into.”

.

 (March 2013)

 (December 2014)

 (June 2015)

Related articles prior to June 2015:

China's newest warplane, the J-20 stealth fighter, made its first public flight at an airshow in the southern city of Zhuhai. It bears an uncanny resemblance to US military's F-22 Raptor

China’s newest warplane, the J-20 stealth fighter, made its first public flight at an airshow in the southern city of Zhuhai. It bears an uncanny resemblance to US military’s F-22 Raptor

.

.

.
.
.
.

 (China has a pattern of silencing or censoring critics)

Was Friday’s massive hack mounted through internet-connected household items like baby monitors, DVRs, security cameras, and other gadgets turned into cyber weapons?

October 22, 2016

.
Baby monitors and household items used in Friday’s crippling server hack
.

Investigators say attack could have relied on internet-connected household items to flood servers with traffic

  • Baby monitors and household items used in Friday’s crippling server hack 
  • Early investigations say ‘internet of things’ were weaponized by attackers 
  • Almost 500,000 gadgets could have been could have been used in hack
  • Items infected with Mirai malware flooded Dyn’s servers to overload them 
  • Experts say at least 10 per cent of those items appear to have been sued 

Read more: http://www.dailymail.co.uk/news/article-3862294/Hackers-used-internet-things-attack-Friday.html#ixzz4NpBjCyTK
Follow us: @MailOnline on Twitter | DailyMail on Facebook

.

Hackers that wreaked havoc across the US on Friday by shutting down major websites could have relied on household items to take down servers.

.
Early investigations into the attack that crippled websites across the US and in some parts of the UK on Friday found the ‘internet of things’ could have been used to overload servers at Dyn – the company that was targeted.

The shocking development revealed almost 500,000 items were potentially at risk of being activated without their owners’ knowledge, with everything from baby monitors, DVRs, security cameras, and other gadgets turned into cyber weapons.

Hackers that wreaked havoc across the US on Friday by shutting down major websites could have relied on household items to take down servers. This is a map showing the areas hit by the reported outages 

Hackers that wreaked havoc across the US on Friday by shutting down major websites could have relied on household items to take down servers. This is a map showing the areas hit by the reported outages

.

Read more: http://www.dailymail.co.uk/news/article-3862294/Hackers-used-internet-things-attack-Friday.html#ixzz4NpBX23pc
Follow us: @MailOnline on Twitter | DailyMail on Facebook

Hackers that wreaked havoc across the US on Friday by shutting down major websites could have relied on household items to take down servers. This is a map showing the areas hit by the reported outages

Dyn’s chief strategy officer Kyle York said on Friday: ‘This is not your every day attack’

‘The complexity of the attacks is what is making it so difficult for us,’ Kyle York, the company’s chief strategy officer, said.

.
‘This is not your every day attack.’

Was massive hack that floored Amazon, Twitter and Reddit…

Russian hackers could FAKE voter fraud after the…

Hillary Clinton’s New York campaign headquarters evacuated…

‘We love Wikileaks,’ says Trump while its ‘supporters’ crash…

.
Dyn’s general counsel, Dave Allen, later confirmed that much of the traffic being used to take down servers was coming from internet-connected devices infected with a type of malware known as Mirai.

An online security expert explained how at least 45,000 ‘internet of things’ object were used in the attack on Dyn.

Early investigations suggest the 'internet of things', which includes baby monitors, was used by the hackers to overload servers (stock image)

Early investigations suggest the ‘internet of things’, which includes baby monitors, was used by the hackers to overload servers (stock image)

.

Read more: http://www.dailymail.co.uk/news/article-3862294/Hackers-used-internet-things-attack-Friday.html#ixzz4NpCYtpMG
Follow us: @MailOnline on Twitter | DailyMail on Facebook

.
Dyn’s chief strategy officer Kyle York said on Friday: ‘This is not your every day attack’

.
Dale Drew, chief security officer at Level 3 Communications, said so during a livestream on Friday, before saying the total number of infected items has almost doubled in just one month.
The alarming new information comes after Wikileaks revealed it thought its supporters were behind the hack.

.
The group sent out a tweet on Friday night reading: ‘Stop taking down the US internet… Mr Assange is still alive and WikiLeaks is still publishing.’

.
It then tweeted: ‘The Obama administration should not have attempted to misuse its instruments of state to stop criticism of its ruling party candidate.’

.
The Ecuadorian government switched off Assange’s internet service in its UK embassy Sunday after he released another tranche of emails showing the contents of a speech given by Hillary Clinton to Goldman Sachs.

.
DDoS attacks are a primitive form of hacking using botnets – networks of computers that hackers bring under their control.

.
They do this by getting users to inadvertently download software, typically by following a link in an email or agreeing to download a corrupted file.

.
Even smart home gadgets such as connected cameras and DVRs can be taken over in this way.

.
These botnets are then used to bombard the servers with simple requests for information carried out simultaneously, causing them to become overwhelmed and shut down.

.
WikiLeaks accused John Kerry and the US Government of asking Ecuador to shut down Assange’s internet connection, but the South American country denied it came under any pressure from the US or any other government.

.
Despite WikiLeaks’ claims its supporters were behind the attacks, members of a shadowy collective that calls itself New World Hackers claimed responsibility via Twitter.

.
They said they organized networks of connected ‘zombie’ computers called botnets that threw a staggering 1.2 terabits per second of data at the Dyn-managed servers.

.
‘We didn’t do this to attract federal agents, only test power,’ two collective members who identified themselves as ‘Prophet’ and ‘Zain’ told an AP reporter via Twitter direct message exchange.

.
A chart shows Twitter outages over the last 24 hours with a huge peak later in the day
A chart shows Twitter outages over the last 24 hours with a huge peak later in the day

.
A number of major sites including Spotify are to be down in an internet outage. Internet infrastructure provider Dyn said this was due to an ongoing interruption of its network. Pictured is a chart of Spotify outages reported in the last 24 hours on Down Detector

.
A number of major sites including Spotify are to be down in an internet outage. Internet infrastructure provider Dyn said this was due to an ongoing interruption of its network. Pictured is a chart of Spotify outages reported in the last 24 hours on Down Detector

.
WHAT ARE DOMAIN NAME SERVERS USED FOR?

Anonymous in 2010 targeted the DNS provider EveryDNS as retribution for denying service to WikiLeaks

.
Domain name servers are a crucial element of internet infrastructure, converting numbered Internet Protocol addresses into the domain names that allow users to connect to internet sites.

.
The loose-knit hacktivist network Anonymous in 2010 targeted the DNS provider EveryDNS among others in 2010 as retribution for denying service to the anti-secrecy organization WikiLeaks.

.
Though such attacks are not uncommon, Friday’s incident immediately underscored the interconnected vulnerabilities for large portions of the internet, with brand-name companies affected by an attack on a single company.

.
‘The internet continues to rely on protocols and infrastructure designed before cyber security was an issue,’ said Ben Johnson, a former engineer at the National Security Agency and founder of the cyber-security company Carbon Black.

.
The White House slammed the attack on Friday, calling it a malicious disruption.

.
Internet service company Dyn, which controls the ‘address book’ of the internet for dozens of major companies, said that it had suffered its first denial of service (DDoS) attack shortly after 6AM ET (11AM BST), in an attack that mostly affected the east coast of the US.

.
It told CNBC the attack is ‘well planned and executed, coming from tens of millions of IP addresses at same time.’

.
It confirmed a second attack at 1PM ET, which appeared to be centered on UK servers, and later said ‘several’ attacks were underway on servers across the globe, with the west coast being particularly badly hit.

.
WHO WAS HIT BY THE ATTACK?

.
Thousands of sites were hit, including:

Twitter
Reddit
Spotify
Esty
Box
Wix Customer Sites
Squarespace Customer Sites
Zoho
CRM
Iheart.com (iHeartRadio)
Github
The Verge
Cleveland.com
hbonow.com
PayPal
Big cartel
Wired.com
People.com Urbandictionary.com
Basecamp
ActBlue
Zendesk.com
Intercom
Twillo
Pinterest
Grubhub
Okta
Starbucks rewards/gift cards
Storify.com
CNN
Yammer
Playstation Network
Recode Business Insider
Guardian.co.uk
Weebly
Yelp

.
Dyn said Friday evening a third cyber attack ‘has been resolved’.

.
The cyber attack meant that millions of internet users could not access the websites of major online companies such as Netflix and Reddit as well as the crafts marketplace Etsy and the software developer site Github, according to media reports.

.
The website Gizmodo said it had received reports of difficulty at sites for media outlets including CNN, The Guardian, Wired, HBO and People as well as the money transfer service PayPal.

Read more: http://www.dailymail.co.uk/news/article-3862294/Hackers-used-internet-things-attack-Friday.html#ixzz4NpBOmaNk
Follow us: @MailOnline on Twitter | DailyMail on Facebook

Russian Cyber Operations Related to the U.S. Election — Russia Is Ready For Cyber War — Is The U.S. About To Retaliate?

October 15, 2016

.

U.S. Poised For Unprecedented Cyber Assault Targeting Russia 3:17
http://www.nbcnews.com/news/us-news/cia-prepping-possible-cyber-strike-against-russia-n666636

The Obama administration is contemplating an unprecedented cyber covert action against Russia in retaliation for alleged Russian interference in the American presidential election, U.S. intelligence officials told NBC News.

Current and former officials with direct knowledge of the situation say the CIA has been asked to deliver options to the White House for a wide-ranging “clandestine” cyber operation designed to harass and “embarrass” the Kremlin leadership.

The sources did not elaborate on the exact measures the CIA was considering, but said the agency had already begun opening cyber doors, selecting targets and making other preparations for an operation. Former intelligence officers told NBC News that the agency had gathered reams of documents that could expose unsavory tactics by Russian President Vladimir Putin.

Vice President Joe Biden told “Meet the Press” moderator Chuck Todd on Friday that “we’re sending a message” to Putin and that “it will be at the time of our choosing, and under the circumstances that will have the greatest impact.”

When asked if the American public will know a message was sent, the vice president replied, “Hope not.”

Retired Admiral James Stavridis told NBC News’ Cynthia McFadden that the U.S. should attack Russia’s ability to censor its internal internet traffic and expose the financial dealings of Putin and his associates.

“It’s well known that there’s great deal of offshore money moved outside of Russia from oligarchs,” he said. “It would be very embarrassing if that was revealed, and that would be a proportional response to what we’ve seen” in Russia’s alleged hacks and leaks targeting U.S. public opinion.

Sean Kanuck, who was until this spring the senior U.S. intelligence official responsible for analyzing Russian cyber capabilities, said not mounting a response would carry a cost.

MTP Exclusive: VP Biden Promises Response to Russian Hacking 1:00
http://www.nbcnews.com/news/us-news/cia-prepping-possible-cyber-strike-against-russia-n666636

“If you publicly accuse someone,” he said, “and don’t follow it up with a responsive action, that may weaken the credible threat of your response capability.”

President Obama will ultimately have to decide whether he will authorize a CIA operation. Officials told NBC News that for now there are divisions at the top of the administration about whether to proceed.

Two former CIA officers who worked on Russia told NBC News that there is a long history of the White House asking the CIA to come up with options for covert action against Russia, including cyber options — only to abandon the idea.

“We’ve always hesitated to use a lot of stuff we’ve had, but that’s a political decision,” one former officer said. “If someone has decided, `We’ve had enough of the Russians,’ there is a lot we can do. Step one is to remind them that two can play at this game and we have a lot of stuff. Step two, if you are looking to mess with their networks, we can do that, but then the issue becomes, they can do worse things to us in other places.”

A second former officer, who helped run intelligence operations against Russia, said he was asked several times in recent years to work on covert action plans, but “none of the options were particularly good, nor did we think that any of them would be particularly effective,” he said.

Putin is almost beyond embarrassing, he said, and anything the U.S. can do against, for example, Russian bank accounts, the Russian can do in response.

“Do you want to have Barack Obama bouncing checks?” he asked.

Former CIA deputy director Michael Morell expressed skepticism that the U.S. would go so far as to attack Russian networks.

“Physical attacks on networks is not something the U.S. wants to do because we don’t want to set a precedent for other countries to do it as well, including against us,” he said. “My own view is that our response shouldn’t be covert — it should overt, for everybody to see.”

The Obama administration is debating just that question, officials say — whether to respond to Russia via cyber means, or with traditional measures such as sanctions.

The CIA’s cyber operation is being prepared by a team within the CIA’s Center for Cyber Intelligence, documents indicate. According to officials, the team has a staff of hundreds and a budget in the hundreds of millions, they say.

The covert action plan is designed to protect the U.S. election system and insure that Russian hackers can’t interfere with the November vote, officials say. Another goal is to send a message to Russia that it has crossed a line, officials say.

While the National Security Agency is the center for American digital spying, the CIA is the lead agency for covert action and has its own cyber capabilities. It sometimes brings in the NSA and the Pentagon to help, officials say.

Could Russian Hackers Be Targeting U.S. Election Systems?2:17
http://www.nbcnews.com/news/us-news/cia-prepping-possible-cyber-strike-against-russia-n666636

In earlier days, the CIA was behind efforts to use the internet to put pressure on Slobodan Milosevic in Serbia in 1999, and to pressure Iraqi leadership in 2003 to split off from Saddam Hussein.

According to documents leaked by Edward Snowden, the CIA requested $685.4 million for computer network operations in 2013, compared to $1 billion by the NSA.

Retired Gen. Mike Hayden, who ran the CIA after leading the NSA, wrote this year: “We even had our own cyber force, the Information Operations Center (IOC), that former CIA director George Tenet launched and which had grown steadily under the next spy chief, Porter Goss, and me. The CIA didn’t try to replicate or try to compete with NSA… the IOC was a lot like Marine Corps aviation while NSA was an awful lot like America’s Air Force.”

“I would quote a Russian proverb,” said Adm. Stavridis, “which is, ‘Probe with bayonets. When you hit mush, proceed. When you hit steel withdraw.’ I think unless we stand up to this kind of cyber attack from Russia, we’ll only see more and more of it in the future.”

http://www.nbcnews.com/news/us-news/cia-prepping-possible-cyber-strike-against-russia-n666636

**************************

By Joe Tacopino
New York Post
October 14, 2016 | 11:09pm

The Obama administration is threatening to launch a vast cyber war against Russia in response to the country’s alleged interference with the presidential election.

Vice President Joe Biden told NBC News Friday that “we’re sending a message” to Russian President Vladimir Putin and that the wide-ranging “clandestine” cyber operation will take place.

“We’re sending a message,” Biden said during an interview with “Meet the Press” that will air on Sunday. “We have the capacity to do it. It will be at the time of our choosing, and under the circumstances that will have the greatest impact,”

The vice president belittled Russia’s alleged interference in the US election but stressed their efforts, however futile, would be responded in kind.

“Their capacity to fundamentally alter the election is not what people think,” Biden said.

“And I tell you what, to the extent that they do we will be proportional in what we do.”

It was not clear whether the American public would be alerted when or if an attack actually took place. When asked about whether the public would even be aware an attack took place Biden simply said “Hope not.”

Intelligence officials told NBC News that CIA has already begun “opening cyber doors, selecting targets and making other preparations for an operation.”

James Stavridis, a retired four-star Navy admiral who served as the supreme allied commander at NATO, told NBC that the CIA should “embarrass” the Kremlin by exposing financial dealings of Putin and his cronies.

“It’s well known that there’s great deal of offshore money moved outside of Russia from oligarchs,” Stavridis said. “It would be very embarrassing if that was revealed, and that would be a proportional response to what we’ve seen” in the recent hacks into US political figures and committees.

The US publicly blamed Russia last week for the recent cyberattacks against Democratic Party organizations.

“These thefts and disclosures are intended to interfere with the U.S. election process,” the Office of Director of National Intelligence and the Department of Homeland Security said in a joint statement last Friday. “We believe, based on the scope and sensitivity of these efforts, that only Russia’s senior-most officials could have authorized these activities.”

The talk of an impending cyber war between the two countries takes place while the powers struggle to collaborate in the war against ISIS and inside Syria.

The ultimate decision on whether to launch to cyber attack would rest with President Obama, officials said. Sources told NBC News that there are diverging view within the administration about how to proceed.

“I think unless we stand up to this kind of cyber attack from Russia, we’ll only see more and more of it in the future,” Admiral Stavridis said.

http://nypost.com/2016/10/14/us-prepped-for-massive-cyber-assault-on-russia/

**************************

CBS News

Gen. Michael Hayden: Russia launches cyberattacks to “mess with our heads”

One of the most critical issues facing the 2016 presidential nominees is national security. In this installment of “Issues That Matter,” retired four-star Air Force Gen. Michael Hayden – who served as director of the CIA and the NSA, as well as principal deputy director of national intelligence – takes a look at the threats the next president will have to confront.

.
The Obama administration is “confident” that Russia is trying to interfere in the presidential election – and so is the former CIA and NSA director, Gen. Michael Hayden. Though Russia has denied the allegations, Hayden says he thinks Russia is trying to “erode” Americans’ larger confidence in the political process.

“The Clinton campaign has said they’re doing it to pick a winner. I don’t think that’s true,” Hayden, a retired four-star Air Force general, told “CBS This Morning” Friday. “It’s to mess with our heads. It’s to do to us what he thinks we do to him and his political processes. It’s a way of his pushing back against what he views to be American pressure.”

Hayden believes Russian criminal gangs, directed by the Russian state, are behind the hack of Clinton campaign chairman John Podesta’s emails. Clinton has vowed as president to fight cyberattacks like any other assault on the country, with “serious political, economic and military responses.” Hayden agrees, but thinks cyberattacks should be examined in a larger context.

“Don’t put this in the ‘cyber problem’ box. Put this in the ‘Russian problem’ box,” Hayden said. “Put this in that box with all these other indicators – actual Russian behavior to which we should respond – in my view, respond more robustly than we’ve responded.”

Hayden said the Obama administration’s response to the Russia’s intervention in Syria has been “too light,” agreeing with criticism that the U.S. has created a “vacuum” in the war-torn country. Hayden suggested different ways U.S. actions could be “more robust” to create a “tectonic shift in a Russian pressure point.”

“Can we be more robust in Ukraine, with regard to what we may or may not provide them? Can we be more robust in Syria, with how much space we give the Russians to operate?” Hayden said. “Getting out of the narrow box, why don’t we make it American policy to wean the Europeans off of Russian gas? Why don’t we simply say, ‘We got it, we’re going to exploit it, and we’re going to ship it.’”

Hillary Clinton and Donald Trump have found little common ground on issues in the presidential campaign, but both have suggested setting up some form of safe zones in Syria. Hayden agreed, but said it would be complicated to do – especially given Russia’s presence there – and suggested creating “relatively thin zones” along the Turkish and Jordanian borders.

“And here’s where it really gets tough, all right? And at this point you actually got to say to all the players,’We’re serious. This is a safe zone.’ Now we got responsibilities. We can’t let one side or the other operate out of there and conduct attacks. That’s our policing function, it’s not yours, you can’t go there,’” Hayden said.

Hayden – who has yet to endorse either candidate but has said Trump was not qualified to be president – said he agreed with Republican vice presidential nominee Mike Pence’s statement that the U.S. should be prepared to use military force to strike military targets of the Assad regime, if Russia continues to be involved in airstrikes.

.
“I thought (that) was far more robust. Unfortunately, he was disowned by his own presidential candidate,” Hayden said, referring to Trump’s claim in the second presidential debate that he disagreed with his running mate on the Syrian matter.

Former CIA and NSA director Gen. Michael Hayden

“But I do think on a raw, humanitarian basis, we’ve got to do more,” Hayden said.

Hayden also addressed other critical foreign policy issues confronting the next president, ranking them on a timeline according to “how bad is it, how much time do you have?” Hayden set terrorism – cyberattacks included – first on the timeline, then, three to five years from now, threats from “ambitious, fragile and nuclear” states including North Korea, Pakistan, Iran and Russia.

“And then… when I run the timeline out here about ten years, I got this bubble way up here that’s really important and that’s the Sino-American relationship,” Hayden said. “Not saying China’s an enemy, but if we don’t get that right, over the long term, that’s pass-fail.”

http://www.cbsnews.com/news/issues-that-matter-2016-presidential-race-michael-hayden-donald-trump-hillary-clinton-foreign-policy/

Related:

)

Two F-15K Slam Eagles flying above a U.S. Air Force B-1B Lancer supersonic bomber over South Korea on Sept. 21, a show of force the U.S. said was aimed at reminding North Korea of its powerful military assets in the region. The flight was the closest a B-1 has ever been to the inter-Korean border.
Two F-15K Slam Eagles flying above a U.S. Air Force B-1B Lancer supersonic bomber over South Korea on Sept. 21, a show of force the U.S. said was aimed at reminding North Korea of its powerful military assets in the region. The flight was the closest a B-1 has ever been to the inter-Korean border. PHOTO: KYEONG RYUL/AGENCE FRANCE-PRESSE/GETTY IMAGES

NSA contractor arrested over ‘stolen secret code used to hack Russia’

October 6, 2016

.

The suspected theft raises fears of more damaging intelligence leaks just three years after the Edward Snowden affair

By Tim Walker US Correspondent
The Independent

The FBI has secretly arrested a National Security Agency (NSA) contractor suspected of stealing highly classified computer codes used to hack the computer systems of foreign governments including Russia and China, raising fears of another embarrassing intelligence leak to rival the Edward Snowden affair.

Law enforcement and intelligence sources told the New York Times that, like Mr Snowden, the contractor worked for consulting firm Booz Allen, which is behind many of the NSA’s most sensitive cyberoperations. In 2013, Mr Snowden leaked more than 1.5 million documents relating to the agency’s surveillance programmes, including some that targeted US citizens.

The contractor in this case was named in a criminal complaint announced by the Justice Department on Wednesday as Harold Thomas Martin III. Mr Martin, who lives in Glen Burnie, Maryland – around 10 miles from the NSA’s Fort Meade headquarters – has been in custody since his arrest on 27 August, according to the Associated Press.

 The National Security Agency campus in Fort Meade, Md.

In a raid on his property that month, authorities searched Mr Martin’s home, two storage sheds and his car, reportedly finding highly classified information there in both physical documents and digital files. He was charged with theft of government property, and with the unauthorised removal or retention of classified documents. Some of the information was classified as “sensitive compartmented” a level higher even than “top secret”.

Mr Martin at first denied having taken the materials, but later admitted that “he knew what he had done was wrong,” the complaint stated. An unnamed administration official told theTimes that there is so far little indication that his actions were “politically motivated”, and that he may have taken the documents and digital files before Mr Snowden’s leaks.

The 51-year-old contractor is suspected of stealing the NSA’s “source code” used to break into the computer networks of rival powers such as Russia, China, Iran and North Korea. The news comes as Mr Snowden, who is currently living in Russia, has been arguing for a pardon from the US amid the release of Snowden, a film about his case by director Oliver Stone.

 

Edward Snowden

This is huge. Did the FBI secretly arrest the person behind the reports NSA sat on huge flaws in US products?http://www.nytimes.com/2016/10/06/us/nsa-leak-booz-allen-hamilton.html 

N.S.A. Contractor Arrested in Possible New Theft of Secrets

The F.B.I. is investigating whether Harold T. Martin III, a National Security Agency contractor, stole and disclosed highly classified computer code, officials said.

nytimes.com

The information allegedly stolen in this case could have been the source for a 2013 report by Der Spiegel about the agency’s top hacking unit, which was not attributed to Mr Snowden’s leaks. It might also be related to a recent dump of stolen data by a hacking group called the “Shadow Brokers”, which included source code traced to the NSA and built to break into secure networks, such as those created by US IT infrastructure firms including Cisco.

Related:

NSA Contractor Charged With Stealing Classified Secrets

October 5, 2016

Authorities charge Harold Thomas Martin with theft of government property and unauthorized removal of classified materials

Updated Oct. 5, 2016 3:40 p.m. ET

The Federal Bureau of Investigation arrested and has been holding a contractor for the National Security Agency on charges he stole top-secret documents, following a probe into how secret government hacking tools used against foreign countries became public,according to people familiar with the case.

Authorities unsealed court papers Wednesday charging Harold Thomas Martin, 51 years old, of Glen Burnie, Md., with theft of government property and unauthorized removal of classified materials. Mr. Martin, a former Navy officer, was arrested in late August, the court papers said, but the charges were kept under seal while the FBI continued to investigate.

READ MORE

Mr. Martin was an employee of Booz Allen Hamilton Holding Corp. working at the NSA.

Booz Allen is the same firm that once employed Edward Snowden, a former NSA contractor who leaked stolen records about the agency in 2013. The latest case is likely to raise fresh questions about the security of both the agency and one of its principal contractors.

In a statement, Booz Allen said it reached out to authorities after it learned of the arrest, and that it fired Mr. Martin.

Mr. Martin, a former surface warfare officer who left the Navy in 2000, has been in custody and couldn’t immediately be reached for comment.

Mr. Martin’s lawyer, Jim Wyda, said the charges “are mere allegations.…There is no evidence that Hal Martin intended to betray his country. What we do know is that Hal Martin loves his family and his country.” He added that Mr. Martin “has devoted his entire career to protecting America.”

White House spokesman Josh Earnest said President Barack Obama takes the case “quite seriously, and it is a good reminder for all of us with security clearances how important it is for all of us to protect national security information.”

The NSA is one of the government’s most secretive agencies. It is a division of the military that conducts espionage, protects the Pentagon’s computer networks and has some of the world’s most sophisticated computer hacking tools.

In August, the FBI began investigating the apparent leak of some of these tools that appeared to be NSA source code. Such tools are designed to help penetrate the computer networks of foreign nation adversaries like Russia and China.

During a search of Mr. Martin’s residence, agents found paper documents and digital drives that were labeled top secret, including six classified documents that were written in 2014, according to an affidavit filed in conjunction with his arrest.
“During execution of the warrants, Martin was not in custody, and voluntarily agreed to be interviewed by investigators,” the FBI affidavit said. “During the interview, Martin at first denied, and later when confronted with specific documents, admitted he took documents and digital files from his work assignment to his residence and vehicle that he knew were classified.”

The affidavit said many of the materials bore markings that indicated they were U.S. property and contained highly classified information.
The criminal complaint unsealed Wednesday doesn’t indicate whether Mr. Martin is cooperating with investigators, who are trying to determine why and how Mr. Martin allegedly had top-secret documents in his home and in his car. But people close to the case said there have been discussions between the two sides since his arrest.

Officials said Mr. Martin had top-secret clearance but wasn’t authorized or equipped to handle any classified information at his home.

The affidavit also said Mr. Martin made at least a partial confession. “Martin stated that he knew he did not have authorization to retain the materials at his residence or in his vehicle. Martin stated that he knew what he had done was wrong and that he should not have done it because he knew it was unauthorized,” the document said.

Officials wouldn’t immediately say what they believe his motives or intent was for taking the information, and investigators are still trying to answer some of those questions, according to people familiar with the case.

Mr. Martin’s LinkedIn page says has been a contractor and consultant for years, but he started a specialized project in July 2015 as a “technical advisor and investigator on offensive cyber issues.”

His description says he supports the Pentagon and intelligence community as a “cyber engineering advisor.” He also is a graduate student at the University of Maryland, Baltimore County, studying information systems, a spokeswoman at the school said. She said she couldn’t provide additional details.

U.S. programs that deal with offensive cyberweapons are considered some of the government’s most closely held secrets, of particular interest to foreign spies.

The arrest stems from a probe launched in August, when an entity calling itself Shadow Brokers claimed to have a large cache of files that appeared to be NSA spying tools and said it was looking to sell the information.

The files were believed stolen from an entity known as the Equation Group, which cybersecurity company Kaspersky Labs ZAO first identified last year. The Equation Group is believed to be closely linked to the NSA.

—Robert McMillan contributed to this article.

Write to Devlin Barrett at devlin.barrett@wsj.com and Damian Paletta at damian.paletta@wsj.com

http://www.wsj.com/articles/nsa-contractor-charged-with-stealing-classified-secrets-1475685852

*************************************

N.S.A. Contractor Arrested in Possible New Theft of Secrets

Russian hacks against the Democrats and the NSA expose the weaknesses of our democracy

August 20, 2016

Vladimir Putin examines a new presidential website in 2004. Credit Alexander Natruskin, Reuters

By David Blair
Chief Foreign Correspondent David Blair

The Telegraph

A capital city is paralysed by the failure of its electricity supply. A nuclear power station suffers meltdown. Banks go haywire and cash machines run dry. No one can have missed the nightmare scenarios associated with cyber-attacks and their potential to wreak havoc on a networked society.

“I completely rule out a possibility that the (Russian) government or the government bodies have been involved in this.”
Russian spokesman

But all the focus on these obvious camalities risks distracting us from what is actually happening. Instead of trying to inflict physical destruction or general mayhem, the signs are that the West’s most sophisticated adversaries are using their high-tech tools in more subtle and insidious ways.

Take Russia’s attempt to influence the US election campaign. The lengths to which the Kremlin is going to help Donald Trump and discredit Hillary Clinton are remarkable. The repeated hacks of the Democratic National Committee – which bear all the hallmarks of Russian intelligence – are designed to inflict maximum damage on Mrs Clinton, notably by driving as many wedges as possible between her and much of the Democratic party.

Donald Trump tries to clarify Hillary Clinton Second Amendment comment Donald Trump tries to clarify Hillary Clinton Second Amendment comment.

© Getty/AFP/File / by Rob Lever | Democratic presidential nominee former Secretary of State Hillary Clinton speaks during a campaign rally with democratic vice presidential nominee, US Sen. Tim Kaine (D-VA), in Philadelphia, Pennsylvania, on July 29, 2016

.

There was the deluge of 20,000 stolen emails, carefully released just before the Democratic convention, showing how senior party figures had tried to thwart the Bernie Sanders campaign. Then came the hacks of the Clinton Foundation, apparently designed to unearth damaging material on the candidate herself. Along the way, Russian hackers even established a fake fundraising website for Mrs Clinton’s campaign, designed to entrap ordinary Democrats into giving away login information and email addresses.

“Does [Sanders] believe in a God? He had skated on saying he has a Jewish heritage. I think I read he is an atheist. This could make several points difference with my peeps. My Southern Baptist peeps would draw a big difference between a Jew and an atheist.”
Brad Marshall, Democrat CFO

Political espionage targeted against candidates for high office is, of course, as old as the hills. The new twist in 2016 is how the information has been made public, with the obvious aim of tipping the balance of the election in favour of Mr Trump.

Then, this week, hackers calling themselves the “Shadow Brokers” claimed to have stolen digital tools used by the US National Security Agency to break into foreign computer networks. Experts think they are authentic, and while some believe the culprit is an NSA mole, others suspect Russian involvement. Again unusually, the tools were posted publicly online, suggesting that their aim was to discredit or embarrass their owners.

Democratic national CEO Amy Dacey was forced to step down due to leaked emails Credit: Andrew Burton/Getty

Behind all this lies one crucial imbalance. In any situation short of all-out war, a country like Russia is probably not going to launch sudden cyber attacks designed to knock out electricity supplies or disable banking systems. The reason is simple: Russia has power stations and banks that are just as vulnerable. When two adversaries are equally exposed, they will not do their worst for fear of the possible consequences. Equal vulnerability keeps all parties in check; when everyone lives in a greenhouse, no-one throws stones.

But there is one asymmetry that will never go away. America has free and fair elections; Russia does not. The Kremlin can do its best to turn the race for the White House upside down, safe in the knowledge that America cannot hit back in kind. After all, when your elections are as predictable and stage-managed as Russia’s, they are also proof against foreign manipulation. Who cares if a sudden cascade of leaked emails were to sweep Russia? Assuming he stands, the winner of the next presidential election in 2018 will be Vladimir Vladimirovich Putin.

Western countries are not going to abandon their habit of holding free and fair elections, so this imbalance is permanent. For as long as Russia remains an authoritarian state, meanwhile, Mr Putin will be able to target this vulnerability without fear of retribution.

And there are plenty of other openings for him to exploit. When Mr Putin sends Russian forces into action, he does not have to worry about such trifles as a vote in the country’s parliament. Today’s British MPs, by contrast, expect to have the final say whenever a Government tries to order any form of military action whatever. And experience suggests that even the flimsiest propaganda can influence a debate in the House of Commons.

“The Syrian rebels definitely had sarin gas, because they were caught with it by the Turkish Government”
George Galloway, 2013

A prime example was the vote on whether to strike Syria after Bashar al-Assad’s regime killed 1,400 people with poison gas in 2013. Russia’s propaganda line – endlessly debunked then and now – was that Assad had been framed and the rebels had actually carried out this attack. Many MPs who took part in that debate voiced doubts about the dictator’s culpability when, in truth, there was no reason for any doubt. It’s hard to avoid concluding that they were bamboozled by the disinformation and lies peddled in cyberspace, often by Russian outlets.

When a country holds genuine elections and allows free parliamentary debate on questions of war or peace, it lays itself open to manipulation of this kind. Russia, closed and authoritarian, is largely immune. There is no getting away from this asymmetry: the only defence is to be aware of the danger.

http://www.telegraph.co.uk/news/2016/08/20/russian-hacks-against-the-democrats-and-the-nsa-expose-the-weakn/

Related:

The Shadow Brokers promised that the auctioned material would contain 'cyber weapons' developed by the Equation Group, a hacking group that cyber security experts widely believe to be an arm of the NSA (file above)

The Shadow Brokers promised that the auctioned material would contain ‘cyber weapons’ developed by the Equation Group, a hacking group that cyber security experts widely believe to be an arm of the NSA (file above)

Shadow Brokers Hacking Group Auctions Stolen ‘Cyber-Weapons’ Used By American Intelligence — Linked to U.S. National Security Agency?

August 17, 2016

AFP

© AFP/File | Mysterious hackers calling themselves the “Shadow Brokers” leaked online what appears to be classified NSA computer code

WASHINGTON (AFP) – The US National Security Agency, which gained international notoriety in 2013 after Edward Snowden revealed its data snooping techniques, has itself become the target of an apparent data breach.

Mysterious hackers calling themselves the “Shadow Brokers” leaked online what appears to be classified NSA computer code.

Several security experts told US media the code appears genuine, and Snowden said “circumstantial evidence” pointed to Russian involvement.

As of Wednesday, the NSA still had not responded to multiple requests for comment.

The hackers over the weekend posted two sets of files, one that is freely accessible and another that remains encrypted.

The Shadow Brokers said they would release this additional information subject to raising 1 million Bitcoins — digital currency, in this case worth about $575 million — through an online auction.

According to the New York Times, much of the code was created to peer through the computer firewalls of foreign powers like Russia, China and Iran.

Such access would enable the NSA to plant malware in rivals’ systems and monitor — or even attack — their networks.

Whoever obtained the code would have had to break into NSA servers that store the files, the Times said.

Former NSA employees who worked at the agency’s hacking division known as Tailored Access Operations told the Washington Post the hack appeared genuine.

“Without a doubt, they’re the keys to the kingdom,” one former TAO employee told the Post.

“The stuff you’re talking about would undermine the security of a lot of major government and corporate networks both here and abroad,” the employee was quoted as saying.

Former NSA contractor Snowden, who has been living in Russia since leaking documents revealing the scope of the agency’s monitoring of private data, said the hack could be a warning to the United States after Democratic presidential nominee Hillary Clinton’s campaign accused Moscow of hacking into Democratic National Committee emails.

“7) Why did they do it? No one knows, but I suspect this is more diplomacy than intelligence, related to the escalation around the DNC hack,” Snowden said in a series of more than a dozen tweets about the Shadow Brokers hack.

“8) Circumstantial evidence and conventional wisdom indicates Russian responsibility. Here’s why that is significant:” he added, explaining that the hack could be an effort to influence US officials wondering how aggressively to respond to the DNC hack.

A website initially used by the group to publicize its hack had been taken down as of Wednesday morning.

Related:

Powerful NSA hacking tools have been revealed online — The Washington Post
https://www.washingtonpost.com/world/national-security/powerful-nsa-hacking-tools-have-been-revealed-online/2016/08/16/bce4f974-63c7-11e6-96c0-37533479f3f5_story.html

 (August 16, 2016 —

***************************

.

The Shadow Brokers promised that the auctioned material would contain 'cyber weapons' developed by the Equation Group, a hacking group that cyber security experts widely believe to be an arm of the NSA (file above)

The Shadow Brokers promised that the auctioned material would contain ‘cyber weapons’ developed by the Equation Group, a hacking group that cyber security experts widely believe to be an arm of the NSA (file above)

.

The Shadow Brokers said the programs they will auction will be ‘better than Stuxnet,’ a malicious computer worm widely attributed to the United States and Israel that sabotaged Iran’s nuclear program.

Reuters could not contact the Shadow Brokers or verify their assertions. Some experts who looked at the samples posted on Tumblr said they included programs that had previously been described and therefore were unlikely to cause major damage.

‘The data [released so far] appears to be relatively old; some of the programs have already been known for years,’ said researcher Claudio Guarnieri, and are unlikely ‘to cause any significant operational damage.’

Still, they appeared to be genuine tools that might work if flaws have not been addressed. The Tumblr blog has since been taken down.

Other security experts warned the posting could prove to be a hoax.

The group said interested parties had to send funds in advance of winning the auction via Bitcoin currency and would not get their money back if they lost.

The auction will end at an unspecified time, Shadow Brokers said, encouraging bidders to ‘keep bidding until we announce winner.’

Read more: http://www.dailymail.co.uk/news/article-3742416/Hacking-group-claims-offer-cyber-weapons-online-auction.html#ixzz4HbYvsnm9
Follow us: @MailOnline on Twitter | DailyMail on Facebook

.

***************************

‘Shadow Brokers’ Leak Raises Alarming Question: Was the N.S.A. Hacked?

The release on websites this week of what appears to be top-secret computer code that the National Security Agency has used to break into the networks of foreign governments and other espionage targets has caused deep concern inside American intelligence agencies, raising the question of whether America’s own elite operatives have been hacked and their methods revealed.

Most outside experts who examined the posts, by a group calling itself the Shadow Brokers, said they contained what appeared to be genuine samples of the code — though somewhat outdated — used in the production of the N.S.A.’s custom-built malware.

Read the rest:

Shadow Brokers to sell stolen surveillance tools “better than Stuxnet” — Possibly linked to U.S. National Security Agency

August 16, 2016
Hackers going by the name Shadow Brokers said on Monday they will auction stolen surveillance tools they say were used by a cyber group linked to the U.S. National Security Agency.
.
To arouse interest in the auction, the hackers released samples of programs they said could break into popular firewall software made by companies including Cisco Systems Inc, Juniper Networks Inc and Fortinet Inc.
.
The companies did not respond to request for comment, nor did the NSA.
.
.
Writing in imperfect English, the Shadow Brokers promised in postings on a Tumblr blog that the auctioned material would contain “cyber weapons” developed by the Equation Group, a hacking group that cyber security experts widely believe to be an arm of the NSA.
.
The Shadow Brokers said the programs they will auction will be “better than Stuxnet,” a malicious computer worm widely attributed to the United States and Israel that sabotaged Iran’s nuclear program.
Reuters could not contact the Shadow Brokers or verify their assertions. Some experts who looked at the samples posted on Tumblr said they included programs that had previously been described and therefore were unlikely to cause major damage.
.
“The data [released so far] appears to be relatively old; some of the programs have already been known for years,” said researcher Claudio Guarnieri, and are unlikely “to cause any significant operational damage.”
.
Still, they appeared to be genuine tools that might work if flaws have not been addressed. After examining the code released Monday, Matt Suiche, founder of UAE-based security startup Comae Technologies, concluded they looked like “could be used.”
.
Other security experts warned the posting could prove to be a hoax. The group said interested parties had to send funds in advance of winning the auction via Bitcoin currency and would not get their money back if they lost.
The auction will end at an unspecified time, Shadow Brokers said, encouraging bidders to “keep bidding until we announce winner.”