Mediaboss Marketing

Investigative reporter James Risen has been covering American intelligence agenciesthe CIA and the NSA, among otherssince the 1990s. Now hes written The Last Honest Man, a biography of Frank Church, the late senator from Idaho who risked his career to bring those agencies to heel. In the mid-1970s, Church chaired the Senates first investigation into the American intelligence community, which uncovered astonishing abuses of power: plots to assassinate foreign leaders, warrantless surveillance of Americans, and the FBIs harassment of Martin Luther King Jr., for example. The Church Committees work led to significant reforms.

Like Church, Risen has tangled with the intelligence community in the course of his investigations. In 2006, he won a Pulitzer Prize for revealing the existence of the NSAs post-9/11 domestic-spying program, stirring a national civil-liberties firestorm. That same year, his book State of War enraged the US government by including the story of a bungled CIA operation against Iran. Prosecutors later opened a leak investigation into Risens source, believing that a former CIA officer had illegally provided him with classified information. (For seven years, Risen refused to reveal his source, and finally the government gave up.) We spoke with Risenwho lives in Montgomery County and currently works for the Interceptabout the legacy of Frank Church, the current state of the intelligence community, and how he protects sensitive sources.

Church had been radicalized by the Vietnam War. He saw Vietnam as a symptom of a larger problem that the United States was becoming too militaristicthis warmongering and mercenary imperialism. He was probably the first major politician to call out that America was becoming a militaristic empire. And very frequently, he compared what the United States was doing to what the Soviets were doing in Eastern Europe, which was incredibly dangerous for an American politician at that time. That led him to want to run the Church Committee, because he believed that the CIA was at the center of these immoral things the United States was doing.

I think the mass surveillance. The NSA found ways around FISA [the Foreign Intelligence Surveillance Act, passed in the wake of the Church Committee]. FISA was always flawed, but then it was not sufficiently updated in the age of the internet and social media and cell phones and everything. And the updates that have come have actually weakened it, even though theyre supposed to be in the name of protecting American privacy. So I think thats the main thing.

The other thing is that after 9/11, the CIA began to become much more of a paramilitary organizationtoday its more of an extension of the Pentagon. Its involved in targeted killing with drones. That was all new after 9/11, and there was no real pushback, either from Congress or from regulations in place. So I think the paramilitary role of the CIA and the expansion of NSA surveillance are the two that are the most urgent.

I think its hilarious. These Republicans are using the Church Committee name, but theyre using it in vainthey dont know what theyre talking about. You have Trump saying, Oh, the CIA is out to get me, theres a deep state. Theres this cabal of people in the intelligence community who want to overthrow the government. And so it became this weird conspiracy theory that a lot of Republicans now buy into. Unfortunately for them, the facts dont back that up.

The Democrats are now kind of trying to be the adults in the roomwhich Im glad somebody isbut as a result, theyre not willing to criticize the military or the intelligence community very much. So its a very different atmosphere than in the 70s, when the Church Committee came. Now the problem is that theres not a great constituency for [reform].

Its really hard. You have to learn to stay off electronic communications as much as possible. If you have to have electronic communications, just keep it to the first time you meet somebody: Tell them where you want to meet and then dont say anything else. I would meet somebody, and then at the end of the conversation we would agree on when and where to meet the next time. If either of us had to change, we would mail a letter anonymously to each other.

Never put anything after that first introduction on electronic communication. Never use credit cards. And always meet somewhere really remote. Theres no perfect way to avoid the FBI or electronic surveillance, but those are the best things you can do.

Yeah, absolutely. That was a big part of itpeople in the government have said that the reason for these leak investigations is to have a chilling effect. And it hasits made it much harder to do national-security reporting. I was just telling somebody a funny story the other day: I had this one longtime source in the middle of all this investigation who wouldnt talk to me anymore, wouldnt answer his phone. So I decided to go knock on his door in DC without warning. He opened the door and turned white looking at me. He looked out to see if anybody else was there, and then he pulled me in and said, Follow me. I followed him through the house, back to the kitchen. Then he opened the back kitchen door and looked out and said, Go. So I had to leave. He just walked me through the house, through the back door, to his alley.

He didnt say anything.

It is hard. Covering the CIA is, like, 90 percent figuring out who you should talk to and the logistics of meeting them and getting them to talk, and then 10 percent writing stories. But theres all kinds of tricks you can do [to develop sources]. Theres a whole network of retired CIA officers, so I started trying to meet with people who had just retired, and then they would tell me a story and I would write the story, and they would think it was balanced and fair. So then they would tell somebody else, Okay, you can talk to this guy. You slowly build a network of all these people.

One way I met somebody was doing a book signing. This CIA employee got in line. When they got up to me, they leaned over and told me they wanted to meet. They became a source. You never can tell how its going to happen.

The government will always say that some report in the press was horribly damaging, but thats never true. I dont think theres ever been a newspaper story that damaged American national security, because by the time we find out about stuff, theres so many other people who already know it. And we dont print things that would really put American personnel in harms way. During the Iraq or Afghan war, the really important secret is, like, where an American convoy is going to be in 15 minutes, which would let somebody plant an IED. Thats not ever going to be in the press.

What we write about are policy disagreements. There was a huge policy debate going on over the NSA spying program. What we revealed was that this program existed, that it was illegal and unconstitutional, and that a lot of people in the government knew that. I think they lose credibility with these over-the-top claims that the press harms national security. But thats one problem we have as reportersits so easy to make us look like were traitors or evil or something, when all were doing is revealing what the American public should know.

This interview has been edited and condensed.This article appears in the May 2023 issue of Washingtonian.

Join the conversation!

Continue reading here:
James Risen on Reining In the CIA - Washingtonian

I spent almost all of last weeks 2023 RSA Conference (RSAC) on the show floor as a technical asset, which has been my usual role for many years.

It was very clear that the pandemic was still affecting overall attendance in show attendees and in how vendors approach the show.As usual, there were a range of vendors from mature incumbent companies that have been fixtures for many years to small startups that were making their first appearance at RSAC. Even with the recent financial uncertainty, the attitude in general remains positive. While there have been a lot of layoffs in the tech sector overall, cybersecurity remains a priority for many organizations and the lack of qualified technical talent remains an issue.

One of the major topics of discussion at the show was artificial intelligence. There were several technical sessions that delved into the promise and challenges of AI technology, while there were a lot of conversations on the show floor about the subject as well. Its a hot topic and it doesnt seem like the hype will quiet down any time soon.

AI and machine learning have been factors in security products for many years, with various levels of emphasis versus actual effectiveness, but the ChatGPT conversation being the interface thats caught the publics imagination has taken center stage. Its a different conversation than in previous years where it felt like AI or machine learning were just buzzwords that were added more for marketing purposes than as a functional part of the product. MLwasa functional part of a lot of products, but it wasnt as powerful as it was often promised.

Now, numerous vendors mentioned that they were exploring how they could incorporate generative AI into their products, or how it was already on the roadmap. Though, at this point, I found that very few vendors had anything specific to show. The consensus was that generative AI can offer multiple benefits in the cybersecurity world, but were still having to figure out exactly where and how it will fit into our security stacks.

In talking to people from a range of specialties, industries, and technical capacities, there was some frustration with trying to pick the valid benefits and threats out of the media hype cycle. To paraphrase, the most common take I heard was that it could give some real advantages in triage as a kind of Intelligent SOC Assistant, and for helping with education and dealing with common security issues that the average users face.

Theres also a place for AI in dealing with the data overload a lot of security teams face. As machine learning and related fields improve, they get better at drawing connections out of disparate data. The generative AI aspects can help draw insights out of that parsed and filtered information. Were seeing this already in some areas, and itll continue to grow.

Some, myself included, have expressed worry about this latest generation of AI being used for social engineering, but there was much less concern about threat actors using it to develop malware. Overall, the impression was that those of us in cybersecurity had more to gain from this than the threat actors we are trying to stop will. Also, the hype about it being used to create unstoppable malware was highly exaggerated.Theres no doubt that AI will continue to make waves, and I expect well see a lot more of it over the rest of the year.

Overall, the mood was positive, with a general feeling that even with the downturn, there was still a positive need for investment in cyber. Though thats tempered with organizations needing to use their sometimes-limited resources to the best effect.On some level that best effect idea was apparent in the show booths. While the show was well attended, the displays were subtly toned down from years past.

A personal highlight was the National Security Agency (NSA) booth. The NSA has been bringing one of their vintage Enigma machines to RSA for years, and this year they broughttwoof the three-rotor machines with matching rotors. Having two machines with the same rotors let people use them to send encrypted messages, a rare treat for anyone interested in cryptography.

Mike Parkin, senior technical engineer, Vulcan Cyber

Original post:
The AI message at RSAC was long on hype and short on specifics - SC Media

The British sheep sector will be heavily showcased as part of the Coronation celebrations, with the King being a strong advocate for lamb and mutton.

King Charles' support for British sheep farmers and his passion for lamb and mutton are well documented.

Thousands of finely crafted woollen military uniforms will feature in the celebrations, and lamb will be a feature ingredient on the official Coronation menu.

In 2004, the King, alongside the sheep sector, launched the Mutton Renaissance campaign, which promoted the eating of quality mutton.

The campaign brought farmers, abattoirs, chefs and retailers together and set minimum standards for Renaissance mutton ensuring its eating quality and traceability.

It is also reported that the King regularly requests sustainably produced sheep meat be served in his royal residences.

And it is lamb, used in a recipe from celebrity chef Ken Hom, that is to be enjoyed as part of the Coronation menu.

The National Sheep Association (NSA) said it "comes as no surprise" to see the sector feature heavily in the Coronation celebrations.

The body said the sustainable farming methods used to rear sheep in the UK were "in tune with the Kings environmental values".

"It has produced sheep breeds that are adapted to their local conditions and so maintain and enhance that environment for us all to enjoy," the NSA said.

"This celebration of sustainability, agricultural heritage and culture are also key elements of the British Heritage Sheep project, run by NSA."

Bob Kennard, from the project said King Charles support for British lamb and mutton had shared a positive message on behalf of the farming community.

"His Majesty has also championed small local abattoirs, which have been in long-term decline, yet are essential to the short supply chains which enable farmers to tell the story of their meat," he said.

"His awareness of rural issues such as this will be highly appreciated by the communities living in these areas

King Charles is also a Patron of the Campaign for Wool. As highlighted by this campaign, wool will be a feature of many parts of the Coronation.

Read the original:
Sheep sector in spotlight as part of King Charles' Coronation - FarmingUK

LAS VEGAS (KLAS) Cyberattacks on companies and people are at an all-time high. At the moment, there are just not enough cybersecurity professionals in the country to help protect the world wide web.

Right now, there are three quarter million open positions in cyber security we a have a huge challenge in this country, UNLV Computer Science professor, Yohwan Kim said.

Kim helps run the GenCyber Camp at UNLV, a National Security Agency and National Science Foundation-funded cybersecurity camp for CCSD high school students.

My big wish with this industry is to just bring about innovation in the world, Leonard Guerrero said.

Guerreros dreams are out of this world. Guerrero is a junior at Clark County Adult Education. He said hes constantly studying cybersecurity. The GenCyber camp has helped him take his aspirations and talents to new heights.

Its a great, fun, intuitive program to network and communicate with other students who are passionate about the same things, Guerrero said.

He joined 60 students from all over the county on Saturday at the UNLV College of Engineering for the summer session of the GenCyber Camp.

Kim has been running the program with UNLV computer science professor, Juyeon Jo, since it started five years ago and told 8 News Now that the country needs young minds like Guerreros.

We do need to defend our system we need to protect our assets and we dont have that many experts to protect ourselves, Jo said.

Thats where UNLV comes in. The hope is that students from the GenCyber camp will return to UNLV to study computer science and cybersecurity. Some of the campers already have. A few are now teacher assistants in this summers program.

After this camp, they realize how this field is interesting and that its good and they choose the computer science major and then become a cyber security expert, Jo said. Were excited to see them growing and showing those who are also interested.

CCSD high school participants learn from cybersecurity experts about topics such as cybercrimes and protection, encryption techniques, and more through hands-on activities.

We want to give them impress on the cybersecurity, its not just technical stuff butits fun more like its fun. So, they can choose the cybersecurity career, Kim said.

The no-cost program is offered each year across three seasons to about 60 students all passionate about the same thing: cybersecurity.

When youre in contact with other children that are like doing the same thing it kind of just boosts your passion, Guerrero said.

The theme for 2023 is helping the community. Students assess small businesses systems and offer better solutions.

When youre in contact with other children that are like doing the same thing it kind of just boost your passion, Jo said.

Protectors of the world wide web, its something Guerrero told 8 News Now is what he and his GenCyber camp mates are working so hard for.

Having a world where you can be very protected, and you can just be safe. Its a crazy world out there, especially in the digitized world, Guerrero said.

You can still sign your child up for the Fall session and of course the 2024 sessions. Find out more about the GenCyber camp here.

Here is the original post:
UNLV teaching next generation of cybersecurity professionals with NSA-funded GenCyber Camp - KLAS - 8 News Now

SAN FRANCISCO Russian hackers are focused on using ransomware to attack supply chains both within Ukraine and in European countries being used to provide weapons and humanitarian aid in support of the Ukrainian war effort, a top National Security Agency official said Wednesday.

And as the war drags on, Russian hackers could be looking to attack logistics targets more broadly, including in the United States, said Rob Joyce, the NSAs director of cybersecurity. The NSA is seeing a significant amount of intelligence gathering into the Western countries, to include the U.S., in that logistics supply chain, Joyce said during a briefing at the RSA Conference.

There are no indications yet that any U.S. companies have been attacked with ransomware in connection with logistics related to Ukraine, he added, noting that how the United States would respond to such a scenario would be a policymaker question. If Russia broadened its attacks beyond Ukraine and its near abroad, that would represent a significant escalation in tactics and capabilities,Joyce said.

Military and humanitarian supplies especially lethal aid from the United States and European countries have played a pivotal role in Ukraines relatively successful effort to fend off the Russian invasion. The U.S. has provided Ukraine with nearly $30 billion in support along with a range of military equipment, including tanks and ammunition. The conflict in Ukraine marks the first time in the history of the European Union that the bloc has supplied lethal aid to another country.

Undermining that external support could provide a boost to the Russian war effort. I think theyre trying to figure out what is the way to disrupt the logistics internal to Ukraine, but especially all of the surge that the West has been able to bring forth, both lethal and the humanitarian goods flowing in, Joyce said.

Joyces warning on ransomware attacks on supply chains comes six months after the first publicly known instance of such an attack. In October, the Russian military intelligence hacking unit known as Sandworm targeted transportation and logistics companies within Ukraine and Poland with ransomware in October, according to Microsoft researchers.

That attack relied on a previously unidentified ransomware variant dubbed Prestige, and some observers perceived the decision to deploy ransomware against supply chains in Poland, a NATO member, as an escalation in Russias willingness to use its cyber capabilities to prosecute the war beyond Ukrainian borders.

More here:
NSA sees 'significant' Russian intel gathering on European, U.S. supply chain entities - CyberScoop