Mediaboss Marketing

CNNs claiming Democratic and Republican sources for this, but even if its gospel truth, I cant imagine itll do Trump any (further) damage on Russiagate. WaPo first reported a few weeks ago that he asked DNI Dan Coats and NSA chief Mike Rogers to intervene with Comey to try to get the FBI to back off its Russia investigation. The idea that the president might have tried to enlist one part of the intelligence community to slow down a federal probe being conducted by another part is a serious charge.

But CNN doesnt repeat that charge. They claim that Coats and Rogers told Bob Mueller and the Senate Intel Committee behind closed doors (after their famous public testimony) that Trump asked them only to speak up publicly and affirm that theres no evidence that he personally colluded with Russia. If you strain hard, you can try to stretch that into some sort of obstruction ploy Comey had refused to clear Trump publicly, after all, because the FBI investigation was still ongoing but no average voter is going to fault Trump for feeling exasperated that his deputies wouldnt lift the cloud of suspicion over him if they had reason to believe hes been falsely accused. If they thought that he had colluded and then he asked him to lie and say that he hadnt, obviously that would be a different matter. But if all he was asking was for them to tell the exculpatory truth and if it really was a request, not a direct order then whats the red-letter scandal in his interactions with Coats and Rogers?

Coats and Rogers also met individually last week with the Senate intelligence committee in two closed briefings that were described to CNN by Democratic and Republican congressional sources. One source said that Trump wanted them to say publicly what then-FBI Director James Comey had told the President privately: that he was not under investigation for collusion. However, sources said that neither Coats nor Rogers raised concerns that Trump was pushing them to do something they did not want to do. They did not act on the Presidents alleged suggestion

One congressional source expressed frustration that Coats and Rogers didnt answer the questions in public, especially since what they ended up expressing in private was that they did not feel that the President pressured either of them to do anything improper.

Rogers interaction with the President is also documented in a memo written by his deputy at the NSA, Richard Ledgett.

Coats and Rogers each found Trumps request odd and uncomfortable, in CNNs words, but evidently neither believed he crossed a line. And theres no claim here that he ordered or even asked them to lean on Comey on his behalf. He wanted them to clear his name after having been told repeatedly by Comey that he wasnt personally a target of the FBI investigation. That may not have been proper protocol but everyone can sympathize with the impulse.

By the way, tomorrows the deadline for the White House to turn over any Oval Office recordings of Trump and Comey. If Trump ignores it, whats the House Intel Committees next move?

[E]ven with a subpoena, the panel stands little chance of actually compelling Trump to turn over anything he doesnt voluntarily want to produce, according to legal experts, setting lawmakers up for a high-stakes choice: Let it go, and look like they are giving the president a pass; or pursue the subpoena, and risk exposing the legislative branchs weakness in the midst of a historic probe of the president

There are exemptions for federal officials claiming executive privilege on behalf of the president and no figure in the White House is closer to the president than than the president himself. Congress can try to circumvent that hurdle by passing what is known as a contempt resolution ordering the matter to a court but against a Republican president, that is a tall order in a GOP-led Congress.

The best-case scenario for the Committee is that they somehow get Paul Ryan to go along with a contempt resolution and the court battle over whether executive privilege entitles Trump to withhold any recordings drags on for years. That is to say, this is less a matter of squeezing evidence out of Trump than it is a test of Republican loyalty to the president. Will they challenge him by issuing a subpoena, knowing that if they win in court, the audio could further damage Trumps presidency and their own electoral chances, or will they roll over by refusing to issue a subpoena, leaving potential evidence of obstruction untouched? Theres going to be a court fight over the tapes between Mueller and the White House eventually, I assume. Maybe thatll be the House GOPs out: If Muellers going to take this on, why do we have to get in the middle of it?

The likeliest outcome here, actually, will be the White House declaring tomorrow that there are no tapes of Trump and Comey. Newt Gingrich hinted to the AP in an interview that he thinks Trumps tweet about Oval Office tapes was a bluff, designed to rattle a political enemy much as Trumps foray into Birtherism was designed to rattle Obama. Well see.

Read more here:
Report: DNI, NSA chief told Mueller that Trump asked them to say publicly that there was no collusion with Russia - Hot Air

The WCry ransomware worm has struck again, this time prompting Honda Company to halt production in one of its Japan-based factories after finding infections in a broad swath of its computer networks, according to media reports.

Honda officials didn't explain why engineers found WCry in their networks 37 days after the kill switch was activated. One possibility is that engineers had mistakenly blocked access to the kill-switch domain. That would have caused the WCry exploit to proceed as normal, as it did in the 12 or so hours before the domain was registered. Another possibility is that theWCry traces in Honda's networks were old and dormant, and the shutdown of the Sayama plant was only a precautionary measure. In any event, the discovery strongly suggests that as of Monday, computers inside the Honda network had yet to install a highly critical patch thatMicrosoft released in March.

In May, it was hard to excuse so many companies not yet applying a two-month-old patch to critical systems that were vulnerable to advanced NSA exploit code put into the public domain. The failure is even harder to forgive five weeks later, now that WCry's wake of destruction has come into full view.

View post:
Honda shuts down factory after finding NSA-derived Wcry in its networks - Ars Technica

Despite attempts to bolster security at the NSA following Edward Snowden's leaks, a new report indicates gaps remain.

A number of initiatives to strengthen security were mandated at the National Security Agency (NSA) following the leaks by Edward Snowden of 1.5 million documents, but implementation of those procedures lacked teeth, according to a report by the Department of Defense (DoD).

The 61-page report from the DoD's inspector general on the NSA's putting into practice of the Secure-the-Net (STN) initiative, faults the agency and, as security intelligence expert Christopher Burgess, writing for Sophos's Naked Security blog puts it, "the only image one can conjure up is that of the Katzenjammer Kids running amok."

Once the insider risk was presented by Snowden's leaks, the STN initiative was put into place offering 40 recommendations focused on insider threats to NSA systems, data and infrastructure.

Among that group of 40, seven directives specifically addressed secure network access, protect against insider threats and provide increased oversight of the personnel with privileged access.

The seven STN initiatives were:

The report from the DoD examined the NSA's progress in putting these seven recommendations into place, based on its study between January and July 2016 of four facilities.

The DoD report, acquired by The New York Times under a FOIA request, "takes the NSA to the woodshed," Burgess wrote. While the NSA did attempt to implement the recommendations, it failed to do an effective job in carrying out implementation, Burgess said.

The NSA only partially got some operations in place, the report explained. One example regarded two-factor authentication, which was implemented for system administrators but not for others with credentials for privileged access (which was how Snowden was able to exfiltrate data).

Perhaps even more critical, the report found that the NSA could not determine who had elevated access privileges. In light of Snowden's actions and then the later acquisition by the Shadow Brokers of NSA materials, there is lax security within the agency, the DoD report stated.

The tightening up of its operations was the intent of the STN initiatives. While Burgess, a former CIA operations officer, said some good resulted primarily an insider threat program initiated at all facilities insiders are still capable of harvesting NSA data, as evidenced by the arrest in May of Reality Winner, another NSA contractor, who used her privileged access to remove NSA material regarding Russian interference in the U.S. presidential election and then provided it to the media.

"Reality Winner did not have need-to-know access," Burgess told SC Media on Wednesday. He pointed to one of the recommendations included in the seven STN initiatives: Oversee privileged user activities. Winner had privileged access, Burgess explained, but had no need to know about Russian meddling in the presidential election.

"Had monitoring activity been in place," Burgess said, "she would have been detected."

Clearly, Burgess concluded, some tweaking is still needed to the NSA's STN program to plug insiders' capabilities.

Original post:
DoD faults NSA for lax security implementations, Sophos report - SC Magazine

After reading through the 61 pages of redacted content of the August 2016 DOD Inspector Generals report on the National Security Agencys (NSA) implementation of the Secure-the-Net initiative, acquired by The New York Times via a Freedom of Information Act (FOIA) request, the only image one can conjure up is that of the Katzenjammer Kids running amok.

The NSA data protection (or lack thereof) was thrust into the spotlight when Edward Snowden, then a contractor in Hawaii, purloined 1.5m documents. How Snowden carried out his massive data collection is interesting, as he used his natural access and then conned his colleagues into giving up their internal access credentials in his role as the system admin. In the months that followed there were no shortage of opinions on how the NSA could or should tighten up its ship.

The Secure-the-Net (STN) initiative was launched post-Snowden, which included 40 specific recommendations focused on insider threats to NSA systems, data, and infrastructure. Seven of those recommendations were designed to secure network access, protect against insider threats and provide increased oversight of the personnel with privileged access.

The seven STN initiatives were:

The Department of Defense (DOD) report reviewed the NSAs progress on tightening up its ship with respect to the seven STN recommendations. The audit was conducted at four facilities between January and July of 2016.

The DOD report takes the NSA to the woodshed. Not because the NSA didnt attempt to implement, but rather, because they did a half-ass job in the implementation.

The reports scorching verbiage surrounds this partial implementation of the recommendations: for example, the

NSA did not effectively implement the three privileged access related STN initiatives because it did not develop an STN strategy that detailed a structured framework and methodology to implement the initiatives and measure completeness.

For example, with respect to two-factor authentication (2FA), the NSA implemented it for system admins, but not for those with privileged access. It is well documented how Snowden bypassed the then presentprivileged access controls and conned his colleagues into giving him their credentials which he then went on to use to expand his access.

A 2FA requirement would have required the owner of the credentials to have been participatory in Snowdens use of their credentials. NSA implementation as described in the report shows how they opted to leave open the very window that Snowden climbed through to harvest the data he stole.

Furthermore, the report goes on to chastise the NSA for not having a clue about how many individuals had privileged access in 2014, nor in 2016, and nor could the NSA document how the purge/pruning had been carried out. That meant the inspection team couldnt find out exactly how many people had privileged access.

While focus has largely been on the trusted insider gone bad, Edward Snowden, the Shadow Brokers acquisition of NSAs Office of Tailored Access Operations (TAO)collection tools compromise clearly indicates a need by the NSA to continue to place their focus on locking down their own house.

How the TAO compromise occurred remains a mystery. It could have been an insider (contractor or staff) or it might have been a result of the contractor alleged to have built the exposed tools, the Equation Group, having themselves been hacked. Coincidentally, the inspector general report was published the week after the Shadow Brokers offered the TAO tools for auction. An active August 2016 indeed.

But what of the NSA contractor Harold Martin, another NSA insider?Martin, who worked for Booz Allen Hamilton, he was found to have hoarded up to 50 terabytes of NSA information. The indictment on Martin was sealed until October 2016, but he was arrested on 27 August 2016, yes two days prior to the arrival of the inspectors general report. August 2016 was truly a busy month in the world of espionage and counterespionage.

Is it hard to catch an insider?Yes, it is. If the individual does not exceed their natural access, process and procedures, they will be difficult to detect, and while it is safe to say that 100% is not achievable, there are steps which can be taken to secure the environment to bring the risk as close to zero as possible. This was the intent of the STN.

Has there been any good to come out of the STN? Absolutely, the National Industrial Security Program of the United States, marshaled by the Defense Security Service, has brought into play their mandatory insider threat program at all cleared facilities and contractors. These programs became mandatory on June 1 2017.

One might recall the recent arrest of NSA contractor, Reality Winner, also a contractor from Booz Allen Hamilton, who took a highly classified document assessing and discussing the Russian military intelligence entitys (the GRU) hand in meddling in the US election. Winner, using her privileged access, printed out the report, and then mailed it to a media outlet. Once the NSA saw the document, they quickly determined who had had access, who had printed the document and then who had had contact with a media outlet.

What they apparently werent able to do was to determine how and why Winner had privileged access to information to information about which she had no need to know.

One could argue this rapid-fire capability used to identify Winner would not have been present without the STN initiatives. On the other hand, one might surmise the privileged access portion of NSAs STN program continues to need tweaking.

Link:
NSA failed to implement security measures, says damning report - Naked Security

A declassified report from the Defense Department Inspector General has been released, according to the New York Times.

The 60-page report commissioned by Congress assesses 7 of the 40 components that the National Security Agency outlined for their Secure the Net initiative. This initiative was put forth to help improve the security of sensitive systems after the Snowden disclosures in 2013.

The NSA, according to the inspector generals report, had some successes, but the overall initiative did not fully meet the intent of decreasing the risk of insider threats to NSA operations and the ability of insiders to exfiltrate data.

According to the Times, the report details how their efforts fell short, including the failure to reduce the number of privileged users who can access sensitive computer systems; their failure to consistently keep data center machine rooms secure, as well as failing to lock the server racks containing highly classified data; and the failure to fully implement software that would monitor users.

The report also noted the agencys failure to declare an exact number of people with abilities to transfer data. The lists containing this information were kept on spreadsheets that were corrupted and are no longer available.

The inspector generals report noted that NSA CIO Gregory Smithberger told the inspector general that the elimination of all insider risks and threats is not feasible. He told the Times, While the media leak events that led to Secure the Net (STN) were both unforeseen and serious, we consider the extensive progress we made in a short time to be a good news story.

The importance of securing classified information, as the report warns, was underscored the same month the inspector generals report was produced, according to the Times. In August 2016, a group called the Shadow Brokers obtained and auctioned off classified hacking tools allegedly from the NSA some of which were dumped online. Those tools were later seen as part of the global WannaCry ransomware attack.

We welcome the observations and opportunities for improvement offered by the U.S. Defense Departments Inspector General, Vanee Vines, spokesperson for the NSA told the Times. NSA has never stopped seeking and implementing ways to strengthen both security policies and internal controls.

Read this article:
Secure the Net initiative found to be an overall failure for NSA - Federal Times