Mediaboss Marketing

The increasing incidence of aggressive cyber activity from Russia, China, Iran and North Korea, together with heightened concerns over the war in Ukraine, raises an important question: should the free world unite with a global cyber alliance in response?

At Cybertech Tel Aviv 2022 (March 1-3, 2022), founder of VC firm JVP, Erel Margalit, called for a global cyber alliance in response to the Russian invasion of Ukraine. Leadership is required to establish a democratic cyber alliance, including NATO and other free countries, in order to lead values-based cyber that will support democracies and people, and will say enough! to dictators and to those who support them, he said.

At the same time, on March 2, 2022, Robert Silvers of the U.S. DHS and Israels National Cyber Directorate director-general Gaby Portnoy signed a cyber collaboration deal between the two countries. This followed a new agreement between the UK and Israel announced in November 2021 which was described by the UK government as something that will enable closer working in diplomacy, defense and security, cyber, science, technology, and many other areas.

Such agreements never publicly disclose the extent to which the intelligence agencies of the different countries will work together, but we can assume that it is part of the arrangement. A third new alliance, known as AUKUS, was more upfront about its design and ability to deliver offensive cyber operations, clearly focused on the Indo-Pacific region and Chinas activities.

It is important to understand what we have before asking what we need.

Israels emergence as a cyber ally

Israel is not known for its cyber relationships, but is well known for its cyber capabilities. It is generally thought that Israel worked with the NSA on the delivery of Stuxnet against the Iranian nuclear facility at Natanz in the early 2010s but it must be noted that the U.S. has never declared or admitted any involvement.

The continuous conveyor belt of new and innovative cybersecurity companies being formed by Israeli Defense Force (IDF) alumni also attests to the depth of cyber knowledge and training within the country.

The Belfer Center at the Harvard Kennedy School published a ranking of national cyber power in September 2020. It produced a list of the most comprehensive countries with the highest level of intent and capabilities comprising, in this order, the U.S., China, the UK, and Russia as the top four.

Belfer placed Israel at number 11 in the world. Its methodology was to add data to a mathematical model. The International Institute for Strategic Studies (IISS) takes a different approach, and adds qualitative assessments to Belfers quantitative approach. IISS separates cyber power into three tiers. Tier #1 has the U.S. on its own as the sole world cyber superpower. Tier #2 includes China, the UK, Russia, Canada, Australia, France and Israel.

Clearly, the addition of Israel to the free worlds cyber alliances is a good thing.

AUKUS and theFive Eyes

AUKUS was announced on September 15, 2021. There are two parts to AUKUS a vehicle to provide nuclear submarines to Australia, and the formation of defensive and offensive cyber capabilities to counter Chinese activities in the Indo-Pacific region. There was some surprise at this new alliance since the three countries are three of the five countries comprising the existingFive Eyesalliance. However, theFive Eyesis primarily signals intelligence while AUKUS is likely to deliver offensive cyber operations where necessary. It was the U.S., UK and Australia that together performed cyber operations against the Islamic State.

The Five Eyes (U.S., UK, Canada, Australia and New Zealand) evolved as an extension of the UKUSA treaty that itself grew out of the informal agreement between the U.S. and UK during World War II. The agreement was formalized in March 1946, and expanded in subsequent years to include Canada, Australia and New Zealand. Other countries, such as Germany, the Philippines and some Nordic countries, have joined as third parties but the core remains the originalFive Eyes.

The Five Eyes intelligence relationship is probably the closest and most powerful intelligence relationship in history.

At first, the existence of theFive Eyesremained secret (just, in fact, as the very existence of the NSA and GCHQ remained secret for many years). The Prime Minister of Australia didnt learn aboutFive Eyesuntil 1973; it was not disclosed to the public until 2005; and it was only in June 2010 that the full text of the UKUSA agreement was made public.

This treaty is often considered to be the basis of the so-called special relationship between the U.S. and the UK.

NSA and GCHQ

The core of theFive Eyes remains the NSA and GCHQ. This is a complex relationship that is so close that the two organizations are sometimes described as twins. This is wrong. The two organizations have very different structures and primary purposes.

The NSA is run by a military officer currently General Paul Nakasone. Nakasone is a four-star general who also heads U.S. Cyber Command. For the first he reports to the undersecretary of defense for intelligence, and for the latter he reports directly to the secretary of defense. There is a strong military theme that runs through the NSA. Officially, its purpose is to secure DOD and U.S. military networks. More directly offensive operations are conducted by U.S. Cyber Command and the CIA.

GCHQ, on the other hand, is run by a civilian reporting to the Foreign Secretary. Its responsibilities support the military but go beyond this, working closely with law enforcement to go after serious organized crime within the UK such as pedophile networks.

The two agencies are different. The relationship is complex and close, and it is difficult to think of any closer intelligence alliance. But they do not automatically share all information between themselves nor the otherFive Eyespartners. There are things the NSA will want to do without sharing it with other agencies, and GCHQ is the same.

Neither the NSA nor GCHQ are officially charged with offensive cyber operations but both have done so in the past. A more recent development in the UK has been the formation of a National Cyber Force (NCF), which brings UK cyber operations more in line with the U.S. model and for the first time acknowledges that GCHQ may have some offensive responsibilities. Plans were announced in 2018, but it wasnt effectively established until 2020.

NCF is part of the MoD, the Defense Science and Technology Laboratory, the Secret Intelligence Service, and GCHQ. The government describes it as a partnership between defense and intelligence, it is responsible for operating in and through cyberspace to disrupt, deny, degrade and contest those who would do harm to the UK and its allies, to keep the country safe and to protect and promote the UKs interests at home and abroad. It clearly has the remit to direct offensive cyber operations against the enemy in justified cases.

NCF is the equivalent of the U.S. combining the cyber operations of Cyber Command, CIA, FBI, and the cyber operations of the military forces into a single organization. But there is also an element of necessity the UK simply doesnt have the budget to maintain the separate number of 3-letter agencies that exist in the U.S.

Long-term relationships and short-term politics

There is one surprising element of the major international intelligence treaties their longevity and persistence. They survive political change with a broader collective interest that transcends the coming and going of individual politicians.

In recent years there was concern that the U.S./UK special relationship (the one based on the NSA and GCHQ relationship) might fail with the U.S. change from Trump to Biden. It was generally acknowledged that President Biden had scant regard for Prime Minister Johnson because of the mutual admiration between Trump and Johnson. And Biden even issued warnings to Johnson over the sanctity of the Good Friday Agreement in Ireland following Brexit.

The Good Friday political agreement was signed in April 1998. It brought an end to the so-called Troubles in Northern Ireland between loyalists wanting to stay within the UK, and the Irish Republic-favoring republicans. Now Northern Ireland is part of the UK while Southern Ireland is part of the EU and the potential for new tensions has returned. But despite Bidens less-favorable view of the UK, UKUSA just continues.

A similar concern now occurs for GCHQ the fear that Brexit would break the ties with EU national intelligence agencies. The European Commission has had concerns over GCHQ and personal privacy ever since Snowdens leaks about GCHQ and the NSA; and has even threatened legal action. But the individual relations between GCHQ and the individual EU member state intelligence agencies seems to be persisting aided, perhaps, by the absence of national security from the EUs political remit.

Where are we now?

Out of necessity, we have concentrated on the major international free world cyber and intelligence relationships. In reality, there is a global patchwork of individual agreements between different nations throughout the free world; many of them ultimately coalescing around theFive Eyeshub. For the most part, these are security information sharing arrangements relatively few nations have the ability or confidence or political will to engage in offensive cyber operations. In this sense, there are two separate networks: gathering intelligence (for example,Five Eyes), and responding offensively to that intelligence (for example, AUKUS).

Does the free world need a single global cyber intelligence organization? The answer is almost certainly No. Firstly, such a move would likely drive Russia and China closer together perhaps including Iran and North Korea and Russian and Chinese satellite nations into their own special relationship.

Secondly, it would be unworkable. Friends keep secrets from friends when the economic or political necessity demands. Just consider the French reaction to the AUKUS announcement. France described it as a stab in the back, and within a couple of days recalled its ambassadors to both the U.S. and Australia. France lost a multi-billion euros submarine deal over AUKUS.

Related: Russia, Ukraine and the Danger of a Global Cyberwar

Related: Russia-Ukraine: Threat of Local Cyber Ops Escalating Into Global Cyberwar

Related: Talking Global Cyberwar With Kaspersky Lab's Anton Shingarev

Related: The United States and China - A Different Kind of Cyberwar

Here is the original post:
Does the Free World Need a Global Cyber Alliance? - SecurityWeek

FORT MEADE, Md. Cleveland is home to the Rock and Roll Hall of Fame and the International Women Air & Space Museum. For three days it'll also be home to over 1,000 outstanding women in cybersecurity - and the National Security Agency (NSA) will be there.

The 9th annual Women in Cybersecurity (WiCyS) Conference is in-person from March 17-19 at the Huntington Convention Center of Cleveland.NSA's presence will be highlighted at booth #300 at the conference career fair in addition to a trio of speakers. BGen Lorna Mahlock, United States Marine Corps, will provide insight into her trailblazing career as the first African American Brigadier General in the Marines. From the NSA Cybersecurity Collaboration Center, our women in cybersecurity will talk about their work that impacts and shapes the field today and into the future.

NSA Speakers at WiCyS 2022:

Visitors can learn more about NSA's mission, how it addresses the hardest problems facing the nation, and meet some of the people making it all happen.

Bring your resume! If you're looking for a rewarding career in the fast-paced world of cyber, and you're passionate about federal service, stop by booth #300 for more information. We'll have folks ready to conduct interviews and help grow our team.

We hope to see you in Cleveland to help highlight some of the incredible women who drive cybersecurity at NSA.

Read the original here:
NSA on the road at the Women in Cybersecurity (WiCyS) Conference 2022 - National Security Agency

A senior Pentagon official on Thursday said the Biden administration will review the joint leadership structure that has long governed U.S. Cyber Command and the National Security Agency.

I believe that the dual-hat will be looked at again, just by this administration, just to ensure that we understand what the value added is, but also what the impacts are. And so that discussion is still ongoing within the department today, Ronald Moultrie, Under Secretary of Defense for Intelligence and Security testified during a House Armed Services Committee subpanel hearing.

We understand that there is sentiment on both sides to really not do any harm, he added. But I believe that it will be looked at. Itll be an objective look.

The two agencies, which are co-located at Fort Meade, Md., have shared leadership under a so-called dual-hat arrangement ever since the Defense Department stood up Cyber Command in 2009.

While there have been attempts to split up the two in the past most notably near the end of the Obama administration and an 11th-hour push in the final weeks of the Trump administration desire to do so has largely waned since Army Gen. Paul Nakasone assumed command of the militarys top digital warfighting unit and the federal governments largest intelligence agency nearly four years ago.

The four-star is admired by both Democrats and Republicans, especially after defending the 2018 and 2020 election from foreign interference, although Nakasonehas run afoul of GOP members of the House Intelligence Committee after a controversy surrounding a former panel staffers selection to be the NSAs top lawyer.

Testifying alongside Moultrie, Nakasone said the maintaining or ending the dual-hat is a policy decision that obviously will be made by others.

But my best military advice, as it was when I first came in the job is the fact that through elections, through problems with Iran, through ransomware, and now with Russia-Ukraine, what the dual-hat has allowed us to do is focus the efforts of both organizations in cyberspace.

We both operate there and being able to have action, being able to [have] unity effort and being able to have agility is what the dual-hats been able to allow me to do over the past three plus years, he told lawmakers, echoing comments he has made in other recent congressional hearings.

For now, Armed Services members seem content to keep the two together.

There seems to be a natural partnership between organizations, Rep. Ruben Gallego (D-Ariz.), chair of the committees Intelligence and Special Operations subpanel, said during the hearing the public portion of which lasted just over 30 minutes.

Rep. Don Bacon (R-Neb.) said he has always opposed the push to separate the leadership roles.

I know how important NSA is to the Cyber Command missions. Theyre very much integrated, he said. And if you had two four stars going different directions you have a dysfunctional situation.

Bacon vowed he would combat future attempts to divide the dual-hat and I hope the Congress does. You need unified direction. And I think your leadership of both of those organizations provide that unified direction.

Martin is a senior cybersecurity reporter for The Record. He spent the last five years at Politico, where he covered Congress, the Pentagon and the U.S. intelligence community and was a driving force behind the publication's cybersecurity newsletter.

More:
DoD official: Keeping Cyber Command, NSA leadership together will be looked at - The Record by Recorded Future

The zeros lined up on the scoreboard, but former Nansemond-Suffolk Academy softball standout and current freshman UNC Greensboro pitcher Reese Byrd had no idea she had pitched a no-hitter until she was mobbed by her teammates.

Byrd didnt allow a hit in a five-inning no-hitter in an 8-0 win March 13 over Delaware State.

I had no clue what was happening until my teammates ran up to me after the game, Byrd said.

Sophomore Brooklynn Maxwell scooped up a routine ground ball at shortstop in the top of the fifth with two outs, making a line-drive throw to senior Samantha Lagrama at first base to solidify the victory.

The team sprinted out from the dugout and surrounded Byrd, who was casually jogging out to left field following the out. Freshman Jessie Shipley was the first to Byrd, while the rest of the team had giant smiles on their faces.

I said (to Byrd) Hey, do you know what you just did, Shipley said. She seemed a little confused, and I said NO-NO. Then she smiled and got excited. It was really cool to watch her do that and Im super proud of her.

Byrd struck out five in the victory. She is 4-3 overall in nine appearances and starts with three complete games.

A no-hitter is a tough feat to accomplish for any pitcher, said coach Janelle Breneman. Reese being a freshman makes it very special and is a sign of good things to come. Our defense was solid behind Reeses ability to shut them down.

Reese faced 18 batters, tossing 65 pitches in the shutout.

This was the first shutout for the Spartans (16-8) since May 9, 2021 when they beat Western Carolina 5-0.

I didnt have my best performance in the previous game, so this outing was refreshing, Byrd said.

Byrd in 2021 helped NSA to Tidewater Conference of Independent Schools and the Virginia Independent Schools Athletic Association Division II championships while the Saints went undefeated. That season, she was also named the conference player of the year and selected first-team all-state.

With UNC Greensboro, Byrd has a 2.93 ERA, the lowest of the Spartans pitching staff. She has thrown 40.2 innings, allowed 35 hits and has 20 strikeouts.

I am so proud of Reese and her performance on the mound on Sunday, said pitching coach Kendra Kirkhoff. She took control and showed a lot of confidence with each batter.

This was the Suffolk, Virginia natives first collegiate no-hitter. It was also the first for UNCG since Feb. 24, 2018, when Stephanie Bryden, the schools current volunteer assistant coach, threw an 8-0 five-inning victory against Virginia.

This is the 13th no-hitter in program history.

My teammates and coaches made it so special and exciting, Byrd said. Everyone was really excited for me in the huddle after the game. Ive thrown a few no-hitters in high school and travel ball, but this one was definitely my favorite.

Originally posted here:
She didn't know about the no-no: Former NSA softball standout throws no-hitter - The Suffolk News-Herald - Suffolk News-Herald

The US National Security Agency is reportedly investigating a hack targeting Viasat that disrupted internet access in Ukraine as Russian forces prepared to invade the country.

Viasat told CNBC on Feb. 28 that it was "experiencing a partial network outage" said to be "impacting internet service for fixed broadband customers in Ukraine and elsewhere on our European KA-SAT network." The outage started on Feb. 24the day Russia invaded Ukraine.

Reuters now reports that the NSA is collaborating with ANSSI and Ukrainian intelligence to determine "whether the remote sabotage of a satellite internet provider's service was the work of Russian-state backed hackers preparing the battlefield by attempting to sever communications."

Viasat told Reuters the outage affected satellite modems owned by tens of thousands of customers in Europe. Some of those modems are still offline at time of writing, according to the report, and bringing them back online is going to be a fairly involved process.

Reuters reports that a Viasat official "said most of the affected devices would need to be reprogrammed either by a technician on site or at a repair depot and that some would have to be swapped out." Russia's ongoing attacks on Ukraine will likely complicate that process.

In the meantime, Ukraine has turned to services like Starlink to remain online, although SpaceX CEO Elon Musk has warned that Russia might attack its satellite internet service as well so it can sever Ukraine's connection to the outside world as it seeks international aid in this conflict.

Sign up for Security Watch newsletter for our top privacy and security stories delivered right to your inbox.

This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.

Originally posted here:
Report: NSA Investigates Viasat Hack That Coincided With Ukraine Invasion - PCMag