Monthly Archives: March 2022

FORT MEADE, Md. The White House announced today that President Joe Biden has signed National Security Memorandum 8, Improving the Cybersecurity of National Security, Department of Defense and Intelligence Community Systems. This Memorandum implements the cybersecurity requirements of EO 14028 for National Security Systems (NSS) - networks across the U.S. Government that contain classified information or are otherwise critical to military and intelligence activities. The Memorandum provides the Director of the NSA, General Paul M. Nakasone, in his role as the National Manager for NSS, with enhanced insight and authorities to better safeguard these systems.

We stand ready to fulfill our role, and our responsibility, in securing our nation against foreign malicious actors, and any efforts to exploit our national security systems, said General Paul M. Nakasone, Commander, U.S. Cyber Command, Director, NSA/Chief, Central Security Service.

The Memorandum provides the National Manager the authority to issue binding direction to departments and agencies operating NSS to take action against cybersecurity threats and vulnerabilities. All departments and agencies operating NSS will now report to the National Manager on both the status of mitigation actions taken in response to a specific cyber incident as well as provide assessments of the overall impact to their systems. Departments and agencies are also required to notify the National Manager of known or suspected incidents or compromises of NSS.

The new authorities will provide us with the necessary cybersecurity visibility into our most important systems, said Rob Joyce, NSA Cybersecurity Director and Deputy National Manager for national security systems. This new insight will allow us to identify vulnerabilities, detect malicious threat activity and drive mitigations to better secure all national security systems.

The NSM also requires Federal departments and agencies to modernize encryption protocols used on national security systems.

As the nations leader in cryptography, NSA will play a significant role in ensuring cryptographic interoperability among national security system users through cryptographic standards for use on NSS, said Gen. Nakasone.

For more, read the full memorandumand view the accompanying fact sheet.

More here:
President Biden Signs Cybersecurity National ... - nsa.gov

The National Security Agency (NSA) Cybersecurity Collaboration Center released the fourth video in its Cybersecurity Speaker Series today, focusing on Ghidra, NSAs open source reverse engineering tool. The Speaker Series highlights subject matter experts at NSA sharing insights, lessons, and contributions of their work in cybersecurity.Ghidra Beyond the Code, is a discussion between NSA senior researcher Brian Knighton, a member of Ghidra s development team, and Cybersecurity Technical Fellow Dr. Josiah Dykstra about the decision to publicly release Ghidra in March 2019.Knighton, who was a part of the team that brought Ghidra to the open-source community, cited several reasons that drove the decision to release Ghidra publicly.We put [Ghidra] out for several reasons. One, was cybersecurity is a vital skill that folks need to have. Its important to NSA and important to our nation to ensure that folks are trained up on cybersecurity and can help analyze all of the different systems that are running software and we also sort of wanted to level the playing field, said Knighton. Heres an open source tool that anyone in high school or college can download and have access to this cutting edge cybersecurity tool.With the release of Ghidra, NSA set out to build a community of dedicated and educated users. By making the software free, students can develop the technical proficiency to work on advanced cybersecurity problems.Ghidra was publicly released at the 2019 RSA conference. Three years later, work on the software continues to evolve for the Ghidra team Knighton discusses how the unique architecture of this software allows for updates to the program.Because you can take Ghidra and extend it to support new devices as they come out, it is certainly an important place to build on research to help secure new devices as they emerge, said Knighton.Ghidra was developed and is still used as a framework for building and researching future technologies. Recently, the Ghidra team partnered with Morgan State University and used Ghidra to identify and mitigate the risks of connecting modern vehicles to Bluetooth, Wi-Fi, and cellular technology.From its onset, we built Ghidra, which has been in development now for 20 years, as a platform to do research on. It was built as a platform to grow as the cybersecurity space changed. said Knighton. As technology has become more connected, Ghidra has grown to address new cybersecurity risks as new devices are created.

Download the latest version of Ghidra at ghidra-sre.org.Already a Ghidra fan? Join the NSA Cybersecurity mission and put your skills to work to secure your nation. Apply here, at intelligencecareers.gov/NSA.

Originally posted here:
Cybersecurity Speaker Series: Ghidra Beyond the Code - National Security Agency

March 10, 2022

St. Marys Universityhas received designation as a National Center for Academic Excellence in Cyber Defense from the National Security Agency and the Department of Homeland Security.

The St. Marys Master of Science in Cybersecurity is also the first in the city to receive such validation from these agencies, said Ayad Barsoum, Ph.D., Associate Professor of Computer Science and Graduate Program Director of Cybersecurity.

Graduates coming from a program designated by NSA and DHS must know specific sets of knowledge and must have hands-on lab experience in some areas, Barsoum said.

Though there are other designated centers for excellence in the city, St. Marys University is the first to gain the prestigious validation for its Master of Science in Cybersecurity.

To receive this elite designation from NSA and DHS will open doors for the students and graduates of St. Marys University in this high-growth industry, said Ian Martines, Ph.D., Interim Dean of the St. Marys University School of Science, Engineering and Technology.

After a multi-year process, the agencies apply the designation to validate institutions with a comprehensive and robust cybersecurity program. To receive the institution-wide designation as a National Center of Academic Excellence in Cyber Defense, St. Marys demonstrated having a cybersecurity program with full-time faculty contributing research and working collaboratively across disciplines; enrolling students who master specific sets of knowledge, gain real-world experience and participate in extracurricular cybersecurity challenges; creating cooperative agreements to accept students from two-year institutions; and implementing a university-wide security plan that includes training for all employees.

Gary Bevans, a student in the Master of Science in Cybersecurity, said his career goal is to become a cybersecurity analyst and thathaving the NSA validate the masters degree is an important designation.

Its a huge thing for the NSA to give that stamp of approval, Bevans said. St. Marys working together with them is really big. Its going to help the program move forward in positive ways.

Cybersecurity experts are in demand. There is a global shortage of 2.72 million cybersecurity professionals, according to the (ISC) 2021 Cybersecurity Workforce Study. The U.S. Bureau of Labor Statistics expects the job outlook for an information security analystto increase by 33% between 2020 and 2030. The median annual pay for this role was $103,590 in 2020.

The designation is great for our students as they are entering the workforce because they have been studying a curriculum that meets a national standard, said Mitra Bokaei Hosseini, Ph.D., Assistant Professor of Computer Science. It puts our graduate students in a competitive level withthe very best.

Read more:
National Security Agency and Department of Homeland Security designate St. Marys as a National Center of Academic Excellence in Cyber Defense - St....

The US National Security Agency is reportedly investigating a hack targeting Viasat that disrupted internet access in Ukraine as Russian forces prepared to invade the country.

Viasat told CNBC on Feb. 28 that it was "experiencing a partial network outage" said to be "impacting internet service for fixed broadband customers in Ukraine and elsewhere on our European KA-SAT network." The outage started on Feb. 24the day Russia invaded Ukraine.

Reuters now reports that the NSA is collaborating with ANSSI and Ukrainian intelligence to determine "whether the remote sabotage of a satellite internet provider's service was the work of Russian-state backed hackers preparing the battlefield by attempting to sever communications."

Viasat told Reuters the outage affected satellite modems owned by tens of thousands of customers in Europe. Some of those modems are still offline at time of writing, according to the report, and bringing them back online is going to be a fairly involved process.

Reuters reports that a Viasat official "said most of the affected devices would need to be reprogrammed either by a technician on site or at a repair depot and that some would have to be swapped out." Russia's ongoing attacks on Ukraine will likely complicate that process.

In the meantime, Ukraine has turned to services like Starlink to remain online, although SpaceX CEO Elon Musk has warned that Russia might attack its satellite internet service as well so it can sever Ukraine's connection to the outside world as it seeks international aid in this conflict.

Sign up for Security Watch newsletter for our top privacy and security stories delivered right to your inbox.

This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.

See the original post here:
Report: NSA Investigates Viasat Hack That Coincided With Ukraine Invasion - PCMag

The increasing incidence of aggressive cyber activity from Russia, China, Iran and North Korea, together with heightened concerns over the war in Ukraine, raises an important question: should the free world unite with a global cyber alliance in response?

At Cybertech Tel Aviv 2022 (March 1-3, 2022), founder of VC firm JVP, Erel Margalit, called for a global cyber alliance in response to the Russian invasion of Ukraine. Leadership is required to establish a democratic cyber alliance, including NATO and other free countries, in order to lead values-based cyber that will support democracies and people, and will say enough! to dictators and to those who support them, he said.

At the same time, on March 2, 2022, Robert Silvers of the U.S. DHS and Israels National Cyber Directorate director-general Gaby Portnoy signed a cyber collaboration deal between the two countries. This followed a new agreement between the UK and Israel announced in November 2021 which was described by the UK government as something that will enable closer working in diplomacy, defense and security, cyber, science, technology, and many other areas.

Such agreements never publicly disclose the extent to which the intelligence agencies of the different countries will work together, but we can assume that it is part of the arrangement. A third new alliance, known as AUKUS, was more upfront about its design and ability to deliver offensive cyber operations, clearly focused on the Indo-Pacific region and Chinas activities.

It is important to understand what we have before asking what we need.

Israels emergence as a cyber ally

Israel is not known for its cyber relationships, but is well known for its cyber capabilities. It is generally thought that Israel worked with the NSA on the delivery of Stuxnet against the Iranian nuclear facility at Natanz in the early 2010s but it must be noted that the U.S. has never declared or admitted any involvement.

The continuous conveyor belt of new and innovative cybersecurity companies being formed by Israeli Defense Force (IDF) alumni also attests to the depth of cyber knowledge and training within the country.

The Belfer Center at the Harvard Kennedy School published a ranking of national cyber power in September 2020. It produced a list of the most comprehensive countries with the highest level of intent and capabilities comprising, in this order, the U.S., China, the UK, and Russia as the top four.

Belfer placed Israel at number 11 in the world. Its methodology was to add data to a mathematical model. The International Institute for Strategic Studies (IISS) takes a different approach, and adds qualitative assessments to Belfers quantitative approach. IISS separates cyber power into three tiers. Tier #1 has the U.S. on its own as the sole world cyber superpower. Tier #2 includes China, the UK, Russia, Canada, Australia, France and Israel.

Clearly, the addition of Israel to the free worlds cyber alliances is a good thing.

AUKUS and theFive Eyes

AUKUS was announced on September 15, 2021. There are two parts to AUKUS a vehicle to provide nuclear submarines to Australia, and the formation of defensive and offensive cyber capabilities to counter Chinese activities in the Indo-Pacific region. There was some surprise at this new alliance since the three countries are three of the five countries comprising the existingFive Eyesalliance. However, theFive Eyesis primarily signals intelligence while AUKUS is likely to deliver offensive cyber operations where necessary. It was the U.S., UK and Australia that together performed cyber operations against the Islamic State.

The Five Eyes (U.S., UK, Canada, Australia and New Zealand) evolved as an extension of the UKUSA treaty that itself grew out of the informal agreement between the U.S. and UK during World War II. The agreement was formalized in March 1946, and expanded in subsequent years to include Canada, Australia and New Zealand. Other countries, such as Germany, the Philippines and some Nordic countries, have joined as third parties but the core remains the originalFive Eyes.

The Five Eyes intelligence relationship is probably the closest and most powerful intelligence relationship in history.

At first, the existence of theFive Eyesremained secret (just, in fact, as the very existence of the NSA and GCHQ remained secret for many years). The Prime Minister of Australia didnt learn aboutFive Eyesuntil 1973; it was not disclosed to the public until 2005; and it was only in June 2010 that the full text of the UKUSA agreement was made public.

This treaty is often considered to be the basis of the so-called special relationship between the U.S. and the UK.

NSA and GCHQ

The core of theFive Eyes remains the NSA and GCHQ. This is a complex relationship that is so close that the two organizations are sometimes described as twins. This is wrong. The two organizations have very different structures and primary purposes.

The NSA is run by a military officer currently General Paul Nakasone. Nakasone is a four-star general who also heads U.S. Cyber Command. For the first he reports to the undersecretary of defense for intelligence, and for the latter he reports directly to the secretary of defense. There is a strong military theme that runs through the NSA. Officially, its purpose is to secure DOD and U.S. military networks. More directly offensive operations are conducted by U.S. Cyber Command and the CIA.

GCHQ, on the other hand, is run by a civilian reporting to the Foreign Secretary. Its responsibilities support the military but go beyond this, working closely with law enforcement to go after serious organized crime within the UK such as pedophile networks.

The two agencies are different. The relationship is complex and close, and it is difficult to think of any closer intelligence alliance. But they do not automatically share all information between themselves nor the otherFive Eyespartners. There are things the NSA will want to do without sharing it with other agencies, and GCHQ is the same.

Neither the NSA nor GCHQ are officially charged with offensive cyber operations but both have done so in the past. A more recent development in the UK has been the formation of a National Cyber Force (NCF), which brings UK cyber operations more in line with the U.S. model and for the first time acknowledges that GCHQ may have some offensive responsibilities. Plans were announced in 2018, but it wasnt effectively established until 2020.

NCF is part of the MoD, the Defense Science and Technology Laboratory, the Secret Intelligence Service, and GCHQ. The government describes it as a partnership between defense and intelligence, it is responsible for operating in and through cyberspace to disrupt, deny, degrade and contest those who would do harm to the UK and its allies, to keep the country safe and to protect and promote the UKs interests at home and abroad. It clearly has the remit to direct offensive cyber operations against the enemy in justified cases.

NCF is the equivalent of the U.S. combining the cyber operations of Cyber Command, CIA, FBI, and the cyber operations of the military forces into a single organization. But there is also an element of necessity the UK simply doesnt have the budget to maintain the separate number of 3-letter agencies that exist in the U.S.

Long-term relationships and short-term politics

There is one surprising element of the major international intelligence treaties their longevity and persistence. They survive political change with a broader collective interest that transcends the coming and going of individual politicians.

In recent years there was concern that the U.S./UK special relationship (the one based on the NSA and GCHQ relationship) might fail with the U.S. change from Trump to Biden. It was generally acknowledged that President Biden had scant regard for Prime Minister Johnson because of the mutual admiration between Trump and Johnson. And Biden even issued warnings to Johnson over the sanctity of the Good Friday Agreement in Ireland following Brexit.

The Good Friday political agreement was signed in April 1998. It brought an end to the so-called Troubles in Northern Ireland between loyalists wanting to stay within the UK, and the Irish Republic-favoring republicans. Now Northern Ireland is part of the UK while Southern Ireland is part of the EU and the potential for new tensions has returned. But despite Bidens less-favorable view of the UK, UKUSA just continues.

A similar concern now occurs for GCHQ the fear that Brexit would break the ties with EU national intelligence agencies. The European Commission has had concerns over GCHQ and personal privacy ever since Snowdens leaks about GCHQ and the NSA; and has even threatened legal action. But the individual relations between GCHQ and the individual EU member state intelligence agencies seems to be persisting aided, perhaps, by the absence of national security from the EUs political remit.

Where are we now?

Out of necessity, we have concentrated on the major international free world cyber and intelligence relationships. In reality, there is a global patchwork of individual agreements between different nations throughout the free world; many of them ultimately coalescing around theFive Eyeshub. For the most part, these are security information sharing arrangements relatively few nations have the ability or confidence or political will to engage in offensive cyber operations. In this sense, there are two separate networks: gathering intelligence (for example,Five Eyes), and responding offensively to that intelligence (for example, AUKUS).

Does the free world need a single global cyber intelligence organization? The answer is almost certainly No. Firstly, such a move would likely drive Russia and China closer together perhaps including Iran and North Korea and Russian and Chinese satellite nations into their own special relationship.

Secondly, it would be unworkable. Friends keep secrets from friends when the economic or political necessity demands. Just consider the French reaction to the AUKUS announcement. France described it as a stab in the back, and within a couple of days recalled its ambassadors to both the U.S. and Australia. France lost a multi-billion euros submarine deal over AUKUS.

Related: Russia, Ukraine and the Danger of a Global Cyberwar

Related: Russia-Ukraine: Threat of Local Cyber Ops Escalating Into Global Cyberwar

Related: Talking Global Cyberwar With Kaspersky Lab's Anton Shingarev

Related: The United States and China - A Different Kind of Cyberwar

The rest is here:
Does the Free World Need a Global Cyber Alliance? - SecurityWeek

Over the years, human security has been threatened, primarily by the small arms and light weapons, on a large scale, as they are distinctly inexpensive and are easy to construct, maintain and operate and conceal. States are sole legitimate source of weapon manufacturing and of their use against the anti-social and anti-national rudiments.

Sadly, these states have failed to maintain and sustain their monopoly over the manufacturing and use of such weapons. As a result, many illicit sources are producing the weapons domestically and are misusing them against mankind.

Today, these are the weapons of choice for insurgent groups who are indulged in violent struggle with the states and other groups or for the terrorists, criminals and underworld mafias. The misuse of such weapons results in the thousands of human causalities, disruptiilon of human development and creation of refugees crisis.

All these have led to human rights abuses, fuelling deadly conflicts, troubling humanitarian assistance and peace-keeping programmes. It therefore becomes imperative to control the diffusion of such weapons and misuse of such weapons to protect and promote human security and development, which again demands responsible attitudes on the part of human being as well as states.

Africa continues to bear the brunt, with heightened trafficking in small arms in West Africa and with the porous borders between different countries. It has become increasingly difficult to address the spread of these weapons. Small arms have been recycled in the West African countries of Nigeria, Gabon, Ghana, Guinea and Burkina Faso. Rebel groups and criminal groups supply each other with arms in past and present conflict situations in countries such as Cte dIvoire, Sierra Leone, Burkina Faso and Liberia.

In the end, the proliferation of these weapons has undermined security sector reform (SSR). Nigeria has been challenged with the same phemonon in the last decade and half, a development previous governments have tried unsuccessfully to contain.

But the tide changed with the assumption of office by President Muhammadu Buhari on May 29, 2015. He demonstrated his commitment to tackling insecurity and tame proliferation of small arms and light weapons with the appointment of egg heads like Gen Muhammed Babagana Monguno (rtd) to head his security architecture. The National Security Adviser (NSA) has not only proved his mettle but surpassed the expectations of his critics.

Evidence, they say, is the end of argument. In recent times, the highthened security alert in Nigeria has reduced. Even in the Noth East, North West and other parts of the Nigeria, a new lease of life is beginning to bekcon. There have not been reported cases of Boko Haram and ISWAP attacks, unlike before. This feat cannot happen in a vacuum. Credit must be given to whom it is due, in which case, the Commander in Chief of the Armed Forces of the Federal Republic of Nigeria, President Buhari.

Also, President Buharis National Security Adviser, Monguno must be generously comended for his doggedness in the war against terriorists. Most remarkable also is the containment of the proliferation of samll arms and light weapons, which poses existential threat to our collective security. The illicit proliferation and misuse of small arms and light weapons ranks among todays most pressing security threats. Tens of thousands of people are killed or wounded each year in conflicts that are fought primarily with these weapons and in crime-ridden areas outside of conflict zones.

One of strategies adopted was decentralising the operation with the creation of six zonal offces in each geopolitical zone to monitor and enforce laws against small arms proliferation. The Buhari and Mongonu-led onslaught couldnt have come at a better time than now that serious concerns are beginning to emerge, with the 2023, general elections approaching. More than ever, theres need to curb the menace of insecurity in other to conduct best democratic elections without violence

The air of hope and optimism that has characterised the Buhari presidency can be attributed to the competence of his team, especially the National Security Adviser, Gen Monguno. Without a pinch of doubt, Monguno has proven that he towers above his equals in his professional callings. Indeed, he is a deft security/intelligence czar.

For Gen Monguno, no doubt, the role of intelligence gathering in a nations security architecture cannot be overemphasised. That is where the dexterity of the Chief Spy Officer lies. As a man who has spent quality working years in the intelligence community, organising a viable security system for Nigeria is like a walk in the park. Before he took over as the National Security Adviser to President Buhari in 2015, the countrys security architecture was in a shambles but seven years down the line, the story is different.

Noose has been tightened around terror groups terrorising Nigerians and the terrorist groups have almost been defeated, even as all territorial extensions have been returned to the sovereignty of Nigeria. We must be objective; it is incontrovertible that what is obtainable today is far more than in 2014 when lives all around Nigeria were becoming poor, nasty, brutish and short. Lest we forget so soon, 17 local government areas in Borno State alone were under the control of Boko Haram, with their flag firmly hoisted.

The ingenuity and courage of the NSA must be commended for confronting and winning the fight against insurgency. From records, General Monguno is a renowned security expert and a retired Nigerian military general. He was the Chief of Defence Intelligence from July 2009 to September 2011 and the Commander of the Brigade of Guards from 2007 to 2009.

As Nigerias number one spy master, Monguno has a natural, adaptable and high functioning ability to interact with others. Social interaction as a spy will take many different forms, requiring you to be comfortable associating with the entire spectrum of personality types.

Monguno, as the National Security Adviser from 2015 to date, has acted in his best to recover the local governments controlled by the Boko Haram terrorists and ensuring that Nigerians put the nightmare of Boko Haram behind them. This is the greatest height of professionalism and it could be said of the NSA to be the best choice of President Buhari for courageously doing his work.

Each administration has always set the guidelines for intelligence activities and, within these guidelines, establish in a timely fashion specific requirements and priorities for the conduct of these activities.

Under Gen Monguno, the Nigerian intelligence community is saddled with two broad functionscollection and analysisand one relatively narrow one, covert action. An additional function, counterintelligence, is integral to the entire intelligence process. In the forthcoming general elections, we are set to see the best of these efforts as President Buhari is poised to deliver free fair and credible elections, with his NSA readily available to provide the enabling playground with adequate security.Ibrahim is director of Communications and Strategic Planning of the Presidential Support Committee (PSC).

Related

Go here to see the original:
PMB, NSA and the war against terriorism, small arms, light weapons - Blueprint Newspapers Limited

The Central Intelligence Agency recently tapped LaNaia J. Jones, a veteran cybersecurity leader in the U.S. spy community, to be its new chief information officer.

We are delighted by the appointment of LaNaia J. Jones as the Agencys new Chief Information Officer and Director of the Information Technology Enterprise within the Directorate of Digital Innovation, CIA Deputy Press Secretary Luis Rossello said in a statement.

Jones brings a wealth of experience in information technology and innovation in the national security sphere to the post, he added. We look forward to her leadership in leveraging emerging digital technology to advance our mission.

Jones, who replaced Juliane Gallina and whose appointment was first publicly discussed with The Record, began work in late February.

She most recently served as the National Security Agencys deputy CIO where she oversaw IT investments and acquisition efforts and as the electronic spy agencys Information Sharing and Safeguarding Executive. Prior to the NSA, Jones served as acting CIO for the U.S. clandestine community within the Office of the Director of National Intelligence, working with CIOs and other senior leaders across the communitys 18 agencies.

Before that, she was the deputy CIO for the intelligence community. Jones also worked as the chief of Transformation and Transition for a global IT service provider within the Defense Department prior to her selection.

She graduated with a bachelor of science degree in Mathematics and Computer Science from the University of Maryland Eastern Shore and received a master of science degree in Technology Management from the University of Maryland University College.

Jones joins the CIA at a time when the organization is working to keep pace with technological changes in order to better develop and employ its own espionage capabilities, including detecting cyber threats from adversaries like Russia and China.

During his confirmation hearing last year, now-CIA Director Williams Burns said the SolarWinds breach which the U.S. has been attributed to the Russian government should serve as a warning to the federal government and the countrys national security apparatus about such dangers.

If this is a harsh wakeup call, then I think its essential for the CIA to work even harder to develop capabilities to help detect these kinds of attacks when they come from foreign players, he said.

Burns stressed the importance of technology again last week during the Senate Intelligence Committees annual hearing on the greatest threats to U.S. national security.

Nothing is going to matter more to the future of the CIA and, I think, the U.S. intelligence community more broadly than our ability to compete technologically. Its the main arena for competition with China, he said, noting the CIA last year created a mission center to focus on foreign technological development and another on Beijing and established the agencys first chief technology officer.

Together, the moves reflect the enormously high priority that we will continue to attest to that set of issues, according to Burns.

Martin is a senior cybersecurity reporter for The Record. He spent the last five years at Politico, where he covered Congress, the Pentagon and the U.S. intelligence community and was a driving force behind the publication's cybersecurity newsletter.

See the original post here:
The Central Intelligence Agency has a new CIO - The Record by Recorded Future