Showing posts with label Cyber. Show all posts
Showing posts with label Cyber. Show all posts

Tuesday, March 07, 2023

Oval Office Puppeteers Announce Formal Creation Of National Surveillance State

CTH  |  The “National Cybersecurity Strategy” aligns with, supports, and works in concert with a total U.S. surveillance system, where definitions of information are then applied to “cybersecurity” and communication vectors.  This policy is both a surveillance system and an information filtration prism where the government will decide what is information, disinformation, misinformation and malinformation, then act upon it.

In part, this appears to be a response to the revelations around government influence of social media, the Twitter Files.  Now we see the formalization of the intent. The government will be the arbiter of truth and cyber security, not the communication platforms or private companies.  This announcement puts the government in control.

All of the control systems previously assembled under the guise of the Dept of Homeland Security now become part of the online, digital national security apparatus. I simply cannot emphasis enough how dangerous this is, and the unspoken motive behind it; however, to the latter, you are part of a small select group who are capable of understanding what is in this announcement without me spelling it out.

Remember, we have already lost the judicial branch to the interests of the national security state.  All judicial determinations are now in deference to what is called broadly “national security,” and the only arbiter of what qualifies to be labeled as a national security interest is the same institutional system who hides the corruption and surveillance behind the label they apply.

We cannot fight our way through the complexity of what is being assembled, until the American People approach the big questions from the same baseline of understanding.  What is the root cause that created the system?  From there, this announcement takes on a more clarifying context – where we realize this is the formalization of the previously hidden process.

Barack Obama and Eric Holder did not create a weaponized DOJ and FBI; the institutions were already weaponized by the Patriot Act.  What Obama and Holder did was take the preexisting system and retool it, so the weapons of government only targeted one side of the political continuum.

This point is where many people understandably get confused.

Elevator Speech:

(1) The Patriot Act turned the intel surveillance radar from foreign searches for terrorists to domestic searches for terrorists.

(2) Obama/Biden then redefined what is a “terrorist” to include their political opposition.

Mainstream Interpretation Of The Whitehouse National Cybersecurity Strategy

Wired  |  In the endless fight to improve cybersecurity and encourage investment in digital defenses, some experts have a controversial suggestion. They say the only way to make companies take it seriously is to create real economic incentives—by making them legally liable if they have not taken adequate steps to secure their products and infrastructure. The last thing anyone wants is more liability, so the idea has never exploded in popularity, but a national cybersecurity strategy from the White House this week is giving the concept a prominent boost.

The long-awaited document proposes stronger cybersecurity protections and regulations for critical infrastructure, an expanded program to disrupt cybercriminal activity, and a focus on global cooperation. Many of these priorities are widely accepted and build on national strategies put out by past US administrations. But the Biden strategy expands significantly on the question of liability.

“We must begin to shift liability onto those entities that fail to take reasonable precautions to secure their software while recognizing that even the most advanced software security programs cannot prevent all vulnerabilities,” it says. “Companies that make software must have the freedom to innovate, but they must also be held liable when they fail to live up to the duty of care they owe consumers, businesses, or critical infrastructure providers.”

Publicizing the strategy is a way of making the White House's priorities clear, but it does not in itself mean that Congress will pass legislation to enact specific policies. With the release of the document, the Biden administration seems focused on promoting discussion about how to better handle liability as well as raising awareness about the stakes for individual Americans.

“Today, across the public and private sectors, we tend to devolve responsibility for cyber risk downwards. We ask individuals, small businesses, and local governments to shoulder a significant burden for defending us all. This isn’t just unfair, it’s ineffective,” acting national cyber director Kemba Walden told reporters on Thursday. “The biggest, most capable, and best-positioned actors in our digital ecosystem can and should shoulder a greater share of the burden for managing cyber risk and keeping us all safe. This strategy asks more of industry, but also commits more from the federal government.”

Jen Easterly, director of the US Cybersecurity and Infrastructure Security Agency, had a similar sentiment for an audience at Carnegie Mellon University earlier this week. “We often blame a company today that has a security breach because they didn’t patch a known vulnerability,” she said. “What about the manufacturer that produced the technology that required too many patches in the first place?”

The goal of shifting liability to large companies has certainly started a conversation, but all eyes are on the question of whether it will actually result in change. Chris Wysopal, founder and CTO of the application security firm Veracode, provided input to the Office of the National Cyber Director for the White House strategy.

“Regulation in this area is going to be complicated and tricky, but it can be powerful if done appropriately,” he says. Wysopal likens the concept of security liability laws to environmental regulations. “You can’t simply pollute and walk away; businesses will need to be prepared to clean up their mess.”

Friday, August 13, 2021

Covidstates Is An NSF Funded Multi-Institutional Network Propaganda Program

covidstates | Researchers from the COVID States Project developed an interactive dashboard to explore public behaviors during the COVID-19 pandemic, support for restrictive measures aimed at curbing the spread of the virus, and approval for state governors’ and the president’s handling of the pandemic.

The dashboard presents data from a series of large-scale monthly surveys with approximately 20,000-25,000 participants each. 

 

Users can engage with state and national data in the following ways:

 

Health Behaviors: This tab presents public health behaviors during the COVID-19 pandemic. It has three separate panels. The first shows core activities such as going to work, church, or the gym. The second shows whether respondents were in close proximity with people living outside their household. Finally, the third panel presents data on public adherence to health recommendations aimed at curtailing the spread of the pandemic. These recommendations include mask wearing, hand washing, avoiding contact with other people, and staying away from crowds and public spaces. Users can select their state of interest and the three panels will automatically update to reflect the selected state. 


Restrictive Measures: Restrictive Measures: The second tab presents data on public support for federal, state and local governments to implement restrictive measures meant to curtail the spread of the virus, such as limiting restaurants to carry-out service only or requiring businesses to close.


Executive Approval: This tab tracks public approval of state governors and the president. A vertical line indicates the transition from the Trump Administration to the Biden Administration on January 20, 2021. Prior to that point, presidential approval numbers refer to Donald Trump, while subsequent data points refer to Joe Biden. Users can select the state and the official (Governor/President) they would like to view.


Maps: This tab generates state-level choropleth maps for the data presented in the dashboard. The  tab contains two subpanels: one for health behavior and another for  restrictive measure support. Within each panel, users should also specify  the month that they are interested in viewing. Below these maps, users will find bar charts comparing the data from each state and ranking states in the context of the behavior or measure of interest. 


All graphics in this app can be downloaded in a PDF or PNG format using the “Download” buttons in the respective tab. Users who are interested in downloading the underlying data can find it in a CSV format at the bottom of the Overview tab.



Monday, April 26, 2021

Cyber Pandemic: Davos Reptilians Now Signaling Their Aims On Electronic Funds And Power Grids

weforum  |   The World Economic Forum’s Centre for Cybersecurity has created a community of security and technology leaders to identify future global risks from next-generation technology in order to avert a cyber pandemic.

What policies, practices and partnerships are needed to prevent such a cyber pandemic? This question was raised in sessions on Thursday 28 and Friday 29 January at the Davos Agenda 2021, featuring commentary from Check Point Software Technologies, Cloudflare, Fortinet, INTERPOL, Cyber Security Agency of Singapore and AustCyber.

The Forum has created Future Series: Cybercrime 2025, a joint program of work with the University of Oxford - Oxford Martin School, enabling organizations to share and develop research, insights and responses to future risks as a community.

The initiative convenes over 150 global experts from the world’s leading companies, research institutions and public-policy departments. Major collaborators include Palo Alto Networks, Mastercard and KPMG, and support from such institutions as Europol, ENISA and NIST.

The first findings and recommendations of the community’s work were recently published in the Cybersecurity emerging technology and systemic risk report.

The critical technology transformations on which future prosperity relies – ubiquitous connectivity, artificial intelligence, quantum computing and next-generation approaches to identity and access management – will not just be incremental challenges for the security community.

Unless action is taken now, by 2025 next-generation technology, on which the world will increasingly rely, has the potential to overwhelm the defences of the global security community.

Next-generation technologies have the potential to generate new risks for the world, and at this stage, their full impact is not well understood. There is an urgent need for collective action, policy intervention and improved accountability for government and business.

Without these interventions, it will be difficult to maintain integrity and trust in the emerging technology on which future global growth depends.

A Very Strange Thing Happened On The Internet

kentik  |  Last month, astute contributors to the NANOG listserv highlighted the oddity of massive amounts of DoD address space being announced by what appeared to be a shell company. While a BGP hijack was ruled out, the exact purpose was still unclear. Until yesterday when the Department of Defense provided an explanation to reporters from the Washington Post about this unusual internet development. Their statement said:

Defense Digital Service (DDS) authorized a pilot effort advertising DoD Internet Protocol (IP) space using Border Gateway Protocol (BGP). This pilot will assess, evaluate and prevent unauthorized use of DoD IP address space. Additionally, this pilot may identify potential vulnerabilities. This is one of DoD’s many efforts focused on continually improving our cyber posture and defense in response to advanced persistent threats. We are partnering throughout DoD to ensure potential vulnerabilities are mitigated.

I interpret this to mean that the objectives of this effort are twofold. First, to announce this address space to scare off any would-be squatters, and secondly, to collect a massive amount of background internet traffic for threat intelligence.

On the first point, there is a vast world of fraudulent BGP routing out there. As I’ve documented over the years, various types of bad actors use unrouted address space to bypass blocklists in order to send spam and other types of malicious traffic.

On the second, there is a lot of background noise that can be scooped up when announcing large ranges of IPv4 address space. A recent example is Cloudflare’s announcement of 1.1.1.0/24 and 1.0.0.0/24 in 2018.

For decades, internet routing operated with a widespread assumption that ASes didn’t route these prefixes on the internet (perhaps because they were canonical examples from networking textbooks). According to their blog post soon after the launch, Cloudflare received “~10Gbps of unsolicited background traffic” on their interfaces.

And that was just for 512 IPv4 addresses! Of course, those addresses were very special, but it stands to reason that 175 million IPv4 addresses will attract orders of magnitude more traffic. More misconfigured devices and networks that mistakenly assumed that all of this DoD address space would never see the light of day.

Conclusion

While today’s statement from the DoD answers some questions, much remains a mystery. Why did the DoD not just announce this address space themselves instead of directing an outside entity to use the AS of a long dormant email marketing firm? Why did it come to life in the final moments of the previous administration?

We likely won’t get all of the answers anytime soon, but we can certainly hope that the DoD uses the threat intel gleaned from the large amounts of background traffic for the benefit of everyone. Maybe they could come to a NANOG conference and present about the troves of erroneous traffic being sent their way.

Tuesday, April 20, 2021

Solarwinds Hack: NPR Publishes Thousands Of Words, Gives No Evidence, Yet Blames Russia...,

npr |  "This release includes bug fixes, increased stability and performance improvements."

The routine software update may be one of the most familiar and least understood parts of our digital lives. A pop-up window announces its arrival and all that is required of us is to plug everything in before bed. The next morning, rather like the shoemaker and the elves, our software is magically transformed.

Last spring, a Texas-based company called SolarWinds made one such software update available to its customers. It was supposed to provide the regular fare — bug fixes, performance enhancements — to the company's popular network management system, a software program called Orion that keeps a watchful eye on all the various components in a company's network. Customers simply had to log into the company's software development website, type a password and then wait for the update to land seamlessly onto their servers.

The routine update, it turns out, is no longer so routine.

Hackers believed to be directed by the Russian intelligence service, the SVR, used that routine software update to slip malicious code into Orion's software and then used it as a vehicle for a massive cyberattack against America. 

"Eighteen thousand [customers] was our best estimate of who may have downloaded the code between March and June of 2020," Sudhakar Ramakrishna, SolarWinds president and CEO, told NPR. "If you then take 18,000 and start sifting through it, the actual number of impacted customers is far less. We don't know the exact numbers. We are still conducting the investigation."

On Thursday, the Biden administration announced a roster of tough sanctions against Russia as part of what it characterized as the "seen and unseen" response to the SolarWinds breach. 

------------------------------------------------------------------------------------------------------------------------------

You have to click through to NPR to read its TLDR chindribble agitprop and entirely evidence-free Russian attribution. However, what little we saw and could opine about wrt that event is compiled right'chere with Whitney Webb's vastly more persuaive and internally consistent attribution to the Israeli IT company acquired by Solarwinds in 2019 SAManage.

Thursday, January 07, 2021

How Was The Security Of The Capitol Building Restored So Quickly After The "Breach"?

From an operational security perspective, consider that any one of the people who "invaded" the capital building yesterday could have been a foreign agent. They would have had the greatest opportunity to plant listening devices, radiological,chemical or biological weapons.
 
It would have been a great time to just scatter some ricin on the carpets or upholstery. While I was watching one of the big three networks yesterday doing live coverage I heard one of the reporters state that it would take a long time to sweep the building to make sure it was secure before they could let congress back in and that the earliest would be sometime the next day before they could resume.
 
Yet just 2 hours after the protesters were kicked out, the Senate was back in session. 

Now from an IT security perspective alone, it would take at least 24 hours to do a basic tempest security sweep of every single computer, printer, ethernet port, electrical outlet, telephone, etc., not including taking these devices apart and doing a visual inspection to ensure nothing untoward had been plugged in or surreptitiously added to the device.

No security officer would EVER allow congress to get back in session that quickly - not if the breach was real.

Fuck Robert Kagan And Would He Please Now Just Go Quietly Burn In Hell?

politico | The Washington Post on Friday announced it will no longer endorse presidential candidates, breaking decades of tradition in a...