Mediaboss Marketing

Gen. Paul Nakasone, the National Security Agency director, told NPR ahead of the 2020 elections that the U.S. was "going to expand our insights of our adversaries. ... We're going to know our adversaries better than they know themselves." Chip Somodevilla/Getty Images hide caption

Gen. Paul Nakasone, the National Security Agency director, told NPR ahead of the 2020 elections that the U.S. was "going to expand our insights of our adversaries. ... We're going to know our adversaries better than they know themselves."

Back in November, Kevin Mandia, CEO of the cybersecurity firm FireEye, opened his mailbox to find an anonymous postcard. It had a simple cartoon on the front. "Hey look, Russians," it read. "Putin did it."

He might not have given it a second thought were it not for one thing: His company had recently launched an internal security investigation after officials discovered someone had tried to register an unauthorized device into its network. That inquiry eventually led to the discovery of something even more worrisome: the breach of a Texas-based network monitoring company called SolarWinds.

U.S. officials now believe that hackers with Russia's intelligence service, the SVR, found a way to piggyback onto one of SolarWinds' regular software updates and slip undetected into its clients' networks. That means potentially thousands of companies and dozens of government departments and agencies may have been compromised.

President Biden was concerned enough about the attack that he brought it up in his first official call as president on Tuesday with his Russian counterpart, Vladimir Putin. It is unclear how Putin responded, but Russia has denied involvement in the past.

"We'll be poised to act"

A little over a year ago, the head of U.S. Cyber Command and the NSA, Gen. Paul Nakasone, began to talk openly about America's cyber operations and something he called "defend forward." The strategy is aimed at going toe-to-toe with adversaries in their networks instead of waiting for them to come and hack Americans here at home.

"Defend forward is a DOD strategy that looks outside of the United States," Nakasone told NPR as Cyber Command prepared for the 2020 elections. To impact adversaries, he said, the U.S. was "going to expand our insights of our adversaries. ... We're going to know our adversaries better than they know themselves. ... We're going to harden our defenses and ... we'll be poised to act."

At the time, the decision to talk about American cyber forces seemed like a classic deterrence strategy. Traditionally the NSA's mission was kept secret; Nakasone broke from that partly to assure Americans months before the 2020 elections that Cyber Command was prepared to defend U.S. networks while at the same time making clear to adversaries that U.S. cyber operators were primed.

Then Nakasone went a step further. He revealed in an NPR story large portions of Operation Glowing Symphony, an offensive cyber campaign the U.S. launched against ISIS that went a long way toward hobbling the terrorist organization's media and recruitment operation. If Russia were wondering just how skillful U.S. cyber operators were, Nakasone appeared to be saying, here's a little preview.

"It's a little bit different in cyberspace," Nakasone said at the time, "because you have foes that can come and go very, very quickly. They can buy infrastructure, they can develop their capabilities, they can conduct attacks. And what you have to do, from what I've learned, is you have to be persistent with that, and making sure that whenever they do that type of thing, you're going to be there and you're going to impact them."

In that spirit of low-grade confrontation, a few weeks before Americans cast their ballots in the 2020 election, NSA operators gave their Russian counterparts a little tweak: They sent individualized emails to specific Russian hackers, just to let them know U.S. cyber forces had their eye on them. It was an electronic version, in a sense, of that postcard that went to FireEye's Mandia.

Did Nakasone's discussion of U.S. cyber capabilities inspire Russian hackers to do something epic just to prove they could? Kiersten Todt, managing director of the Cyber Readiness Institute, said that while that might have played a small role, Russian cyber forces hardly needed an excuse to try their hand at compromising American networks.

"I think the Russians are emboldened to work against us and come after us for lots of reasons," she said. "And not the least of which could be us saying, 'Hey we're going to, you know, have a secure and safe 2020 election,' that would inspire them to say, 'Oh, no you're not, and while you are focusing on the election, we're actually going to come into your networks.' "

And that's what SolarWinds did it gave them entree into a roster of networks so they could look around to see what they could find. Even without any prodding from Nakasone, cybersecurity experts say, it was inevitable a supply chain hack such as this would happen.

The next-generation hack

There was a simpler version of this kind of breach back in 2013 when criminal hackers, not nation-states, got into the electronic registers at Target Corp. and stole credit card information. The theft made national news, and, for many Americans, it was an early harbinger of how hacking could affect them directly.

It turns out, the hackers didn't compromise Target's network that was too hard. Instead, they cracked into the network of the company that serviced Target's heating, ventilation and air conditioning system and stole its credentials, which allowed them to roam around Target's system unnoticed.

The HVAC contractor was part of the store's vast supply chain. Experts say we should see the SolarWinds hack as a more sophisticated version of that. Breaking into the Treasury Department is too hard, so the intruders found a comparatively easier mark a company whose job it is to monitor the very networks that were compromised.

With the SolarWinds breach, hackers have made clear that something doomcasters have been warning about for years has finally arrived. If adversaries pick the right contractor to hack, everyone that company works with is potentially vulnerable, too, said Richard Bejtlich, a former military intelligence officer who is now the principal security strategist at Corelight, a cybersecurity firm.

"If you were one of those organizations that had enough money to say, 'We want to have inventory management, we wanted to have network management, let's go with SolarWinds,' well, suddenly, that's opened you up to a whole new set of problems," he said.

That's why this is called a supply chain hack.

Bejtlich expects that in the coming weeks more companies will come forward and disclose they were part of this hack, too. So far the tally includes not just SolarWinds but also Microsoft and a cybersecurity firm called Malwarebytes. The NSA and U.S. Cyber Command haven't said anything about the attack publicly and declined to comment for this article.

They are part of a roster of intelligence officials still trying to assess the damage. Cyber officials told NPR that the investigation is in its earliest stages, but what they have determined so far is that to launch the attack and not be noticed, the SolarWinds breach had to have been planned long in advance. They said that likely hundreds of Russian software engineers and hackers were involved and that they spent time in the various networks for at least nine months before FireEye and later Microsoft discovered the breach.

"We think they were surprised it worked so well," one source who is helping trace the damage told NPR. He declined to be identified further because he is not authorized to speak about what they are discovering. "We think that once they got into SolarWinds and were inside their clients' network they had trouble deciding where to go next. It was successful beyond their wildest imaginations, and they didn't have enough people to work it all."

Biden has asked his new national security team for an assessment of the SolarWinds attack. He wants to know how it happened, how far it went and how to fix it. These kinds of reviews are standard operating procedure when administrations change hands.

Among the questions officials will try to answer is whether the SolarWinds hack was a straightforward espionage operation or something more sinister. Were the hackers just looking for information, or have they inserted backdoors into systems across the country that could allow them to turn things off, or change information with just a couple of keystrokes?

Another thing investigators would like to know: whether the hackers themselves sent that postcard to FireEye's Mandia.

Continued here:
NSA Warned Russia to Stay Out Of 2020 Election And Got SolarWinds Hack Instead - NPR

Sullivan described the Quad and the Abraham Accords as examples of Trump administration actions that were positive and ones the current administration would build on

The new U.S. National Security Advisor (NSA) Jake Sullivan has said the Biden administration would like to carry forward the work of the Trump administration in strengthening the Quad grouping of countries India, the U.S., Japan and Australia.

His comments will bring some measure of clarity to discussions on the level of priority the new administration will assign the Indo-Pacific, which had been elevated by the Trump administration as a foreign policy priority, mostly as a reaction to Chinas growing assertiveness.

I think we really want to carry forward and build on that format, that mechanism which we see as fundamental a foundation upon which to build substantial American policy in the Indo Pacific region, Mr Sullivan said at a webcast discussion, Passing the Baton, organized by the U.S. Institute for Peace.

The discussion between Mr Sullivan and his predecessor Robert OBrien was moderated by Condoleezza Rice, Secretary of State from the George W. Bush administration.

Mr Sullivan described the Quad and the Abraham Accords deals signed in 2020 to normalize relations between Israel and certain West Asian and North African countries - as examples of Trump administration actions that were positive and ones the Biden administration would build on.

Earlier in the discussion, Mr OBrien had said the Quad may be the most important relationship the U.S. has established since NATO and an example of working with allies to confront China.

Mr Sullivan, however, said the Mr Trump and Mr Biden had some real differences in their approach to the relationship with Iran.

It starts from a sober analysis of the state of affairs, which is that Iran's nuclear program has advanced dramatically over the course of the past couple of years, they are significantly closer to a nuclear weapon than they were when the previous administration withdrew from the JCPOA [Joint Comprehensive Plan of Action or the Iran deal], Mr Sullivan said.

On Afghanistan, Mr Sullivan said that the Biden administration would take decisions on the withdrawal of the remaining 2,500 American troops by May 1 from the country, based on whether the Taliban were fulfilling their end of a U.S.-Taliban agreement from February last year.

So, what we're doing right now is taking a hard look at the extent to which the Taliban are, in fact, complying with those three conditions and in that context, we will make decisions about our force posture and our diplomatic strategy going forward, he said.

Mr Sullivan said three conditions in the agreement were of particular importance: the Taliban cutting ties with terror groups including Al Qaeda, reduction in violence, and third, the Taliban participating in a real way, not a fake way, in negotiations with the Afghan government.

The former and current NSAs also differed in their characterization of the top challenges facing the U.S. A very assertive, rising China was the biggest challenge to the U.S., according to Mr OBrien.

Iran, Russia and less high-profile challenges like cartels and transnational crime were some of the others.

For Mr Sullivan, the most pressing challenge was the turmoil within the U.S. itself.

It occurs to me something that Joe Biden has really reinforced for us, which is that foreign policy is domestic policy and domestic policy is foreign policy. And at the end of the day, right now, the most profound national security challenge facing the United States is getting our own house in order, is domestic renewal, Mr Sullivan said.

He described COVID-19, the economic crisis and acute threats to our basic constitutional republic and deep divisions as domestic challenges facing the country.

Investing in allies and re-establishing Americas place in multilateral forums like the World Health Organization and Paris Climate Accord were the next priority. Then the U.S. would be in a position to effectively deal with the China challenge , the climate crisis , the current and future pandemics and so forth, Mr Sullivan said.

You have reached your limit for free articles this month.

Find mobile-friendly version of articles from the day's newspaper in one easy-to-read list.

Enjoy reading as many articles as you wish without any limitations.

A select list of articles that match your interests and tastes.

Move smoothly between articles as our pages load instantly.

A one-stop-shop for seeing the latest updates, and managing your preferences.

We brief you on the latest and most important developments, three times a day.

Support Quality Journalism.

*Our Digital Subscription plans do not currently include the e-paper, crossword and print.

Excerpt from:
Biden administration will build on the Quad: NSA Jake Sullivan - The Hindu

Let our journalists help you make sense of the noise: Subscribe to the Mother Jones Daily newsletter and get a recap of news that matters.

In mid-January, a week before being sworn in as president, Joe Biden announced that he would appoint Anne Neuberger as the deputy national security adviser for cyber and emerging technology on the National Security Council. Cybersecurity experts praised the move, citing it as a clear sign the Biden White House would be serious about countering cyber-threats. The New York Times described Neuberger, who became the National Security Agencys cybersecurity chief in 2019, as a rising official at the agency. She had run its Russia Small Group, which launched a preemptive strike against the Kremlins cyber operatives during the 2018 elections, and in addition to focusing on preventing cyber-assaults on the US government and military, she had overseen the development of new impenetrable cryptography. But the glowing reviews left out an unusual piece of her story: In recent years, Neuberger, through a family foundation, has donated hundreds of thousands of dollars to American Israel Public Affairs Committee, the pro-Israel lobby known as AIPAC, for its efforts to influence the US government and public opinion.

National security experts tellMother Jones that the hefty donations from Neubergers foundation to AIPACa strong ally of an Israeli government that is deeply involved in cyber and intelligence issues of importance to the US government and that has spied on the United States and been a target of US spyingraise concerns. (NBC News reports the same.)*

Neuberger hails from one of the wealthiest families in the United States. Her father is billionaire investor George Karfunkel, who was in the news last summer for making a curious donation of Kodak stockworth up to $180 millionto an Orthodox Jewish synagogue in Brooklyn that seemed to barely exist. Karfunkel was listed in New York State records as the synagogues president and chief financial officer, and the transfer of this stockwhich would have yielded Karfunkel a tremendous tax deductionoccurred during a wild buying spree of Kodak stock triggered by a leaked announcement that the Trump administration might be handing Kodak an unprecedented $765 million loan. (That deal never came through.) Members of Congress have demanded answers about Karfunkels highly unusual stock transfer.

From 1993 to 2007, Anne Neuberger worked at American Stock Transfer and Trust, a financial services firm cofounded by her father in 1971, eventually becoming a senior vice president of operations. Her husband, Yehuda Neuberger, was also a top official at the firm and a board member. Anne Neuberger then switched from the private sector to the government. After serving as a White House fellow and working for the secretary of the Navy as an adviser on IT programs, she landed at the NSA in 2009 and helped develop its Cyber Command. Media profiles of her in the years since have focused on the novelty of an Orthodox Jewish woman who grew up in a Hassidic neighborhood in Brooklyn (and whose grandparents on both sides were Holocaust survivors) becoming a leader at the NSA and have noted that her parents were on the 1976 Air France flight that was hijacked by the Palestinian Liberation Organization and diverted to Uganda, where the passengers were eventually rescued by Israeli commandos.

Twelve years ago, Neuberger and her husband created the Anne and Yehuda Neuberger Foundation to carry out the charitable and religious purposes of the Associated Jewish Community Federation of Baltimore, according to its tax records. Neuberger was vice-president of the foundation; her husband, the president. Neither received compensation from the outfit.

In 2010, the foundations first full year of operations, it received $1,183,050 in contributions and handed out $383,100. Of that, a quarter of a million went to the Womens Network for Single Parents in Brooklyn. (Neuberger is the founder of Sister to Sister, a group that assists divorced women within Orthodox Jewish communities.) The foundation made an $83,000 gift to the Associated Jewish Community Federation of Baltimore. Computer Sciences for the Blind in Brooklyn was awarded $25,000. And the foundation donated $25,000 to AIPAC for operating support.

The following year, the Anne and Yehuda Neuberger Foundation dished out $284,500 in gifts, according to its tax filings. The list included another $25,000 to AIPAC and also $3,500 to the Foundation for the Defense of Democracies, a hawkish, pro-Israel think-tank in Washington.

In subsequent years, the foundation upped its contributions to AIPAC. From 2012 through 2018the last year for which tax records for the foundation are availablethe Neubergers provided $559,000 to AIPAC. And this money, according to those filings, financed lobbyingeither lobbying to influence a legislative body or to influence public opinion. The tax records do not provide any specifics about the AIPAC activity the foundation financed. (The contribution amounts listed for AIPAC on the Neuberger Foundations IRS submissions line up exactly with the amounts the foundation declared as expenditures for lobbying. A nonprofit charitable foundation is allowed to pass money to a lobbying shop, as long as the amount donated is a moderate percentage of its overall giving.)

There is a Neuberger family connection to AIPAC. Yehuda Neuberger is chair of AIPACs Baltimore executive council. In 2011, Rabbi Steven Weil, then executive vice president of the Orthodox Union, hailed his outstanding reputation as a leader of AIPAC. Four years later, as part of a fierce AIPAC effort, Yehuda Neuberger lobbied Sen. Ben Cardin (D-Md.) to oppose the multilateral Iran nuclear deal the Obama White House had negotiated. (During the political fight over the Iran deal, the NSA, according to theWall Street Journal,eavesdropped on Israeli officials, including Prime Minister Benjamin Netanyahu, who opposed the accord, and revealed to the White House how Mr. Netanyahu and his advisers had leaked details of the U.S.-Iran negotiationslearned through Israeli spying operationsto undermine the talks and had coordinated talking points with Jewish-American groups against the deal.)

Around 2014, the management of the Neuberger Foundation shifted. Anne Neuberger, who was still at the NSA, moved from vice president to secretary/treasurer, and Yehuda Neuberger, the president, became vice president. Marc Terrill, the president of the Associated Jewish Community Federation of Baltimore, who had previously been a director of the Neubergers foundation, took over as president. (According to tax records for 2014, Terrill made $700,109 in total compensation as head of the Associated Jewish Community Federation of Baltimore that year.) The Neuberger Foundation and the Associated Jewish Community Federation of Baltimore share an address and phone number in the Charm City.

In its 2015 tax filing, the Anne and Yehuda Neuberger Foundation reported a major development: it received a $93 million gift. The source of this large contributionwhich came in the form of stock in one publicly traded companywas the Chesed Foundation of America, an organization run by George Karfunkel that started that fiscal year with assets of $148 million. (The tax filings do not disclose what stock was involved in this transfer.) In subsequent years, the Anne and Yehuda Neuberger Foundation increased its donations into the seven-figures range.

In fiscal year 2017, the foundation experienced another significant change in its finances: it started the year with $88 million in assets but ended with $33 million. It handed out about $1.5 million in donations that year, and its tax filing did not explain this drop. Still, in assets, it remained over 30 times the size it was at its inception in 2010.

As the Neubergers foundation grewbolstered by this large infusion from George Karfunkels foundationAIPAC remained a beneficiary. In fiscal year 2018, it doled out $1,925,000 in donations, which included $75,000 for AIPAC.

In Washington, AIPAC is regarded as a powerhouse lobbying force. It describes its mission as a bipartisan effort to strengthen and expand the U.S.-Israel relationship in ways that enhance the security of the United States and Israel. But a top AIPAC official once said that its job is generally to support the policies of the government of Israel. In 2005, two senior AIPAC officials were charged with espionage and accused of handing US defense secrets to an Israeli official, but four years later, the case was dropped when pre-court rulings complicated the Justice Departments case by compelling prosecutors to prove the pair had intended to harm US interests.

In recent years AIPAC has been widely seen as a supporter of Benjamin Netanyahu and his far-right and hardline policiesperhaps to such an extent that it has, as one critic put it, engaged in mission-distortion or mission-neglect. AIPAC, for example, has provided Netanyahu a platform for attacking Democrats and US policies with which it disagrees. The Israeli government has moved right. AIPAC has gone with it, Ilan Goldenberg, a senior fellow at the Center for a New American Security, a think tank in Washington, noted last year. In his new memoir, former President Barack Obama criticized AIPAC for reflexively siding with Israel in policy disputes. He wrote that AIPAC embraces the view that there should be no daylight between the U.S. and Israeli governments, even when Israel took actions that were contrary to U.S. policy. He observed that US officials who adopted a different approach could expect to be targeted by the AIPAC and its political arm: Those who criticized Israeli policy too loudly risked being tagged as anti-Israel (and possibly anti-Semitic) and confronted with a well-funded opponent in the next election.

On cyber mattersAnne Neubergers fieldIsrael is an important player. It has become a cybersecurity powerhouse. The nation is home to NSO Group, one of the most notorious cyber-surveillance firms, which manufactures the infamous Pegasus phone spyware, which can allow a security service or other actor to gain total control of a mobile phone and use the device to surveil its user. According to a 2018 report, At least six countries with significant Pegasus operations have previously been linked to abusive use of spyware to target civil society, including Bahrain, Kazakhstan, Mexico, Morocco, Saudi Arabia, and the United Arab Emirates. Last year,Haaretzreported that the Israeli government had encouraged NSO to sell Pegasus to the United Arab Emirates and several Persian Gulf states.

Though Israel is a US ally, it has spied on the US government, and the CIA has considered Israel a top counterintelligence threat. And it is not hard to conceive of cyber-related conflicts that could arise between the two states. So should a Biden administration national security official in charge of US cyber policy be supporting an influence group aligned with the Israeli government? Its unwise at best, says John Sipher, a former CIA official. In her world, when people think of cyber-threats, Israel is always there, even if its an ally. It is surprising that someone in cyber who understands Israeli capabilities would not want to steer clear of these politics.

Several other national security expertswho asked not to be namedsay that the foundations donations to AIPAC create, at the least, an appearance problem for Anne Neuberger. They point out that the Israeli government does maintain an aggressive campaign of espionage against the United States and has a deep interest in US cyber policy.

A former senior intelligence official says, Anne is a very smart and competent professional. I was very impressed with her work and never had any question about her integrity That said, such a donation, if true and publicized, would raise a lot of eyebrows within the government and beyond, especially since the two dimensions involvedIsrael and cyberhave their own history. A second former senior intelligence official adds, Is this disqualifying? Probably not. But its not good.

A senior congressional aide who oversees national security issues says, If you donate half a million dollars to a lobbying group, that indicates a pretty strong preference. And a foreign policy expert with close ties to the Biden administration notes, One question this presents is whether she would recuse herself from decisions that could impact Israel.

Kathleen Clark, a law professor at Washington University in St. Louis and an expert on government ethics, notes that ethics laws are primarily aimed at preventing an officials financial interests from having an impact on his or her government work. Neubergers past financial contribution to AIPAC does not create that kind of ethics issue, she says. But Clark notes that it could raise raise a question regarding her impartiality. Clark points out that because cybersecurity issues involve Israel and because AIPAC promotes strong US-Israeli cooperation on a wide range of issues, including cyber, the public needs to know whether the actions of Neubergers foundation overlap with her government responsibilities. She adds, Will we know what the foundation has spent or is spending its money on? Will we know what projects the foundation is supporting? Will the foundation accept donations?

Marc Terrill, the president of the Neuberger Foundation, did not respond to multiple requests for comment. When reached byMother Jones, Yehuda Neuberger said he was not available to discuss the foundation.

On Monday, Mother Jones sent a list of questions about the Neuberger Foundation and its AIPAC donations to the NSC and Anne Neuberger. The queries included: Did Neuberger or her foundation know specifically what lobbying the donations subsidized? What was the source of the initial $1,183,050 the foundation kicked off with? What was the stock valued at $93 million that her fathers foundation donated to the Neuberger Foundation? Why did the foundation receive such a large gift? Does the Neuberger Foundation consult with Karfunkel regarding any of its donations? Has Neuberger filed a financial disclosure form regarding her new position at the NSC? Does it include information related to the Neuberger Foundation? Did she file a financial disclosure form at the NSA?Did it include information related to the Neuberger Foundation?

Mother Jones also asked, Is it appropriate for a high-ranking intelligence official or a NSC official to contribute hundreds of thousands of dollars to AIPAC, a lobby regarded by critics as often aligned with the policy interests of a foreign government? Is there a potential conflict of interest for a senior official in charge of cyber policy who donates money to an American group that is seen as supportive of a foreign government highly involved in cyber-surveillance and cyber-warfare issues?

An NSC spokesperson said that she would respond to the query and requested time to do so. Two days later the NSC declined to answer any of those questions. The NSC spokesperson said, As a senior NSC employee, Ms. Neuberger will abide by the Executive Order on Ethics Commitments By Executive Branch Personnel.

The NSA did not respond to a similar set of questions.

UPDATE: After this article was published, Emily Horne, an NSC spokesperson, sent Mother Jones the following statement: We note that NBC has pulled down their own version of this story, saying it fell short of their reporting standards, and look forward to Mother Jones doing the same. The women and men of the NSC are patriotic, dedicated, and serve their country with distinction. Being forced to endure public smear campaigns should not be part of working on behalf of the American people. NBC News moved its story on Neuberger to its archives and said that the article did not meet the networks reporting standards because it cited only unnamed sources raising questions about the Neuberger Foundations donations to AIPAC and because Neuberger was not given adequate time to respond to our reporting. This Mother Jones article cited both named and unnamed sources, and Mother Jones gave Neuberger two days to respond to a query about her foundation and the AIPAC donations. She did not respond. Mother Jones also contacted the president of the foundation, and he did not respond to repeated requests for comment. Mother Jones stands by our reporting.

View original post here:
A Top Biden Cybersecurity Aide Donated Over $500000 to AIPAC as an NSA Official Mother Jones - Mother Jones

HICKORY, N.C.--(BUSINESS WIRE)--The U.S. federal government faces security challenges on multiple fronts which makes the ability to access solutions that have been pre-vetted even more important. CommScope today announced that its RUCKUS SmartZone controllers and RUCKUS access points have cleared the National Security Agency/Central Security Service (NSA/CSS) vetting process and are now available on the Commercial Solutions for Classified (CSfC) Programs list.

NSA/CSS's CSfC Program was established to enable commercial products to be used in layered solutions protecting classified National Security Systems (NSS) data. This gives the government the ability to securely communicate based on commercial standards. The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) requirements and guidance.

RUCKUS wireless LAN (WLAN) controllers are designed to eliminate the difficulties administrators experience with building and managing large-scale WLAN networks that can include hundreds of thousands of Wi-Fi access points and thousands of concurrent Wi-Fi clients. The RUCKUS carrier-class management system provides feature-rich management of access points, such as RF management, load balancing, adaptive meshing and backhaul optimization and secure connectivity to all wireless clients.

The protection of government information especially NSS data is critical to the national security of the United States, said Chris Collura, vice president, Federal business for CommScope. CommScopes wired and wireless networking products meet the stringent standards required to work within a government network. We made strategic investments in our wireless controllers and access points to meet the NSA/CSSs CSfC Program requirements.

To access the NSA/CSS CSfC approved products list, click here.

All product names, trademarks and registered trademarks are property of their respective owners.

About CommScope:

CommScope (NASDAQ: COMM) is pushing the boundaries of technology to create the worlds most advanced wired and wireless networks. Our global team of employees, innovators and technologists empower customers to anticipate whats next and invent whats possible. Discover more at http://www.commscope.com.

Follow us on Twitter and LinkedIn and like us on Facebook.

Sign up for our press releases and blog posts.

This press release includes forward-looking statements that are based on information currently available to management, managements beliefs, as well as on a number of assumptions concerning future events. Forward-looking statements are not a guarantee of performance and are subject to a number of uncertainties and other factors, which could cause the actual results to differ materially from those currently expected. In providing forward-looking statements, the company does not intend, and is not undertaking any obligation or duty, to update these statements as a result of new information, future events or otherwise.

Source: CommScope

See the original post here:
CommScope's Wireless Solutions Added to the U.S. National Security Agency's Commercial Solutions for Classified Programs List - Business Wire

Last month, the private security firm FireEye discovered a widespread breach of government and corporate computer networks through a so-called "supply chain" exploit of the network management firm SolarWinds, conducted by nation-state-level hackers, widely thought to be Russia. Most coverage of the breach featured ominous headlines and quotes from current and former government officials describing it as the biggest hack of modern times. Occasionally, buried in one of the closing paragraphs, there was an official quoted admitting that, so far, only "business networks" were known to be compromisedsensitive but unclassified email systems and data on job descriptions and HR functions.

"Like our nuclear policy before it, the stated goal is deterrence, but the actual goal is to create a cover for unchecked aggression and dominance."

These stories lack context of the true state of cyber espionage over the last few decades. The SolarWinds hack is certainly a large and very damaging breach, but one could almost pick at random any five or ten of the hundreds of codename programs revealed in the Snowden documents that would top it. The mother of all supply chain attacks (that we know of publicly) may have been the clandestine American role behind CryptoAGwhich allowed the NSA to sell scores of foreign governments broken cryptographic systems through which it was possible to crack the encryption on their top-level government and military communications for decades. And of course the first, and one of the only, actual cyberattacks in history was the Stuxnet program conducted by Israeli and American services against Iranian nuclear centrifuges.

Yet the American public may be left with the impression that Russian hacking poses a uniquely aggressive and destabilizing threat to the international order, and therefore must be punished. News coverage has been leadened with apoplectic quotes from senior officials and lawmakers that the breach represents "virtually a declaration of war," that we need to "get the ball out of their hands and go on offense," that "we must reserve our right to unilateral self-defense," and even that "all elements of national power must be placed on the table" (All elements? Tanks? Nuclear weapons?). This kind of hyperbolic reaction cannot be driven by sincere shock at the idea of a government hacking into and spying on another governments networks. More plausibly, it is driven by outrage at the idea of any other nation challenging the United States' overwhelming dominance to date in network espionage.

The Pentagon has so far responded to the breach by proposing a rearrangement of the organizational chart for our cyber army. And if history is any guide, Congress will respond as they have to past intelligence failures: by throwing more money at the bureaucracy to feed its legion of private contractors. In other words: more of what contributed to this breach in the first place. The ever-growing feeding frenzy for beltway bandits not only increases the attack surface for foreign hackers, it ensures that Congress does not have the capacity (even if it had the will) to understand and oversee increasingly complex supply chains to ensure basic security standards for the very companies who will be called on to fix these vulnerabilities. Few were even aware of the ubiquity of SolarWinds presence across so many of our government networks, and the lax security practices of this key software provider have only come under scrutiny retroactively. According to reports, the update server for SolarWinds softwarean incredibly sensitive key piece of any software supply chainwas publicly accessible by a default password that had leaked to the internet in 2019, and the company had been warned both by its employees and by independent security researchers.

Here another tragic irony emerges: whatever internal channels were used to warn of these security lapses were clearly not effective, but if a whistleblower had taken this kind of sensitive national security information to the presspublication of which perhaps could have forced action and prevented a major act of espionage against our governmentthey would have put themselves at risk of prosecution under the Espionage Act.

"If reports are true that Russia was behind SolarWinds, and was using its access to case physical infrastructure networks in the U.S., their motivation may have been to gain a small measure of deterrence against the overwhelming superiority of American offensive capabilities."

So while the pundits clamor for retaliation and Washington bickers about rearranging the desks at Fort Meade, we still do not get a debate on alternatives that might better serve the American people. In secret, and without public consultation, the NSA long ago decided to use our privileged position sitting atop the internet backbone not to secure it; to level up the safety of key systems for all its users (but to poke more holes in it); and to stockpile exploits and hoard vulnerabilities in order to dip its hands into nearly every network, communications protocol, and computer system of consequence on the planet, both foes and allies alike.

Even our defensive strategy has become a policy of aggression. Dubbed "defend forward," it has us maintaining backdoors and software implants on key infrastructure systems around the world, as a way of keeping a loaded gun pointed at any real or potential adversary. Like our nuclear policy before it, the stated goal is deterrence, but the actual goal is to create a cover for unchecked aggression and dominance. If reports are true that Russia was behind SolarWinds, and was using its access to case physical infrastructure networks in the U.S., their motivation may have been to gain a small measure of deterrence against the overwhelming superiority of American offensive capabilities.

The wisdom of such an aggressive posture towards the global internet was one of the key questions Edward Snowden posed to the public after his disclosures. We should not fail to consider it as we increasingly get a taste of what the rest of the world has been subjected to by American spies for decades.

Go here to read the rest:
SolarWinds Is Not the 'Hack of the Century.' Its Blowback for the NSA's Longtime Dominance of Cyberspace - Common Dreams