Mediaboss Marketing

The National Security Agency is amongst the most secretive of the US intelligence agencies. It employs genius-level coders and mathematicians in order to break codes, gather information on adversaries, and defend the country against digital threats.

Unsurprisingly, the NSA has always to preferred to work in the dark. But ever since the Snowden leaks in 2013, the organization has gradually increased its public presence. A few years ago, it opened a Twitter account (in fact, it was the first profile Edward Snowden followed when he joined in 2015).

And now, its opened a Github account, and has shared several interesting code repositories under the NSA Technology Transfer Program (TTP). So far, it lists 32 different projects, although some of these are coming soon. Many arent new, either, and have been available for some time. SELinux (Security-Enhanced Linux) for example, has been part of the Linux kernel for years.

Im not surprised the NSAs taken this move. For starters, theres a long and proud tradition of technologies making their way from defense and intelligence environments to the general public. The internet is a brilliant example of that. And engaging with techies via Github is a great way to sanitize its image, and potentially recruit talent.

You can check out the NSAs page here.

Continued here:
The NSA (yes, that NSA) has a Github account now - TNW

After a leaked National Security Agency document alleged Russian operatives attempted to hack into a Florida voter polling software company used by Humboldt County in the 2016 presidential election, California Secretary of State Alex Padilla sent a letter to the federal agency Thursday questioning why the state was not notified earlier.

As the chief elections officer in the most populous state in the nation, I am seriously concerned about the NSAs failure to provide timely and critical information to Americas elections officials, Padilla wrote to NSA Director Admiral Michael Rogers. ... We must be prepared and remain vigilant. Proper preparation requires clear and consistent collaboration among federal, state, and local officials. The NSA cannot afford to sit on critical information that could be used to defend against cyber-attacks.

The five-page classified National Security Agency memo from May that was leaked to the news website The Intercept stated Russias military intelligence unit, the GRU, hacked into the Florida-based voting software company, VR Systems, in August 2016. VR Systems provided voter polling software to Hart InterCivic, which the Humboldt County Elections Office contracted with to provide voter e-polling software.

County officials said that there is no evidence that the hacking attempts were successful or that Humboldt County was a target, and that the e-polling software is not involved in vote counting.

Humboldt County is the only county in the state that contracted through VR Systems, according to the Governors Office of Emergency Services.

The Office of Emergency Services and Secretary of States Office offered aid to the county last week to bolster its cyber-security systems, but County Clerk, Recorder and Registrar of Voters Kelly Sanders and Information Technology Division Director Jim Storm said they are confident in the protections already in place.

Yes, [the Secretary of State] did some preliminary checks looking at known email addresses, Storm said to the Times-Standard last week. There was no evidence that we were hacked or anything like that.

Will Houston can be reached at 707-441-0504.

Advertisement

Original post:
Secretary of state expresses 'serious concern' with NSA after hacking document leaked - Eureka Times Standard

New York Times

Post-Snowden Efforts to Secure NSA Data Fell Short, Report Says New York Times The N.S.A. failed to consistently lock racks of servers storing highly classified data and to secure data center machine rooms, according to the report, an investigation by the Defense Department's inspector general completed in 2016. The report was ...

See original here:
Post-Snowden Efforts to Secure NSA Data Fell Short, Report Says - New York Times

A pair of senior U.S. senators is pressing the Trump administration for information about how the Augusta woman at the center of the National Security Agency leak investigation was screened for her security clearance.

Senate Homeland Security and Governmental Affairs Committee Chairman Ron Johnson, R-Wisconsin, and Ranking Member Clair McCaskill, a Missouri Democrat, sent seven questions about Reality Leigh Winner and the governments vetting process to the Office of Personnel Management this week.

Among other things, the senators want to know which federal agency initially screened Winner and when, when her clearance was last reinvestigated and whether those screenings were done by federal employees or contractors? They also want to know the size of the governments current backlog of security clearance reinvestigations.

Winner worked as a federal contractor at a U.S. government agency in Georgia between February and June and had a top-secret security clearance. A federal grand jury has indicted her on a single count of "willful retention and transmission of national defense information for allegedly leaking to the news media a classified NSA report on Russias meddling in the U.S. election system. Before she was indicted, Winner spent months unleashing a tirade of social media posts calling President Donald Trump, among other things, an "orange fascist."

Winner faces up to 10 years in prison and $250,000 in fines, plus up to three years of supervised release and a $100 special assessment. She has pleaded not guilty to the charge. Her next court hearing is set for June 27 in Augusta. TMZ recently publishedvideo of her exercising in an outdoor area of the Lincoln County Jail,wheresheisbeingdetained.

Ms. Winner allegedly chose to put Americans and our national security at risk when she leaked classified materials, Johnson said in a joint statement with McCaskill. It is my hope that OPM will do a thorough review of her security clearance, and determine if it was granted appropriately.

McCaskill said: The leaking of classified information jeopardizes our national security. We need to determine if Ms. Winners security clearance process was handled correctly or if we missed any red flags.

The Office of Personnel Management had no immediate comment Friday.

Gary Davis and Billie Winner-Davis, stepfather and mother of Reality Leigh Winner, spoke to The Atlanta Journal-Constitution about their daughter. Video by Hyosub Shin/AJC. Hyosub Shin/AJC

View original post here:
Senators seek answers about accused NSA leaker's security ... - Atlanta Journal Constitution

Do we have a voting system we can trust, that is accurate, secure and just? This question, raised by the 2016 multi-state recount effort, is roaring back at us louder than ever after the Intercepts publication last week of a leaked National Security Agency report documenting with unprecedented detail a hacking scheme targeting components of the U.S. voting system.

The NSA report shows how the hack first used a spear phishing attack in August on the employees of a company producing voter registration software. Information from that hack was then used in a second phishing email about a week before the election targeting over 100 government employees, presumably local election officials, as the Intercept put it, to trick [them] into opening Microsoft Word documents invisibly tainted with potent malware that could give hackers full control over the infected computers.

Some cybersecurity experts presume the hack was exploratory rather than an actual attack, given the short time until the election. Still, this remains unproven, and the leaked NSA report raises disturbing questions. In particular, how far did this particular hack penetrate into the election system? Were there other successful hacks into the 2016 election? And can we trust our election results going forward?

Todays voting system is a sprawling network of hardware, software and local election officials that integrate voter registration, electronic voting, tabulating vote totals, and reporting these results to precinct, county, state and national centers that compile final vote results.

As voting-security expert Alex Halderman stated in the Intercept article, I would worry about whether an attacker who could compromise the poll book vendor might be able to use software updates ... to also infect the election management system that programs the voting machines themselves. Once you do that, you can cause the voting machine to create fraudulent counts.

The bottom line is this: The voting machines and software must be examined in order to conclude that the vote has not been hacked, and to protect our elections going forward. This was the demand made by the 2016 recount effort. The imperative to do so now is stronger than ever. In fact, the universe of investigation should be expanded, based on this report, to include hardware and software involved in vote tabulation and reporting, as well as voting machines themselves.

The integrity of our elections is paramount. The issue transcends partisan politics. We are all harmed by corruption of our elections and the cynicism it breeds, contributing to the loss of confidence in our political system expressed by 90 percent of Americans according to an AP/NORC poll last year. Hacking is just one part of the problem. Elections are likewise degraded by racially-biased voter suppression, the control of big money and big media over our elections, the suppression of independent and third party voices in debates and media and more. A vote we can believe in is the bedrock foundation of a functioning democracy, as Judge Mark Goldsmith noted in the initial ruling to proceed with the Michigan recount. That bedrock has gone missing.

The urgent need to respond to the NSA revelations of election hacking must not be lost beneath the outrage and political controversy over alleged Russian responsibility for the attack. Fortunately, we don't need to settle the debate over who hacked into our election system in order to proceed urgently to safeguard our elections. In fact, we must protect our elections from all potential interference, whether from foreign state actors, domestic political partisans, gangster networks, lone wolves or private corporations, including companies who control the voting software.

In any event, identifying and punishing the perpetrator/s will not make our future votes secure. Truly solving the problem of hacking may well require the resumption of a long-stalled effort to create an international treaty on cyberwarfare. Perhaps, as Microsoft President Brad Smith suggests, its time for a Geneva Convention on Cybersecurity.

In the meantime, future, and no doubt current, hacking into our election system can and must be stopped by adopting common sense safeguards long advocated by the election integrity movement and advanced by the recount effort. We must end the use of hack-friendly, error-prone electronic voting machines, and revert to hand-marked paper ballots, ideally counted by hand or by optical scanners carefully monitored by cross-checking against paper ballots (a process known as statistical audits). Hand recounts of the paper ballots should be readily available whenever elections are very close, or when legitimate concerns are raised about hacking, corruption or error at any level of the system. These safeguards must be in place in time to secure the 2018 elections.

A vote we can trust must not only be accurate and secure. It must also be just and true to the promise of democracy. That means we must guarantee the unimpeded right to vote and end racist voter suppression schemes that cost millions of Americans the right to vote, including voter ID laws, felon disenfranchisement, and Interstate Crosscheck. It means ending discrimination against alternative parties and independents in getting on the ballot, in the debates and in the media. It means getting big money out of our elections, and enacting improved voting systems like ranked choice voting and proportional representation that give voters the freedom to vote their values instead of their fears. Fixing our broken, unjust election system is no less urgent than fixing hackable electronic voting.

In this age of unprecedented converging crises of our economy, ecology, peace and democracy, we cannot wait to build the America we deserve. To do so, we need a voting system we can trust.

Dr. Stein was the 2016 Green Party Presidential candidate who initiated a multi-state recount effort backed by leading election integrity experts, largely due to concerns about the security of our voting system that are extremely topical in light of recent revelations.

Read the original post:
OPINION: Leaked NSA report rings alarm sounded by 2016 election recount - The Hill (blog)