Privacy Shield Struck Down: Schrems II Just When You Thought it Was Safe to Go Back in the Harbor – JD Supra

16 July 2020 will go down in data protection history. On that day, the EU Courts decision in Schrems II dealt international data transfer a mighty blow.

The EU-US Privacy Shield has fallen with immediate effect.

The EUs adopted standard contract clauses survive, but can only be used where the destination countrys laws contain safeguards of a GDPR standard.

If supervisory bodies and businesses follow this decision strictly, every day activities will require burdensome due diligence and may have to be suspended.

This has the potential to disrupt business in many sectors.

Legal BackgroundAs everyone now knows, the EUs GDPR sets a gold standard for protecting personal data that applies in all EEA1 countries and to many organisations in other parts of the world.

The GDPR prevents an organization transferring personal data outside the EEA unless the destination country is on an adequacy white list or the organization adopts an adequate safeguard, except in very limited circumstances. Given the powers of EU supervisory authorities to ban unlawful data transfer and to levy large fines, up to 4% of global group turnover or 20 million, it is important to respect these rules.

Only seven major countries2 with due respect to Andorra and various small islands are on the white list. However, that list is not limited to entire countries. The EU can also white list specified sectors within countries. Using this power, in July 2016 it made the important decision that U.S. organisations certified under the EU-US Privacy Shield were also white-listed3.This replaced its 2000 Safe Harbor decision to similar effect, which the EU Court had struck down as invalid in 2015, in Schrems I.

As mentioned above, organisations transferring personal data to a non-EEA destination which is not white-listed generally have to establish an adequate safeguard. By far the most common of these safeguards, the easiest to establish and often the only one available, is the EU adopted standard contract clauses (SCC). The SCC are probably used by thousands of organisations around the world.

Schrems II challenged both the Privacy Shield and the SCC, striking at the heart of cross-border data transfer.

Background FactsIn 2013 Austrian law student, Max Schrems, asked the Irish Data Commissioner to prevent Facebook Ireland transferring his data to Facebook USA. He argued U.S. law didnt adequately protect his personal data, given the FBI and NSAs surveillance powers and activities.

Although this ultimately resulted in the 2015 Schrems I ruling that U.S. Safe Harbor was invalid, it did not end the argument because Facebook said most of its data transfer to the U.S. was under the SCC, not Safe Harbor. Accepting the Commissioners invitation to reformulate his complaint, Schrems argued that once in the U.S. his data was available to the FBI and NSA under laws incompatible with the EU Charter and was not adequately protected despite the SCC.

The Commissioner agreed and brought court action in Ireland, questioning the validity of the 2010 EU decision which adopted the SCC.

The Irish Court heard evidence on the effect of U.S. national security laws. Finding these of concern, it referred the SCC question to the EU Court of Justice. For the same reasons, it also asked the EU Court to scrutinize the validity of the EU-U.S. Privacy Shield, which had been adopted in the intervening period.

EU Courts Decision on the Privacy ShieldThe Court observed that the Privacy Shield was expressly stated to be subject to U.S. national security requirements, which enabled interference with the fundamental rights of data subjects. The Court went on to examine the EU Commissions justification for nevertheless approving the Shield. These are set out in a recital declaring:

on the basis of available information about the U.S. legal order any interference by U.S. public authorities with the fundamental rights of the persons whose data are transferred under the Privacy Shield for national security [or] law enforcement purposes, will be limited to what is strictly necessary to achieve the legitimate objective in question, and there exists effective legal protection against such interference

The Court examined FISA, the U.S. Foreign Intelligence Surveillance Act, and Executive Order 12333 on Intelligence Activities and fundamentally disagreed with the Commissions justification. The Court found U.S. surveillance programs under these laws enabled agencies such as the FBI and NSA to access personal data transferred from the EU to the U.S. without limitation and without guarantees for non-U.S. individuals. Ultimately, it concluded that U.S. laws:


Consequently, it had no hesitation in finding the Privacy Shield invalid, with immediate effect.

EU Courts Decision on the SCCThe Courts decision on the SCC was more nuanced. Its key finding, which will be a relief to business, is that the EU Commission decision approving the SCC was valid. However, the Court applied a significant qualification, ruling that the SCC can only be used where data subjects are given a level of protection equivalent to GDPR in the destination country.

Applying this qualification, the judgment directs EU data protection authorities to suspend or prohibit data transfer using the SCC where the law of the destination country does not provide appropriate safeguards, rights and remedies against access by national authorities.

Organizations concluding from this that they can carry on using the SCC until an authority stops them will be disappointed. The judgment goes on to declare every entity transferring personal data out of the EEA under the SCC responsible for assessing whether the destination countrys law ensures adequate protection. They must do so on a case by case basis, before they make any further transfer.

The burden does not stop at the data exporter: the Court also pointed out that the SCC themselves require the data importer to notify the exporter if it cannot comply, including where public authorities in its country can access the data disproportionately or without redress. The Court ruled that transfer must stop if the exporter receives such notification.

Finally, the Court suggested a data exporter could take adequate additional measures to guarantee protection if the destination countrys laws did not pass the assessment. However, short of persuading that country to change its laws it is difficult to see what such measures could be: while the exporter could insist on additional contractual safeguards with the importer, these will have no effect on public authorities in the destination country, which are not party to the SCC.

Effects of the Decision

Data Transfer to the U.S.Data transfers under the Privacy Shield are now unlawful. Although authorities are unlikely to take immediate enforcement action, such as banning transfers and levying fines, businesses should find an alternative basis for transferring personal data to the U.S. as soon as possible, since any informal grace period will not last long.

Ideally, the alternative basis for transfer will involve using an adequate safeguard. The obvious solution would have been to use the SCC commonly used to transfer data to U.S. organisations not certified under the Privacy Shield. But given the EU Courts combined findings on the use of the SCC and on U.S. laws, it seems inevitable that this will not withstand further scrutiny.

Apart from the SCC, the only other adequate safeguard readily available to private organisations is to use binding corporate rules, but these apply only within a corporate group and so are of no use for transfers between independent entities. They also require bespoke drafting and regulatory approval.

In the absence of the Privacy Shield and without an adequate safeguard, organisations can generally only transfer personal data to the U.S. on a repeated basis with the explicit consent of the data subject or where necessary for a contract4. Even one-off transfers will require justification and regulatory notification.

The use of consent is therefore likely to increase. This will often be onerous and will need careful management, since the GDPR also has strict rules on consent. If data subjects refuse consent, and every data subject is entitled to refuse, one can foresee major problems.

Data Transfer to other Non EEA CountriesMost data transfers to non-white-list countries take place under the SCC. Applying Schrems II strictly, every EU data exporter using the SCC must now assess the laws of the destination country, if necessary with the help of the importer, before carrying out further transfer.

This assessment should include a focus on law regarding access by public authorities in the destination country, in particular whether their access is proportionate and whether data subjects have actionable legal rights against them.

Having assessed the relevant foreign law, unless the exporter finds it as protective as GDPR and consistent with the EU Charter, it must end the transfer. There must be a significant concern that many, if not most, countries will fail this assessment. Where that is so, the position will be the same as for the U.S.

EU data protection authorities are required to enforce the GDPR with all due diligence. Strictly applying Schrems II, they must suspend or ban personal data transfer to third countries under the SCC where it cannot be protected to EU standards, unless the data controller has already put an end to the transfer. In the coming months, we may see decisions from the authorities that the SCC cannot be used for certain named countries.

ConclusionsStrict observance of the EU Courts decision in Schrems II will disrupt current practice in international data transfer from the EU.

How many nations, other than the handful currently on the white list, have data protection laws equivalent to GDPR? How many nations circumscribe the activities of their intelligence and national security authorities and give foreign nationals individual legal rights against them? Indeed, there are doubts about the UK receiving a white listing following Brexit for that very reason. Even existing white list decisions are subject to periodic review and could be challenged at any time.

Until now, use of the SCC was the oil on the wheels of the EU data export system. If Schrems II is rigorously applied this will no longer be the case. This is problematic since swathes of businesses rely on transferring personal data from the EU to the U.S. and other major trading nations without specific authorization or individual consents. If Schrems IIeffectively prohibits this, then other countries may take a tit for tat approach, particularly since national security laws in EU Member States may not meet the standard the EU court is expecting of other countries.

The solution may have to be political, but as both Schrems cases show, political solutions may not withstand the scrutiny of a court. Ideally, Schrems II will lead to a world-wide standard of data protection equivalent to GDPR, but that seems a long way off and is probably unachievable given the primacy countries give their national security.

Until a solution is found, businesses that export or import data are likely to have to make changes to their practices and legal arrangements. The only consolation, although a poor one, is that everyone is swimming in the same choppy waters.

RecommendationWe recommend that organisations which export or import EU personal data take urgent legal advice on the best way forward.

___1 The EU countries plus Norway, Iceland and Lichtenstein. 2 Argentina, Israel, Japan, Jersey, New Zealand, Switzerland and Uruguay.3 A similar decision has been made for in Canada for commercial private-sector organizations. 4 The other exceptions are extremely narrow, e.g. for legal claims or matters of life or death.

Go here to read the rest:

Privacy Shield Struck Down: Schrems II Just When You Thought it Was Safe to Go Back in the Harbor - JD Supra

Posted in NSA

CISA, NSA warn of threat to ICS. Garmin incident may be ransomware. Blackbaud hack spreads. Sino-American cyber tension. – The CyberWire

A joint warning from CISA and NSA points out a heightened cyber threat to the industrial Internet-of-things. Recent months, the agencies say, have seen significantly increased attention paid to internet-accessible operational technology (OT) assets as cyber actors have demonstrated their continued willingness to conduct malicious cyber activity against critical infrastructure. Operators of such systems should be ready, CISA and NSA say, to protect themselves during a time of crisis.

The agencies dont name names in their warning, but the media have. WIRED, in a representative piece, calls out Fancy Bear, Russias GRU, as the cyber actor snuffling at US critical infrastructure.

Garmin took its servers offline yesterday for a multiday period of maintenance. The company called it an outage that affected GarminConnect and its customer call centers, but ZDNet reports that Garmin employees whove tweeted about the incident are calling it a ransomware attack.

The consequences of the Blackbaud hack have spread to more educational institutions in the UK, Canada, and the US. WION News gives the following list of known victims: University of York, Oxford Brookes University, Loughborough University, University of Leeds, University of London, University of Reading, University College (Oxford), Ambrose University in Alberta (Canada), Human Rights Watch, YoungMinds, Rhode Island School of Design in the US and the University of Exeter.

China orders the US consulate in Chengdu shuttered, Reuters reports, in response to the US closure of Chinas Houston consulate.

Concerns mount over the risk of data exposure through Chinese-manufactured DJI drones, CyberScoop and others write.

Continued here:

CISA, NSA warn of threat to ICS. Garmin incident may be ransomware. Blackbaud hack spreads. Sino-American cyber tension. - The CyberWire

Posted in NSA

Top 10 world news today: Trump`s NSA Robert O`Brien tests positive for COVID-19, Rohingya refugees found alive and more – WION

Trump's NSA Robert O'Brien tests positive for coronavirus

The White House has said staff is regularly tested for the virus, and O'Brien is the most senior official to be found positive amid the pandemic.

China plans to buy gold mine in Arctic; Trudeau government to decide deal

A Chinese stat-run company is planning to buy a gold mine in the Canadian Arctic which has sparked concerns for the Canadian government.

'Virtual kidnappings' warning for Chinese students in Australia

Over 1,000 "Chinese authority" scams were recorded last year by Australia's consumer watchdog.

US ambassador to South Korea shaves off moustache, guess why?

US ambassador to South Korea Harris whose mother was a Japanese had reportedly told the local South Korean media two years that he had decided to grow the moustache as a sign of starting a career as a diplomat.

Queen Elizabeth II becomes first Royal to attend virtual unveiling of portrait

The portrait shows the Queen sitting on a gilded chair in a blue knee-length dress, with a tea cup next to her on a table.

Malaysia: 26 Rohingya refugees found alive on a small island

Malaysia has been harsh on the undocumented foreign workers, especially the Rohingya refugees.

China to help Hong Kong in building emergency field hospital due to surge in virus

Since July, over 1,000 cases of coronavirus cases have been reported, which is more than 40 per cent of the total since the virus first hit the city in late January.

Turkey deports Uighur Muslims back to China via third countries: Reports

According to a report of The Telegraph, Turkey is helping China repatriate Uighur Muslims by sending them to third countries from which they can be extradited by Beijing.

Trump calls demonstrators 'terrorists' and promises 'retribution' against them

And at some point, theres going to be retribution because there has to be. These people are vandals, but theyre agitators, but they're really theyre terrorists, in a sense, he added.

18 of the worlds 20 most monitored cities are in China, 1 camera for every 4.1 people

According to an annual report published by the UK-based Comparitech, worldwide there are 770 million cameras in use, with 54% of them in China alone.

Read this article:

Top 10 world news today: Trump`s NSA Robert O`Brien tests positive for COVID-19, Rohingya refugees found alive and more - WION

Posted in NSA

NSA and CISA Recommend Immediate Actions to Reduce Exposure Across Operational Technologies and Control Systems – HSToday

Over recent months, cyber actors have demonstrated their continued willingness to conduct malicious cyber activity against critical infrastructure (CI) by exploiting internet-accessible operational technology (OT) assets.[1] Due to the increase in adversary capabilities and activity, the criticality to U.S. national security and way of life, and the vulnerability of OT systems, civilian infrastructure makes attractive targets for foreign powers attempting to do harm to U.S. interests or retaliate for perceived U.S. aggression. OT assets are critical to the Department of Defense (DoD) mission and underpin essential National Security Systems (NSS) and services, as well as the Defense Industrial Base (DIB) and other critical infrastructure. At this time of heightened tensions, it is critical that asset owners and operators of critical infrastructure take the following immediate steps to ensure resilience and safety of U.S. systems should a time of crisis emerge in the near term. The National Security Agency (NSA)along with the Cybersecurity and Infrastructure Security Agency (CISA) recommend that all DoD, NSS, DIB, and U.S. critical infrastructure facilities take immediate actions to secure their OT assets.

Internet-accessible OT assets are becoming more prevalent across the 16 U.S. CI sectors as companies increase remote operations and monitoring, accommodate a decentralized workforce, and expand outsourcing of key skill areas such as instrumentation and control, OT asset management/maintenance, and in some cases, process operations and maintenance. Legacy OT assets that were not designed to defend against malicious cyber activities, combined with readily available information that identifies OT assets connected via the internet (e.g., Shodan,[2] Kamerka [3]), are creating a perfect storm of 1) easy access to unsecured assets, 2) use of common, open-source information about devices, and 3) an extensive list of exploits deployable via common exploit frameworks [4] (e.g., Metasploit,[5] Core Impact,[6] and Immunity Canvas [7]). Observed cyber threat activities can be mapped to the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) for Industrial Controls Systems (ICS) framework.[8] It is important to note that while the behavior may not be technically advanced, it is still a serious threat because the potential impact to critical assets is so high.

Click herefor a PDF version of this report.

Since the Ukraine cyberattack of 2015 organizations must assume in their planning of not only a malfunctioning or inoperative control system, but a control system that is actively acting contrary to the safe and reliable operation of the process. Organizations need an OT resilience plan that allows them to:

In a state of heightened tensions and additional risk and exposure, it is critical to have a well-exercised incident response plan that is developed before an incident.

An accurate and detailed OT infrastructure map provides the foundation for sustainable cyber-risk reduction.

Informed risk awareness can be developed using a variety of readily available resources, many of which include specific guidance and mitigations.

A vigilant monitoring program enables system anomaly detection, including many malicious cyber tactics like living off the land techniques within OT systems.

Read more at CISA

Read this article:

NSA and CISA Recommend Immediate Actions to Reduce Exposure Across Operational Technologies and Control Systems - HSToday

Posted in NSA

NSA clears the air on national teams – BusinessGhana

The National Sports Authority (NSA) has cleared the Black Maidens and Princesses to go into campaign following the green light given by President Nana Addo Dankwa Akufo-Addo.

The President of the Republic in his update Number 14 on measures taken against the spread of the COVID-19 pandemic gave the Black Starlets, Maidens and the Princesses the greenlight to start camping ahead of their respective international assignments.

A statement signed by Prof.

Peter Twumasi, Director General of the NSA and copied to GNA Sports, urged national teams to adhere to all safety protocols as they start camping following the greenlight by the President.

"In line with the directions issued on 26th July 2020, by the President in the fight against the COVID-19 pandemic, the female Under-20 and Under 17 national football teams have been cleared to go into their respective training camps to begin preparations towards their FIFA and CAF sanctioned international matches, which begins in September this year.

"While in training, they are expected to adhere strictly to all the protocols issued by the Government, CAF, and FIFA.

"The directive further stated that all other team sports, contact sports, and competitive sporting events still remain suspended until further notice,'' the statement said.

The statement urged all stakeholders to adhere to and respect the directives of the President for their own safety during the COVID-19 pandemic.


View original post here:

NSA clears the air on national teams - BusinessGhana

Posted in NSA

Netball SA hoping to host Scotland this year amid coronavirus outbreak – News24

Proteas captain Bongi Msomi

Reg Caldecott/Gallo Images

Netball South Africa (NSA) confirmed plans to stage an international series this year despite the ongoing coronavirus pandemic.

The Proteas have been out of action since January after losing theirthird-place playoff at theNetball Nations CupagainstEngland.

The South Africans were scheduled to compete in theQuad Series in Australia in September, which has since been cancelled and a new date still being negotiated.

Under the Level 3 lockdown regulations, professional non-contact sport is permitted, but with no recreational or amateur sport allowed.

Netball, which falls in the contact sport bracket, is only allowed training during level 3 of the lockdown.

NSACommunications ManagerNnusi Gazi told Sport24 that there are talks for Scotland to tour South Africa at the end of the year.

However, the governing body would need approval from the government to host the series and abide by strict safety regulations.

Proteas captain Bongi Msomi revealed that the team is being "well-looked after" despite all activity being halted due to the Covid-19 outbreak.

"We have meetings like this as a team where we catch up and get updates as a team," Msomi told Sport24 on Tuesday.

"We have our sports scientist, who prepared training programmes for the team. She updated the programme baring in mind that we aren't competing at the moment and the preparations need to align with what might come in the next month or so.We are well looked after, the coaches send in netball skill drills so we can kind of add it to our strength and conditioning sessions."

Msomi admitted that the lockdown has been tough as there is lots of uncertainty over when the Proteas will return to action.

"With the Proteas, there will probably be a netball camp ... having this idea of maybe we're playing is exciting, even the idea of being able to play this year because it's been long... the worst thing is not knowing when it'll happen with so many fixtures and tours postponed or cancelled."

NSA revealed that the country's premier netball tournament, the Telkom Netball League (TNL), is suspended due to the outbreak with no fixtures announced yet.

Msomi believes the TNL could resume in October but they are still awaiting confirmation from NSA.

"Everything is on hold for now because of the lockdown restrictions but Netball South Africa has mentioned that the plan is to have the Telkom Netball League go on in October until November and all the provisional teams now are preparing for that. At this stage, we still haven't started training in groups, which I hope we'll probably start next month."

The TNL sees12 teams from across the nine provinces play over seven weeks.

Meanwhile,Msomi has asked netball fans to sign up for the Women's Virtual Challenge on 26 September.

* On 26 September, fans who have entered can run, jog, walk, skip or even dance their own challenge at their own pace, choosing their own route and completing their challenge at any time between 06:00 and 21:00. They then share their experience on social media, using the hashtags #BeSunshine or #SPARVirtualChallenge.

The organisers are hoping to set a world record for the number of entrants in a women's virtual challenge.

For an entry fee of only R50, each entrant will receive a challenge t-shirt, a buff and challenge magazine. But that's not all - for every entry, SPAR will donate a food parcel to a survivor of gender based violence (GBV).

See original here:

Netball SA hoping to host Scotland this year amid coronavirus outbreak - News24

Posted in NSA

Abducted teen killed in UP, Yogi asks cops to consider NSA against accused – The Indian Express

Written by Manish Sahu | Lucknow | Published: July 28, 2020 4:55:19 am Following a preliminary investigation, the police picked up a few local people, including the boys neighbour Daya Nand, for questioning. (Representational)

The police in Uttar Pradeshs Gorakhpur district on Monday arrested five people in connection with the death of a 14-year-old boy, whose body was found a day after he was abducted from his home in the Pipraich area of Misrauli village. The prime accused, and one of those arrested, is the victims neighbour.

Five persons have been arrested and two others are still on the run, said Gorakhpur SSP Sunil Kumar Gupta.

The police said around 3 pm on Sunday, the victims father Mahajan Gupta, who runs a paan shop, received a ransom call from an unidentified number. The caller asked him to pay Rs 1 crore to ensure his sons release.

Following a preliminary investigation, the police picked up a few local people, including the boys neighbour Daya Nand, for questioning.

After Daya Nand failed to provide proper answers during questioning, the police interrogated him at length. The police said the boy was killed because he had identified Daya Nand.

Taking note of the incident, Chief Minister Yogi Adityanath asked the police to consider invoking the National Security Act (NSA) against the accused, and expedite the trial. He also issued directions to find if there was any lapse on part of the police. The government also announced Rs 5 lakh compensation for the victims family.

The Indian Express is now on Telegram. Click here to join our channel (@indianexpress) and stay updated with the latest headlines

For all the latest India News, download Indian Express App.

Read the original post:

Abducted teen killed in UP, Yogi asks cops to consider NSA against accused - The Indian Express

Posted in NSA

Gorakhpur kidnapping case: Yogi got here into motion, NSA on accused, police will resolve accountability – Pledge Times

Gorakhpur kidnapping case: Yogi got here into motion, NSA on accused, police will resolve accountability Pledge Times

No Result

View All Result

Edited By Shashi Mishra | Updated: 28 Jul 2020, 09:37:00 AM IST

Yogi Adityanath (File photo)


A 13-year-old child was kidnapped and murdered in Gorakhpur, Uttar Pradesh. Chief Minister Yogi Adityanath has come into action regarding this incident. CM has directed to take strict action against the culprits. CM has announced financial assistance of Rs 5 lakh to the victims family and imposing NSA on the accused.

UP Chief Minister Yogi Adityanath has directed strict action against the culprits in the case of kidnapped child in Gorakhpur. Yogi said that National Security Act (NSA) will be imposed against the culprits.

Kanpur, now murdered after kidnapping in Gorakhpur, Opposition said- CM Yogi should resign

Case will run on fast track

Yogi has pointed out the negligence of the police in this case. He said that the accountability of the police in the incident would be determined. He has ordered the case to be heard in the fast track court so that a decision can be taken in the case soon.

What is a kidnapping-murder case?

The 13-year-old child (Balaram Gupta) has been recovered by the police from the farm of the child from a farm located some distance away from the house. The childs body has been found in Kewatahia, 5 km from the village. The child was kidnapped on Sunday by Mishrolia Tola of Pipraich. The kidnapper demanded Rs 1 crore in extortion. A team of crime branch, STF and police were deployed to investigate the incident. On Monday, the body of the child was found near a farm located a little away from the house, after which the police took the body in its possession and sent it for postmortem.

Akhilesh-Priyanka attacked Yogi government

Political arrogance has also intensified in this case. Former UP CM and SP President Akhilesh Yadav tweeted, The news of the kidnapping of the kidnapped child from Gorakhpur is very painful and tragic. Condolences to the heartbroken family. Despite the constant kidnappings and murders, the shameless silence and inaction of the BJP government is in question.


No Result

View All Result

Read more here:

Gorakhpur kidnapping case: Yogi got here into motion, NSA on accused, police will resolve accountability - Pledge Times

Posted in NSA

A National Crisis: The Imperative for Improving Civic Education – The Cipher Brief

Ted McConnell is Senior Policy Advisor forCivXNow Coalition, and Elizabeth Rindskopf Parker, is former General Counsel at CIA and NSA and is a member of the executive board of the Center for Ethics and the Rule of Law. @CivXNow

OPINION These are confounding and painful times. In recent months, the COVID-19 pandemic has laid bare a tragic divide in health outcomes among communities based on race, ethnicity, and wealth. And now, this problem which exists in every aspect of society and its opportunitiesincluding in education, housing, and employmenthas been further exacerbated by yet another example of the cultural disconnect between local police and the minority residents they are sworn to protect. The resulting outrage at the latest gratuitous killing of a Black man was predictable.

Long simmering grievances within the Black community about the governments historic mistreatment that has been enabled by a dominant white societys lack of concern have been worsened by the frustrating inability to effectuate real change. It has been gratifying to see how largely peaceful protests have brought these inequities so clearly and responsibly to the fore. At the same time, it is also troubling that some parties appear to view this tragedy irresponsibly as a way to stoke even greater anger and dissension and increasing polarization. Unfortunately, as recent experience teaches, they will not be alone. We must expect that some, among them hostile foreign actors, will take full advantage of the current crisis to amplify anger as a way to deepen the nations ethnic, racial, and income divides. As always, their goal will be to erode confidence in our democratic system and foster a sense of hopelessness about the possibility of reform and accountability.

Such foreign threats, well documented inrecent reports, are the topic of a subsequent blog post. What will be clear is that these efforts are designed to weaken the United States from within, encouraging internal dissension and undermining support for government institutions and civil society, particularlyamong those long marginalized. Such efforts end-run the historic U.S. national security posture of projecting force away from the domestic arena to keep the homeland safe. By operatingwithinthe United States to amplify domestic grievances, such attacks undermine national cohesionwithout the need for an external challenge. As such, they are as much a national security threat as would be an externally launched attack by a hostile armed force. These threats find fertile ground in the current outrage over police misconduct and the disparate impact of COVID-19 on our disadvantaged minority citizens.

While profoundly disturbing, the widespread protests and the outrage they reflect should not surprise us. They result from inattention to legitimate grievances of those who have long suffered from inequitable treatment based on race, ethnicity, and income. This situation is reflected in the sharp decline in public confidence in government and civil society which has been apparent for some time. In 2019, this lack of trust in the government was well documented by the Pew Research Center. The centersJuly 2019 reportdetails the loss of trust of Americans in the government, the news media, and one another. Perhaps most disturbing was the finding that almost half of young adults between the ages of 18 and 29 fell into the low trust category, as compared to one-fifth of those over 65. Furthermore, [o]nly 17%of Americans today say they can trust the government in Washington to do what is right just about always (3%) or most of the time (14%). And last month,The New YorkTimesinterviewed a cross section of people and reached the same conclusion. In fact, thisreportingsuggested that the level of trust in the government to do the right thing may have actually declined below the troubling 17% reported by Pew.

The picture is bleak but not without hope. The Pew Research Center reported that more than 90% of those surveyed, regardless of political affiliation, believed it important to improve the level of confidence Americans have in government and each other. And an encouraging 80% believed such improvement was possible. Perhaps the deeply upsetting current crisis can nonetheless serve as a catalyst for change. If so, we dare not ignore this opportunity.

And so now, even in the midst of a singularly painful period of protests, a brief pause is in order. If we are to formulate an approach to addressing the current situation effectively, the first step must be to understand how we arrived at this point. Only then can we fashion a strategy to begin addressing what can be done in useful response to the outpouring of rage at the current state of affairs across a broad range of issuesissues that disproportionately impact the nations disadvantaged minority populations. Stated otherwise, the COVID-19 pandemic and protests about police misconduct have made clear the problems our democracy faces. The question that remains is how best to achieve lasting change. It is a question thateveryAmerican, white and non-white alike, must acknowledge and embrace. In the end, our democracy only works for any one of us if it works for all.

The answer begins with a truism. A democratic republic depends on a citizenry and an electorate that is informed about the issues and challenges of the day and is equipped to take advantage of the mechanisms of its government to achieve change. This is, of course, the fundamental premise on which our system of public education is based. Our schools are expected to teachallcitizens about their history and their government and, most importantly, to enable their effective participation. Indeed, one explanation for the outrage exhibited in recent demonstrations may be that those most directly impacted by unacceptable policies in policing, health care, education, and economic opportunity are frustrated by their inability to achieve lasting change. This may be because they have not received the civic education they need to empower them in managing the levers of public policy and government fundamental to achieving real change.

In fact, this analytical construct finds considerable support when todays state of civic education is considered. In subsequent blog posts, we will describe countless surveys that chart a decline in civic education and document the lack of understanding of all citizens about their government. The conclusion is unassailable: in recent decades there has been a precipitous decline in attention to civic literacy at all levels of the educational continuum, from secondary schools to college and graduate teacher education. Most recently, the Department of Education released the National Assessment of Educational Progress (NAEP) which documents the outcome of the 2018 Civics and U.S. History exams given to 8thgraders across the country. Considered the nations Report Card, theNAEP resultsshow that between 2014 and 2018, only 24% of respondents scored at or above the level of proficiencya dismal showing relatively unchanged for many years. Upon release of the results, Secretary of Education Betsy DeVos candidlynotedthat We cannot continue to excuse this problem away. Instead, we need to fundamentally rethink education in America. It is the only way our nations students will be in a position to lead our nation and the world.

Even more significantly, this failure of civic education resulting from declining time and attention over several generations has likely contributed to aloss of appreciation for democracyas a system of government based on the rule of law. It seems equally obvious that the fall-off in civic literacy is part of the explanation for the current political dysfunction and loss of faith in our politics and government institutions. It may also contribute to the intense frustration of those now protesting a wide range of societal inequities from police misconduct to health, education, and economic disparities laid bare by COVID-19.

Yet despite the grave state of civic education today, efforts at reform are underway and have begun to show promise. The CivXNow Coalition has created a national movement to improve and strengthen state and national policies and practices in delivering civic education. These efforts have produced recent successes in several states which, among other things, have developed and implemented new learning standards, measures of assessment and accountability, and course and time requirements for civic education. These measures are designed to engage and empower students rather than to rely upon rote learning.

In the end, however, an even broader commitment to civic education reform and understanding, both in formal education and throughout society, is needed. Once again, there is hopeful news. In March 2020, reports by two commissions formed to address completely different challenges facing the nation found that improving civic literacy was a fundamental starting point. After two and a half years of review, the final report, Inspired to Serve of the congressionally chartered National Commission on Military, National, and Public Service (NCMNPS), concluded that to increase participation in a wide range of service activities it would be essential to strengthen and expand civic educationthe necessary foundation for developing a culture of service. Similarly, The Cyberspace Solarium Commission found that enhancing civic education and media literacy would be critical to protecting the nation against democracy-undermining cyber threats.

These developments should inform any response to the current tragic circumstances that have so galvanized protesters in countless cities around the nation. The slide into civic illiteracy disproportionately impacts those communities most in need of advocating for themselves, once again highlighting the divide based on race, ethnicity, and income. The lack of civic education available in these communities translates into reduced levels of political engagement. While overall voting participation by youth is poor, not surprisingly black and Latinx youth vote at even lower rates than their white counterparts. This adds to the dysfunction in our political and governmental systems todaythe heart of protestors concerns. To protect our constitutional democracy from internal and external threats, improved civic understanding and engagement across all parts of our society, in our educational institutions and beyond, are more than critical needs. In todays threat environment, they have become a national security imperative.

We hope this introduction will encourage learning more about the relationship among civic education, domestic tranquility, and national security at what may arguably be an existential moment in the history of our democracy.

This piece was first published by our friends at the Center for Ethics and the Rule of Law at The University of Pennsylvania

Read more expert-driven national security insight, perspective and analysis in The Cipher Brief

Read more:

A National Crisis: The Imperative for Improving Civic Education - The Cipher Brief

Posted in NSA

Who is behind APT29? What we know about this nation-state cybercrime group – The Daily Swig

APT29 has been accused of targeting coronavirus vaccine organizations, but this is not the first time the group has attracted global attention

In a July 2020 report, the UK and its allies publicly blamed cyber-attacks on organizations involved in coronavirus vaccine development on APT29, a hacking group linked to Russian intelligence agencies.

The National Cyber Security Centre (NCSC), part of GCHQ, blamed APT29 for an ongoing campaign of malicious activity predominantly against government, diplomatic, think-tank, healthcare and energy targets to steal valuable intellectual property.

Known targets of APT29 include UK, US and Canadian vaccine research and development organizations, according to a joint alert by NCSC and its intelligence partners in the Canadian Communication Security Establishment and the National Security Agency (NSA).

A full assessment (PDF) offers advice to potentially targeted organizations, as well as firing a shot against the bow of Russian intelligence by publicly calling the Kremlin out for what the NCSCs director of operations, Paul Chichester, described as despicable attacks against those doing vital work to combat the coronavirus pandemic.

But what do we know about this threat group? The Daily Swig takes a deeper look.

APT29 is a hacking group that western intelligence agencies and various cybersecurity firms have linked to Russian state intelligence agencies.

Hacked security camera footage allowed the Dutch intelligence service AIVD to link APT29 to the Russian Foreign intelligence service (SVR).

Security intelligence firm CrowdStrike attributed APT29 to either the SVR or Russias Federal Security Service (FSB).

APT in this instance stands for advanced persistent threat security industry shorthand for a state-sponsored threat group.

APT29 has been given various nicknames by cybersecurity firms, including Cozy Bear, CozyDuke, and the Dukes, among others.

As well as espionage around Covid-19 vaccine data, APT29 has been blamed for a number of other high-profile attacks over the last five years, according to analysis from FireEye Mandiant.

These alleged incidents include:

According to Symantec, APT29 has been attacking diplomatic organizations and governments since at least 2010, if not earlier.

APT29 Cozy Bear was implicated alongside another Kremlin-linked hacker group, Fancy Bear (APT28, widely credited as a unit of the Russian military intelligence directorate, GRU), in the cyber-attacks against the DNC during 2016 US presidential election.

The threat group is known to be interested in foreign intelligence, according to Finnish security firm F-Secure.

APT29 has traditionally focused on intelligence to inform national and security policy, rather than the theft of intellectual property, Calvin Gan, manager at F-Secures tactical defense unit, told The Daily Swig.

However, Covid-19 could be such a major national security priority for Russia that they need all hands on deck.

The tradecraft of APT29 is generally credited as more subtle and sophisticated than that of APT28, the even more infamous Kremlin-linked cybercrime group.

Ben Read, senior manager of analysis at Mandiant Threat Intelligence, told The Daily Swig: APT29 has historically targeted geopolitical intelligence, with a focus on stealing information.

They have not been linked to the type of disruptive operations that APT28 and Sandworm team have undertaken but have instead operated with much more discretion.

APT29 uses a variety of tactics, techniques, and procedures (TTPs) including spear-phishing and custom malware known as WellMess and WellMail.

According to Mandiant, APT29 is an adaptive and disciplined threat group that hides its activity on a victims network.

In the past it has communicated infrequently and in a way that closely resembles legitimate traffic, Mandiant explains.

By using legitimate popular web services, the group has taken advantage of encrypted SSL connections, making detection even more difficult.

APT29 is one of the most evolved and capable threat groups, according to Mandiants analysis:

It deploys new backdoors to fix its own bugs and add features. It monitors network defender activity to maintain control over systems. APT29 has also often used compromised servers for [command and control] communication.

It counters attempts to remediate attacks. It also maintains a fast development cycle for its malware, quickly altering tools to hinder detection.

APT29 has been known to switch tactics and approaches (notably between smash-and-grab and slow-and-deliberate) depending on the perceived intelligence value and/or infection method of victims, according to an ATT&CK Evaluations assessment by Mitre Corporation.

APT29 is known to employ a vast arsenal of malware toolsets, according to F-Secure:

The Dukes have engaged in apparently biannual large-scale spear-phishing campaigns against hundreds or even thousands of recipients associated with governmental institutions and affiliated organizations.

These campaigns utilize a smash-and-grab approach involving a fast but noisy break-in followed by the rapid collection and exfiltration of as much data as possible.

If the compromised target is discovered to be of value, the Dukes will quickly switch the toolset used and move to using stealthier tactics focused on persistent compromise and long-term intelligence gathering.

More details on APT29s alleged tactics can be found in a recent white paper on APT29 by F-Secure (PDF).

Patch management and other techniques can help to defend against APT29 and similar attackers.

APT groups typically update their arsenal fairly quickly and are customized to the target or environment that they are interested in, F-Secures Gan explained.

While EDR [endpoint detection and response] is around to spot for suspicious behaviors within the network, it is only one part of the defense strategy.

There are other processes and technologies that must be in place to minimize loopholes as much as possible. This includes patch management, as we have seen in the recent advisory of how APT29 purportedly gained a foothold through known vulnerabilities.

Tony Cole, CTO at Attivo Networks, added: Its unfortunate that an actor such as APT29 with such sophisticated capabilities is still able to simply scan targets for existing known vulnerabilities and then compromise with little effort or use phishing emails to obtain their initial set of credentials.

Organizations must step up their efforts to counter adversaries targeting them.

Read more of the latest cyber-attack news

Cole continued: Patching is an imperative that must be met. Instrumentation focused on detection and lateral movement inside the network perimeter and across all endpoints is another imperative since prevention often fails regardless of defensive spending.

Charity Wright, a cyber threat intelligence advisor at IntSights and former NSA Chinese espionage expert, told The Daily Swig: The Russian intelligence services are organized and deliberate about their targeting, missions, and toolsets. They adapt and overcome target defenses and typically go after strategic intelligence, military, and government entities.

She advised: Organizations should understand what valuable data they have, which state-sponsored groups would be likely to target them either for their proprietary data or to use them as a third party to pivot to their target, and be prepared to defend against those APTs.

Utilizing a threat intelligence service, creating intelligence requirements, and integrating tactical intelligence into their defense strategy is vital to protecting their assets. I would also encourage them to conduct threat modeling and purple team exercises to prepare for increases in attacks from nation-state cyber threats.

Russias basic stance is to acknowledge that cyber-attacks are happening but to deny any responsibility.

In July 2020, Russias Ambassador to the UK, Andrei Kelin, gave an interview with Deborah Haynes, foreign affairs editor at Sky News, claiming that Russia itself was frequently targeted by cyber-attacks and calling for the creation of a convention on cyber-warfare.

READ MORE Russian national pleads guilty over involvement in $568m cybercrime operation

We would like to set up a normal order, under the UN auspices, probably a convention, which would provide for easily understandable rules of cooperation, Kelin said. Otherwise there will be a cyber chaos.

When pressed on accusations that Russias cyber activities pose threat to the UK, Kelin raised doubts about attribution.

The cyber world is extremely complicated, but attribution of cyber-attacks to the government of any country is very dubious, he said.

During the interview, Kelin went on to dismiss the latest, very specific accusation that Russian intelligence agencies as being behind cyber-attacks against vaccine research centers. Those accusations are about nothing, he said.

YOU MIGHT ALSO LIKE Declassified: GCHQ celebrates 100 years of secrets well kept

Read the original:

Who is behind APT29? What we know about this nation-state cybercrime group - The Daily Swig

Posted in NSA

Several streets in Karachi cordoned off reportedly due to terror threat – Outlook India

Karachi, Jul 23 (PTI) Law enforcement personnel in Pakistan on Thursday sealed some areas and roads around foreign diplomatic missions in Karachi''s Clifton neighbourhood reportedly due to a terror threat.

Residents of the area were surprised to see blockades in many areas of the posh residential neighbourhood.

According to law enforcement sources, many areas in the Clifton neighbourhood particularly those around foreign diplomatic missions were closed down due to a terror threat.

Police sources said a security high alert has been issued for the city''s ''Red Zone''.

Some routes [have been] blocked as part of some extra security measures. Nothing to worry about," Deputy Inspector General South Javed Akbar Riaz said.

The heightened security measures come a month after four militants attempted to storm the Karachi Stock Exchange building.

All four terrorists were killed in the gun-and-grenade attack that also claimed the lives of four security personnel.

In November 2018, a terror attack on the Chinese consulate in Clifton was foiled by security forces in which seven people, including three terrorists, were killed.


Disclaimer :- This story has not been edited by Outlook staff and is auto-generated from news agency feeds. Source: PTI


Several streets in Karachi cordoned off reportedly due to terror threat - Outlook India

Posted in NSA

Creating a more secure nation means public service hiring practices need an overhaul – The Hill

The public sector has over 33,000 openings in cybersecurity. This means that about one in three possible public sector cybersecurity jobs is currently unfilled. It also means that we are leaving our country vulnerable to future attacks in cyberspace if we do not have the experts we need to update information technology systems, analyze network traffic, research emerging tools, respond to cyber incidents, coordinate with other sectors, and the myriad other responsibilities that fall to the federal cyber workforce.

The federal government faces two critical challenges in filling federal cybersecurity jobs. First, we must inspire more professionals with critical cyber skills to consider careers in government. There is an urgent need to act now to reform how the U.S. government recruits, develops, and retains its workforce in order to remain technologically adept and secure from attacks of significant consequence in cyberspace; specifically, streamlining hiring processes and developing innovative approaches in recruiting to attract and retain world-class talent.

Second, the nation must do more to cultivate cyber talent nationwide. That is to say, we have to grow the size of the cyber workforce pie, not just cut the government a larger slice of it. In order to accomplish this, Congress needs to invest in the American people and the security of the nation with meaningful and sustained support for cyber workforce development efforts.

We know that public servants are vital to the security and well-being of the nation, yet outdated rules and practices make it difficult to hire and retain the best talent by creating unnecessary delay, unpredictability, and frustration for talented individuals who aspire to serve the public. To address these challenges, three different U.S. federal commissions have made recommendations to fix federal hiring, inspire the next generation to public service, and empower agencies to build their workforce to meet evolving needs and to better serve the American people.

The Cyberspace Solarium Commissions March 2020 report noted the critical importance, and significant dearth, of cybersecurity talent for an effective U.S. cybersecurity strategy. To increase the number of individuals with digital talent who can meet this critical shortfall, the Commission recommended that the federal government expand existing scholarship-for-service initiatives and create additional developmental pathways to public service to incorporate more hands-on learning and tap into talent with unconventional professional or educational backgrounds. An immediate and proven vehicle is the National Science Foundations CyberCorps: Scholarship for Service program which offers financial support to students studying cybersecurity, in exchange for a public service term upon graduation. Since the programs inception in 2001, it has graduated roughly 3,600 students, sending them into cyber careers in the public sector. The Solarium Commission recommends increasing the funding to the program over a period of 10 years to allow for 2,000 graduating CyberCorps students per year.

Similarly, the National Commission on Military, National and Public Service proposes that Congress create new pipelines from postsecondary education to public service, starting with a new Public Service Corps, similar to the militarys Reserve Officer Training Corps (ROTC), in which agencies would offer scholarships to university students in exchange for a four-year public service commitment met through employment at the agency that provided the scholarship.

To better enable the government to respond to national emergencies that exhaust its cyber capacity, the National Commission on Military, National and Public Service also recommends the creation of a Civilian Cybersecurity Reserve (CCR) at the Department of Homeland Security (DHS) and the National Security Agency (NSA). The CCR would enable DHS and the NSA to quickly expand their cybersecurity workforces with experts who have prior government experience as well as the necessary technical skills, platform knowledge, and clearance to perform sensitive work. The Cyberspace Solarium Commission makes a similar recommendation for the Department of Defense (DoD), assessing the need for a military cyber reserve to include non-traditional options to ensure the DoD is prepared to mobilize a surge capacity in times of crisis or conflict. Beyond the obvious benefits of increasing the pool of available talent, these programs also imbue participating workers with a greater sense of professional fulfillment that derives from public service while strengthening beneficial relationships and collaboration between the private and public sector.

And as the National Commission on Military, National, and Public Service reminds us, public service roles offer the opportunity to protect the country while gaining work experience that can be found nowhere else. This is particularly true for career tracks, like cyber, where the competition for talent is most intense. While government should and does make every effort to ensure financial compensation is competitive with the private sector through excepted service systems, the governments greatest advantage is more often found in the work itself. The cyber challenges the government confronts on a daily basis and the data and tools it uses to do so create a professional experience that is wholly unique. That experience, underpinned by a mission that cannot be replicated in the private sector, creates both a recruiting advantage and a foundation for lifelong productivity.

The reasons to work in government are clear, but they must be supported by recruitment, hiring, and development processes that help encourage, rather than deter, talented individuals serving. To capitalize on its inherent advantages, the government must present clear and compelling opportunities to prospective workers early in their decision cycles, demonstrate a capacity and willingness to invest in their whole-of-career development, and transform personnel systems to meet the expectations of a workforce that equates timely decisions with a promise of respect for the value of their skills and a commitment to public service.

We want all Americans inspired and eager to serve to join the mission and make our nation more secure. That starts with public service hiring reform.

Dr. Joe Heck is chairman of the National Commission on Military, National, and Public Service. He is a brigadier general in the U.S. Army Reserve and represented Nevadas 3rd District in the House of Representatives from 2011-2017. Mr. John C. "Chris" Inglis is a commissioner for the U.S. Cyberspace Solarium Commission and a former Deputy Director of the National Security Agency. He currently serves as the Looker Distinguished Visiting Professor of Cyber Studies at the United States Naval Academy.

Follow this link:

Creating a more secure nation means public service hiring practices need an overhaul - The Hill

Posted in NSA

Zero Trust Cybersecurity Plan This Year From DISA & NSA – Breaking Defense

DISA Director Vice Adm. Nancy Norton (center) cuts a ribbon last to celebrate a new DISA Global Operations Center West at Hill AFB in Utah.

WASHINGTON: Agencies from across the Defense Department are coming together to turn zero trust from buzzword to reality. Led by the Defense Information Systems Agency (DISA) and the National Security Agency (NSA), the workshops goal is to create a set of best practices to guide upgrades across DoD, said Vice Adm. Nancy Norton. Norton commands both DISA, the Pentagons tech support agency, and JHFQ-DoDIN, the DODs operational HQ for day-to-day cybersecurity.

The initial Zero Trust Reference Architecture will be out towards the end of this year, Norton told AFCEAs annual Army Signal conference this morning. While lots of companies are eager to sell products labeled zero trust, the architecture is intended to show Defense Department organizations how they can upgrade the technology they already have.

That means converting systems that now rely on a single line of defense to a layered defense based on zero trust. Most current information technology including countless aging systems in the Defense Department relies on perimeter security, where logging in means you can access all the data on a given device or even a whole network. But cybersecurity experts assume these days that the enemy will get through that perimeter or be already inside it with legitimate credentials, as Ed Snowden was at NSA. So zero trust constantly checks and re-checks each user and software process each time they try to access data, operating under the principle of deny by default. You dont get access unless you specifically prove you should have it.

The standard analogy is a castle with a moat. Perimeter security checks visitors at the drawbridge and then gives them free run of the castle, while zero trust posts guards at every chamber.

Thats a huge change, requiring a complex kit of analytic software, identification and verification systems, and bureaucratic policies. But the Pentagon cant afford to rip out its entire IT system and buy a replacement.

We very much understand that this is not going to be a wholesale, green-field approach to new network architecture, Norton said. Were not starting over again [buying] wholesale new equipment. We are taking whats out there today with our legacy equipment and incorporating new principles and new analytics and specific kinds of policies adding devices and automation into the architecture that we already have.

Since the plan is to add zero trust to existing systems, DISA and NSA need to understand how those systems work. Hence the workshops theyre conducting with other agencies, from roughly quarterly meetings of top officials down to more frequent conclaves at the working level.

The workshops are going really well and were getting lots of participation, Norton said. There is definitely a lot of interest in there.

The Armys plan to integrate its enterprise (homebase) and tactical (battlefield) networks.

Ambivalence in the ArmyThe Armys chief information officer, Lt. Gen. Bruce Crawford, has been particularly enthusiastic and ahead of the curve, Adm. Norton told an Army-heavy audience at AFCEA.

The Army very definitely has from the beginning said, we want to be part of zero trust, Norton said. Gen. Crawford was pushing, actually, DISA [to] move to a zero trust environment.

The Armys Network Enterprise Technology Command (NETCOM) is already working on a zero trust pilot project with Nortons JFHQ-DODIN, NETCOMs chief engineer told the AFCEA conference. A few months ago [US Cyber Command] asked each of the services to conduct a zero-trust pilot, Patrick Dedham said. We stood up a team thats actually trying to implement a zero-trust environment using a [Microsoft] 365 environment.

As with the DISA-led, DoD-wide effort, the NETCOM pilot is focused on the nitty-grity of implementing zero trust in existing technology, not some grand plan to rip everything out and replace it with shiny new stuff. As we go through that pilot and discover what does it really mean to implement zero trust principles on our network today, then thatll allow us to come up with a much better architecture, Dedham said. Zero trust is going to be a journeyRight now were very perimeter-security-based.

As hard as it is to implement zero trust in the Defense Departments enterprise networks which are largely based in the US with easy access to fiber optic landlines it might take even longer to implement in the tactical units that units deploy with, which largely depend on radio and which must work alongside foreign allies.

Maj. Gen. Peter Gallagher

We have to connect with coalition teammates, okay? We absolutely have to, said Maj. Gen. Peter Gallagher, who leads the network modernization team at Army Futures Command. We use terms like zero trust and identity management and all that stuff, [but in a combat zone] you cant necessarily confirm the security clearance of everyone youre sharing information with.

Theres always a fine line between security and operational effectiveness the ability to command and control and fight as a coalition, Gallagher said. Indeed, one of the biggest decisions the Army has made about its future tactical network is to keep as much data as possible unclassified because it streamlines information-sharing not just with allies but even with other US units.

Properly implemented, zero trust could make it easier to share data across a coalition, said Paul Puckett, who heads the Army CIOs nine-month-old Enterprise Cloud Management Office. Perimeter security often required you have to have one network for all the US users and another, separate and unequal, for non-US users. But with zero trust, you can have a single network that manages individual users and their access in a much more nuanced way. Every user, device, and piece of data gets labeled with metadata attributes that clearly describe its identity and what its allowed to connect with, he said, whether theyre a US person or not, whether they have clearances or not.

Gallagher is watching this work on zero trust with interest but considerable caution. Were going to have to follow where NETCOM goes, Gallagher told the conference, because weve got to get the enterprise set first, and do it right, before were going to be able to really capitalize on it in the tactical space.

Visit link:

Zero Trust Cybersecurity Plan This Year From DISA & NSA - Breaking Defense

Posted in NSA

COVID-19 Cases Triple At Carswell Where Reality Winner Is Imprisoned – Shadowproof

Editors NoteThe following is the first edition of a newly launched newsletter, The Dissenter, which covers whistleblower stories and the obstacles they face. A subscription is $5/month. To subscribe, visit https://dissenter.substack.com/subscribe

At Federal Medical Center Carswell in Fort Worth, Texas, where NSA whistleblower Reality Winner is incarcerated, the number of COVID-19 infections have tripled in one week.Her sister Brittany Winner said one of her bunkmates had severe symptomatic COVID-19 and was removed. Brittany Winner believes it is a matter of time before Reality Winner falls ill. Reality Winner received one of the 733 tests administered at the facility, but as of July 14, she is still waiting for the results.The rapidly intensifying facility outbreak comes as the 11th United States Court of Appeals deliberates over Winners request to reverse a district court ruling and release her into home confinement.Reality Winner filed an appeal on May 12. Her attorneys warned, The entire basis for Realitys motionand so many like hersis that she cannot afford to wait until she is removed from FMC Carswell in a stretcher, or worse, before she is afforded relief.Two months later, the 11th Circuit still has not ruled on her appeal or scheduled a hearing on the increasingly dire circumstances she faces during the pandemic. Reality Winner pled guilty in 2018 to one count of violating the Espionage Act when she disclosed an NSA report to The Intercept. She believed the report contained evidence that Russian hackers targeted United States voter registration systems during the 2016 election. She has served well over half of her 63-month sentence.According to the Bureau of Prisons (BOP), in the last two weeks, 134 inmates and three staff members have tested positive for COVID-19. Winner submitted a filing on July 13 with additional details on the outbreak that indicates how cases have spiked. On June 29, according to the BOP, there were zero confirmed cases among prisoners. There were 45 confirmed cases on July 6. Three days later, there were 68 confirmed cases. One day later, there were 77 confirmed cases.The BOP reported 113 cases among prisoners on July 11 and 127 cases among prisoners on July 12.Realitys burden in the district court was to demonstrate that her circumstancesincluding, for instance, her underlying health issues coupled with her environment at FMC Carswellmeet the required test of being extraordinary and compelling, justifying her release, declared Winners attorney Joe Whitley. The exponentially growing harm at FMC Carswell is relevant to that inquiry andcombined with the other evidence in this recordjustifies her release.Brittany Winner communicates with her sister regularly and said those in Reality Winners unit are confined to their cells except at specific times to shower once per day or use the restroom.After her bunkmate contracted the virus, Reality Winner suggested it was almost better in the cell with only three people now, as they have more space, but they still cant all stand up at the same time because the space is so tight.In recent days, guards are using the stairs and the hallways for personal exercise while prisoners remain confined. Not only do they feel like they are being taunted, but Reality Winner and other prisoners are concerned their increased breath rate will exacerbate the spread of COVID-19.She hasnt seen the sun in almost three weeks and hasnt been given the time or space to exercise, Brittany Winner shared. Her sciatica is flaring up, and her anxiety is through the roof, as she isnt allowed video chats with her family and some days is not allowed to use the phone or computer. Shes helpless and frustrated and trapped.The July 13 filing mentions it took over a week for Realitys counsel to be able to schedule a phone call with her to obtain more insights into her current circumstances, which her attorney sees as an illustration of BOPs inadequate handling of the COVID-19 pandemic as a whole. It is apparent, in view of the spiking numbers at this facility, that her health is, as argued in the district court and in this Court, in serious jeopardy. Counsel fears what information will be learned that is not reflected in the BOPs numbers alone when he does have the opportunity to speak to Reality, Whitley added.

Local news reporting from the Fort Worth Star-Telegram paints an increasingly bleak picture. One prisoner named Sandra Shoulders suggested she is living in a horror movie. Every day, prison staff at FMC Carswell, a federal medical prison in Fort Worth, take about a dozen people out of [Shoulders] unit to get tested for COVID-19. Some of them come back; others do not.The newspaper added, When a woman tests positive for the virus, her mattress is dragged from the room she shares with three other people and stacked in what used to be the TV room. Every day, the mountain of mattresses grows. Shoulders tries to avoid walking past it.Multiple women in the prison who did not want to be named out of fear of retaliation wrote the Star-Telegram to describe the conditions, according to the newspaper. The women shared the following:

When an inmate tests positive, her belongings are not removed from the shared living space for hours. Inmates are responsible for cleaning the infected rooms but often do not have the proper PPE, two inmates wrote. One inmate who tested positive was allowed to use a shared bathroom, which was not cleaned for hours after she used it.

The inmates are primarily responsible for cleaning the showers, phones and computers the women share, Shoulders said, even though they have not all been tested and do not have the proper cleaning supplies.

One man named Steven, who withheld his last name because he is fearful of retaliation, told the Star-Telegram that his wife believes she will die at Carswell. She thinks nobody in that place cares. And she watches people holding up signs at the mens prison when that (outbreak) happened, and shes saying, Why does no one care about whats happening here?Reality Winner believes she is suffering through this hell in a black hole, where nobody seems to know or care whats happening to them.If a prisoner tests positive at Carswell, they are put in solitary confinement. The use of solitary confinement in U.S. prisons has grown by 500 percent during the pandemic.A recent paper from researchers and physicians at Amend Correctional Culture at the University of California San Francisco highlighted the effect solitary confinement could have.Many advocates fear that use of isolation to curb transmission of COVID-19 in correctional facilities will complicate the emerging crisis, as incarcerated people become reluctant to report symptoms for fear of being moved to solitary confinement, those who do report symptoms will be forced to endure an experience known to cause psychological and physical harm, and system-wide unrest will be triggered in institutions where fears about being placed in medical isolation could run rampant, the paper warned.Given the grave health risks that COVID-19 pose to correctional institutions and their surrounding communities, the group of researchers and physicians recommends corrections officials and advocates for incarcerated people and their families persuade governors, legislators, and the public that rapid decarceration, including of the sentenced population, is necessary and can be done safely.Winners request for compassionate release invokes the First Step Act and argues it allows her to bring a motion before a federal court that shows extraordinary and compelling reasons exist, which require the court to free her. If she is released, her case could be a model for other prisoners who are vulnerable to COVID-19.But the 11th Circuit is notorious when it comes to appeals from prisoners. In June, Supreme Court Justice Sonia Sotomayor stated, The 11th Circuit is significantly out of step with other courts. The 11th Circuit, as the New York Times noted, requires that prisoners us a form that is so small one is lucky to fit 100 words. That submission can form the basis for rulings on appeals without even an individualized response from the government.

This stands in stark contrast to the practices of the other circuits, which often hear oral argument and read particularized government briefs, and which consider the statutory 30-day time limit to be optional, Judge Charles R. Wilson declared in 2019.

Winner is not appealing her conviction, but there may be little difference. Absent a recognition of the health risks facing prisoners, and how the outbreak may fuel the spread in surrounding communities if decarceration does not happen, the 11th Circuit is likely to reject the notion she should be released. There is a deep prejudice in the Justice Department and the courts against people like Winner who leak classified information. As a result of their hostility, they may transform her already harsh sentence into a death sentence if the press and public do not shame them into showing mercy.

Here is the original post:

COVID-19 Cases Triple At Carswell Where Reality Winner Is Imprisoned - Shadowproof

Posted in NSA

Chinas aggressive actions against India give insight into how CPC thinking these days, says U.S. NSA – The Hindu

Chinas very aggressive actions against India, including the brutal attack on Indian soldiers in eastern Ladakh, and its moves in the South China Sea and Hong Kong give a good insight into how the ruling Communist Party of China is thinking these days, U.S. National Security Advisor Robert OBrien has said.

The Indian and Chinese armies were locked in a stand-off in multiple locations in eastern Ladakh since May 5. The tension escalated in the Galwan Valley on June 15 in which 20 Indian Army personnel were killed during a violent face-off with Chinese soldiers.

The Chinese have been very aggressive with India, Mr. OBrien said on Tuesday alleging that during the recent clash they beat some of the Indians so badly they were disfigured and could not be identified.

This is a dispute between India and China, but China has shown itself for what it was. Chinese troops ambushed the Indians. They beat 20 Indians to death. They beat them so badly with clubs with nails in them and wrapped with concertina barbed wire, Mr. OBrien told Fox News Radio in an interview.

He was responding to a question on the recent Chinese aggressive behaviour against India in eastern Ladakh.

Responding to a question on U.S.-India bilateral relations, he said, India is a democracy and is a great friend of the United States.

Prime Minister Narendra Modi and President (Donald) Trump have a super relationship, Mr. OBrien said.

In fact, it was the last foreign trip that I took with the President before the COVID crisis hit, was to India, and we had a great reception of the Indian people there. We have a lot in common with them, we speak English, were democracies. Weve got a growing, very strong relationship with India, Mr. OBrien said.

But Chinas action towards India, just like its actions in the South China Sea, just like what its doing in Hong Kong, just like the bullying intimidation of Taiwan, really gives you a good insight into how the Communist Party of China is thinking these days, he said.

China claims almost all of the 1.3 million square mile South China Sea as its sovereign territory. China has been building military bases on artificial islands in the region also claimed by Brunei, Malaysia, the Philippines, Taiwan and Vietnam.

Its something to be very concerned about, Mr. OBrien said.

On Monday, Secretary of State Mike Pompeo rejected most of Chinas maritime claims in the South China Sea, the latest in the escalation between Washington and Beijing.

Last week, the Trump administration took action against Chinese officials for their involvement in human rights abuses in the Xinjiang region, where Uighur Muslims and other minority groups have been detained and tortured.

And two weeks ago, the administration announced visa restrictions on current and former Chinese officials who it says were responsible for eviscerating Hong Kongs freedoms.

The Trump administration has been openly critical of Beijings sweeping national security law aimed at limiting Hong Kongs autonomy and banning literature critical of the Chinese Communist Party.

Earlier in the day, Senator Bob Menendez, a ranking member of the Senate Foreign Relations Committee, alleged that China is seeking to redraw the map of Asia without regard to its neighbours.

As India and China work to disengage along the Line of Actual Control (LAC), I remain deeply concerned by Chinas aggressive behaviour in territorial disputes, he said.

From the 2017 Doklam stand-off to the recent violence along the borders in Sikkim and Ladakh, to Chinas new claims to Bhutanese territory, Beijing has all too often sought to redraw the map of Asia without regard for its neighbours, he said.

The international community must be clear that such behaviour is unacceptable, he added.

Mr. Menendez, the top Democratic Senator from New Jersey, said that the U.S.-India partnership, based on their shared commitment to democracy, is vital to uphold international law, international norms and the institutions that can peacefully and diplomatically resolve disputes and aggression.

I am committed to working with the Indian government and the Indian-American community in New Jersey and throughout the United States to advance U.S.-India cooperation, Mr. Menendez said.

You have reached your limit for free articles this month.

To get full access, please subscribe.

Already have an account ? Sign in

Show Less Plan

Find mobile-friendly version of articles from the day's newspaper in one easy-to-read list.

Move smoothly between articles as our pages load instantly.

Enjoy reading as many articles as you wish without any limitations.

A one-stop-shop for seeing the latest updates, and managing your preferences.

A select list of articles that match your interests and tastes.

We brief you on the latest and most important developments, three times a day.

*Our Digital Subscription plans do not currently include the e-paper ,crossword, iPhone, iPad mobile applications and print. Our plans enhance your reading experience.

Go here to read the rest:

Chinas aggressive actions against India give insight into how CPC thinking these days, says U.S. NSA - The Hindu

Posted in NSA

What is 5G SA or Stand Alone and why is it so important? – Explica

5G is starting to become a reality around the world. But like every new generation of mobile communications, the jump to 5G is just the beginning from a long list of improvements that will be implemented over the next few years.

As in previous generations, the turning on 5G only sets the stage on which all these improvements will be based, and which will come in different launch phases, each with different stages and objectives that will last for the next ten years, until the arrival of 6G.

The launch of 5G in different phases is nothing new. We also saw born to 4G with maximum speeds of up to 150 Mbps that were increasing over the years thanks to improvements applied over 4G, and that for example allow adding different carriers to increase the maximum speed to 1 Gbps. But even so, not all the improvements have been fully implemented yet and many users are still diverted to 3G to be able to make traditional voice calls since there are few operators that have implemented the voLTE or voice over 4G.

The different ones were also striking 3G phases. Initially, it came with UMTS to provide faster download speeds to the networks, which began to offer initial speeds of up to 384 Kbps, and subsequently HSDPA was implemented to increase the download speed to 7.2 Mbps, HSUPA that increased the upload speed, and HSPA + that allowed theoretical maximum navigation of up to 42 Mbps.

The 3GPP, entity in charge of establishing the mobile telephony standards for the whole world, defined Release 15 as the first phase of 5G, focused on carrying out an improvement of mobile broadband (eMBB) and which encompasses two 5G states: an initial 5G NSA that maintains dependence on the 4G / LTE network core, and the 5G SA independent, whose NGCN (Next Generation Core Network) network core is based on network and cloud software.

While the 5G NSA infrastructure is implemented maintaining the 4G Evolved Packet (EPC) network core and the radio part evolves from LTE to New Radio (NR), with the 5G SA evolves both the radio part (NR) and the core part (NGCN).

Regardless of infrastructure, both NSA and SA will operate using the radio spectrum intended for 5G. At the moment, in Spain Vodafone has started its deployment making use of the only band available, that of 3.7 GHz, with worse penetration, but necessary in cities with a higher population density.

The 700 MHz band, which will help extend 5G coverage more quickly and improve indoor coverage, will not be available until the first quarter of 2021, after the second Digital Dividend was delayed due to the COVID-19 crisis. The mmWawe millimeter band that will help to obtain speeds around 20 Gbps thanks to the greater spectrum available at 26 GHz, still has no date to be auctioned.

He 5G NSA It has been the first to be deployed in the 19 countries that already have 5G since spring 2019 and with it, compatible smartphone users can benefit from a higher download speed that will increase to 2 Gbps, a latency that drops to 15 ms, and greater stability and reliability in the connection, even in mobility or in crowds, thanks to technologies such as Massive MIMO. In addition, operators will have much greater network capacity that will facilitate the emergence of rates with unlimited data.

He 5G SA, which has already begun to be implemented in some industrial areas of Spain and in other countries, is the most revolutionary stage by enabling the implementation of future services such as autonomous driving, thanks to the combination of technologies such as Network Slicing with other promising ones such as Mobile Edge Computing that will help to have low latencies around 1 ms. As far as smartphones are concerned, the most noticeable improvements will be related to the increase in upload speed, higher download speed and the absence of delays.

With 5G SA, you can segment the network in subnets with different transmission capacities, speed and latency. Networks can be created with specific conditions for future applications in industrial IoT, interactive games, business networks, or Critical communications of highest priority such as emergency scenarios, autonomous driving, remote operations using a surgical robot, etc.

The second and successive phases of 5G, starting with Release 16, will be more focused on the industry, with the promotion of new services and greater efficiency of networks.

The transition lived in previous generations is repeated with 5G, and to enjoy its benefits it is necessary to have a fee and an operator with 5G services, to be under 5G coverage and have a compatible device with the new networks.

But this time it will also be necessary to take into account the existence of the two phases of 5G when choosing a smartphone. Operators will make the migration between NSA and SA networks is transparent to the user, but if we do not want to be left with an incomplete 5G, we must take into account the modem used by the mobile model.

Of the 5G phones for sale, the first models such as the Samsung Galaxy S10 5G at the moment, with an Exynos 5100 modem, or other Android devices with Snapdragon 855 that integrate the Qualcomm X50 modem, such as Xiaomi Mi MIX 3 5G, LG V50 ThinQ 5G, OPPO Reno 5G and ZTE Axon 10 Pro 5G, were only compatible with NSA networks while the rest of the most current models are already compatible with 5G SA.

Taking into account all of the above, the innovations that the different phases and states provide in practice are summarized in the following comparison:

4G +



Theoretical maximum discharge speed

Up to 1 Gbps

Up to 2 Gbps

At least 20 Gbps

Theoretical maximum upload speed

Up to 150 Mbps

Up to 150 Mbps



About 30 ms

About 15 ms

About 1 ms

In mobility, speed at which QoS can be applied

Up to 200 km / h

Up to 500 km / h

Up to 500 km / h

Density connected devices

Up to 100,000 per km2

Up to 1 million per km2

Up to 1 million per km2


800 MHz band: 60 MHz FDDBand 2.6 Ghz: 120 MHz FDD + 50 MHz TDD

700 MHz band: Available in 2021Band 3.7 Ghz: 360 MHz TDD26 Ghz band: pending auction

700 MHz band: Available in 2021Band 3.7 Ghz: 360 MHz TDD26 Ghz band: pending auction


EPC architecture, LTE radio

EPC architecture, LTE / NR radio

5GNR architecture with core based network software

Technological advances

Network virtualizationMEC

Greater efficiency in bands above 3 GHz.Massive MIMO

Network SlicingMachine learning

Continued here:

What is 5G SA or Stand Alone and why is it so important? - Explica

Posted in NSA

Auction mart to be headline sponsor at North Sheep 2021 – Darlington and Stockton Times

NEXT year's North Sheep 2021 is pleased to announce that Hexham and Northern Marts will be its headline sponsor.

The National Sheep Association's (NSA) showcase event will be held at a noted sheep producing farm, Bradford House Farm, near Ponteland in Northumberland on Wednesday, June 2.

The NSA is dedicated to safeguarding the interests and future of all aspects of the sheep industry and this key showcase will provide farmers with a forum to see a tremendous sheep farming enterprise, along with accessing the latest genetics, technologies and genetics.

Hexham & Northern Marts is one of the North of Englands foremost livestock trading companies. Established more than 100 years ago, it hosts weekly livestock auctions at both Hexham and Scots Gap Marts.

Host of next years event, Willie Woodman, of JE Woodman & Sons farming enterprise, is both a long-standing customer of Hexham & Northern along with acting as a company director.

In hosting NSA North Sheep 2021, Willie alongside his wife, Christine, and son, Martin, will present the workings of their traditional Northumbrian sheep farm, focusing on the production of top-quality prime and breeding sheep they sell at Hexham Mart.

The event itself will take place at their 930-acre Bradford House Farm, home to a lowland flock of 250 Mule Ewes and 200 Texel cross ewes. There will also be display of Blackface sheep from Great Chesters, their 1,200-acre hill farm.

Robert Addison,managing director of Hexham & Northern Marts, said: We are delighted to have NSA North Sheep returning to Northumberland and on our doorstep next year and to have the opportunity to support both the event and the Woodman Family.

"I am sure that given the cancellation of this years shows and sheep events, people will be particularly keen to attend, not just in terms of learning and knowledge transfer, but from a social aspect, to meet with like-minded farmers and friends.

"Bradford House Farm is a tremendous livestock farm and this unique event will provide the thousands of people expected to attend with an insight into the production techniques of one of our long-standing customers along with a showcase roadmap to increased profitability.

The NSA North Sheep is a key date in the industrys diary, attracting thousands of sheep farmers from across the north of England and beyond. In addition to the huge number of trade stands expected, there will be a series of seminars and demonstrations covering all areas of the sheep industry.

The events organiser and NSA Northern regional manager, Heather Stoney-Grayshon said: We are very pleased to announce this partnership with long-standing supporters Hexham & Northern Marts. It is only thanks to commitment from businesses such as this that we the Northern Region of the NSA are able to host what I hope will once again be a fantastic celebration of the sheep farming industry.

The NSA is funded by the membership of its sheep farmers. Through the many industry related activities, such as the North Sheep Showcase, the NSA is dedicated to safeguarding the interests of sheep producers throughout the UK. The NSA forms an essential network sheep producers throughout the UK and receive significant support from those connected to the industry.

Here is the original post:

Auction mart to be headline sponsor at North Sheep 2021 - Darlington and Stockton Times

Posted in NSA

How the Media Mangled the ‘Russian Invasion’ of the Trump Administration – The National Interest

Throughout the Trump years, various reporters have presented to great fanfare one dubious, thinly sourced story after another about Moscows supposedly nefarious plots against the United States. The unsupported allegations about an illegal collusion between Donald Trumps 2016 campaign and the Russian government spawned a host of subsidiary charges that proved to be bogus. Yet, prominent news outlets, including the New York Times, the Washington Post, CNN, and MSNBC ran stories featuring such shaky accusations as if they were gospel.

The willingness of the press to circulate any account that puts Russia in a bad light has not diminished with the collapse of the Russia-Trump collusion narrative. The latest incident began when the New York Times published a front-page article on June 28, based on an anonymous source within the intelligence community, that Moscow had put a bounty on the lives of American soldiers stationed in Afghanistan. The predictable, furious reaction throughout the media and the general public followed. When the White House insisted that the intelligence agencies had never informed either the president or vice president of such reports, most press reactions were scornful.

As with so many other inflammatory news accounts dealing with Russia, serious doubts about the accuracy of this one developed almost immediately. Just days later, an unnamed intelligence official told CBS reporter Catherine Herridge that the information about the alleged bounties was uncorroborated. The source also revealed to Herridge that the National Security Agency (NSA) concluded that the intelligence collection report does not match well-established and verifiable Taliban and Haqqani practices and lacked sufficient reporting to corroborate any links. The report had reached low levels at the National Security Council, but it did not travel farther up the chain of command. The Pentagon, which apparently had originated the bounty allegations and tried to sell the intelligence agencies on the theory, soon retreated and issued its own statement about the unconfirmed nature of the information.

There was a growing sense of dj vu, as though the episode was the second coming of the infamous, uncorroborated Steele dossier that caused the Obama administration to launch its 2016 collusion investigation. A number of conservative and antiwar outlets highlighted the multiplying doubts. They had somewhat contrasting motives for doing so. Most conservative critics believed that it was yet another attempt by a hostile media to discredit President Trump for partisan reasons. Antiwar types suspected that it was an attempt by both the Pentagon and the top echelons of some intelligence agencies to use the media to generate more animosity toward Russia and thwart the withdrawal of U.S. troops from Afghanistan, a process that was still in its early stages following Washingtons February 29, 2020, peace accord with the Taliban.

The bounty stories certainly had that effect. Congressional hawks in both parties immediately called for a delay in further withdrawals while the allegations were investigated. They also made yet more Trump is Putins puppet assertions. Nancy Pelosi could not resist hurling another smear with that theme. With him, all roads lead to Putin, Pelosi said. I don't know what the Russians have on the president, politically, personally, or financially.

Despite the growing cloud of uncertainty about the source or accuracy of the bounty allegation, several high-profile journalists treated it as though it was incontrovertible. A typically blatant, hostile spin was evident in a New York Times article by Michael Crowley and Eric Schmitt. The principal evidence that they cited for the intelligence report was the earlier story in their own newspaper. An admission that there were divisions within the intelligence agencies about the report, the authors buried far down in their article.

High-level intelligence personnel giving the president verbal briefings did not deem the bounty report sufficiently credible, much less alarming, to bring it to his attention. Former intelligence official Ray McGovern reached a blunt conclusion: As a preparer and briefer of The Presidents Daily Brief to Presidents Ronald Reagan and George H. W. Bush, I can attest to the fact thatbased on what has been revealed so farthe Russian bounty story falls far short of the PDB threshold.

Barbara Boland, a national security correspondent for the American Conservative and a veteran journalist on intelligence issues, cited some glaring problems with the bounty charges. One was that the Times anonymous source stated that the assessment was based on interrogations of captured Afghan militants and criminals. Boland noted that John Kiriakou, a former analyst and case officer for the CIA who led the team that capturedsenior al-Qaeda figure Abu Zubaydah in 2002, termed reliance on coercive interrogations a red flag. Kiriakou added, When you capture a prisoner, and youre interrogating him, the prisoner is going to tell youwhat he thinks you want tohear. Boland reminded readers that under interrogation Khalid Sheik Mohammed made at least 31 confessions, many of which were completely false.

A second problem Boland saw with the bounty story was identifying a rational purpose for such a Russian initiativesince it was apparent to everyone that Trump was intent on pulling U.S. troops out. Moreover, she emphasized, only eight U.S. military personnel were killed during the first six months of 2020, and the New York Times story could not verify that even one fatality resulted from a bounty. If the program existed at all, then it was extraordinarily ineffective.

Nevertheless, most media accounts breathlessly repeated the charges as if they were proven. In the New York Times, David Sanger and Eric Schmitt asserted that, given the latest incident, it doesnt require a top-secret clearance and access to the governments most classified information to see that the list of Russian aggressions in recent weeks rivals some of the worst days of the Cold War. Ray McGovern responded to the Sanger-Schmitt article by impolitely reminding his readers about Sangers dreadful record during the lead-up to the Iraq War of uncritically repeating unverified leaks from intelligence sources and hyping the danger of Saddam Husseins alleged weapons of mass destruction.

Another prominent journalist who doubled down on the bounty allegations was the Washington Posts Aaron Blake. The headline of his July 1 article read The only people dismissing the Russia bounties intel: the Taliban, Russia and Trump. Apparently, the NSAs willingness to go public with its doubts, as well as negative assessments of the allegations by several veteran former intelligence officials, did not seem to matter to Blake. As evidence of how serious the situation was (despite a perfunctory nod that the intelligence had not yet been confirmed), Blake quoted several of the usual hawks from the presidents own party.

As time passed, outnumbered media skeptics of the bounties story nevertheless lobbed increasingly vigorous criticisms of the allegations. Their case for skepticism was warranted. It became clear that even the CIA and other agencies that embraced the charges of bounties ascribed only medium confidence to their conclusions. According to the Office of the Director of National Intelligence (DNI), there are three levels of confidence, high, moderate, and low. A moderate confidence level means that the information is credibly sourced and plausible but not of sufficient quality or corroborated sufficiently to warrant a higher level of confidence. The NSA (and apparently the Defense Intelligence Agency (DIA) and possibly other portions of the intelligence community) gave the reports the low confidence designation, meaning that the informations credibility and/or plausibility is questionable, or that the information is too fragmented or poorly corroborated to make solid analytic inferences, or that [there are] significant concerns or problems with the sources.

Antiwar journalist Caitlin Johnstone offered an especially brutal indictment of the medias performance regarding the latest installment of the Russia is Americas mortal enemy saga. All parties involved in spreading this malignant psyop are absolutely vile, she wrote, but a special disdain should be reserved for the media class who have been entrusted by the public with the essential task of creating an informed populace and holding power to account. How much of an unprincipled whore do you have to be to call yourself a journalist and uncritically parrot the completely unsubstantiated assertions of spooks while protecting their anonymity?

The media should not have ignored or blithely dismissed the bounty allegation, but far too many members ran enthusiastically with a story based on extremely thin evidence, questionable sourcing, and equally questionable logic. Once again, they seemed to believe the worst about Russias behavior and Trumps reaction to it because they had long ago mentally programmed themselves to believe such horror stories without doubt or reservation. The assessment by Alan MacLeod of Fairness and Accuracy in Reporting (FAIR) is devastatingly accurate. With regard to the bounty story, he concluded, evidence-free claims from nameless spies became fact in most media accounts. Instead of sober, restrained inquiries from a skeptical, probing press, readers and viewers were treated to yet another installment of over-the-top anti-Russia diatribes. That treatment had the effect, whether intended or unintended, of promoting even more hawkish policies toward Moscow and undermining the already much-delayed withdrawal of U.S. troops from Afghanistan. It was a biased, unprofessional performance that should do nothing to restore the publics confidence in the medias already tattered credibility.


How the Media Mangled the 'Russian Invasion' of the Trump Administration - The National Interest

Posted in NSA

Banning TikTok takes a big espionage tool away from China: US NSA – The Indian Express

By: PTI | Washington | Updated: July 15, 2020 12:42:26 pm Trump administration is looking not just at TikTok but at WeChat and some other Chinese apps as well, because the Chinese are big consumers of Americas personal data. (Representational)

China will lose a big tool of espionage and surveillance if America and some western European countries ban Chinese apps like TikTok as done by India, US National Security Advisor Robert OBrien has said.

India last month banned 59 Chinese apps, including TikTok and UC Browser, saying they were prejudicial to the sovereignty, integrity and security of the country.

OBrien told Fox News Radio in an interview that the Trump administration was very seriously taking a look at TikTok, WeChat and some other apps coming out of China.

India has already banned those apps, as you know. And if they lose India and the United States, they lose some western European countries, that takes a big tool away from the espionage work or the surveillance work of the CCP (Chinese Communist Party), he said in response to a question on the dangers posed by apps like TikTok.

The kids who are using TikTok and it can be a lot of fun but there are a lot of other social media platforms they could use. TikTok is getting facial recognition on you, OBrien said. They are getting all of your personal, private data, your most intimate data. They are getting to know who your friends are, who your parents are. They can map all your relationships, he added.

All the information is going straight to the massive supercomputers in the cloud in China, OBrien said. So China is going to know everything about you. They are going to have biometrics on you. You ought to be very careful regarding who you give such personal information to, he said.

The Trump administration, he said, is looking not just at TikTok but at WeChat and some other Chinese apps as well, because the Chinese are big consumers of Americas personal data. They will either try and get you to give it to them for free through WeChat or TikTok if they cannot get it that way, they will steal it, OBrien said.

China, he said, has hacked into Marriott and stolen the personal data of hundreds of millions of people, including their passport numbers.

They have hacked into Experian and other credit rating agencies to get most intimate credit details. They have hacked into Anthem healthcare so that they can get medical details. So this is not just an advertiser trying to find out what you are interested in searching for on Google so they can sell you a different brand of car, this is a country that is looking to get every bit of personal, private information they can, so they know everything about you, OBrien said.

He said there were social credit scores in China for people based on how compliant they are with the Communist party dictates.

They are going to be able to put social credit scores together on all Americans and everyone in the world soon because of artificial intelligence and supercomputing, he said. We need to make sure that does not happen, the US National Security Advisor said.

Secretary of State Mike Pompeo last week said the US is certainly looking at banning Chinese social media apps, including TikTok.

The American leaderships remarks on the Chinese social media apps came amid growing tensions in bilateral ties with Beijing on a range of issues, including on the coronavirus outbreak and the controversial national security law imposed in Hong Kong.

The US has banned Huawei from their 5G networks over concerns of security and Washington has been pressuring other countries to restrict the operations of the Chinese telecom firm.

The Indian Express is now on Telegram. Click here to join our channel (@indianexpress) and stay updated with the latest headlines

For all the latest World News, download Indian Express App.

IE Online Media Services Pvt Ltd

The rest is here:

Banning TikTok takes a big espionage tool away from China: US NSA - The Indian Express

Posted in NSA

Singapore reports 257 new COVID-19 cases – Outlook India


Gurdip Singh

Singapore, Jul 19 (PTI) Singapore on Sunday reported 257 new COVID-19 cases, taking the country''s total count to 47,912.

Among the new cases in the community, two are Singaporeans (citizens) or permanent residents (foreigners) and six are foreigners holding work passes living outside the dormitories.

There are also five imported cases, all of whom had been placed on stay-home notices upon their arrival in Singapore, said the Ministry of Health in its daily update.

Among the new cases, 249 are foreign workers living in dormitories.

There are currently 169 confirmed cases who are still in the hospital.

Of these, most are stable or improving, and none is in the intensive care unit while 3,626 are isolated and cared for at community facilities.

In all, 43,833 have fully recovered from the infection and have been discharged from hospitals or community care facilities, including 256 discharged from hospital on Saturday. PTI GS NSA

Disclaimer :- This story has not been edited by Outlook staff and is auto-generated from news agency feeds. Source: PTI

Continue reading here:

Singapore reports 257 new COVID-19 cases - Outlook India

Posted in NSA