Opportune moment for indigenous development of 5G NSA & SA by C-DOT: Prakash – United News of India

New Delhi, Sep 4 (UNI) Telecom Secretary Anshu Prakash has said it is a very opportune moment for the indigenous development of 5G NSA & SA by C-DOT, in the overall context of meeting the challenging communications requirements of the nation and realizing the Prime Minister Narendra Modi's vision of 'Atmanirbhar Bharat'.

Centre for Development of Telematics (C-DOT), the premier Telecom R&D Centre of the Department of Telecommunications, Ministry of Communications, observed its 38th Foundation Day celebrations yesterday.

The technical conference was inaugurated by Anshu Prakash, Chairman, Digital Communications Commission & Secretary (Telecom), the Ministry of Communications said in a statement on Saturday.

Speaking at the event, Prakash exhorted the engineers to relentlessly work towards successful Proof of Concept (PoC) of C-DOT 4G LTE Core in BSNL network.


Read more:

Opportune moment for indigenous development of 5G NSA & SA by C-DOT: Prakash - United News of India

Posted in NSA

NSA: We ‘don’t know when or even if’ a quantum computer will ever be able to break today’s public-key encryption – The Register

America's National Security Agency has published an FAQ about quantum cryptography, saying it does not know "when or even if" a quantum computer will ever exist to "exploit" public-key cryptography.

In the document, titled Quantum Computing and Post-Quantum Cryptography, the NSA said it "has to produce requirements today for systems that will be used for many decades in the future." With that in mind, the agency came up with some predictions [PDF] for the near future of quantum computing and their impact on encryption.

Is the NSA worried about the threat posed by a "cryptographically relevant quantum computer" (CRQC)? Apparently not too much.

"NSA does not know when or even if a quantum computer of sufficient size and power to exploit public key cryptography (a CRQC) will exist," it stated, which sounds fairly conclusive though in 2014 the agency splurged $80m looking for a quantum computer that could smash current encryption in a program titled Owning the Net, so the candor of the paper's statements is perhaps open to debate.

What the super-surveillance agency seems to be saying is that it's not a given that a CRQC capable of breaking today's public-key algorithms will ever emerge, though it wouldn't be a bad idea to consider coming up with and using new techniques that could defeat a future CRQC, should one be built.

It's almost like the NSA is dropping a not-so-subtle hint, though why it would is debatable. If it has a CRQC, or is on the path to one, it might want to warn allies, vendors, and citizens to think about using quantum-resistant technologies in case bad people develop a CRQC too. But why would the spies tip their hand so? It's all very curious.

Progress on quantum computers has been steadily made over the past few years, and while they may not ever replace our standard, classical computing, they are very effective at solving certain problems

Eric Trexler, VP of global governments at security shop Forcepoint, told The Register: "Progress on quantum computers has been steadily made over the past few years, and while they may not ever replace our standard, classical computing, they are very effective at solving certain problems. This includes public-key asymmetric cryptography, one of the two different types of cryptosystems in use today."

Public-key cryptography is what the world relies on for strong encryption, such as TLS and SSL that underpin the HTTPS standard used to help protect your browser data from third-party snooping.

In the NSA's summary, a CRQC should one ever exist "would be capable of undermining the widely deployed public key algorithms used for asymmetric key exchanges and digital signatures" and what a relief it is that no one has one of these machines yet. The post-quantum encryption industry has long sought to portray itself as an immediate threat to today's encryption, as El Reg detailed in 2019.

"The current widely used cryptography and hashing algorithms are based on certain mathematical calculations taking an impractical amount of time to solve," explained Martin Lee, a technical lead at Cisco's Talos infosec arm. "With the advent of quantum computers, we risk that these calculations will become easy to perform, and that our cryptographic software will no longer protect systems."

Given that nations and labs are working toward building crypto-busting quantum computers, the NSA said it was working on "quantum-resistant public key" algorithms for private suppliers to the US government to use, having had its Post-Quantum Standardization Effort running since 2016. However, the agency said there are no such algos that commercial vendors should adopt right now, "with the exception of stateful hash signatures for firmware."

Smart cookies will be glad to hear that the NSA considers AES-256 and SHA-384 "safe against attack by a large quantum computer."

Jason Soroko, CTO of Sectigo, a vendor that advertises "quantum safe cryptography" said the NSA report wasn't conclusive proof that current encryption algos were safe from innovation.

"Quantum computers alone do not crack public key cryptography," he said, adding that such a beast would need to execute an implementation of Shors algorithm. That algo was first described in 1994 by an MIT maths professor and allows for the calculation of prime factors of very large numbers; a vital step towards speeding up the decryption of the product of current encryption algorithms.

"Work on quantum resistant cryptographic algorithms is pushing forward based on the risk that Universal quantum computers will eventually have enough stable qubits to eventually implement Shors algorithm," continued Soroko. "I think its important to assume that innovation in both math and engineering will potentially surprise us."

While advances in cryptography are of more than merely academic interest to the infosec world, there is always the point that security (and data) breaches occur because of primarily human factors. Ransomware, currently the largest threat to enterprises, typically spreads because someone's forgotten to patch or decommission a machine on a corporate network or because somebody opens an attachment from a malicious email.

Or there's the old joke about rubber hose cryptanalysis, referring to beating the passwords out of a captured sysadmin.

Talos' Lee concluded: In a world where users will divulge their passwords in return for chocolate or in response to an enticing phishing email, the risk of quantum computers might not be our biggest threat.

Excerpt from:

NSA: We 'don't know when or even if' a quantum computer will ever be able to break today's public-key encryption - The Register

Posted in NSA

A Softening Economy Will Be Buffeted By Stimulus Withdrawal And Delta-Variant Surge – Forbes

U.S. Vehicle Sales (millions)

While the story of the week was the big miss in Nonfarm Payrolls, most of the incoming data continue to be much softer than the markets or financial media let on, as they continue to ignore the implications.The chart above shows U.S. vehicle sales beginning in 2015.Note the steady sales levels until the pandemic, the climb out to just above normal, and now a renewed falloff.Sales in August were -11% lower than in July, as they fell to a 13.5 million annual rate.They were nearly 19 million in April.Could it possibly be that the helicopter money pulled demand forward?Lack of semi-conductors, you say!If so, why are used car sales also falling?

NY Fed Weekly Economic Index

Now, look at the chart of the NY Feds Weekly Economic Index.Like autos, note the big rise in April and the tail-off since.From this chart, it appears that the growth all occurred in April, causing Q2s GDP to rise 6.6%.But this index has been falling since, implying that growth has slowed since then, leading us to conclude that Q3s growth will be weaker than Q2s, and Q4s worse yet.

In past blogs, we discussed the potential impact of the Delta-variant.The impacts from it are continuing.Restaurant reservations are falling, hotels are experiencing cancellations and a lower number of room nights, and a significant number of major corporations have delayed a return to the office.The latest employment data show job losses in the retail, hospitality, and restaurant sectors.

Here is a partial list of weakening incoming data:

The Payroll Survey:Fridays Nonfarm Payrolls at +235K (Seasonally Adjusted (SA)) also disappointed the consensus view (+733K), yet another big miss on the part of the business forecasters.There wasnt much impact on the equity markets (September 3: DOW: -74.7, S&P 500: -1.5; Nasdaq NDAQ : +32.3).The Not Seasonally Adjusted (NSA) number was +312K.Our view has been, and continues to be, that the pandemic and its nuances (Delta-variant) arent seasonally adjustable.From a strictly statistical point of view, the pandemic data havent been around long enough to display seasonality and using seasonal factors from pre-pandemic data makes no sense because todays data is profoundly influenced by the pandemic (i.e., re-opening, mask mandates, supply-chain issues, government supplemental payments, school re-opening issues ). Nevertheless, the August +312K NSA number appears close enough to the +235K SA one so whats the issue for us?

The people with jobs are the ones that get paid.Over the last two months, BLS has told us that 1.288 million (SA) jobs were created (1.053 million in July (revised) and 235K in August).The NSA numbers (these are the actual job counts) for both months combined was 278K (312K for August and -34K for July).278K new payrolls is a far cry from 1.288 million.Perhaps this is why the August business surveys show employment softness!Noteworthy: the NSA data shows -64K in the retail sector, -74K in leisure/hospitality, -50K in accommodation (hotels) and -52K in restaurants.This data strongly implies that the Delta-variant has had a dramatic economic impact.We think this impact will continue at least for another few months.

Weekly Initial Claims (ICs):The weekly data are both encouraging and discouraging.Encouraging because ICs in the state programs fell from 299K to 288k (NSA) the week of August 28.ICs represent new layoffs, and they continue to inch their way toward the 200K/week level that was the pre-pandemic normal.

State Initial Claims

But it is discouraging to realize that there will be a negative economic impact in early September when millions of unemployed lose those benefits.Small business owners are payors into the state systems for their employees, but the owners, themselves, are not eligible for state unemployment benefits (only their employees).The Pandemic Unemployment Assistance (PUA) programs were established early in the pandemic for these business owners.As you can see from the PUA Initial Claims chart (data from April through August), the PUA programs have struggled of late (Delta-variant?) and the weekly new claims have remained above 100K.

PUA Initial Claims

The PUA programs end the first week of September, so their demise is imminent.

Continuing Claims (CCs):While the 100K/week ICs are worrisome, the real issue is the imminent cessation of benefits for the 9.2 million Continuous Claimants (those getting benefits for more than one week) in the PUA programs.

Continuing Unemployment Claims

If such recipients have only been receiving benefits of $500/week, they are facing a reduction of $45 billion/month in household income (thats about 3% of such income).Expect a significant impact on consumption at least for the remainder of the year.

Opt-Outs vs. Opt-Ins:The tables below continue to show that the Opt-Out states (those not paying the federal $300/week supplement) have continued to outpace the Opt-Ins as far as reducing the unemployment rolls.From May 15 through August 21, Opt-Out state unemployment has fallen by more than 41% vs. under 20% for the Op-Ins.

Percentage Changes in CCs: Opt-Out vs. Opt-In States

Looking more granularly (table below), using the final data for August 14, Opt-Outs (representing 25% of the total CCs) reduced unemployment by -40K, while unemployment increased in the Opt-In states by +42K!

Relative Performance: Opt-Out States vs. Opt-In States

The preliminary data for August 21 show somewhat better performance of the Opt-Ins, as their CC count decreased only slightly more slowly than the Opt-Outs.As we have said in past blogs, we think the Opt-Ins will catch-up when the PUA programs end. And, once again, it is our belief that once those programs end, there will be a rush to find employment.

However, filling available job slots isnt an instantaneous process.There is an appointment needed, then an interview, a background check, and finally, an offer and acceptance.So, even if the majority of the 9.2 million CCs begin to look for work, it may take several months for a semblance of normality to return.And the economic implication is that there is likely to be a noticeable consumption slowdown, with retail falling at an even faster pace than we are seeing in the current emerging data.

Markets continue to ignore the signs of economic slowdown, as does the financial media.Of course, the equity markets love easy money, and slower economic growth means the Fed will stay easy longer.The bond market, on the other hand, appears to see the softness, and rates have reacted to the downside after some inflation indigestion last quarter.

Besides the existing softening signs, the rapidly approaching end of the special unemployment programs means no weekly checks for more than nine million current recipients.That is bound to have a negative impact on consumption, implying continued economic weakness in Q4.

(Joshua Barone contributed to this blog)

Here is the original post:

A Softening Economy Will Be Buffeted By Stimulus Withdrawal And Delta-Variant Surge - Forbes

Posted in NSA

Actions of IT giants pave the way for states to monopolize data Snowden – TASS

MOSCOW, September 2. /TASS/. Violations of user rights by IT giants who are now directly checking information and data contained in peoples personal gadgets entails a risk that governments will later monopolize this function, former US NSA staffer Edward Snowden said on Thursday.

"Its no longer a company question, its a government question. So, you have to ask yourself can Apple say no to the US government, the Russian government, the Chinese government, the German government, the French government, the British government? Of course, the answer is no. Not if they want to keep selling their products in these countries. Thats dangerous," he said.

He recalled that Apple earlier announced plans to look for illegal content on their phones even before this information is saved on their servers. "Instead of private companies scanning their files in the cloud on their system, now they are doing it on your phone. This has caused a lot of concern for people around the world even though they say that the system for now is only rolling out in the United States." Snowden noted. "The reasons for it are once Apple proves that it is possible for them to scan for some kind of forbidden content <> they cant decide in the future what kind of files would be searched for."

According to him, this function will give Apple opportunity to look through and search for any personal information stored on phones. "Now they are telling your device what to look for. And if they find something thats forbidden, thats against the law <> but tomorrow it can be something else, some new category. You dont know what they are scanning for," he said. "Once Apple breaks down this barrier between their servers and your phone and now they start scanning on your phone, they can scan for anything, they scan for political criticism, they can scan for financial records," he concluded.

In early August, Apple revealed that the company would start checking messages and iCloud content for child pornography. Apple said on Thursday that the necessary means to technically do that would be introduced in the new software for all its devices.

See the original post:

Actions of IT giants pave the way for states to monopolize data Snowden - TASS

Posted in NSA

Microsoft’s Azure Government Top Secret Cloud: All you need to know – TechHQ

Just last month, Amazon Web Services (AWS) was named the winner of a US$10 billion cloud computing contract, called WildandStormy, for the National Security Agency (NSA). But Microsoft was evidently not satisfied with the results, given the ongoing legal tussle between both companies on the Pentagons JEDI cloud computing contract. In an apparent counter move, Microsofts Azure made Government Top Secret its cloud service for governmental agencies that need to manage top-secret data generally available a couple of weeks ago.

As Microsoft Azure corporate VP Tom Keane put it in a blog posting, This announcement, together with new services and functionality in Azure Government Secret, provides further evidence of Microsofts relentless commitment to the mission of national security, enabling customers and partners to realize the vision of a multi-cloud strategy and achieve greater agility, interoperability, cost savings, and speed to innovation.

The company has long offered Government and Government Secret services, but now is after highly classified data workloads. Unlike its other offerings, Azure Government Top Secret supports Intelligence Community Directive 705 standards, a list of precise steps a compartmented information facility has to follow.

Azure Government Top Secret is now generally available for US national security agencies. Source: Microsoft

Developed in collaboration with the US government, Microsofts Azure cloud has data centers organized into regions, with its own personnel comprising only US citizens and its own network fiber that is separate from the Azure commercial offering. The data centers need to follow strict rules on construction, physical security features, and staffing checks. As part of the process, the Azure regions are air-gapped.

The new regions, whose locations are not detailed, are launching with more than 60 Azure services, with more to come. Built into a unified data strategy, these services help human analysts more rapidly extract intelligence, identify trends and anomalies, broaden perspectives, and find new insights, Keane said.

Keane also shared that the Azure Government product portfolio was developed to further Microsofts relentless commitment to the mission of national security. Microsoft also revealed that it has added new services to Azure Government Secret, including Azure Kubernetes Service (AKS), Azure Functions, and Azure App Service. There are now 73 services available on the Government Secret cloud. In addition to those, Microsoft offers data analysis and AI services to government agencies through Azures Data Lake, Cosmos DB, HDInsight, and Cognitive Services.

Keanes blog post highlighted that in order to develop a unified cybersecurity approach to protect the nations data, mission owners can utilize products informed by this threat intelligence, including Azure Security Center and Azure Sentinel to integrate multiple security point solutions and continually assess, visualize, and protect the security state of resources in Azure, on-premises, and in other clouds. B

Microsoft was approved as a supplier of cloud services to the US intelligence community in 2018, and two years later was chosen, along with AWS, Google, Oracle, and IBM, as part of the multibillion-dollar C2E cloud contract where the CIA will get each company to bid for specific task orders for itself and the 16 other agencies within the US intelligence community.

This month, however, Microsoft lost out on a US$10 billion cloud contract with the NSA. It is protesting the decision to award the deal to Amazon Web Services in court. The company is likely hoping to score the same victory as AWS did with JEDI, the Department of Defenses US$10 billion-valued cloud contract. It was awarded to Microsoft in October 2019, but that contract was scrapped after a lengthy legal battle.

It is also fair to note that AWS was the first company to launch top-secret regions that were deemed fit to host the governments exceedingly private data. So, this levels the playing field and provides the government with a choice because previously, it was just a one-horse race, Keane said.

See the rest here:

Microsoft's Azure Government Top Secret Cloud: All you need to know - TechHQ

Posted in NSA

The Scandalous History of the Last Rotor Cipher Machine – IEEE Spectrum

Growing up in New York City, I always wanted to be a spy. But when I graduated from college in January 1968, the Cold War and Vietnam War were raging, and spying seemed like a risky career choice. So I became an electrical engineer, working on real-time spectrum analyzers for a U.S. defense contractor.

In 1976, during a visit to the Polish Army Museum in Warsaw, I saw an Enigma, the famous German World War II cipher machine. I was fascinated. Some years later, I had the good fortune of visiting the huge headquarters of the cipher machine company Crypto AG (CAG), in Steinhausen, Switzerland, and befriending a high-level cryptographer there. My friend gave me an internal history of the company written by its founder, Boris Hagelin. It mentioned a 1963 cipher machine, the HX-63.

Like the Enigma, the HX-63 was an electromechanical cipher system known as a rotor machine. It was the only electromechanical rotor machine ever built by CAG, and it was much more advanced and secure than even the famous Enigmas. In fact, it was arguably the most secure rotor machine ever built. I longed to get my hands on one, but I doubted I ever would.

Fast forward to 2010. I'm in a dingy third subbasement at a French military communications base. Accompanied by two-star generals and communications officers, I enter a secured room filled with ancient military radios and cipher machines. Voil! I am amazed to see a Crypto AG HX-63, unrecognized for decades and consigned to a dusty, dimly lit shelf.

I carefully extract the 16-kilogram (35-pound) machine. There's a hand crank on the right side, enabling the machine to operate away from mains power. As I cautiously turn it, while typing on the mechanical keyboard, the nine rotors advance, and embossed printing wheels feebly strike a paper tape. I decided on the spot to do everything in my power to find an HX-63 that I could restore to working order.

If you've never heard of the HX-63 until just now, don't feel bad. Most professional cryptographers have never heard of it. Yet it was so secure that its invention alarmed William Friedman, one of the greatest cryptanalysts ever and, in the early 1950s, the first chief cryptologist of the U.S. National Security Agency (NSA). After reading a 1957 Hagelin patent (more on that later), Friedman realized that the HX-63, then under development, was, if anything, more secure than the NSA's own KL-7, then considered unbreakable. During the Cold War, the NSA built thousands of KL-7s, which were used by every U.S. military, diplomatic, and intelligence agency from 1952 to 1968.

The reasons for Friedman's anxiety are easy enough to understand. The HX-63 had about 10600 possible key combinations; in modern terms, that's equivalent to a 2,000-bit binary key. For comparison, the Advanced Encryption Standard, which is used today to protect sensitive information in government, banking, and many other sectors, typically uses a 128- or a 256-bit key.

In the center of the cast-aluminum base of the HX-63 cipher machine is a precision Swiss-made direct-current gear motor. Also visible is the power supply [lower right] and the function switch [left], which is used to select the operating modefor example, encryption or decryption.Peter Adams

A total of 12 different rotors are available for the HX-63, of which nine are used at any one time. Current flows into one of 41 gold-plated contacts on the smaller-diameter side of the rotor, through a conductor inside the rotor, out through a gold-plated contact on the other side, and then into the next rotor. The incrementing of each rotor is programmed by setting pins, which are just visible in the horizontal rotor.Peter Adams

Just as worrisome was that CAG was a privately owned Swiss company, selling to any government, business, or individual. At the NSA, Friedman's job was to ensure that the U.S. government had access to the sensitive, encrypted communications of all governments and threats worldwide. But traffic encrypted by the HX-63 would be unbreakable.

Friedman and Hagelin were good friends. During World War II, Friedman had helped make Hagelin a very wealthy man by suggesting changes to one of Hagelin's cipher machines, which paved the way for the U.S. Army to license Hagelin's patents. The resulting machine, the M-209-B, became a workhorse during the war, with some 140,000 units fielded. During the 1950s, Friedman and Hagelin's close relationship led to a series of understandings collectively known as a gentleman's agreement" between U.S. intelligence and the Swiss company. Hagelin agreed not to sell his most secure machines to countries specified by U.S. intelligence, which also got secret access to Crypto's machines, plans, sales records, and other data.

But in 1963, CAG started to market the HX-63, and Friedman became even more alarmed. He convinced Hagelin not to manufacture the new device, even though the machine had taken more than a decade to design and only about 15 had been built, most of them for the French army. However, 1963 was an interesting year in cryptography. Machine encryption was approaching a crossroads; it was starting to become clear that the future belonged to electronic encipherment. Even a great rotor machine like the HX-63 would soon be obsolete.

That was a challenge for CAG, which had never built an electronic cipher machine. Perhaps partly because of this, in 1966, the relationship among CAG, the NSA, and the CIA went to the next level. That year, the NSA delivered to its Swiss partner an electronic enciphering system that became the basis of a CAG machine called the H-460. Introduced in 1970, the machine was a failure. However, there were bigger changes afoot at CAG: That same year, the CIA and the German Federal Intelligence Service secretly acquired CAG for US $5.75 million. (Also in 1970, Hagelin's son Bo, who was the company's sales manager for the Americas and who had opposed the transaction, died in a car crash near Washington, D.C.)

Although the H-460 was a failure, it was succeeded by a machine called the H-4605, of which thousands were sold. The H-4605 was designed with NSA assistance. To generate random numbers, it used multiple shift registers based on the then-emerging technology of CMOS electronics. These numbers were not true random numbers, which never repeat, but rather pseudorandom numbers, which are generated by a mathematical algorithm from an initial seed."

This mathematical algorithm was created by the NSA, which could therefore decrypt any messages enciphered by the machine. In common parlance, the machines were backdoored." This was the start of a new era for CAG. From then on, its electronic machines, such as the HC-500 series, were secretly designed by the NSA, sometimes with the help of corporate partners such as Motorola. This U.S.-Swiss operation was code-named Rubicon. The backdooring of all CAG machines continued until 2018, when the company was liquidated.

Parts of this story emerged in leaks by CAG employees before 2018 and, especially, in a subsequent investigation by the Washington Post and a pair of European broadcasters, Zweites Deutsches Fernsehen, in Germany, and Schweizer Radio und Fernsehen, in Switzerland. The Post's article, published on 11 February 2020, touched off firestorms in the fields of cryptology, information security, and intelligence.

The revelations badly damaged the Swiss reputation for discretion and dependability. They triggered civil and criminal litigation and an investigation by the Swiss government and, just this past May, led to the resignation of the Swiss intelligence chief Jean-Philippe Gaudin, who had fallen out with the defense minister over how the revelations had been handled. In fact, there's an interesting parallel to our modern era, in which backdoors are increasingly common and the FBI and other U.S. intelligence and law-enforcement agencies sporadically tussle with smartphone manufacturers over access to encrypted data on the phones.

Even before these revelations, I was deeply fascinated by the HX-63, the last of the great rotor machines. So I could scarcely believe my good fortune in 2020 when, after years of negotiations, I took possession of an HX-63 for my research for the Association des Rservistes du Chiffre et de la Scurit de l'Information, a Paris-based professional organization of cryptographers and information-security specialists. This particular unit, different from the one I had seen a decade before, had been untouched since 1963. I immediately began to plan the restoration of this historically resonant machine.

People have been using codes and ciphers to protect sensitive information for a couple of thousand years. The first ciphers were based on hand calculations and tables. In 1467, a mechanical device that became known as the Alberti cipher wheel was introduced. Then, just after World War I, an enormous breakthrough occurred, one of the greatest in cryptographic history: Edward Hebern in the United States, Hugo Koch in the Netherlands, and Arthur Scherbius in Germany, within months of one another, patented electromechanical machines that used rotors to encipher messages. Thus began the era of the rotor machine. Scherbius's machine became the basis for the famous Enigma used by the German military from the 1930s until the end of WW II.

To understand how a rotor machine works, first recall the basic goal of cryptography: substituting each of the letters in a message, called plaintext, with other letters in order to produce an unreadable message, called ciphertext. It's not enough to make the same substitution every timereplacing every F with a Q, for example, and every K with an H. Such a monoalphabetic cipher would be easily solved.

A rotor machine gets around that problem usingyou guessed itrotors. Start with a round disk that's roughly the diameter of a hockey puck, but thinner. On both sides of the disk, spaced evenly around the edge, are 26 metal contacts, each corresponding to a letter of the English alphabet. Inside the disk are wires connecting a contact on one side of the disk to a different one on the other side. The disk is connected electrically to a typewriter-like keyboard. When a user hits a key on the keyboard, say W, electric current flows to the W position on one side of the rotor. The current goes through a wire in the rotor and comes out at another position, say L. However, after that keystroke, the rotor rotates one or more positions. So the next time the user hits the W key, the letter will be encrypted not as L but rather as some other letter.

Though more challenging than simple substitution, such a basic, one-rotor machine would be child's play for a trained cryptanalyst to solve. So rotor machines used multiple rotors. Versions of the Enigma, for example, had either three rotors or four. In operation, each rotor moved at varying intervals with respect to the others: A keystroke could move one rotor or two, or all of them. Operators further complicated the encryption scheme by choosing from an assortment of rotors, each wired differently, to insert in their machine. Military Enigma machines also had a plugboard, which swapped specific pairs of letters both at the keyboard input and at the output lamps.

The rotor-machine era finally ended around 1970, with the advent of electronic and software encryption, although a Soviet rotor machine called Fialka was deployed well into the 1980s.

The HX-63 pushed the envelope of cryptography. For starters it has a bank of nine removable rotors. There's also a modificator," an array of 41 rotary switches, each with 41 positions, that, like the plugboard on the Enigma, add another layer, an unchanging scramble, to the encryption. The unit I acquired has a cast-aluminum base, a power supply, a motor drive, a mechanical keyboard, and a paper-tape printer designed to display both the input text and either the enciphered or deciphered text. A function-control switch on the base switches among four modes: off, clear" (test), encryption, and decryption.

In encryption mode, the operator types in the plaintext, and the encrypted message is printed out on the paper tape. Each plaintext letter typed into the keyboard is scrambled according to the many permutations of the rotor bank and modificator to yield the ciphertext letter. In decryption mode, the process is reversed. The user types in the encrypted message, and both the original and decrypted message are printed, character by character and side by side, on the paper tape.

While encrypting or decrypting a message, the HX-63 prints both the original and the encrypted message on paper tape. The blue wheels are made of an absorbent foam that soaks up ink and applies it to the embossed print wheels.Peter Adams

Beneath the nine rotors on the HX-63 are nine keys that unlock each rotor to set the initial rotor position before starting a message. That initial position is an important component of the cryptographic key.Peter Adams

To begin encrypting a message, you select nine rotors (out of 12) and set up the rotor pins that determine the stepping motion of the rotors relative to one another. Then you place the rotors in the machine in a specific order from right to left, and set each rotor in a specific starting position. Finally, you set each of the 41 modificator switches to a previously determined position. To decrypt the message, those same rotors and settings, along with those of the modificator, must be re-created in the receiver's identical machine. All of these positions, wirings, and settings of the rotors and of the modificator are collectively known as the key.

The HX-63 includes, in addition to the hand crank, a nickel-cadmium battery to run the rotor circuit and printer if no mains power is available. A 12-volt DC linear power supply runs the motor and printer and charges the battery. The precision 12-volt motor runs continuously, driving the rotors and the printer shaft through a reduction gear and a clutch. Pressing a key on the keyboard releases a mechanical stop, so the gear drive propels the machine through a single cycle, turning the shaft, which advances the rotors and prints a character.

The printer has two embossed alphabet wheels, which rotate on each keystroke and are stopped at the desired letter by four solenoids and ratchet mechanisms. Fed by output from the rotor bank and keyboard, mechanical shaft encoders sense the position of the alphabet printing wheels and stop the rotation at the required letter. Each alphabet wheel has its own encoder. One set prints the input on the left half of the paper tape; the other prints the output on the right side of the tape. After an alphabet wheel is stopped, a cam releases a print hammer, which strikes the paper tape against the embossed letter. At the last step the motor advances the paper tape, completing the cycle, and the machine is ready for the next letter.

As I began restoring the HX-63, I quickly realized the scope of the challenge. The plastic gears and rubber parts had deteriorated, to the point where the mechanical stress of motor-driven operation could easily destroy them. Replacement parts don't exist, so I had to build such parts myself.

After cleaning and lubricating the machine, I struck a few keys on the keyboard. I was delighted to see that all nine cipher rotors turned and the machine printed a few characters on the paper tape. But the printout was intermittently blank and distorted. I replaced the corroded nickel-cadmium battery and rewired the power transformer, then gradually applied AC power. To my amazement, the motor, rotors, and the printer worked for a few keystrokes. But suddenly there was a crash of gnashing gears, and broken plastic bits flew out of the machine. Printing stopped altogether, and my heartbeat nearly did too.

I decided to disassemble the HX-63 into modules: The rotor bank lifted off, then the printer. The base contains the keyboard, power supply, and controls. Deep inside the printer were four plastic snubbers," which cushion and position the levers that stop the ratchet wheels at the indicated letter. These snubbers had disintegrated. Also, the foam disks that ink the alphabet wheels were decomposing, and gooey bits were clogging the alphabet wheels.

I made some happy, serendipitous finds. To rebuild the broken printer parts, I needed a dense rubber tube. I discovered that a widely available neoprene vacuum hose worked perfectly. Using a drill press and a steel rod as a mandrel, I cut the hose into precise, 10-millimeter sections. But the space deep within the printer, where the plastic snubbers are supposed to be, was blocked by many shafts and levers, which seemed too risky to remove and replace. So I used right-angle long-nosed pliers and dental tools to maneuver the new snubbers under the mechanism. After hours of deft surgery, I managed to install the snubbers.

The ink wheels were made of an unusual porous foam. I tested many replacement materials, settling finally on a dense blue foam cylinder. Alas, it had a smooth, closed-cell surface that would not absorb ink, so I abraded the surface with rough sandpaper.

After a few more such fixes, I faced just one more snafu: a bad paper-tape jam. I had loaded a new roll of paper tape, but I did not realize that this roll had a slightly smaller core. The tape seized, tore, and jammed under the alphabet wheels, deeply buried and inaccessible. I was stymiedbut then made a wonderful discovery. The HX-63 came with thin stainless-steel strips with serrated edges designed specifically to extract jammed paper tape. I finally cleared the jam, and the restoration was complete.

One of the reasons why the HX-63 was so fiendishly secure was a technique called reinjection, which increased its security exponentially. Rotors typically have a position for each letter of the alphabet they're designed to encrypt. So a typical rotor for English would have 26 positions. But the HX-63's rotors have 41 positions. That's because reinjection (also called reentry) uses extra circuit paths beyond those for the letters of the alphabet. In the HX-63, there are 15 additional paths.

Here's how reinjection worked in the HX-63. In encryption mode, current travels in one direction through all the rotors, each introducing a unique permutation. After exiting the last rotor, the current loops back through that same rotor to travel back through all the rotors in the opposite direction. However, as the current travels back through the rotors, it follows a different route, through the 15 additional circuit paths set aside for this purpose. The exact path depends not only on the wiring of the rotors but also on the positions of the 41 modificators. So the total number of possible circuit configurations is 26! x 15!, which equals about 5.2 x 1038. And each of the nine rotors' internal connections can be rewired in 26! different ways. In addition, the incrementing of the rotors is controlled by a series of 41 mechanical pins. Put it all together and the total number of different key combinations is around 10600.

Such a complex cipher was not only unbreakable in the 1960s, it would be extremely difficult to crack even today. Reinjection was first used on the NSA's KL-7 rotor machine. The technique was invented during WW II by Albert W. Small, at the U.S. Army's Signal Intelligence Service. It was the subject of a secret patent that Small filed in 1944 and that was finally granted in 1961 (No. 2,984,700).

Meanwhile, in 1953, Hagelin applied for a U.S. patent for the technique, which he intended to use in what became the HX-63. Perhaps surprisingly, given that the technique was already the subject of a patent application by Small, Hagelin was granted his patent in 1957 (No. 2,802,047). Friedman, for his part, had been alarmed all along by Hagelin's use of reinjection, because the technique had been used in a whole series of vitally important U.S. cipher machines, and because it was a great threat to the NSA's ability to listen to government and military message traffic at will.

The series of meetings between Friedman and Hagelin that resulted in the cancellation of the HX-63 was mentioned in a 1977 biography of Friedman, The Man Who Broke Purple, by Ronald Clark, and it was further detailed in 2014 through a disclosure by the NSA's William F. Friedman Collection.

After a career as an electrical engineer and inventor, author Jon D. Paul now researches, writes, and lectures on the history of digital technology, especially encryption. In the 1970s he began collecting vintage electronic instruments, such as the Tektronix oscilloscopes and Hewlett-Packard spectrum analyzers seen here. Peter Adams

The revelation of Crypto AG's secret deals with U.S. intelligence may have caused a bitter scandal, but viewed from another angle, Rubicon was also one of the most successful espionage operations in historyand a forerunner of modern backdoors. Nowadays, it's not just intelligence agencies that are exploiting backdoors and eavesdropping on secure" messages and transactions. Windows 10's telemetry" function continuously monitors a user's activity and data. Nor are Apple Macs safe. Malware that allowed attackers to take control of a Mac has circulated from time to time; a notable example was Backdoor.MAC.Eleanor, around 2016. And in late 2020, the cybersecurity company FireEye disclosed that malware had opened up a backdoor in the SolarWinds Orion platform, used in supply-chain and government servers. The malware, called SUNBURST, was the first of a series of malware attacks on Orion. The full extent of the damage is still unknown.

The HX-63 machine I restored now works about as well as it did in 1963. I have yet to tire of the teletype-like motor sound and the clack-clack of the keyboard. Although I never realized my adolescent dream of being a secret agent, I am delighted by this little glimmer of that long-ago, glamorous world.

And there's even a postscript. I recently discovered that my contact at Crypto AG, whom I'll call C," was also a security officer at the Swiss intelligence agencies. And so for decades, while working at the top levels of Crypto AG, C" was a back channel to the CIA and Swiss intelligence agencies, and even had a CIA code name. My wry old Swiss friend had known everything all along!

This article appears in the September 2021 print issue as The Last Rotor Machine."

The Crypto AG affair was described in a pair of Swedish books. One of them was Borisprojektet : rhundradets strsta spionkupp : NSA och ett svensk snille lurade en hel vrld [translation: The Boris Project: The Biggest Spy Coup of the Century: NSA and a Swedish genius cheated an entire world], 2016, Sixten Svensson, Vaktelfrlag, ISBN 978-91-982180-8-4.

Also, in 2020, Swiss editor and author Res Strehle published Verschlsselt: Der Fall Hans Bhler [translation: Encrypted: The Hans Bhler Case], and later Operation Crypto. Die Schweiz im Dienst von CIA und BND [Operation Crypto: Switzerland in the Service of the CIA and BND].


The Scandalous History of the Last Rotor Cipher Machine - IEEE Spectrum

Posted in NSA

Home, but Not Free: NSA Whistleblower Reality Winner Adjusts to Her Release From Prison – The Intercept

In the latest phase of her record sentence for whistleblowing, former National Security Agency linguist Reality Winner is a short drive to the blazing hot summertime beaches on Texass Gulf coast. But she cant get near them. She cant even go into the yard of a neighbor who invited her to aid in his beekeeping project.

Convicted under the Espionage Act for having shared a classified document on threats to election security with the media, Winner has been released to home confinement but wears an unwieldy ankle bracelet. It beeps even if she strays too far within her familys yard.

Not wanting her to miss out, a high school friend showed up on a recent day with a kiddie swimming pool and some sand. Mom, Im going to the beach today, Winner said, her mother Billie Winner-Davis recalled. The pair filled the kids toy and Winner waded in.

Winners family and friends are thrilled to have her home after four years behind bars a stint that took miserable turns as her release date neared. Shecontracted Covid-19 as part of a mass infection in her prison, filed a sexual assault complaint against a guard, and went thirsty and cold when her facility lost heat and water in February during Texass deadly winter storm.

I really want the public to know that theyre not seeing Reality Winner, theyre not hearing from Reality Winner, because she is under some serious restrictions.

Despite their elation that she is out of prison, though, Winners family and friends say she is far from free. Every day is still marked by intrusions, like the app carceral authorities require her to put on her phone to monitor her and needing prior approval to go to Walmart with her mother for errands. Winner is projected to be transferred from home confinement to supervised release in November.

Thats why they are continuing their year-and-a-half-long campaign for a presidential pardon or clemency, saying the whistleblower is being gagged from telling her own story.

I really want the public to know that theyre not seeing Reality Winner, theyre not hearing from Reality Winner, because she is under some serious restrictions, Winner-Davis said.

Winner-Davis added that Reality, who is under a gag order, is also banned from using social media, a condition her attorney, Alison Grinter, said is normal and up to the discretion of halfway house authorities.

Grinter, speaking recently on Democracy Now, said a pardon for Winner is both something she and her country deserve.

Reality released a document that gave us information that we needed to know at a time that we absolutely needed to know it, Grinter said. And she was in prison not because the information was a danger or put anyone in danger. She was in prison to salve the insecurities of one man who was concerned about the validity of his election win.

Left/Top: Reality Winner sits on her bed at her mothers home while charging her ankle monitor as she serves a home confinement sentence in Kingsville, Texas, on July 3, 2021. Right/Bottom: A landscape near Reality Winners home in Kingsville, Texas, on July 3, 2021.Credit: Photos: Christopher Lee for The Intercept

Winner is currently serving the longest prison sentence of its kind under the Espionage Act, a World War I-era law used in recent years to send journalists sources to prison, even as comparable defendants have simply gotten probation for charges of mishandling classified information.

The government itself acknowledges that Winners intent was to send the document she leaked to journalists and therefore warn the American public, rather than use it for personal gain. The NSA report detailed phishing attacks by Russian military intelligence against local U.S. election officials and was published in a June 2017 article by The Intercept. (The Press Freedom Defense Fund which is part of The Intercepts parent company, First Look Institute supported Winners legal defense.)

Released from a Fort Worth, Texas, federal prison one day shy of the four-year anniversary of her June 3 arrest, Winners path to her parents remote southern Texas home was a bumpy one. The journey began with a 23-day quarantine with five other women in a hospital patient-sized room. After that, her family picked her up for a long drive down through Texas in which they had a matter of hours to deliver her to a halfway house, where she stayed for a week before being released toher rural childhood home. There, paper labels with Arabic vocabulary words are still taped to household items early remnants from the series of events that would lead her to prison when, as a teenager eager to learn foreign languages, she signed up for the military.

Taking advantage of the window of time they had with her as they drove her to the halfway house, her family and close friends planned a series of surprises. Winner met her infant niece, whom the whistleblower had only seen on video chats and Shutterfly-printed postcards, due to visitation bans at prisonamid the pandemic.

While sitting in her parents car and sorting through her belongings, she saw the blond hair of her sister, Brittany Winner, in the distance in a park and tried to jump out of the moving vehicle. She dropped everything on her lap and just ran, her mother said. She ran to Brittany and the baby.

Her sister said the whistleblower was trembling, still unnerved by a guard who had told her that morning that she would not be released. Just the look in her eyes, she almost looked, like, dead, so traumatized and not really believing that everything was happening, Brittany Winner said. And, at some point, I was talking to her, she just reached up in the middle of my sentence to touch my face, and she said, Youre real, right?'

At the southernmost point in their trip toward home, two other loved ones were waiting for her: Wendy Collins, a family friend from Philadelphia who spearheads a social media campaign calling for her pardon, and Collinss partner.

They ate at a Thai restaurant as they counted down the minutes to her report time to the halfway house. Collins hugged the whistleblower for the first time since their friendship and Collinss tireless advocacy began.

Collins said, I flew for the hug.

Reality Winner gives her dog a kiss as they play outside at her mothers home in Kingsville, Texas, on July 3, 2021.

Photo: Christopher Lee for The Intercept

Reality Winner sits in a tarp full of beach sand, brought to her by a friend, at her mothers home in Kingsville, Texas, on July 3, 2021.

Photo: Christopher Lee for The Intercept

At her familys quiet home, Winner schedules her days in an orderly way, similar to her life before the arrest time slots for online yoga courses, cycling exercise routines, and a new part-time job as a researcher for a documentary filmmaker. She relishes spending time with her family dog, Domino, and cat, Fiona, since Winner lost ownership of her own pets, a dog named Mickey and cat named Mina, in the chaos after her arrest. In her down time, she sorts through books supporters have sent her and boxes of belongings from her Augusta, Georgia, home, which was raided by a fleet of armed federal agents whose interrogation of Winner would later be characterized by the government as a voluntary interview one in which she was never read her Miranda rights.

When the heat breaks in the evenings, her mother says Reality prefers to not watch TV, opting instead to breathe in fresh air on the back patio.

Shes seen people from all walks of life just be completely taken advantage of by the system, especially people of color. And that is something that she just cant tune out.

Looking toward the future, when she can speak publicly and take more control over her life, her sister said she expects the whistleblower to advocate for incarcerated people. Shes seen people from all walks of life just be completely taken advantage of by the system, especially people of color, Brittany Winner said. And that is something that she just cant tune out. She cant just live her quiet life.

When shes free to go to the water the Gulf of Mexico, not the kiddie pool out back the whistleblower hopes to go the Texas shoreline to plant mangroves, something Winner, long an environmental advocate, told her sister she wants to do in order to heal coastal ecosystems.

Grateful for even this incomplete freedom, the sisters send each other a near-constant flurry of updates. Not a day goes by when she and her sister dont exchange50 or more text messages and phone calls, including baby photos and videos of Reality practicing yoga with her ankle bracelet in her parents garage. I feel lucky to have my sister back, Brittany Winner said. And one of the things that I was scared of was that she was going to be changed you know, like damaged, like she wasnt going to be the same person because of four years in prison.

How can that not mess you up? But despite the trauma, I feel like shes the same,she said. At least with me. Shes the same person.

Read more here:

Home, but Not Free: NSA Whistleblower Reality Winner Adjusts to Her Release From Prison - The Intercept

Posted in NSA

The NSA Does Not Deny Reading Tucker Carlsons Emails

I laughed when Fox News host Tucker Carlson said a National Security Agency (NSA) whistleblower told him that agency was monitoring his emails to leak them in an attempt to take his show off the air. From my 19 years as a CIA analyst and five years with House Intelligence Committee staff, I found this impossible to believe, for three reasons.

First, I believed NSAs huge and lumbering bureaucracy would never agree to such a flagrant violation of the agencys foreign intelligence charter to spy on a leading conservative American journalist. Even if most NSA officials and analysts dislike Carlson, I assumed they would view violating NSA rules and the law to monitor him as too risky, since a leak was certain given how extremely controversial such an action would be and the large number of NSA personnel who would know about it.

Second, the NSA spying on Carlson would have to be approved at the highest level of the Biden administrationprobably by National Security Adviser Jake Sullivan. I believed Sullivan and other senior Biden officials were too risk-adverse to order NSA surveillance of Carlson. Third, I have little regard for high-profile NSA whistleblowers, too many of whom have been disgruntled former employees pursuing personal agendas.

I therefore dismissed Carlsons claim that the NSA was reading his emails. Then I saw this extraordinary denial from the NSA:

Carlson rejected this explanation by calling it an infuriating, dishonest formal statement. He added, Last night on this show, we made a very straightforward claim: NSA has read my private emails without my permission. Period, Carlson stated. Thats what we said. Tonights statement from the NSA does not deny that.

In a tweet, Rep. Justin Amash, R-Michigan, a longtime critic of NSA, also sharply criticized NSAs response, saying: Dont know whether NSA is *specifically* spying on Carlson, but this statement is worthless. 1st, it denies a compound allegation re monitoring *and* taking show off air. 2nd, it says hes not a target, which is a term of art. Real danger is so-called incidental collection.

Lets be very clear about what the NSA said in its statement. It denied targeting Carlson, but did not deny reading his emails. The NSA also did not deny that it may have accessed Carlsons communications through incidental collection.

These were huge omissions, since incidental collection is a well-known and controversial way the NSA collects vast amounts of Americans communications without warrants. This happens when an innocent American communicates with a legitimate NSA target, such as someone believed to be under the control of or to be collaborating with a hostile foreign power.

When this happens, the name of the innocent American is supposed to be redacted or masked. There are very strict rules on how incidentally collected communications of U.S citizens can be used.

Given the controversy that arose from Obama officials requesting the names of Trump campaign officials be unmasked in 2016, tougher rules were enacted to protect the identities of the communications of Americans that the NSA incidentally collected. In addition, in 2017 the NSA claims it ended its controversial upstream collection surveillance practice of collecting email traffic of American citizens merely because it contained an email address or phone number of a foreign target.

The NSAs non-denial of Carlsons allegations therefore raises some serious questions. Why did the NSA not flatly state it never accessed Carlsons communications? Were Carlsons communications unmasked at the request of White House officials?

Susan Rice admitted she unmasked Trump campaign aides during the Obama administration and now serves in the Biden White House. Has Rice resumed her previous efforts to weaponize NSA reporting against the political enemies of another Democratic president?

A more troubling question is whether this story, if true, indicates that NSA did not actually halt its upstream collection of emails, as it claimed in 2017.

So in response to the NSA statement, I admit that I may have been wrong and Carlson may be right. The NSA only denied Carlson was an intelligence target. It did not deny reading his emails or violating his privacy rights.

I was therefore pleased to learn that last Wednesday, House Minority Leader Kevin McCarthy, R-California, asked House Intelligence Committee Ranking Member Devin Nunes, R-California, to probe the allegation that NSA is spying on Carlson and other reports that NSA is being politicized. In his statement, McCarthy said he has seen disturbing trend . . . [f]or the past several months at NSA.

Stories like this undermine Americans faith in their government and the integrity of our foreign intelligence agencies, which exist to defend our nation against hostile foreign powers. For the good of the country, NSA needs to issue a better explanation ASAP either denying that it read Carlsons emails or provide an explanation for what actually happened.

Fred Fleitz is president and CEO of the Center for Security Policy. He served in 2018 as deputy assistant to the president and chief of staff of the National Security Council. Fleitz held national security jobs for 25 years with the CIA, DIA, Department of State, and the House Intelligence Committee staff. Twitter: @fredfleitz

See the rest here:

The NSA Does Not Deny Reading Tucker Carlsons Emails

Posted in NSA

Congress newest subcommittee is focusing on cyber troops and JEDI – Federal News Network

The House Armed Services Committee has a new subcommittee this year, one aimed purely at the growing need for innovation in the Defense Department and the continued prominence of cyber as a dominant means of warfare.

The first-ever chairman of the Cyber, Innovative Technologies and Information Systems Subcommittee, Rep. Jim Langevin (D-R.I.), said over the next legislative session the panel will pursue an aggressive agenda focusing on cyber force structure, the newest combatant commands, artificial intelligence, cyber infrastructure and supply chain safety.

The era of technology has been growing at a rapid pace and becoming more and more important in the Pentagon, in Pentagon budgets and planning, Langevin told Federal News Network in an exclusive interview. House Armed Services Committee Chairman Adam Smith (D-Wash.) felt we needed more scope and depth regarding these issues. Cyber and AI information operations have become more and more important. We want to make sure that the right resources and attention is being given to oversight in all these areas.

In the most recent defense authorization act, Congress included more than 70 cyber-related provisions, so many that the committee had to create a cyber title in the legislation.

Our success in great power competition is going to rely on sophisticated coordinated digital capabilities, Langevin said. The House Armed Services Committee needed to dedicate staff and resources to face this challenge and exhibit the oversight that men and women in uniform deserves.

Langevin said one of his first priorities as chairman will be to ensure that DoD has the right amount of cyber forces.

Currently, DoD has a Cyber Mission Force of 133 teams, four Joint Force Headquarters-Cyber and one Cyber National Mission Force. Those forces focus on protecting DoDs information network and on defensive and offensive cyberspace operations.

I think we need to probably grow the national mission teams as we get more into defending forward, Langevin said. Thats the smallest number of teams that we have over the scope of the cyber mission force. Were going to be looking at this. Theres going to be a force structure assessment that U.S. Cyber Command is going to have to do and we want to make sure that we get this right.

Langevin wants to look further into roles of CYBERCOM, U.S. Space Command and the geographic commands to see if they need to streamline.

In terms of CYBERCOM, Langevin said hes interested in looking into how the combatant command and the National Security Agency are led. Currently, one person heads both of the organizations. There has been much discussion over whether there needs to be an individual head for each of the entities.

It may come a point where we split the hat, having two heads of those different agencies, but right now, Im not a fan of splitting the hat, Langevin said. You need that neutral arbiter to go strike the balance between intelligence and operations. What are the equities of NSA, their concerns? Whats the right steps to take in terms of defending forward and exposure to detection and a whole host of things that we have to balance the right way.

Langevin said there is value in keeping the roles together.

I need NSA and U.S. Cyber Command linked in a way where one will follow the work of the other, he said. I need CYBERCOM and NSA leader Gen. Paul Nakasone being the arbiter between offense and defense. I think his intelligence collection is important.

Langevin pointed to election security as one area where intelligence and operations need to work together and benefit from being housed under one roof.

Another issue Langevin will be keeping a close eye on, along with many others in the tech world, is the Pentagons JEDI contract which has gone through considerable contracting issues. The program is supposed to bring a general cloud to DoD.

Langevin said the bureaucracy, caused in part by drama between companies competing for the contract, is holding up the military from a much needed resource.

It really it troubles me, it frustrates me, he said. I understand this was a large contract. Theres obviously going to be challenges when the losing team doesnt go their way. But eventually weve got to make a decision to move forward on this. I hope that will prevail, and well get this done in the courts. And then when we get it green lighted it really does need to be a single cloud and we cant break it apart for multiple vendors.

As far as legislation goes, the chairman wants to continue implementing recommendations from the Cyber Solarium Commission and the National Security Commission on Artificial Intelligence.

Langevin said he will also be focusing on the Cyber Diplomacy bill, which establishes an international cyberspace policy office in the State Department.

See original here:

Congress newest subcommittee is focusing on cyber troops and JEDI - Federal News Network

Posted in NSA

End the war on whistleblowers – The Week

President Trump was the most aggressive prosecutor of whistleblowers of any president in American history. The previous record was set by President Obama, but the Trump administration launched as many prosecutions in four years as Obama did in eight.

President Biden, as part of his campaign to undo many of his predecessor's worst policies, should pardon most of these folks, or at least commute their sentences. Disclosing classified information that the public deserves to know does not deserve a lengthy prison sentence.

Of all the candidates for a pardon, Reality Winner's case is most obviously convincing, though as yet has not gotten the wide attention it deserves. She did indeed leak classified documents to The Intercept (which horribly botched its security protocols and basically handed her to the FBI, though she probably would have been caught eventually), which is against the law. But the exposure of these documents did not even slightly harm national security.

Here's what seems to have happened. Winner listened to the Intercepted podcast in early 2017, including one episode in which former Intercept co-founder and journalist Glenn Greenwald expressed skepticism about the idea that Russia had hacked the DNC and John Podesta to boost Donald Trump in the 2016 campaign. Therefore she sent the publication classified material showing the NSA had evidence that not only was Russia behind those hacks, it had actually successfully hacked into an election software vendor. For that she was sentenced to five years and three months in prison. It was the longest sentence in history for simply leaking to the press and very obviously related to Trump's desire to punish people who pointed out his connection to the Russia hack.

Any reasonable American should favor her release because the public has a right to know when U.S. intelligence agencies think a hostile foreign power is trying to compromise America's electoral machinery. At bottom, she was simply doing what the NSA is supposed to do protect the country. Indeed, as Kerry Howley (a journalist who has been following the Winner story closely) points out, when The Intercept published its story on the leak, the federal agency in charge of assisting state election authorities put out a bulletin informing state governments what had happened for the first time. Several states were outraged that they hadn't been informed earlier, and justifiably so. It's not the first time that intelligence agencies' compulsive secrecy and over-classification has gotten in the way of doing their purported jobs.

In any case, all the important details Winner leaked were later published in the Mueller report. Her action was carried out in good faith; she did no harm and at least some good. And anyone who simply believes in proportional punishment must agree that, even on the harshest possible reading of events, Winner has already paid for what she did and then some. She should be pardoned immediately.

Edward Snowden's case may be less convincing for many. He, of course, is the former NSA contractor who leaked details of the agency's then-dragnet surveillance to Laura Poitras, Greenwald, and other reporters at The Guardian back in 2013. That was a more traditional whistleblower-style activity of exposing a program that was legally and constitutionally dubious, but nominally dedicated to protecting national security.

In reality, intelligence agencies later admitted in classified documents that the dragnet program was basically useless. Snowden's revelations led a U.S. court to declare the program illegal, and helped lead to NSA reform becoming law proving beyond question the public value of what he did. And once again, seven years being exiled in a rather dangerous foreign country (he has been stuck in Russia since 2013) is severe enough punishment on its own. He should be pardoned and allowed to return home.

Julian Assange is a more noxious personality, but the current U.S. effort to extradite and prosecute him should be dropped (following Obama administration precedent, which Biden so far has refused to do). Assange may have actively assisted Russia in its efforts to hack Democrats' emails in 2016, and he did push the disgusting Seth Rich conspiracy theory, but the Trump administration's moves against Assange had nothing to do with those things. Instead he is being prosecuted mostly for publishing classified material from Chelsea Manning a decade ago which, if successful, would blast a hole in the First Amendment and would put other journalists who do the same thing in every major news publication at risk.

There are at least five more people in jail, on probation, or facing some other punishment for clear whistleblower activity under Trump:

- John Fry is a former IRS employee who leaked Suspicious Activity Reports (a document in the Treasury department detailing suspect bank transactions) involving Trump's former lawyer Michael Cohen, and recently got five years probation. Revealing corruption among the ex-president's associates is good and he should be pardoned.

- Natalie Mayflower Sours Edwards is a former Treasury employee who leaked SARs detailing suspect transactions from Trump's former campaign chairman Paul Manafort to BuzzFeed News, and faces possible prison time. She should be pardoned for the same reason as Fry.

- Daniel Hale is a former intelligence analyst who leaked documents about drone warfare to The Intercept, and faces years in prison if convicted. The American people deserve to know about the operations of the U.S. military. He should be pardoned.

- Terry Albury, who was the only Black FBI agent in a detail assigned to look into the Somali-American community, sent documents about endemic racism in the agency to The Intercept, and was sentenced to 4 years in prison in 2018. The problem of racism in law enforcement speaks for itself these days; he should be pardoned.

- Navy Captain Brett Crozier commanded an aircraft carrier and was fired for desperately pointing out the fact his ship had a massive COVID-19 outbreak, which embarrassed Trump. He should get his job back.

President Trump wildly abused his pardon power deploying it mainly to protect his criminal friends from prosecution. President Biden could make a clean break with Trump's horrible reign by putting the pardon back to its intended use, and ending the U.S. government's war on whistleblowers.

The rest is here:

End the war on whistleblowers - The Week

Posted in NSA

Biden administration will build on the Quad: NSA Jake Sullivan – The Hindu

Sullivan described the Quad and the Abraham Accords as examples of Trump administration actions that were positive and ones the current administration would build on

The new U.S. National Security Advisor (NSA) Jake Sullivan has said the Biden administration would like to carry forward the work of the Trump administration in strengthening the Quad grouping of countries India, the U.S., Japan and Australia.

His comments will bring some measure of clarity to discussions on the level of priority the new administration will assign the Indo-Pacific, which had been elevated by the Trump administration as a foreign policy priority, mostly as a reaction to Chinas growing assertiveness.

I think we really want to carry forward and build on that format, that mechanism which we see as fundamental a foundation upon which to build substantial American policy in the Indo Pacific region, Mr Sullivan said at a webcast discussion, Passing the Baton, organized by the U.S. Institute for Peace.

The discussion between Mr Sullivan and his predecessor Robert OBrien was moderated by Condoleezza Rice, Secretary of State from the George W. Bush administration.

Mr Sullivan described the Quad and the Abraham Accords deals signed in 2020 to normalize relations between Israel and certain West Asian and North African countries - as examples of Trump administration actions that were positive and ones the Biden administration would build on.

Earlier in the discussion, Mr OBrien had said the Quad may be the most important relationship the U.S. has established since NATO and an example of working with allies to confront China.

Mr Sullivan, however, said the Mr Trump and Mr Biden had some real differences in their approach to the relationship with Iran.

It starts from a sober analysis of the state of affairs, which is that Iran's nuclear program has advanced dramatically over the course of the past couple of years, they are significantly closer to a nuclear weapon than they were when the previous administration withdrew from the JCPOA [Joint Comprehensive Plan of Action or the Iran deal], Mr Sullivan said.

On Afghanistan, Mr Sullivan said that the Biden administration would take decisions on the withdrawal of the remaining 2,500 American troops by May 1 from the country, based on whether the Taliban were fulfilling their end of a U.S.-Taliban agreement from February last year.

So, what we're doing right now is taking a hard look at the extent to which the Taliban are, in fact, complying with those three conditions and in that context, we will make decisions about our force posture and our diplomatic strategy going forward, he said.

Mr Sullivan said three conditions in the agreement were of particular importance: the Taliban cutting ties with terror groups including Al Qaeda, reduction in violence, and third, the Taliban participating in a real way, not a fake way, in negotiations with the Afghan government.

The former and current NSAs also differed in their characterization of the top challenges facing the U.S. A very assertive, rising China was the biggest challenge to the U.S., according to Mr OBrien.

Iran, Russia and less high-profile challenges like cartels and transnational crime were some of the others.

For Mr Sullivan, the most pressing challenge was the turmoil within the U.S. itself.

It occurs to me something that Joe Biden has really reinforced for us, which is that foreign policy is domestic policy and domestic policy is foreign policy. And at the end of the day, right now, the most profound national security challenge facing the United States is getting our own house in order, is domestic renewal, Mr Sullivan said.

He described COVID-19, the economic crisis and acute threats to our basic constitutional republic and deep divisions as domestic challenges facing the country.

Investing in allies and re-establishing Americas place in multilateral forums like the World Health Organization and Paris Climate Accord were the next priority. Then the U.S. would be in a position to effectively deal with the China challenge , the climate crisis , the current and future pandemics and so forth, Mr Sullivan said.

You have reached your limit for free articles this month.

Find mobile-friendly version of articles from the day's newspaper in one easy-to-read list.

Enjoy reading as many articles as you wish without any limitations.

A select list of articles that match your interests and tastes.

Move smoothly between articles as our pages load instantly.

A one-stop-shop for seeing the latest updates, and managing your preferences.

We brief you on the latest and most important developments, three times a day.

Support Quality Journalism.

*Our Digital Subscription plans do not currently include the e-paper, crossword and print.

Read the original post:

Biden administration will build on the Quad: NSA Jake Sullivan - The Hindu

Posted in NSA

William P. Crowell, Former Deputy Director of the National Security Agency, Joins LookingGlass Advisory Board – HSToday

LookingGlass Cyber Solutions, a leader in operationalizing threat intelligence, today announced the addition of William (Bill) P. Crowell to its Advisory Board. This announcement is the first in a series of new appointments the company will be making toward advancing its vision and expertise in next-generation cybersecurity products.

Crowell served as Deputy Director of Operations at NSA, Chairman of the Director of National Intelligence (DNI) Senior Advisory Group, and as a member of the Department of Homeland Security (DHS) Science and Technology Advisory Board. Through these experiences, Crowell spent years investigating and improving military command and control, intelligence and security systems. Currently, Crowell is a partner at Alsop-Louie and an independent consultant specializing in information technology, security and intelligence systems. He brings a wide range of experience having served as Chairman, Director, President and CEO of a variety of technology companies, including Broadware Technologies, SafeNet, Inc., Cylink Corporation, ArcSight, Inc., Narus, Inc. and Six3 Systems, among others.

I have witnessed firsthand the expertise and insights Bill brings to the table, said LookingGlass CEO, Gilman Louie. With decades of experience and a deep understanding of both offensive and defensive cyber, Bill will serve a vital role in advising the growth and success of LookingGlass.

I have a long association with LookingGlass and consider them a leader in cyber threat intelligence, said Crowell. Im looking forward to joining the Advisory Board and am particularly excited about the LookingGlass products and capabilities which I believe have great appeal in todays market.

(Visited 18 times, 18 visits today)

Read the rest here:

William P. Crowell, Former Deputy Director of the National Security Agency, Joins LookingGlass Advisory Board - HSToday

Posted in NSA

NSA Warned Russia to Stay Out Of 2020 Election And Got SolarWinds Hack Instead – NPR

Gen. Paul Nakasone, the National Security Agency director, told NPR ahead of the 2020 elections that the U.S. was "going to expand our insights of our adversaries. ... We're going to know our adversaries better than they know themselves." Chip Somodevilla/Getty Images hide caption

Gen. Paul Nakasone, the National Security Agency director, told NPR ahead of the 2020 elections that the U.S. was "going to expand our insights of our adversaries. ... We're going to know our adversaries better than they know themselves."

Back in November, Kevin Mandia, CEO of the cybersecurity firm FireEye, opened his mailbox to find an anonymous postcard. It had a simple cartoon on the front. "Hey look, Russians," it read. "Putin did it."

He might not have given it a second thought were it not for one thing: His company had recently launched an internal security investigation after officials discovered someone had tried to register an unauthorized device into its network. That inquiry eventually led to the discovery of something even more worrisome: the breach of a Texas-based network monitoring company called SolarWinds.

U.S. officials now believe that hackers with Russia's intelligence service, the SVR, found a way to piggyback onto one of SolarWinds' regular software updates and slip undetected into its clients' networks. That means potentially thousands of companies and dozens of government departments and agencies may have been compromised.

President Biden was concerned enough about the attack that he brought it up in his first official call as president on Tuesday with his Russian counterpart, Vladimir Putin. It is unclear how Putin responded, but Russia has denied involvement in the past.

"We'll be poised to act"

A little over a year ago, the head of U.S. Cyber Command and the NSA, Gen. Paul Nakasone, began to talk openly about America's cyber operations and something he called "defend forward." The strategy is aimed at going toe-to-toe with adversaries in their networks instead of waiting for them to come and hack Americans here at home.

"Defend forward is a DOD strategy that looks outside of the United States," Nakasone told NPR as Cyber Command prepared for the 2020 elections. To impact adversaries, he said, the U.S. was "going to expand our insights of our adversaries. ... We're going to know our adversaries better than they know themselves. ... We're going to harden our defenses and ... we'll be poised to act."

At the time, the decision to talk about American cyber forces seemed like a classic deterrence strategy. Traditionally the NSA's mission was kept secret; Nakasone broke from that partly to assure Americans months before the 2020 elections that Cyber Command was prepared to defend U.S. networks while at the same time making clear to adversaries that U.S. cyber operators were primed.

Then Nakasone went a step further. He revealed in an NPR story large portions of Operation Glowing Symphony, an offensive cyber campaign the U.S. launched against ISIS that went a long way toward hobbling the terrorist organization's media and recruitment operation. If Russia were wondering just how skillful U.S. cyber operators were, Nakasone appeared to be saying, here's a little preview.

"It's a little bit different in cyberspace," Nakasone said at the time, "because you have foes that can come and go very, very quickly. They can buy infrastructure, they can develop their capabilities, they can conduct attacks. And what you have to do, from what I've learned, is you have to be persistent with that, and making sure that whenever they do that type of thing, you're going to be there and you're going to impact them."

In that spirit of low-grade confrontation, a few weeks before Americans cast their ballots in the 2020 election, NSA operators gave their Russian counterparts a little tweak: They sent individualized emails to specific Russian hackers, just to let them know U.S. cyber forces had their eye on them. It was an electronic version, in a sense, of that postcard that went to FireEye's Mandia.

Did Nakasone's discussion of U.S. cyber capabilities inspire Russian hackers to do something epic just to prove they could? Kiersten Todt, managing director of the Cyber Readiness Institute, said that while that might have played a small role, Russian cyber forces hardly needed an excuse to try their hand at compromising American networks.

"I think the Russians are emboldened to work against us and come after us for lots of reasons," she said. "And not the least of which could be us saying, 'Hey we're going to, you know, have a secure and safe 2020 election,' that would inspire them to say, 'Oh, no you're not, and while you are focusing on the election, we're actually going to come into your networks.' "

And that's what SolarWinds did it gave them entree into a roster of networks so they could look around to see what they could find. Even without any prodding from Nakasone, cybersecurity experts say, it was inevitable a supply chain hack such as this would happen.

The next-generation hack

There was a simpler version of this kind of breach back in 2013 when criminal hackers, not nation-states, got into the electronic registers at Target Corp. and stole credit card information. The theft made national news, and, for many Americans, it was an early harbinger of how hacking could affect them directly.

It turns out, the hackers didn't compromise Target's network that was too hard. Instead, they cracked into the network of the company that serviced Target's heating, ventilation and air conditioning system and stole its credentials, which allowed them to roam around Target's system unnoticed.

The HVAC contractor was part of the store's vast supply chain. Experts say we should see the SolarWinds hack as a more sophisticated version of that. Breaking into the Treasury Department is too hard, so the intruders found a comparatively easier mark a company whose job it is to monitor the very networks that were compromised.

With the SolarWinds breach, hackers have made clear that something doomcasters have been warning about for years has finally arrived. If adversaries pick the right contractor to hack, everyone that company works with is potentially vulnerable, too, said Richard Bejtlich, a former military intelligence officer who is now the principal security strategist at Corelight, a cybersecurity firm.

"If you were one of those organizations that had enough money to say, 'We want to have inventory management, we wanted to have network management, let's go with SolarWinds,' well, suddenly, that's opened you up to a whole new set of problems," he said.

That's why this is called a supply chain hack.

Bejtlich expects that in the coming weeks more companies will come forward and disclose they were part of this hack, too. So far the tally includes not just SolarWinds but also Microsoft and a cybersecurity firm called Malwarebytes. The NSA and U.S. Cyber Command haven't said anything about the attack publicly and declined to comment for this article.

They are part of a roster of intelligence officials still trying to assess the damage. Cyber officials told NPR that the investigation is in its earliest stages, but what they have determined so far is that to launch the attack and not be noticed, the SolarWinds breach had to have been planned long in advance. They said that likely hundreds of Russian software engineers and hackers were involved and that they spent time in the various networks for at least nine months before FireEye and later Microsoft discovered the breach.

"We think they were surprised it worked so well," one source who is helping trace the damage told NPR. He declined to be identified further because he is not authorized to speak about what they are discovering. "We think that once they got into SolarWinds and were inside their clients' network they had trouble deciding where to go next. It was successful beyond their wildest imaginations, and they didn't have enough people to work it all."

Biden has asked his new national security team for an assessment of the SolarWinds attack. He wants to know how it happened, how far it went and how to fix it. These kinds of reviews are standard operating procedure when administrations change hands.

Among the questions officials will try to answer is whether the SolarWinds hack was a straightforward espionage operation or something more sinister. Were the hackers just looking for information, or have they inserted backdoors into systems across the country that could allow them to turn things off, or change information with just a couple of keystrokes?

Another thing investigators would like to know: whether the hackers themselves sent that postcard to FireEye's Mandia.

Read the rest here:

NSA Warned Russia to Stay Out Of 2020 Election And Got SolarWinds Hack Instead - NPR

Posted in NSA

What to expect from NASS and NASED conferences – Politico

With help from Martin Matishak

Editors Note: Weekly Cybersecurity is a weekly version of POLITICO Pros daily Cybersecurity policy newsletter, Morning Cybersecurity. POLITICO Pro is a policy intelligence platform that combines the news you need with tools you can use to take action on the days biggest stories. Act on the news with POLITICO Pro.

State and local officials are meeting this week to discuss how to approach cybersecurity and election security issues in a chaotic time.

Two House panels announced the lawmakers who will lead key cyber subcommittees during this Congress.

Democratic lawmakers want answers from the NSA about an old scandal that they say has taken on new urgency in light of SolarWinds.

HAPPY MONDAY and welcome to Morning Cybersecurity! Cant believe we banished Pluto from the planet club when it was already dealing with this. Send your thoughts, feedback and especially tips to [emailprotected] and be sure to follow @POLITICOPro and @MorningCybersec. Full team info below.

STATES TAKE STOCK The 2020 election may (finally) be over, but election security remains a top issue for state officials, and its one of several cyber topics that they plan to discuss at a pair of conferences this week. The National Association of State Election Directors is meeting all week, while the National Association of Secretaries of State meets Tuesday through Friday. To say that officials have their plates full would be an understatement, but scattered in between panels about online notarization, corporate transparency and pandemic emergency orders are sessions that will help shape states cybersecurity priorities for the next year and beyond.

Secretaries of state will hear from the lawmakers whose committees oversee elections, including the Democrats pushing a sweeping election security and reform bill and the Republicans vehemently opposing it. House Administration Committee Chairwoman Zoe Lofgren (D-Calif.) and incoming Senate Rules Committee Chairwoman Amy Klobuchar (D-Minn.) are likely to receive a frosty reception as they discuss the For the People Act (H.R. 1 and S. 1), a Democratic bill that includes major election security provisions. State election officials have consistently opposed new federal rules covering voting technology and election administration.

NASS will also hear from Brandon Wales, the acting director of the Cybersecurity and Infrastructure Security Agency, which coordinates cybersecurity assistance to states on issues including ransomware and election security. And secretaries will meet behind closed doors to discuss the cybersecurity lessons from the 2020 election cycle.

Over at NASED, two top CISA officials overseeing election security work will discuss lessons from 2020 and priorities for 2021. Other NASED sessions will cover information sharing, incident response, misinformation and pandemic disruptions. Speaking of misinformation, NASS will hold a session about strategies for correcting false election claims.

NASS cybersecurity committee will hear about the value of collaborating with independent security researchers. State IT officials will discuss their collaborations with security companies, including two that run vulnerability disclosure programs. Researchers have spent years urging state officials to launch VDPs so good-faith experts can report flaws in state government systems, and officials are increasingly overcoming their doubts about trusting outside researchers.

Election officials across the country are committed to protecting the sanctity and integrity of the vote, and Im looking forward to this opportunity to share best practices with my colleagues, Iowa Secretary of State Paul Pate, a co-chair of the cyber committee, told MC.

A second panel discussion during the cyber committee meeting will look at the state and local cybersecurity landscape. From ransomware to pandemic-related digital services, state and local officials face a growing array of cyber challenges, and multiple organizations have repeatedly urged Congress to provide grant funding.

MEET THE GAVEL-WIELDERS We now know who will be leading two key cyber-related subcommittees in the 117th Congress, giving outside experts, federal officials and fellow lawmakers a sense of who theyll need to persuade to advance priorities from international norms to bolstering CISA.

Yvette Clarke (D-N.Y.) will chair the House Homeland Security Committees Cybersecurity, Infrastructure Protection, and Innovation Subcommittee, panel chair Bennie Thompson (D-Miss.) announced on Friday. Clarke, who previously led the subcommittee during the 111th Congress, is no stranger to cyber issues, having sponsored or cosponsored bills to improve critical infrastructure security and expand the cyber workforce. She has also urged a focus on cyber hygiene and a nuanced approach to regulation informed by industry input.

Andrew Garbarino (R-N.Y.), a freshman lawmaker, will be the cyber subcommittees top Republican, according to a statement from panel ranking member John Katko (R-N.Y.). Republicans promised to prioritize cybersecurity as the pre-eminent national security threat of our time that demands an evolved approach. Fun fact: Three of the four leaders of the full committee and cyber subcommittee now hail from the same state for what appears to be the first time.

The homeland panels cyber subcommittee will have its hands full in this Congress as it deals with the SolarWinds cyber espionage campaign, CISAs response to SolarWinds and the agencys overall readiness, the supply chain threats posed by foreign-linked telecom companies and many other issues.

William Keating (D-Mass.) will lead the House Foreign Affairs Committees Europe, Energy, the Environment, and Cyber Subcommittee, according to the panels chair, Gregory Meeks (D-N.Y.). Democrats just added cyber to this subcommittees name for the first time, although it already handled the issue as part of its previous emerging threats mandate. Keating hasnt said much about cybersecurity, but in 2017, he criticized then-President Donald Trumps refusal to acknowledge Russias responsibility for its 2016 election cyberattacks.

Among the issues on Keatings plate will be scrutinizing the State Departments creation of its new cyber diplomacy bureau. The outgoing Trump administration green-lit a plan to create the bureau in its final days, but Democratic lawmakers, the Government Accountability Office and some former officials have raised concerns about the plan, saying it fails to coordinate the full spectrum of cyber issues. Republicans have not yet announced their ranking member for the foreign affairs panels cyber subcommittee.

ONCE IS A FLUKE, TWICE IS A COINCIDENCE A group of House and Senate Democrats is pressing the NSA for answers about the spy agencys involvement in the creation of a digital vulnerability that made its way into the firewalls of technology vendor Juniper Networks. Their missive signals a growing awareness on the Hill of the dangers of supply chain attacks, in which hackers compromise software used by their real targets. In a Jan. 28 letter to NSA Director Gen. Paul Nakasone, the lawmakers led by incoming Senate Finance Committee Chair Ron Wyden (D-Ore.) and including new House cyber subcommittee chair Clarke asked for details about the NSAs probe of the Juniper breach.

The American people have a right to know why NSA did not act after the Juniper hack to protect the government from the serious threat posed by supply chain hacks, the lawmakers wrote. A similar supply chain hack was used in the recent SolarWinds breach, in which several government agencies were compromised with malware snuck into the companys software updates.

The group asked Nakasone to answer a series of questions and made requests for additional information, including a Juniper lessons learned report that an NSA official mentioned to Wyden, a senior member of the Senate Intelligence Committee, during a 2018 briefing. The spy agency has yet to make the report available.

MAKING GOOD PROGRESS A U.N. group charged with developing international norms of responsible behavior in cyberspace wrapped up its latest session last week, and the State Departments cyber team praised the groups chief for presiding over a valuable meeting. We appreciate Brazilian Ambassador Guilherme Patriota for effectively chairing the latest session of the @UN Group of Government [sic] Experts on #cyber this week, the cyber office said on Twitter, adding that the GGEs work will help all UN member states understand the importance of cyber norms and the value of helping developing nations build the capacity to defend themselves.

The GGE, a small group championed by the U.S. and other Western nations, faces competition from a separate U.N. body created in 2018 at the urging of Russia. The newer Open-Ended Working Group, or OEWG, has drawn criticism from Western diplomats and independent cyber experts, who accuse Russia of using it to launder dangerous policies that would restrict internet freedom.

HERES TO YOU Colorados chief election official has bestowed an award on former CISA Director Chris Krebs for his leadership of the governments cyber agency during the 2020 election cycle. Krebs fought back against election domestic and foreign misinformation, and fortified election cybersecurity, Colorado Secretary of State Jena Griswold (D) said in a statement. At times Krebs pushed back on misinformation spread by the former President, which ultimately cost him his job. His courage, commitment, and leadership are one of the reasons the 2020 Election was the most secure in our nations history.


Ian Wallace has joined the State Department as a senior adviser in its cyber office. Wallace previously served as a senior fellow in the digital innovation and democracy program at the German Marshall Fund.

TWEET OF THE DAY Patch your bodies as soon as possible!

Nearly a third of victims in the SolarWinds campaign didnt use SolarWinds software and were instead hacked through a different vector. (Wall Street Journal)

By breaching the federal court system, the SolarWinds hackers may have accessed highly sensitive sealed documents. (Associated Press)

A far-right activist with a security clearance helped Russian hackers spread hacked documents stolen during Frances 2017 election. (Southern Poverty Law center)

A social media campaign used fake, AI-generated profiles to attack Belgiums plan to ban Huawei from its 5G network. (CyberScoop)

If hackers stole your identity and used it to get unemployment benefits, you might soon get a shocking tax bill. (Krebs on Security)

Thats all for today.

Stay in touch with the whole team: Eric Geller ([emailprotected], @ericgeller); Bob King ([emailprotected], @bkingdc); Martin Matishak ([emailprotected], @martinmatishak); and Heidi Vogt ([emailprotected], @heidivogt).

Read more from the original source:

What to expect from NASS and NASED conferences - Politico

Posted in NSA

Companies Pay Criminal Penalties And Compensation For Undermining Competition – JD Supra

[co author: Markus Speidel]

Berlitz and CLCI admitted to violating 18 U.S.C. 371 by discussing, agreeing to, and facilitating the submission of false and misleading information to the National Security Agency (NSA) between March and December 2017. The charges relate to a multiple award indefinite delivery, indefinite quantity (IDIQ) contract vehicle for foreign language instruction, under which the NSA awarded three prime contracts. To qualify as technically acceptable, offerors needed the capacity to provide language training in all six specified geographic areas. Following award of the IDIQ contracts, the awardees would then compete against each other for individual delivery orders to provide training in a particular language at particular locations.

According to their stipulations, Berlitz and CLCI submitted invoices and received payments based on non-competitive bids. In furtherance of the conspiracy, and to qualify as technically acceptable when it otherwise would have been ineligible for award, CLCI falsely and misleadingly claimed the capacity to perform training services at a particular facility in Odenton, Maryland a facility that turned out to be solely owned and operated by its competitor, Berlitz. Berlitz provided CLCI with a floor plan to the Odenton facility, which CLCI submitted as our Odenton, MD location in its proposal. In exchange for this favor, CLCI agreed not to bid against Berlitz for any delivery orders involving language training near the Odenton facility. CLCI memorialized the agreement with a draft letter in an email to Berlitz. On two separate occasions in August 2017, the companies maintained the agreement by email exchanges, confirming that CLCI would not bid on a delivery order NSA sent out for instruction in Maryland.

Under the deferred prosecution agreements, which resolved the charges, both companies agreed to cooperate fully in any related criminal investigation and prosecution, and to implement a compliance and ethics program to detect and prevent future violations. Both companies also agreed to pay criminal penalties, $147,000 for Berlitz and $140,000 for CLCI, and victim compensation to NSA to the tune of $57,000. Violations of 18 U.S.C. 371 carry a maximum company fine of $500,000.

Takeaway: Contractors and prospective contractors would do well to heed the lessons here. When submitting information to the government, truthfulness is paramount. And it should go without saying that colluding with other competitors to stifle competition is illegal. Companies that violate these legal and ethical norms not only face criminal penalties, but also may end up suspended or debarred from government contracting. Companies should ensure their regular ethics training addresses these and other aspects of integrity in the bidding process.

*Markus Speidel is a Law Clerk in our Washington, D.C. office and not admitted to the bar.

[View source.]

Original post:

Companies Pay Criminal Penalties And Compensation For Undermining Competition - JD Supra

Posted in NSA

A Top Biden Cybersecurity Aide Donated Over $500000 to AIPAC as an NSA Official Mother Jones – Mother Jones

Let our journalists help you make sense of the noise: Subscribe to the Mother Jones Daily newsletter and get a recap of news that matters.

In mid-January, a week before being sworn in as president, Joe Biden announced that he would appoint Anne Neuberger as the deputy national security adviser for cyber and emerging technology on the National Security Council. Cybersecurity experts praised the move, citing it as a clear sign the Biden White House would be serious about countering cyber-threats. The New York Times described Neuberger, who became the National Security Agencys cybersecurity chief in 2019, as a rising official at the agency. She had run its Russia Small Group, which launched a preemptive strike against the Kremlins cyber operatives during the 2018 elections, and in addition to focusing on preventing cyber-assaults on the US government and military, she had overseen the development of new impenetrable cryptography. But the glowing reviews left out an unusual piece of her story: In recent years, Neuberger, through a family foundation, has donated hundreds of thousands of dollars to American Israel Public Affairs Committee, the pro-Israel lobby known as AIPAC, for its efforts to influence the US government and public opinion.

National security experts tellMother Jones that the hefty donations from Neubergers foundation to AIPACa strong ally of an Israeli government that is deeply involved in cyber and intelligence issues of importance to the US government and that has spied on the United States and been a target of US spyingraise concerns. (NBC News reports the same.)*

Neuberger hails from one of the wealthiest families in the United States. Her father is billionaire investor George Karfunkel, who was in the news last summer for making a curious donation of Kodak stockworth up to $180 millionto an Orthodox Jewish synagogue in Brooklyn that seemed to barely exist. Karfunkel was listed in New York State records as the synagogues president and chief financial officer, and the transfer of this stockwhich would have yielded Karfunkel a tremendous tax deductionoccurred during a wild buying spree of Kodak stock triggered by a leaked announcement that the Trump administration might be handing Kodak an unprecedented $765 million loan. (That deal never came through.) Members of Congress have demanded answers about Karfunkels highly unusual stock transfer.

From 1993 to 2007, Anne Neuberger worked at American Stock Transfer and Trust, a financial services firm cofounded by her father in 1971, eventually becoming a senior vice president of operations. Her husband, Yehuda Neuberger, was also a top official at the firm and a board member. Anne Neuberger then switched from the private sector to the government. After serving as a White House fellow and working for the secretary of the Navy as an adviser on IT programs, she landed at the NSA in 2009 and helped develop its Cyber Command. Media profiles of her in the years since have focused on the novelty of an Orthodox Jewish woman who grew up in a Hassidic neighborhood in Brooklyn (and whose grandparents on both sides were Holocaust survivors) becoming a leader at the NSA and have noted that her parents were on the 1976 Air France flight that was hijacked by the Palestinian Liberation Organization and diverted to Uganda, where the passengers were eventually rescued by Israeli commandos.

Twelve years ago, Neuberger and her husband created the Anne and Yehuda Neuberger Foundation to carry out the charitable and religious purposes of the Associated Jewish Community Federation of Baltimore, according to its tax records. Neuberger was vice-president of the foundation; her husband, the president. Neither received compensation from the outfit.

In 2010, the foundations first full year of operations, it received $1,183,050 in contributions and handed out $383,100. Of that, a quarter of a million went to the Womens Network for Single Parents in Brooklyn. (Neuberger is the founder of Sister to Sister, a group that assists divorced women within Orthodox Jewish communities.) The foundation made an $83,000 gift to the Associated Jewish Community Federation of Baltimore. Computer Sciences for the Blind in Brooklyn was awarded $25,000. And the foundation donated $25,000 to AIPAC for operating support.

The following year, the Anne and Yehuda Neuberger Foundation dished out $284,500 in gifts, according to its tax filings. The list included another $25,000 to AIPAC and also $3,500 to the Foundation for the Defense of Democracies, a hawkish, pro-Israel think-tank in Washington.

In subsequent years, the foundation upped its contributions to AIPAC. From 2012 through 2018the last year for which tax records for the foundation are availablethe Neubergers provided $559,000 to AIPAC. And this money, according to those filings, financed lobbyingeither lobbying to influence a legislative body or to influence public opinion. The tax records do not provide any specifics about the AIPAC activity the foundation financed. (The contribution amounts listed for AIPAC on the Neuberger Foundations IRS submissions line up exactly with the amounts the foundation declared as expenditures for lobbying. A nonprofit charitable foundation is allowed to pass money to a lobbying shop, as long as the amount donated is a moderate percentage of its overall giving.)

There is a Neuberger family connection to AIPAC. Yehuda Neuberger is chair of AIPACs Baltimore executive council. In 2011, Rabbi Steven Weil, then executive vice president of the Orthodox Union, hailed his outstanding reputation as a leader of AIPAC. Four years later, as part of a fierce AIPAC effort, Yehuda Neuberger lobbied Sen. Ben Cardin (D-Md.) to oppose the multilateral Iran nuclear deal the Obama White House had negotiated. (During the political fight over the Iran deal, the NSA, according to theWall Street Journal,eavesdropped on Israeli officials, including Prime Minister Benjamin Netanyahu, who opposed the accord, and revealed to the White House how Mr. Netanyahu and his advisers had leaked details of the U.S.-Iran negotiationslearned through Israeli spying operationsto undermine the talks and had coordinated talking points with Jewish-American groups against the deal.)

Around 2014, the management of the Neuberger Foundation shifted. Anne Neuberger, who was still at the NSA, moved from vice president to secretary/treasurer, and Yehuda Neuberger, the president, became vice president. Marc Terrill, the president of the Associated Jewish Community Federation of Baltimore, who had previously been a director of the Neubergers foundation, took over as president. (According to tax records for 2014, Terrill made $700,109 in total compensation as head of the Associated Jewish Community Federation of Baltimore that year.) The Neuberger Foundation and the Associated Jewish Community Federation of Baltimore share an address and phone number in the Charm City.

In its 2015 tax filing, the Anne and Yehuda Neuberger Foundation reported a major development: it received a $93 million gift. The source of this large contributionwhich came in the form of stock in one publicly traded companywas the Chesed Foundation of America, an organization run by George Karfunkel that started that fiscal year with assets of $148 million. (The tax filings do not disclose what stock was involved in this transfer.) In subsequent years, the Anne and Yehuda Neuberger Foundation increased its donations into the seven-figures range.

In fiscal year 2017, the foundation experienced another significant change in its finances: it started the year with $88 million in assets but ended with $33 million. It handed out about $1.5 million in donations that year, and its tax filing did not explain this drop. Still, in assets, it remained over 30 times the size it was at its inception in 2010.

As the Neubergers foundation grewbolstered by this large infusion from George Karfunkels foundationAIPAC remained a beneficiary. In fiscal year 2018, it doled out $1,925,000 in donations, which included $75,000 for AIPAC.

In Washington, AIPAC is regarded as a powerhouse lobbying force. It describes its mission as a bipartisan effort to strengthen and expand the U.S.-Israel relationship in ways that enhance the security of the United States and Israel. But a top AIPAC official once said that its job is generally to support the policies of the government of Israel. In 2005, two senior AIPAC officials were charged with espionage and accused of handing US defense secrets to an Israeli official, but four years later, the case was dropped when pre-court rulings complicated the Justice Departments case by compelling prosecutors to prove the pair had intended to harm US interests.

In recent years AIPAC has been widely seen as a supporter of Benjamin Netanyahu and his far-right and hardline policiesperhaps to such an extent that it has, as one critic put it, engaged in mission-distortion or mission-neglect. AIPAC, for example, has provided Netanyahu a platform for attacking Democrats and US policies with which it disagrees. The Israeli government has moved right. AIPAC has gone with it, Ilan Goldenberg, a senior fellow at the Center for a New American Security, a think tank in Washington, noted last year. In his new memoir, former President Barack Obama criticized AIPAC for reflexively siding with Israel in policy disputes. He wrote that AIPAC embraces the view that there should be no daylight between the U.S. and Israeli governments, even when Israel took actions that were contrary to U.S. policy. He observed that US officials who adopted a different approach could expect to be targeted by the AIPAC and its political arm: Those who criticized Israeli policy too loudly risked being tagged as anti-Israel (and possibly anti-Semitic) and confronted with a well-funded opponent in the next election.

On cyber mattersAnne Neubergers fieldIsrael is an important player. It has become a cybersecurity powerhouse. The nation is home to NSO Group, one of the most notorious cyber-surveillance firms, which manufactures the infamous Pegasus phone spyware, which can allow a security service or other actor to gain total control of a mobile phone and use the device to surveil its user. According to a 2018 report, At least six countries with significant Pegasus operations have previously been linked to abusive use of spyware to target civil society, including Bahrain, Kazakhstan, Mexico, Morocco, Saudi Arabia, and the United Arab Emirates. Last year,Haaretzreported that the Israeli government had encouraged NSO to sell Pegasus to the United Arab Emirates and several Persian Gulf states.

Though Israel is a US ally, it has spied on the US government, and the CIA has considered Israel a top counterintelligence threat. And it is not hard to conceive of cyber-related conflicts that could arise between the two states. So should a Biden administration national security official in charge of US cyber policy be supporting an influence group aligned with the Israeli government? Its unwise at best, says John Sipher, a former CIA official. In her world, when people think of cyber-threats, Israel is always there, even if its an ally. It is surprising that someone in cyber who understands Israeli capabilities would not want to steer clear of these politics.

Several other national security expertswho asked not to be namedsay that the foundations donations to AIPAC create, at the least, an appearance problem for Anne Neuberger. They point out that the Israeli government does maintain an aggressive campaign of espionage against the United States and has a deep interest in US cyber policy.

A former senior intelligence official says, Anne is a very smart and competent professional. I was very impressed with her work and never had any question about her integrity That said, such a donation, if true and publicized, would raise a lot of eyebrows within the government and beyond, especially since the two dimensions involvedIsrael and cyberhave their own history. A second former senior intelligence official adds, Is this disqualifying? Probably not. But its not good.

A senior congressional aide who oversees national security issues says, If you donate half a million dollars to a lobbying group, that indicates a pretty strong preference. And a foreign policy expert with close ties to the Biden administration notes, One question this presents is whether she would recuse herself from decisions that could impact Israel.

Kathleen Clark, a law professor at Washington University in St. Louis and an expert on government ethics, notes that ethics laws are primarily aimed at preventing an officials financial interests from having an impact on his or her government work. Neubergers past financial contribution to AIPAC does not create that kind of ethics issue, she says. But Clark notes that it could raise raise a question regarding her impartiality. Clark points out that because cybersecurity issues involve Israel and because AIPAC promotes strong US-Israeli cooperation on a wide range of issues, including cyber, the public needs to know whether the actions of Neubergers foundation overlap with her government responsibilities. She adds, Will we know what the foundation has spent or is spending its money on? Will we know what projects the foundation is supporting? Will the foundation accept donations?

Marc Terrill, the president of the Neuberger Foundation, did not respond to multiple requests for comment. When reached byMother Jones, Yehuda Neuberger said he was not available to discuss the foundation.

On Monday, Mother Jones sent a list of questions about the Neuberger Foundation and its AIPAC donations to the NSC and Anne Neuberger. The queries included: Did Neuberger or her foundation know specifically what lobbying the donations subsidized? What was the source of the initial $1,183,050 the foundation kicked off with? What was the stock valued at $93 million that her fathers foundation donated to the Neuberger Foundation? Why did the foundation receive such a large gift? Does the Neuberger Foundation consult with Karfunkel regarding any of its donations? Has Neuberger filed a financial disclosure form regarding her new position at the NSC? Does it include information related to the Neuberger Foundation? Did she file a financial disclosure form at the NSA?Did it include information related to the Neuberger Foundation?

Mother Jones also asked, Is it appropriate for a high-ranking intelligence official or a NSC official to contribute hundreds of thousands of dollars to AIPAC, a lobby regarded by critics as often aligned with the policy interests of a foreign government? Is there a potential conflict of interest for a senior official in charge of cyber policy who donates money to an American group that is seen as supportive of a foreign government highly involved in cyber-surveillance and cyber-warfare issues?

An NSC spokesperson said that she would respond to the query and requested time to do so. Two days later the NSC declined to answer any of those questions. The NSC spokesperson said, As a senior NSC employee, Ms. Neuberger will abide by the Executive Order on Ethics Commitments By Executive Branch Personnel.

The NSA did not respond to a similar set of questions.

UPDATE: After this article was published, Emily Horne, an NSC spokesperson, sent Mother Jones the following statement: We note that NBC has pulled down their own version of this story, saying it fell short of their reporting standards, and look forward to Mother Jones doing the same. The women and men of the NSC are patriotic, dedicated, and serve their country with distinction. Being forced to endure public smear campaigns should not be part of working on behalf of the American people. NBC News moved its story on Neuberger to its archives and said that the article did not meet the networks reporting standards because it cited only unnamed sources raising questions about the Neuberger Foundations donations to AIPAC and because Neuberger was not given adequate time to respond to our reporting. This Mother Jones article cited both named and unnamed sources, and Mother Jones gave Neuberger two days to respond to a query about her foundation and the AIPAC donations. She did not respond. Mother Jones also contacted the president of the foundation, and he did not respond to repeated requests for comment. Mother Jones stands by our reporting.

See the rest here:

A Top Biden Cybersecurity Aide Donated Over $500000 to AIPAC as an NSA Official Mother Jones - Mother Jones

Posted in NSA

SolarWinds Is Not the ‘Hack of the Century.’ Its Blowback for the NSA’s Longtime Dominance of Cyberspace – Common Dreams

Last month, the private security firm FireEye discovered a widespread breach of government and corporate computer networks through a so-called "supply chain" exploit of the network management firm SolarWinds, conducted by nation-state-level hackers, widely thought to be Russia. Most coverage of the breach featured ominous headlines and quotes from current and former government officials describing it as the biggest hack of modern times. Occasionally, buried in one of the closing paragraphs, there was an official quoted admitting that, so far, only "business networks" were known to be compromisedsensitive but unclassified email systems and data on job descriptions and HR functions.

"Like our nuclear policy before it, the stated goal is deterrence, but the actual goal is to create a cover for unchecked aggression and dominance."

These stories lack context of the true state of cyber espionage over the last few decades. The SolarWinds hack is certainly a large and very damaging breach, but one could almost pick at random any five or ten of the hundreds of codename programs revealed in the Snowden documents that would top it. The mother of all supply chain attacks (that we know of publicly) may have been the clandestine American role behind CryptoAGwhich allowed the NSA to sell scores of foreign governments broken cryptographic systems through which it was possible to crack the encryption on their top-level government and military communications for decades. And of course the first, and one of the only, actual cyberattacks in history was the Stuxnet program conducted by Israeli and American services against Iranian nuclear centrifuges.

Yet the American public may be left with the impression that Russian hacking poses a uniquely aggressive and destabilizing threat to the international order, and therefore must be punished. News coverage has been leadened with apoplectic quotes from senior officials and lawmakers that the breach represents "virtually a declaration of war," that we need to "get the ball out of their hands and go on offense," that "we must reserve our right to unilateral self-defense," and even that "all elements of national power must be placed on the table" (All elements? Tanks? Nuclear weapons?). This kind of hyperbolic reaction cannot be driven by sincere shock at the idea of a government hacking into and spying on another governments networks. More plausibly, it is driven by outrage at the idea of any other nation challenging the United States' overwhelming dominance to date in network espionage.

The Pentagon has so far responded to the breach by proposing a rearrangement of the organizational chart for our cyber army. And if history is any guide, Congress will respond as they have to past intelligence failures: by throwing more money at the bureaucracy to feed its legion of private contractors. In other words: more of what contributed to this breach in the first place. The ever-growing feeding frenzy for beltway bandits not only increases the attack surface for foreign hackers, it ensures that Congress does not have the capacity (even if it had the will) to understand and oversee increasingly complex supply chains to ensure basic security standards for the very companies who will be called on to fix these vulnerabilities. Few were even aware of the ubiquity of SolarWinds presence across so many of our government networks, and the lax security practices of this key software provider have only come under scrutiny retroactively. According to reports, the update server for SolarWinds softwarean incredibly sensitive key piece of any software supply chainwas publicly accessible by a default password that had leaked to the internet in 2019, and the company had been warned both by its employees and by independent security researchers.

Here another tragic irony emerges: whatever internal channels were used to warn of these security lapses were clearly not effective, but if a whistleblower had taken this kind of sensitive national security information to the presspublication of which perhaps could have forced action and prevented a major act of espionage against our governmentthey would have put themselves at risk of prosecution under the Espionage Act.

"If reports are true that Russia was behind SolarWinds, and was using its access to case physical infrastructure networks in the U.S., their motivation may have been to gain a small measure of deterrence against the overwhelming superiority of American offensive capabilities."

So while the pundits clamor for retaliation and Washington bickers about rearranging the desks at Fort Meade, we still do not get a debate on alternatives that might better serve the American people. In secret, and without public consultation, the NSA long ago decided to use our privileged position sitting atop the internet backbone not to secure it; to level up the safety of key systems for all its users (but to poke more holes in it); and to stockpile exploits and hoard vulnerabilities in order to dip its hands into nearly every network, communications protocol, and computer system of consequence on the planet, both foes and allies alike.

Even our defensive strategy has become a policy of aggression. Dubbed "defend forward," it has us maintaining backdoors and software implants on key infrastructure systems around the world, as a way of keeping a loaded gun pointed at any real or potential adversary. Like our nuclear policy before it, the stated goal is deterrence, but the actual goal is to create a cover for unchecked aggression and dominance. If reports are true that Russia was behind SolarWinds, and was using its access to case physical infrastructure networks in the U.S., their motivation may have been to gain a small measure of deterrence against the overwhelming superiority of American offensive capabilities.

The wisdom of such an aggressive posture towards the global internet was one of the key questions Edward Snowden posed to the public after his disclosures. We should not fail to consider it as we increasingly get a taste of what the rest of the world has been subjected to by American spies for decades.


SolarWinds Is Not the 'Hack of the Century.' Its Blowback for the NSA's Longtime Dominance of Cyberspace - Common Dreams

Posted in NSA

NSA fumes over the violation of coronavirus safety protocols – GhanaWeb

Sports News of Monday, 1 February 2021

Source: GNA

Coronavirus active cases are rising in Ghana

The National Sports Authority (NSA) has expressed dissatisfaction over the unacceptable behaviour of fans and the blatant disregard for COVID-19 safety protocols during a match-day 11 encounter between Hearts of Oak and Great Olympics played at the Accra Sports Stadium, last Saturday.

In a press statement signed by Mr Charles Amofah, Head of Public Relations of NSA, it said despite all the measures that have been put in place such as spaced out marked seats to ensure social distancing, fans were found jubilating, singing, hugging each other when their team scored, thus ignoring the safety protocols.

"In view of this, the Authority is using this medium to inform the Ghana Football Association(GFA) and the clubs using the facility that it would not hesitate to resort to matches being played behind closed doors, in order to ensure total adherence to the COVID-19 safety protocols.

"The Authority would like to assure the general public of its commitment to ensuring strict compliance with the COVID-19 safety protocols, in collaboration with the law enforcement agents deployed to our facility," the statement said.

In other related development, the President of the Republic, Nana Addo-Dankwa Akufo-Addo has entreated the NSA and GFA to ensure the compliance with a 25% capacity rule in our stadium with spectators adhering to social distancing rule and the wearing of masks.

Read this article:

NSA fumes over the violation of coronavirus safety protocols - GhanaWeb

Posted in NSA

Split Up NSA and CYBERCOM – Defense One

The lack of conclusive upstream intelligence about Russias long-running, recently discovered digital espionage effort suggests a need to rethink how the U.S. is organized to meet cyber threats and in particular, the dual-hat leadership of the National Security Agency and U.S. Cyber Command.

To be sure, the United States has worked to improve its national security focus on cybersecurity in recent years, spurred by Russian efforts to interfere in the 2016 election and recognition that more adversaries can and will want to use offensive cyber methods and tools. These efforts include strategy documents, executive orders, and legislation yet more work remains to be done. Insights about the SolarWinds attack underscore a number of cybersecurity gaps and vulnerabilities that were exploited. These include shortcomings in virtual supply chains from the private sector to the government, incomplete information-sharing between and within both these sectors, and the limitations of federal cyber threat detection measures like the Department of Homeland Securitys Einstein program.

The next step should be acting on a long-debated proposal to split the job of leading the NSA and CYBERCOM. On Dec. 19, officials with the lame-duck Trump administration sent the Joint Chiefs of Staff a plan to do so. The plan would need the defense secretary and Joint Chiefs Chairman to certify that it meets Congressional requirements; it is not clear whether they will do so before the next administration begins.

Critics of splitting the job note that the two agencies enjoy a very close relationship, sharing people, expertise, resources, and even a physical campus. Separate organizations with different chains of command would develop this level of integration and collaboration slowly, if ever.

But from our vantage point as former professionals with significant experience and insights on how national security reforms have unfolded since 9/11, we believe the nation could be served by the split. Such a move would have a rough precedent in the 2004 Intelligence Reform and Terrorism Prevention Act, which established the Office of the Director of National Intelligence and created the Director of National Intelligence (DNI) position. The law allowed the Central Intelligence Agency to retain its authorities and responsibilities, but its director was no longer forced to lead both an operational agency and the entire U.S. intelligence community.

Splitting up the leadership of NSA and CYBERCOM could allow the latter commander to fully focus on the organizations attention on training, equipping, and organizing military forces to conduct the full spectrum of operations to support national security priorities. It could also eliminate potential conflicts of interest in which the CYBERCOM would advocate conducting warfare against a cyber target (i.e., taking it down) while the NSA would be more interested in collecting intelligence from it (i.e., leaving it up but subverting it). Such decisions would be elevated to an interagency forum such as the National Security Council, where competing equities could be debated in a rigorous manner.

We would also advocate for moving the NSA from its organizational home in the Defense Department. It should be led by a Presidentially-appointed, Senate-confirmed civilian who reports to the DNI. Such a move would improve NSAs existing authorities and capabilities, place it under the intelligence umbrella for which its best suited, and improve its ability to serve national-level and military-specific intelligence requirements.

Javed Ali is a Towsley Policymaker in Residence at the Gerald R. Ford School of Public Policy at the University of Michigan. He previously had over 20 years professional experience in Washington, DC on national security issues, to include senior roles at the Federal Bureau of Investigation, Office of the Director of National Intelligence, and National Security Council.

Adam Maruyama is a national security professional with more than 15 years of experience in cyber operations, cybersecurity, and counterterrorism. He served in numerous warzones and co-led the drafting of the 2018 National Strategy to Counterterrorism. Adam currently manages cybersecurity softwaredeployments for a number of federal customers.

Go here to read the rest:

Split Up NSA and CYBERCOM - Defense One

Posted in NSA

Edward Snowden Pardon and the SolarWinds Hack | – City Journal

The most surprising thing about the failure of U.S. intelligence to discover for nearly nine months the SolarWinds penetration of U.S. government agencies, reportedly including the State, Energy, and Homeland Security Departments as well as private contractors, is that anyone is surprised. After all, the National Security Agency, responsible for protecting the communications of the U.S. government, had such a massive hole punched in its capabilities by a breach in 2013 that Michael McConnell, the former director of first the NSA and then the Office of National Intelligence, assessed This [breach] will have an impact on our ability to do our mission for the next 20 to 30 years.

The proximate cause of the damage was Edward Snowdens theft of NSA files in June 2013. He was never apprehended because he fled first to Hong Kong, where he met with journalists, and then Russia, where he received sanctuary from Putin. How could such a loss of intelligence not do immense damage to the NSAs counterintelligence for many years?

According to the unanimous report of the House Permanent Select Committee on Intelligence, Snowden removed from the NSA digital copies of 1.5 million files, including 900,000 Department of Defense documents concerning, among other things, the newly created joint Cyber Command. Other stolen files contained documents from GCHQthe British signal intelligence service to which Snowden had access. One NSA file, a 31,000-page database, included requests to the NSA made by the 16 other agencies in the Intelligence Community for coverage of foreign targets.

NSA Deputy Director Rick Ledgett, who headed the NSAs damage assessment, warned that this database reveals the gaps in our knowledge of Russia, thus provides our adversaries with a roadmap of what we know, what we dont know, and gives themimplicitlya way to protect their information from the U.S. intelligence communitys view.

Snowdens theft dealt a savage blow to U.S. intelligence. Whenever sensitive compartmentalized information (SCI) is removed without authorization from the NSAs secure facilities, as it was by Snowden, it is, by definition, compromised, regardless of what is done with it. Whether Snowden gave these files to journalists, Russians, or Chinese intelligence, or whether he erased them or threw them in the Pacific Ocean, all the sources in them had to be considered compromisedand shut down. So did the methods they revealed.

The Pentagon did a more extensive damage assessment than the NSA, assigning hundreds of intelligence officers, in round-the-clock shifts, to go through each of the 1.5 million files to identify all the fatally compromised sources and methods they contained, and shut them down. This purge reduced the capabilities of the NSA, the Cyber Command, the British GCHQ, and other allied intelligence services to see inside Russia and China.

The damage was deepened by Snowdens defection to Russia. In a televised press conference on September 2, 2013, Vladimir Putin gloated, I am going to tell you something I have never said before, revealing that, while in Hong Kong, Snowden had been in contact with Russian diplomats. While Snowden denies giving any stolen secrets to Russia, U.S. intelligence further determined, according to the bipartisan House Permanent Select Intelligence Committee, that he was in contact with the Russian intelligence services after he arrived in Moscow and continued to be so for three years. Both Mike Rogers, the committees chair, and Adam Schiff, its ranking minority member, confirmed this finding to me. Fiona Hill, an intelligence analyst in both the Obama and Trump administrations, told the The New Yorker in 2017 that The Russians, partly because they have Edward Snowden in Moscow, possess a good idea of what the U.S. is capable of knowing. They got all of his information. You can be damn well sure that [Snowdens] information is theirs.

After the NSA, CIA, and the Cyber Command shut down the sources and methods Snowden had compromised, McConnell pointed out that entire generations of information had been lost. The resulting blind spots in our surveillance of Russia gave Moscows intelligence services full latitude to carry out mischief. Russian intelligence services have no shortage of operatives and tools to carry out long-term operations in cyberspace and elsewhere.

In the 2020 SolarWinds penetration, which Secretary of State Mike Pompeo attributes to Russian intelligence, the gaps allowed Russian spies to masquerade as authorized system administrators and other IT workers. The spies could use their forged credentials to copy any material of interest, plant hidden programs to alter the future operations of thousands of workstations in networks inside and outside the government, cover their tracks, and plant hidden backdoors for future access. Though it may take years to find and unravel all the malicious code implanted in these systems, the Cybersecurity and Infrastructure Security Agency has already determined that this threat poses a grave risk to the Federal Government and state, local, tribal, and territorial governments as well as critical infrastructure entities and other private sector organizations.

This immense compromise of government networks is the inevitable price for allowing a large part of our counterintelligence capability to be compromised in 2013. The perverse irony here is that while Vladimir Putin rewarded Snowden for his contributions with permanent residency, Donald Trump says that he is looking into pardoning Snowden for his intrusion into NSA files and betrayal of American secrets.

Edward Jay Epsteins most recent book was How America Lost Its Secrets: Edward Snowden, the Man and the Theft.

Photo by Rosdiana Ciaravolo/Getty Images


Edward Snowden Pardon and the SolarWinds Hack | - City Journal

Posted in NSA