Cybersecurity and Cyberwarfare

Facebook is sponsoring the efforts of former Hillary Clinton and Mitt Romney campaign managers to combat hacking and disinformation campaigns designed to interfere with elections. Facebook’s chief security officer Alex Stamos announced the company’s $500,000 investment in the effort, called Defending Digital Democracy, today during a keynote at the security conference Black Hat. The project was launched last month by a Harvard University group and Stamos is a member of the group’s advisory committee.

“Our goal is to build an information sharing organization that includes political parties, campaigns, state and local election officials, and tech companies,” Stamos said. The information sharing unit will be modeled on similar efforts within the tech industry to share threat intelligence. Facebook and other major tech companies like Microsoft and Twitter use these kinds of partnerships to share information on terrorist threats, revenge porn, and child exploitation. “If one company detects an attack they can immunize others very quickly,” Stamos said. But Defending Digital Democracy plans to incorporate data not just from participating tech companies—executives from Google and the cybersecurity firm CrowdStrike are also on the advisory board—but from election officials as well.

The Federal Trade Commission announced that a mobile app developed by a New Hampshire software developer was awarded the top prize in the agency’s competition seeking tools to help consumers protect the security of their Internet of Things (IoT) devices. The FTC launched the contest in January to challenge innovators to develop a tool that would help address security vulnerabilities of IoT devices.

With the assistance of an expert panel of five judges, the FTC awarded Steve Castle the $25,000 top prize for his proposal for a mobile app, “IoT Watchdog.” As a software developer, Castle said he was motivated to enter the contest to distill his network security knowledge and experience into a tool that can help users easily determine if their devices are out of date or if their networks are insecure. The mobile app he proposed seeks to help users manage the IoT devices in their home. It would enable users with limited technical expertise to scan their home Wi-Fi and Bluetooth networks to identify and inventory connected devices. It would flag devices with out-of-date software and other common vulnerabilities and provide instructions on how to update each device’s software and fix other vulnerabilities.

Sen Ron Wyden (D-OR) criticized the Federal Communications Commission for failing to turn over its internal analysis of the DDoS attacks that hit the FCC's public comment system.

The FCC declined to provide its analysis of the attacks to Gizmodo, which had filed a Freedom of Information Act (FoIA) request for a copy of all records related to the FCC analysis "that concluded a DDoS attack had taken place." The FCC declined the request, saying that its initial analysis on the day of the attack "did not result in written documentation." “If the FCC did suffer a DDoS attack and yet created no written materials about it, that would be deeply irresponsible and cast doubt on how the FCC could possibly prevent future attacks," said Sen Wyden. "On the other hand, if FCC is playing word games to avoid responding to FoIA requests, it would clearly violate Chairman Ajit Pai’s pledge to increase transparency at the FCC.” Sen Wyden also said that the FCC's response to the FoIA request raised "legitimate questions about whether the agency is being truthful when it claims a DDoS attack knocked its commenting system offline.”

FCC Chairman Pai’s response: “The FCC has provided a written response to Congress detailing the attack, and we have never said that we have no written materials about it. Rather, the documents that were not produced in response to the FOIA request cannot be provided, among other reasons, because of security and privacy concerns.”

A bill that would reauthorize the Homeland Security Department for the first time in its nearly 15-year history and beef up cyber protections at ports and airports passed the House of Representatives.

The reauthorization bill, which was long championed by House Homeland Security Chairman Michael McCaul (R-TX) would direct the Transportation Security Administration to conduct a broad assessment of cyber risks to aviation security and to be prepared to vet cyber protections of specific airports and airlines if requested. TSA must also develop one program to enhance cyber threat information sharing across the aviation sector and another to assess cyber vulnerabilities in data stored by TSA PreCheck and other trusted traveler programs, according to the bill, which passed the House 386-41. The bill also formally tasks the US Coast Guard with ensuring cyber protections at US ports and with helping port operators share cyber threat information.

The US Federal Communications Commission says it has no written analysis of DDoS attacks that hit the commission's net neutrality comment system in May. In its response to a Freedom of Information Act (FoIA) request filed by Gizmodo, the FCC said its analysis of DDoS attacks "stemmed from real time observation and feedback by Commission IT staff and did not result in written documentation." Gizmodo had asked for a copy of any records related to the FCC analysis that concluded DDoS attacks had taken place.

Because there was no "written documentation," the FCC provided no documents in response to this portion of the Gizmodo FoIA request. The FCC also declined to release 209 pages of records, citing several exemptions to the FoIA law. For example, publication of documents related to "staffing decisions made by Commission supervisors, draft talking points, staff summaries of congressional letters, and policy suggestions from staff" could "harm the Commission’s deliberative processes," the FCC said. "Release of this information would chill deliberations within the Commission and impede the candid exchange of ideas."

On July 7, 2017, Sens Ron Wyden (D-OR) and Brian Schatz (D-HI) wrote to Federal Communications Commission Chairman Ajit Pai to express concern about the FCC facing a similar cyberattack on July 12 as it did during the May 7-8.

On July 11, Chairman Pai responded, writing, "Over the course of the last two months, the Commission has taken a series of steps to mitigate the chances of a disruption similar to the one that took place on May 7-8 from occurring again...In preparation for July 12, the Commission's IT professionals have taken additional measures to safeguard our comment filing system. Moreover, they will be on high alert over the next 48 hours and ready to respond as quick as possible to any attacks. Given the nature of this situation, however, I believe that publicly disclosing the specific steps that we are taking could undermine their efficacy."

Apparently, wireless communications lobby group CTIA took issue with an in-depth report by the Department of Homeland Security on mobile device security, including flaws with the SS7 network.

In a white paper sent to members of Congress and the Department of Homeland Security, CTIA, a telecom lobbying group that represents Verizon, AT&T, and other wireless carriers, argued that "Congress and the Administration should reject the [DHS] Report's call for greater regulation" while downplaying "theoretical" security vulnerabilities in a mobile data network that hackers may be able to use to monitor phones across the globe. However, experts strongly disagree about the threat these vulnerabilities pose, saying the flaws should be taken seriously before criminals exploit them.

The former managers of Hillary Clinton and Mitt Romney’s presidential campaigns are leading a new initiative called “Defending Digital Democracy” in the hopes of preventing a repeat of Russia’s 2016 election interference. Robby Mook, Clinton’s 2016 campaign chief, and Matt Rhoades, who managed the 2012 run of GOP nominee Romney, are heading up the project at the Harvard Kennedy School’s Belfer Center for Science and International Affairs in one of the first major efforts outside government to grapple with 21st century hacking and propaganda operations — and ways to deter them.

“The Russian influence campaign was one of the most significant national security events in the last decade, and it’s a near-certainty that all the other bad guys saw that and will try to do something similar in the United States in 2018 and 2020,” said Eric Rosenbach, co-director of the Belfer Center, which launches the initiative July 18. The bipartisan project aims to develop ways to share key threat information with political campaigns and state and local election offices; create “playbooks” for election officials to improve cybersecurity; and forge strategies for the United States to deter adversaries from engaging in hacks and information operations, among other things.

A communication breakdown and a vacationing employee were the reasons it took more than a week to close a leak that contained data belonging to 6 million Verizon customers, according to Chris Vickery, the cybersecurity researcher who discovered the breach. Verizon said recently that an employee at one of its vendors, NICE Systems, had accidentally made the data available to anyone who had the public link to the cloud.

After months of delay, the Trump Administration is finalizing plans to revamp the nation's military command for defensive and offensive cyber operations in hopes of intensifying America's ability to wage cyberwar against the Islamic State group and other foes, according to US officials. Under the plans, US Cyber Command would eventually be split off from the intelligence-focused National Security Agency. Details are still being worked out, but officials say they expect a decision and announcement in the coming weeks. The officials weren't authorized to speak publicly on the matter so requested anonymity. The goal, they said, is to give US Cyber Command more autonomy, freeing it from any constraints that stem from working alongside the NSA, which is responsible for monitoring and collecting telephone, internet and other intelligence data from around the world - a responsibility that can sometimes clash with military operations against enemy forces.