Mediaboss Marketing

The idea of a hostile country hijacking computers deep inside the United States sounds frightening. But is it really so different from what countriesincluding the U.S.have always done in the name of espionage?

That was a question posed to Gen. Keith Alexander, a former director of the NSA, at Fortune's Brainstorm Tech conference on Tuesday in Aspen, Colo.

Alexander responded by saying there's a clear distinction between countries using computers to spy and to attack.

"Its intent. Cyber war is to inflict damage while spying is to learn secrets," he said, adding that every nation engages in cyber-spying.

As a examples of computer activity that rises to the level of cyber war, Alexander pointed to the alleged attack on Sony by North Korea, and to attacks in Ukraine aimed at the company's economy and infrastructure.

Get Data Sheet , Fortunes technology newsletter.

The distinction between spying and cyber war is important since the latter has the potential to trigger military retaliation, or invoke responses under treaties like NATO, while espionage is considered less serious.

Nations are going to test us in cyber space," said Alexander without elaborating as to whether recent hacking activities directed at the U.S. approach the level of war.

Alexander and others on the panel also discussed what the United States should do to protect itself against cyber attacks. According to Oren Falkowitz, the CEO of an anti-phishing service called Area 1 security, a lot of this responsibility should fall to the private sector.

Its just not the role of the government to protect everyone in this country, he said, explaining that businesses should be responsible for securing their own networks unless critical infrastructure is involved.

Falkowitz also downplayed the cyber threat posed by new technologies like artificial intelligence, stating that 95% of all hacks begin with phishing, so there is no reason for hackers to pursue more exotic AI-based tactics.

Gen. Alexander, who now heads a company called IronNet Cybersecurity, was less sanguine about the AI threat.

As countries look to cyber as an element of national power, theyll turn to AI and other new tech," he warned.

Meanwhile, another U.S. company is having considerable success in using an unorthodox techniquepaying hackersto protect companies from cyber attacks. The company, HackerOne, runs programs called "bug bounties" that involve inviting a large network of friendly hackers to attempt to break into a company's network, and then rewarding them if they are successful.

The bug bounty programs have proved so successful that even the U.S. military is using them. Last year, the military paid HackerOne to run a program called "Hack the Pentagon" that flushed out numerous computer vulnerabilities.

Go here to see the original:
Spying or Cyber War? How to Tell the Difference - Fortune

Today, the American Center for Law and Justice (ACLJ) just filed its second lawsuit against the National Security Agency (NSA).

We made lawful demands for government records that will shed light on the Susan Rice unmasking scandal that rocked the intelligence community. The NSA failed to comply with the law. So, today, we took the NSA to federal court.

Heres what Fox News reported back in April:

Susan Rice, former national security adviser under then-President Barack Obama, requested to unmask the names of Trump transition officials caught up in surveillance. The unmasked names, of people associated with Donald Trump, were then sent to all those at the National Security Council, some at the Defense Department, then-Director of National Intelligence James Clapper and then-CIA Director John Brennan essentially, the officials at the top, including former Rice deputy Ben Rhodes.

The only way we even know about the Obama Administrations apparent politically motivated unmasking is because this raw intelligence information - classified national security secrets - was illegally leaked to the media.

The ACLJ went to work in our effort bring these secret and unlawful actions to the forefront. Our Government Accountability Project prepared a series of Freedom of Information Act (FOIA) requests designed to get to the bottom of this disturbing revelation.

Our FOIA Request sought:

records pertaining to any and all requests former National Security Advisor Susan Rice made to National Security Agency (NSA) officials or personnel regarding the unmasking of the names and/or any other personal identifying information of then candidate and/or President-elect Donald J. Trump, his family, staff, transition team members, and/or advisors who were incidentally caught up in U.S. electronic surveillance.

The NSA acknowledged our FOIA request and even granted expedited processing which means the NSA acknowledged the time-sensitive urgency behind our requests. But, even though expedited processing means the NSA is bound to process the request faster than other requests, we have heard nothing from them since.

So, today, we filed a critical lawsuit and we will force the NSA to answer to a federal court for its blatant disregard for the law. Among other things, we asked the Court for [a]n Order enjoining Defendant from continuing to withhold any and all non-exempt records responsive to Plaintiffs FOIA request.

This is not our first time weve taken the NSA to federal court. We filed a lawsuit earlier this year to force the NSA to produce government records that could expose the people and purposes behind the Obama Administrations eleventh hour rule change that dramatically expanded access to raw signal intelligence signed by the Obama Administration officials on their way out the door. It was these changes that have lead to an unprecedented avalanche of dangerous national security leaks.

Both of these lawsuits are part of our ongoing effort to aggressively combat the dangerous national security leaks that have been plaguing the federal government. The deep state shadow government bureaucracy must not be allowed to endanger the national security of the American people as it carries out a vicious vendetta against the current Administration. We will not stop fighting until we defeat and expose the shadow government leaks.

You can be part of our effort. We need your voice. Sign our petition today.

Excerpt from:
ACLJ Files Federal Lawsuit Against NSA Whatever it Takes to Get to the Bottom of the Dangerous Susan Rice ... - American Center for Law and Justice...

After a long debate, the United States is reportedly moving forward with plans to separate its military-focused Cyber Command branch from the National Security Agency. The changes could be announced in the coming weeks, according to the Associated Press.

The two roles have caused tension

Since Cyber Commands 2009 inception, it has been under the same command as the NSA, but the two operate in different ways: Cyber Command has focused on digital warfare, while the NSA has focused on electronic intelligence gathering. According to the AP, those two roles have caused tension, especially in the battle against ISIS.

Under a new division of authority, Army Lt. Gen. William Mayville would reportedly be nominated to lead Cyber Command, replacing Admiral Michael Rogers, who also leads the NSA. Leadership of the NSA could be turned over to a civilian, according to the AP.

Last year, then-Defense Secretary Ash Carter reportedly sent a plan to President Obama proposing the split, and it seems the Trump administration is prepared to move ahead with those plans. The mechanics of the split including what the AP describes as Cyber Commands reliance on the NSA are still reportedly being worked out.

See the rest here:
The US is reportedly close to separating military-focused Cyber Command from the NSA - The Verge

COLUMBUS, Ga. In what may be a first for Georgia, Columbus State University is partnering with the Muscogee County School District on a National Security Agency (NSA) grant to develop and implement a course in cybersecurity education specifically designed for middle school students.

The $50,000 NSA grant allows CSUs TSYS School of Computer Science and its developing TSYS Center for Cybersecurity to work with Rothschild Middle School Leadership Academy to develop and implement a course in cybersecurity education specifically designed for 7th and 8th grade middle school students.

We do not think that a cybersecurity curriculum of this magnitude has been attempted at the middle school level in Georgia, said Tom Hackett, chair of CSUs Department of Counseling, Foundations, and Leadership and executive director P-12/University Partnerships. This STEM project is expected to raise interest in cybersecurity and will encourage students to continue learning about cybersecurity, a field very much in-demand by todays workforce.

The course will be structured on the National Security Agency (NSA) Cybersecurity First Principles but will be broken down into age-specific topics understandable by 7th- and 8th-grade students, Hackett said. The NSA Cybersecurity First principles include: domain separation, process isolation, resource encapsulation, least privilege, modularity, layering, abstraction, data hiding, simplicity and minimization.

He said the course will facilitate a learner-centered classroom with numerous hands-on exercises that provide opportunities for middle school students to apply their newly gained knowledge of cybersecurity education.

This program is just one example of what will be many developing partnerships between the Muscogee County School District (MCSD) and Columbus State University. Hackett, CSU President Chris Markwood and MCSD Superintendent David Lewis are working on more ways to develop programs and education goals to benefit P-12 students, university students and the local businesses that will be hiring these graduates.

We are proud of this unique partnership with CSU and excited for the opportunities it will afford our students as they begin exploration in this high-demand field, said David F. Lewis, superintendent of the Muscogee County School District.

About 140 7th and 8th grade students at Rothschild Middle School will have the appropriate prerequisite to take the year-long elective course on cybersecurity education during the 2017-2018 school year.

Whether you are 6 or 60 years old, cybersecurity is important to us all, said Wayne Summers, professor and Distinguished Chairperson of CSUs TSYS School of Computer Science. By teaching the elements of cybersecurity in middle school, we will encourage safe computing practice as well as expand the pool of candidates for future cybersecurity professionals. Based on a comprehensive study supported by the National Initiative for Cybersecurity Education, there are nearly 13,000 cybersecurity job openings in Georgia and nearly 350,000 openings nationally.

The TSYS School of Computer Science, its TSYS Center for Cybersecurity and Muscogee County School District will ensure the cybersecurity education course will provide age-appropriate and performance based cybersecurity education in a safe environment for middle school students and will meet Georgia curriculum standards.

Hackett said the course curriculum will be available for download on the projects website and the course can be replicated in other middle schools across the nation.

The Rothschild teacher developing this falls course to be called Business Principles & Computer Science is enrolled at CSU this summer in the Information Security course in the TSYS School of Computer Science, which is designated by NSA as a National Center of Academic Excellence in Information Assurance Education. Additionally, CSU is part of a consortium of seven University System of Georgia (USG) institutions to develop the USGs capabilities in IT and cyber security as well as significantly increase the number of IT and cyber security industry qualified graduates coming from USG institutions.

Visit link:
CSU Partners with School District to Earn NSA Grant for Middle School Cybersecurity Education - Colombus State News

An undated aerial handout photo shows the National Security Agency headquarters building in Fort Meade, Maryland. Photo by NSA via Reuters

WASHINGTON After months of delay, the Trump administration is finalizing plans to revamp the nations military command for defensive and offensive cyber operations in hopes of intensifying Americas ability to wage cyberwar against the Islamic State group and other foes, according to U.S. officials.

Under the plans, U.S. Cyber Command would eventually be split off from the intelligence-focused National Security Agency.

Details are still being worked out, but officials say they expect a decision and announcement in the coming weeks. The officials werent authorized to speak publicly on the matter so requested anonymity.

The goal, they said, is to give U.S. Cyber Command more autonomy, freeing it from any constraints that stem from working alongside the NSA, which is responsible for monitoring and collecting telephone, internet and other intelligence data from around the world a responsibility that can sometimes clash with military operations against enemy forces.

Making cyber an independent military command will put the fight in digital space on the same footing as more traditional realms of battle on land, in the air, at sea and in space. The move reflects the escalating threat of cyberattacks and intrusions from other nation states, terrorist groups and hackers, and comes as the U.S. faces ever-widening fears about Russian hacking following Moscows efforts to meddle in the 2016 American election.

The U.S. has long operated quietly in cyberspace, using it to collect information, disrupt enemy networks and aid conventional military missions. But as other nations and foes expand their use of cyberspying and attacks, the U.S. is determined to improve its ability to incorporate cyber operations into its everyday warfighting.

Experts said the command will need time to find its footing.

Right now I think its inevitable, but its on a very slow glide path, said Jim Lewis, a cybersecurity expert with the Center for Strategic and International Studies. But, he added, A new entity is not going to be able to duplicate NSAs capabilities.

The NSA, for examples, has 300 of the countrys leading mathematicians and a gigantic super computer, Lewis said. Things like this are hard to duplicate.

He added, however, that over time, the U.S. has increasingly used cyber as a tactical weapon, bolstering the argument for separating it from the NSA.

The two highly secretive organizations, based at Fort Meade, Maryland, have been under the same four-star commander since Cyber Commands creation in 2009.

But the Defense Department has been agitating for a separation, perceiving the NSA and intelligence community as resistant to more aggressive cyberwarfare, particularly after the Islamic States transformation in recent years from an obscure insurgent force into an organization holding significant territory across Iraq and Syria and with a worldwide recruiting network.

While the military wanted to attack IS networks, intelligence objectives prioritized gathering information from them, according to U.S. officials familiar with the debate. They werent authorized to discuss internal deliberations publicly and requested anonymity.

Then-Defense Secretary Ash Carter sent a plan to President Barack Obama last year to make Cyber Command an independent military headquarters and break it away from the NSA, believing that the agencys desire to collect intelligence was at times preventing the military from eliminating IS ability to raise money, inspire attacks and command its widely dispersed network of fighters.

Carter, at the time, also pushed for the ouster of Adm. Mike Rogers, who still heads both bodies. The Pentagon, he warned, was losing the war in the cyber domain, focusing on cyberthreats from nations such as Iran, Russia and China, rather than on countering the communications and propaganda campaigns of internet-savvy insurgents.

Officials also grew alarmed by the growing number of cyberattacks against the U.S. government, including several serious, high-level Defense Department breaches that occurred under Rogers watch.

NSA is truly an intelligence-collection organization, said Lauren Fish, a research associate with the Center for a New American Security. It should be collecting information, writing reports on it. Cyber Command is meant to be an organization that uses tools to have military operational effect.

After President Donald Trumps inauguration, officials said Defense Secretary Jim Mattis endorsed much of the plan. But debate over details has dragged on for months.

Its unclear how fast the Cyber Command will break off on its own. Some officials believe the new command isnt battle-ready, given its current reliance on the NSAs expertise, staff and equipment. That effort will require the department to continue to attract and retain cyber experts.

Cyber Command was created in 2009 by the Obama administration to address threats of cyber espionage and other attacks. It was set up as a sub-unit under U.S. Strategic Command to coordinate the Pentagons ability to conduct cyberwarfare and to defend its own networks, including those that are used by combat forces in battle.

Officials originally said the new cyber effort would likely involve hundreds, rather than thousands, of new employees.

Since then, the command has grown to more than 700 military and civilian employees. The military services also have their own cyber units, with a goal of having 133 fully operational teams with as many as 6,200 personnel.

Its proposed budget for next year is $647 million. Rogers told Congress in May that represents a 16 percent increase over this years budget to cover costs associated with building the cyber force, fighting IS and becoming an independent command.

Under the new plan being forwarded by the Pentagon to the White House, officials said Army Lt. Gen. William Mayville would be nominated to lead Cyber Command. Leadership of the NSA could be turned over to a civilian.

Mayville is currently the director of the militarys joint staff and has extensive experience as a combat-hardened commander. He deployed to both Iraq and Afghanistan, leading the 173rd Airborne Brigade when it made its assault into Iraq in March 2003 and later heading coalition operations in eastern Afghanistan.

See more here:
US to create the independent US Cyber Command, split off from NSA - PBS NewsHour