Mediaboss Marketing

Last week, word began to spread that the Trump administration was considering granting new powers to U.S. Cyber Command. Lolita Baldor of the Associated Press had the scoop, discussing two related but separate steps under consideration: first, to elevate U.S. Cyber Command to the status of a unified command and second, to break the current dual-hat arrangement with the National Security Agency (NSA), whereby the commander of U.S. Cyber Command is the same individual as the director of the NSA.

It is worth noting, however, four things: First, these two steps (elevation and separation) have been under consideration for years. Second, there were good reasons at the time why the Obama administration didnt act on them. Third, elevation and separation should, in theory, operationally empower U.S. Cyber Command, but in practice Cyber Command may ironically find itself with less capability to offer. And finally, Cyber Command has already quietly amassed non-operational power and authority within the Department of Defense, making it one of the most independent commands, second only to the U.S. Special Operations Command. As such, while this weekends news is a good sign of the continued maturation of Cyber Command (and the acknowledgment of that maturation by the White House), theres less here than meets the eye.

Lets review Cyber Commands origins and its assigned missions before tackling the news. (Please accept my apologies in advance for some acronym salad.) For the short-story long, see chapter 8 of Playing to the Edge by Michael Hayden and the early parts of Jay Healeys Fierce Domain. Long-story short, the NSA had been the nations leading signals intelligence agency for decades. But after 9/11, as new opportunities emerged to create effects against adversaries during declared hostilities, Pentagon leadership became uncomfortable with the notion that the intelligence missions of collection and analysis would be conducted by the same organization that would disrupt or degrade, even destroy, targets through cyber-attacks during an armed conflict. In 2002, U.S. Strategic Command was given responsibility for cyberspace, and two little-known subordinate organizations emerged to manage it: Joint Task Force-Global Network Operations (JTF-GNO) would handle guarding the Defense Departments networks while Joint Functional Component Command-Network Warfare (JFCC-NW) would be responsible for missions wed think of as offense. Because there was so much overlap between the NSA and the emerging JFCC-NW, the Department of Defense created the dual-hat by making the NSA director (then Hayden) the commander of JFCC-NW. As the threats to the Department of Defense in cyberspace increased throughout the 2000s, Secretary of Defense Robert Gates consolidated JTF-GNO and JFCC-NW under a new U.S. Cyber Command in 2010, but it was still subordinate to U.S. Strategic Command and still dual-hatted with the NSA director. Thats more or less where we find ourselves today.

Since then, U.S. Cyber Command has been charged with three missions: defend the Defense Departments networks and systems, provide offensive support to other commands in the event of a contingency, and defend the nation from a cyber-attack of significant consequence (less than two percent of incidents would qualify as significant).

Advocates of more autonomy and authority for U.S. Cyber Command have often bemoaned its subordinate status to U.S. Strategic Command. The theory is that having to work through Strategic Command slows down operational approval, coordination, or whatever else needs to happen. Based on my experience in the Cyber Policy office of the Office of the Secretary of Defense, I am of the view that a stove-piped Joint Staff had more to do with delays and miscommunication than anything else; nor could I ever find a function Cyber Command might be asked to execute that could only be performed by a full, unified command (like Strategic Command) but not by a sub-unified command (like Cyber Command). We looked at this several times during the last administration: If the secretary of defense wanted the sub-unified command to execute, they could and would. It wasnt a problem, so elevating the command wasnt necessary. So, while I dont think there are any big wins to be had by the recent news about the Trump administration wanting to elevate Cyber Command, I dont think it hurts to do it either. And it might not ultimately be up to the White House: The 2017 NDAA requires the administration to elevate Cyber Command.

Breaking the dual-hatted relationship with the NSA is more complicated. There are very good reasons why JFCC-NW was born with the NSA as its commander, as there is a lot of overlap between the organizations. This overlap is intuitive to those whove worked in the business, but hard to explain in brief here. Ill just quote Hayden on this point: [I]n the cyber domain the technical and operational aspects of defense, espionage, and cyberattack are frankly indistinguishable they are all the same thing. Its obviously more complicated than this, but at a high level, I think this was the rationale.

There were studies undertaken about the implications of breaking the dual-hat before the Snowden affair, but his disclosures forced policymakers to confront the issue head-on. At that time, it was thought that breaking the dual-hat could improve perceptions about privacy and civil liberties at the NSA, but in December 2013 the Obama administration decided to maintain the arrangement. Senior leaders felt it was too soon to separate Cyber Command. Its readiness and resources were growing but insufficient, and it was still too reliant on NSA talent and services for its missions.

Working with the two organizations, I found that the relationship between the two was akin to a mix between hostage-taking and Stockholm syndrome except each organization kept mixing up which was the hostage and which was the hostage-taker. One day, U.S. Cyber Command would demand NSA support due to the latters responsibility as a combat support agency. The next day, the command would cave and say that NSA had other, more important priorities. And NSA too would resist a request from Cyber Command, then embrace it, and then fight it. The overlap and dependence was that tight.

For that reason, among others, I understand the argument about needing to separate Cyber Command from NSA so that the former can pursue its missions (especially to defend the nation and to support other commands) with greater independence from signals intelligence. But theres a risk here that would be dangerous to miss: When Cyber Command needs NSA support, the fact that its the same person in charge of both organization can break what might otherwise be a log-jam. Splitting the dual-hat could result in the NSA isolating itself and refocusing on its own core missions (the collection of signals intelligence and providing information assurance) while minimizing its support to Cyber Command.

Just because there are risks does not mean the Trump administration should leave the current arrangement in place. The question is not whether, but when and how, to break the dual-hat. One priority for the White House and Secretary Mattis will be to have a clear understanding with the new NSA director (who may well be a civilian for the first time) about how he or she sees the relationship with Cyber Command, and then how the administration monitors the relationship to ensure the NSA doesnt abandon Cyber Command outright.

The selection of who will next lead Cyber Command will also be a priority. Someone like the current commander of Army Cyber Command, Lt. Gen. Paul Nakasone, is an ideal candidate: He has years of experience in the cyber effects business, time in the Pentagon and the field, and he understands the roles of civilians, fellow military officers, and senior political types. Another name thats been floated is Lt. Gen. William Mayville, currently the Director of the Joint Staff. His time as the Joint Staffs chief information officer and with Joint Special Operations Command would make him a strong leader for Cyber Command as well.

The good news for the future of the U.S. militarys cyber operations is that, regardless of whether or not Cyber Command is elevated as a unified command or separated from the NSA, Congress has quietly been empowering Cyber Command with greater authorities and independence through legislation. My colleague Charley Snyder and I assessed all the additional powers conferred in the 2017 NDAA over at Lawfare, but Id like to single out the authority related to requirements: Being able to set its own requirements for the conduct of cyber operations, as well as validating the requirements of other defense components, matters more than this bland bureaucratic language might suggest. With the independent acquisition authority Congress gave it in a previous NDAA, Cyber Command can now accelerate acquisition and procurement to keep up with new requirements without the usual deliberations chaired by the Joint Staff. Special Operations Command is the only other military outfit with that kind of freedom, and it makes a big difference.

But the big question will be this: Regardless of these crucial authorities and any new command arrangements, what will Cyber Commands role be in protecting the country from threats like Russian information operations? Maybe its time we get away from using cyber as the description of what needs to be done, and instead think about what an Information Warfare Command would look like. How should the United States wage such a fight, and how should it protect itself? I am pleased the Trump administration is considering organizational changes to support a higher profile for cyber operations, but we really need answers to these bigger policy questions.

Michael Sulmeyer is the Director of the Cyber Security Project at the Harvard Kennedy Schools Belfer Center for Science and International Affairs. He also served in the Office of the Secretary of Defense, Cyber Policy, from 2012-2015. Follow him on Twitter @SultanOfCyber.

Image:Airman 1st Class Christopher Maldonado/Shaw Air Force Base

Originally posted here:
Much Ado About Nothing? Cyber Command and the NSA - War on the Rocks

Former National Security Adviser Susan Rice

In the waning days of the Obama administration, bureaucrats ensconced in their posh Washington offices were resting in the prospect ofa Hillary Clinton victory that would protectObamas legacy and their positions.

But then-National Security Adviser Susan Rice may have had some doubts. Or maybe she was just curious. Or maybe there was another motive. Regardless,she unmasked a number of Trump campaign individuals who were caught up in various federal surveillance tactics.

That means they were recorded talking on the phone or meeting with someone who was under surveillance by the Obama administration.

Normally, the identity of American citizens in such situations is withheld.

But not so in this case. In fact, Rice gave the identifications to the National Security Council, the Defense Department, the Director of National intelligence Office and the CIA, according to media reports citing illegal leaks.

Its been part of the flood of leaks of secret or protected information bythe Obama-leaning Washington bureaucracy, dubbed by some as the deep state, apparently in an effort to undermine the agenda of the president chosenby American voters.

Now theres an organization that thinks the people should know what went on who did the surveillance, who unmasked the names of American citizensand who spread the names around Washington.

What to todays top authors have to say about Washington? Find out at the WND Superstore in Socialism: A Clear and Present Danger, Throw Them All Out, Inside the Beltway, Capitol Punishment and many more.

The American Center for Law and Justice has sued the National Security Agency for refusing to respond to itsquestions submitted under the Freedom of Information Act.

ACLJsaid the lawsuit seeks to enforce its demandsfor government records that will shed light on the Susan Rice unmasking scandal that rocked the intelligence community.

The questions were submitted under FOIA, but the NSA has refused to follow the law.

Fox News explained the big picture: Susan Rice, former national security adviser under then-President Barack Obama, requested to unmask the names of Trump transition officials caught up in surveillance. The unmasked names, of people associated with Donald Trump, were then sent to all those at the National Security Council, some at the Defense Department, then-Director of National Intelligence James Clapper and then-CIA Director John Brennan essentially, the officials at the top, including former Rice deputy Ben Rhodes.

TheACLJ said the only way we even know about the Obama administrations apparent politically motivated unmasking is because this raw intelligence information classified national security secrets was illegally leaked to the media.

Its formal request asked for records pertaining to any and all requests former National Security Adviser Susan Rice made to National Security Agency officials or personnel regarding the unmasking of the names and/or any other personal identifying information of then candidate and/or President-elect Donald J. Trump, his family, staff, transition team members, and/or advisers who were incidentally caught up in U.S. electronic surveillance.

The request was acknowledged by the NSA and even granted expedited processing status.

But the answers never came.

So we filed a critical lawsuit and we will force the NSA to answer to a federal court for its blatant disregard for the law, ACLJ announced.

It is seeking an order to release any and all non-exempt records.

This is not our first time weve taken the NSA to federal court, ACLJ explained. We filed a lawsuit earlier this year to force the NSA to produce government records that could expose the people and purposes behind the Obama administrations eleventh hour rule change that dramatically expanded access to raw signal intelligence signed by the Obama administration officials on their way out the door.

It was these changes that have [led] to an unprecedented avalanche of dangerous national security leaks, the group explained.

The deep state shadow government bureaucracy must not be allowed to endanger the national security of the American people as it carries out a vicious vendetta against the current administration.

The lawsuit states, Plaintiff is being irreparably harmed by reason of defendants unlawful withholding of requested records, and plaintiff will continue to be irreparably harmed unless defendant is compelled to conform their conduct to the requirements of the law.

WND reported only weeks ago that some of the key documentation may be under lock and key now and kept their for five years at the former presidents library.

It was another watchdog on government, Judicial Watch, that said its National Security Council denied Freedom of Information Act requests for documents related to Rices alleged unmasking of the identities of any U.S. citizens associated with the Trump presidential campaign or transition team.

The NSC said the documents have been transferred to the Barack Obama Presidential Library, while pointedly adding you should be aware that under the Presidential Records Act, presidential records remain closed to the public for five years after an administration has left office.

It was unclear what was in the statement and what that would mean for the members of Congress who are investigating, the FBI, or even special counsel Robert Mueller.

The Wall Street Journal reportedthe House Intelligence Committee issued seven subpoenas recently, a sign that its investigation into alleged Russian meddling in the 2016 election is ramping up in scope and intensity.

Three of the subpoenas specifically addressed how and why the names of associates of President Donald Trump were unredacted and distributed within classified reports by Obama administration officials during the transition between administrations.

Back in April, WND reported Rice, speaking to MSNBC, did not deny unmasking the names of Trump associates.

She implicitly acknowledged and explicitly defended unmasking: It was not uncommon. It was necessary at times to make those requests.

But weeks earlier, speaking to PBS, Rice denied any knowledge of such unmasking after it was revealed by House Intelligence Committee Chairman Devin Nunes, R-Calif.

She told PBS, I know nothing about this and, I was surprised to see reports from Chairman Nunes on that count today.

What to todays top authors have to say about Washington? Find out at the WND Superstore in Socialism: A Clear and Present Danger, Throw Them All Out, Inside the Beltway, Capitol Punishment and many more.

Read the original here:
NSA sued for details of 'unmasking' skullduggery - WND.com

Recent NSA exploits were partially responsible for multiple major ransomware outbreaks. In most cases, these NSA exploits could only be leveraged against older versions of the Windows operating system. It now appears that a security researcher has successfully made the ETERNALSYNERGY exploit applicable to newer versions of the popular OS. If researchers canmake this happen, criminals couldcertainly do so as well.

The NSA has built many different exploits to take advantage of weakened protocol found in the Windows operating system. In most cases, these exploits relate to the SMB protocol, which can be exposed to external connections. Ever since the Shadow Brokers unveiled these exploits to the public, we have seen multiple global ransomware campaigns leveraging them. WannaCry is just one of those examples.

ETERNALSYNERGY is one of the NSA exploits exposed by The Shadow Brokers several months ago. At the time of this reveal, thisexploit would only work on older versions of the Windows operating system. All versions up to and including Windows 8 were prone to this SMB exploit. Most security-aware computer users have switched to newer versions of the operating system, but there are plenty of vulnerable machines running older Windows versions right now.

Microsoft has always claimed that the technique used by ETERNALSYNERGY would not work with newer versions of Windows due to several security improvements found in the Windows kernel. Unfortunately, that does not appear to be the case any longer. Worawit Wang, a Thai security researcher, has successfully ported the exploit to newer versions ofWindows. Theported version targets the exact same vulnerabilityusing a different technique.

The new ETERNALSYNERGY exploit will not crash a Windows system. This exploit affects a long list of Windows versions, including Windows 8.1, Windows 2016, and many others. Users of Windows 10remain safe from harm for the time being, but that could change.

About75% of all Windows PCs in the world are now vulnerable to this new attack. These vulnerable computers are actually susceptible to three different exploits, including the original ETERNALSYNERGY and ETERNALROMANCE. Some form of solution needs to be found before more damage is done. Protecting ones computer should be onestop priority, and upgrading to Windows 10 seems to be the best course of action.

Wang also made his own exploit public, which couldhave some interesting consequences. There is also a step-by-step guide on how people can leverage this exploit against vulnerable computers. Any user not implementing the MS17-010 security update soon will remain vulnerable to these attacks. It will be interesting to see if more NSA exploits will be ported to Windows 10 in the future.

Continue reading here:
Security Researcher Publishes NSA Exploit Capable of Affecting Newer Windows Versions - The Merkle

Thursday 20 July 2017 10:00

Plans to release wild cats into parts of the British countryside have sparked a row between the National Sheep Association and conservation body, the Lynx UK Trust.

The conservation group has applied to Natural England and Scottish Natural Heritage for a licence to release six cats into Kielder Forest, Northumberland.

But the NSA initially slammed the plans over potential attacks on lambs and environmental concerns.

See also: Wild lynx plan not possible under current law NSA

NSA chief executive Phil Stocker said: Clearly NSA is opposed to lynx because of the predatory threat the species pose to sheep.

And the NSA does not believe we have enough largescale, suitable habitat to support the minimum population of 250 lynx that is needed for true genetic sustainability.

He added: Animal welfare and disease biosecurity, as well as unconsidered changes in ecology if we were to see pastoral farming decline, also present huge problems.

We stand to lose the beauty of an area like Kielder if farming, grazing and human activity cannot continue as it has done for centuries in this area.

The NSA has since added claims that the trusts consultation process was flawed and misleading.

The NSAs view is [Lynx UK Trust] has made inconsistent efforts to publicise meetings. In my mind, if lynx were to be released in Kielder, the opinions of people living and earning from that area should carry far greater weight than those of someone living 300 miles away.

It is the local people that are the real stakeholders, Mr Stocker said.

He also slated the method of the planned reintroduction.

It is almost inconceivable that once released the lynx would ever be removed and therefore we dont accept this is a pilot project, it is a release.

But the Lynx UK Trust has hit back with a robust defence of its plans.

A spokesman for the trust said: Studies show that each lynx will only kill 0.4 lambs per year. That means the six lynx which we hope to release will account for 2.4 lambs across the entire UK flock.

The spokesman said that figure was dwarfed by the number of lambs lost through infection and exposure each year.

He also rebuffed claims that the lynx population would swell to 250.

The release of 20 lynx in Germany in 2000 has resulted in a population of just 100 animals. Using that as a basis for calculation, the six we hope to release would take 40-50 years to reach the same number seen in Germany.

It is also important to point out that the lynx would not remain in Kielder but would spread across thousands of square miles of southern Scotland and the north of England.

He also firmly rejected the NSA claim that the consultation process was flawed.

Instead he insisted that the trust had followed guidelines on consultation process and had deliberately targeted local villages and businesses.

We knocked on every single door in Kielder village and have received 130 questionnaires back from people in the area.

We also published plans on social media and in the local press, highlighting meetings with businesses and farmers.

The spokesman said that they had pressed home the message that rather than a significant threat, the lynx would increase ecotourism in the area and give a reduction in foxes leading to a net decrease in livestock attacks.

We believe the lynx is a potential benefit to farmers and ask people to learn more about the animal before making any judgements, he said.

More here:
NSA and wildlife group clash over lynx release plans - FarmersWeekly

The idea of a hostile country hijacking computers deep inside the United States sounds frightening. But is it really so different from what countriesincluding the U.S.have always done in the name of espionage?

That was a question posed to Gen. Keith Alexander, a former director of the NSA, at Fortune's Brainstorm Tech conference on Tuesday in Aspen, Colo.

Alexander responded by saying there's a clear distinction between countries using computers to spy and to attack.

"Its intent. Cyber war is to inflict damage while spying is to learn secrets," he said, adding that every nation engages in cyber-spying.

As a examples of computer activity that rises to the level of cyber war, Alexander pointed to the alleged attack on Sony by North Korea, and to attacks in Ukraine aimed at the company's economy and infrastructure.

Get Data Sheet , Fortunes technology newsletter.

The distinction between spying and cyber war is important since the latter has the potential to trigger military retaliation, or invoke responses under treaties like NATO, while espionage is considered less serious.

Nations are going to test us in cyber space," said Alexander without elaborating as to whether recent hacking activities directed at the U.S. approach the level of war.

Alexander and others on the panel also discussed what the United States should do to protect itself against cyber attacks. According to Oren Falkowitz, the CEO of an anti-phishing service called Area 1 security, a lot of this responsibility should fall to the private sector.

Its just not the role of the government to protect everyone in this country, he said, explaining that businesses should be responsible for securing their own networks unless critical infrastructure is involved.

Falkowitz also downplayed the cyber threat posed by new technologies like artificial intelligence, stating that 95% of all hacks begin with phishing, so there is no reason for hackers to pursue more exotic AI-based tactics.

Gen. Alexander, who now heads a company called IronNet Cybersecurity, was less sanguine about the AI threat.

As countries look to cyber as an element of national power, theyll turn to AI and other new tech," he warned.

Meanwhile, another U.S. company is having considerable success in using an unorthodox techniquepaying hackersto protect companies from cyber attacks. The company, HackerOne, runs programs called "bug bounties" that involve inviting a large network of friendly hackers to attempt to break into a company's network, and then rewarding them if they are successful.

The bug bounty programs have proved so successful that even the U.S. military is using them. Last year, the military paid HackerOne to run a program called "Hack the Pentagon" that flushed out numerous computer vulnerabilities.

Go here to see the original:
Spying or Cyber War? How to Tell the Difference - Fortune