Cybersecurity and Cyberwarfare

White House: Secure 5G is National Priority

President Donald Trump's new America first National Security Strategy includes a key role for next gen wireless. "We will improve America’s digital infrastructure by deploying a secure 5G Internet capability nationwide," according to the White House plan, released Dec 18.

It’s Official: North Korea Is Behind WannaCry

[Commentary] The US publicly attributes the massive “WannaCry” cyberattack to North Korea. The attack spread indiscriminately across the world in May. It encrypted and rendered useless hundreds of thousands of computers in hospitals, schools, businesses and homes. While victims received ransom demands, paying did not unlock their computers. It was cowardly, costly and careless. The attack was widespread and cost billions, and North Korea is directly responsible. We do not make this allegation lightly. It is based on evidence. We are not alone with our findings, either.

Sponsor: 

National Institute of Standards and Technology

Department of Commerce

Date: 
Wed, 12/20/2017 - 20:00 to 22:00

The Framework for Improving Critical Infrastructure Cybersecurity (“The Framework”) was issued on February 12, 2014. This voluntary framework – based on existing standards, guidelines, and practices – provides a prioritized, flexible, repeatable, performance-based, and cost-effective approach to managing cybersecurity risk at all levels in an organization and is applicable to organizations of all sizes and sectors. The Framework was developed in a year-long, collaborative process in which NIST served as a convener for industry, academia, and government stakeholders.



Chairman Pai Letter to USAC Board on Information Technology and Security

Federal Communications Commission Chairman Ajit Pai asked the Universal Service Administrative Company Board of Directors to redouble its efforts at oversight -- specifically in the areas of information technology and security. He said USAC's technology problems are why the FCC does not have a fully functional E-Rate Productivity Center or a Lifeline National Verifier.

18 attorneys general ask the FCC to delay net neutrality repeal vote

In a letter sent to the Federal Communications Commission , 18 attorneys general from around the country called on the agency to delay the Dec 14 vote on a repeal of net neutrality protections. The 11th-hour letter, sent by the Oregon attorney general and signed by representatives of 17 states and DC, follows a high-profile press conference from the New York attorney general, who said the FCC had declined to investigate net neutrality comments posted under stolen identities.

It's Super Hard to Find Humans in the FCC's Net Neutrality Comments

The Federal Communications Commissions' public comment period on its plans to repeal net neutrality protections was bombarded with bots, memes, and input from people who don't actually exist. So, with the FCC declining to investigate its own comments, we decided to undertake an analysis of our own. We confirmed six bots and 11 form letters.

Millions of People Post Comments on Federal Regulations. Many Are Fake.

The Wall Street Journal has uncovered thousands of fraudulent comments on regulatory dockets at federal agencies, some using what appear to be stolen identities posted by computers programmed to pile comments onto the dockets. After sending surveys to nearly 1 million people—predominantly from the FCC docket—the Journal found a much wider problem than previously reported, including nearly 7,800 people who told the Journal comments posted on federal dockets in their names were fakes.

President Trump Signs Federal Ban on Kaspersky Lab Software

President Donald Trump signed into law on Dec 12 legislation that bans the use of Kaspersky Lab within the US government, capping a months-long effort to purge the Moscow-based antivirus firm from federal agencies amid concerns it was vulnerable to Kremlin influence. The ban, included as part of a broader defense policy spending bill that Trump signed, reinforces a directive issued by the Trump administration in September that civilian agencies remove Kaspersky Lab software within 90 days. The law applies to both civilian and military networks.

Ex-Spy Chief: Russia’s Election Hacking Was An ‘Intelligence Failure’

Michael Morell is one of the career types who’s broken with decades of practice to confront President Donald Trump. A veteran of nearly three decades in the CIA, Morell rose from within the ranks to become the agency’s longtime deputy director, twice serving as its acting leader before retiring during President Barack Obama’s second term. In the summer of 2016, he broke with tradition to endorse Hillary Clinton over Trump, and he has continued to sound the alarm ever since.

Sponsor: 

Federal Communications Commission

Date: 
Tue, 12/12/2017 - 19:00 to 23:00

The CSRIC is a Federal Advisory Committee that will provide recommendations to the FCC to improve the security, reliability, and interoperability of communications systems. The meeting on December 12, 2017, will be the third meeting of the CSRIC under the current charter

 

Call to Order  -- Jeffery Goldthorp, DFO, FCC

Opening Remarks  -- Brian King, T-Mobile

Working Group Updates                                              

WG1 - Transition Path to NG911  -- Mary Boyd, West Safety Services

WG2 - Emergency Alerting -- Farrokh Khatibi, Qualcomm



FCC Rejects New York AG Efforts in Comment Quest

Federal Communications Commission General Counsel Thomas Johnson said the agency must “respectfully decline” requests from New York Attorney General Eric Schneiderman as part of the AG’s investigation into the fraudulent use of names on comments in the net neutrality rollback proceeding. Johnson said revealing the logs of IP addresses for some comments raises “significant personal privacy concerns” and could also endanger the security of the commission’s comment system.

Transatlantic Data Privacy

International flows of personal information are more significant than ever, but differences in transatlantic data privacy law imperil this data trade. The resulting policy debate has led the EU to set strict limits on transfers of personal data to any non-EU country—including the United States—that lacks sufficient privacy protections. Bridging the transatlantic data divide is therefore a matter of the greatest significance. 

Trump White House Weighing Plans for Private Spies to Counter "Deep State" Enemies

Apparently, the Trump Administration is considering a set of proposals developed by Blackwater founder Erik Prince and a retired CIA officer — with assistance from Oliver North, a key figure in the Iran-Contra scandal — to provide CIA Director Mike Pompeo and the White House with a global, private spy network that would circumvent official U.S. intelligence agencies. The plans have been pitched to the White House as a means of countering “deep state” enemies in the intelligence community seeking to undermine Donald Trump’s presidency.

Sponsor: 

Subcommittee on Oversight and Investigations

House Commerce Committee

Date: 
Thu, 11/30/2017 - 16:15 to 20:00

After several significant data breaches in recent years impacting hundreds of millions of Americans, malicious actors can now package consumer information from multiple stolen data sets into one stolen identity profile.The House Subcommittee on Oversight and Investigations will examine how to verify identities and protect personal data online compromised in this new, post-breach world.



Democratic Reps wants to commit $400 million to secure future elections from hackers

A panel of Democratic Reps wants to commit $400 million to secure future elections from hackers. That $400 million is what’s left over in appropriated funds from the 2002 Help America Vote Act, which focused on making voting easier for people with disabilities. The money could be used to replace outdated and unsecure voting machines that lack paper receipts for votes, the Democrats’ independent election security task force said in a Nov 20 letter to leaders of the House Appropriations Committee.

Data Manipulation: The dangerous data hack that you won’t even notice

[Commentary] A recent wave of cyberattacks—from WannaCry and Equifax to the alleged Russian influence on the US election—has demonstrated how hackers can wreak havoc on our largest institutions. But by focusing only on hackers’ efforts to extort money or mess with our political process, we may have been missing what is potentially an even scarier possibility: data manipulation. Imagine that a major Big Food company gets hacked.

Sen Leahy Introduces The Consumer Privacy Protection Act

Sen Patrick Leahy (D-VT), joined by six other Sens, introduced comprehensive consumer privacy legislation to protect Americans’ sensitive personal information against cyberattacks and to ensure timely notification and protection when data is breached. Sen Leahy’s Consumer Privacy Protection Act of 2017 would require companies to take preventive steps to defend against cyberattacks and data breaches, and to quickly provide consumers with notice and appropriate protection when a data breach occurs.

Sponsor: 

Subcommittee on Oversight

House Committee on Science

Date: 
Tue, 11/14/2017 - 16:00 to 20:00

Witnesses:

  • Ms. Jeanette Manfra, assistant secretary, Cybersecurity and Communications, National Protection and Programs Directorate, Department of Homeland Security
  • Ms. Renee Wynn, chief information officer, NASA
  • Ms. Essye Miller, deputy chief information officer for cybersecurity, Department of Defense
  • Dr. Mark Jacobson, associate teaching professor, Edmund Walsh School of Foreign Service, Georgetown University


Sponsor: 

Silicon Flatirons
University of Colorado Law School

Date: 
Wed, 11/15/2017 - 20:00 to Thu, 11/16/2017 - 00:45

Society increasingly depends on computer networks and wireless systems. Yet, outages and adverse incidents are regular occurrences.  It has become essential for this technology to maintain an acceptable level of service—in other words, to be resilient.



Sponsor: 

Cybersecurity and Infrastructure Protection Subcommittee

Homeland Security Committee

Date: 
Wed, 11/15/2017 - 20:00 to 23:00

The purpose of this hearing is to explore ways the Department of Homeland Security can maximize the value of cyber threat information shared by the government and identify and utilize the most effective cyber threat information sharing partnerships, in order to increase the participation and volume of cyber threat information sharing with the private sector.



Security Breach and Spilled Secrets Have Shaken the NSA to Its Core

A serial leak of the National Security Agency’s cyberweapons has damaged morale, slowed intelligence operations and resulted in hacking attacks on businesses and civilians worldwide.

FBI can’t unlock Texas shooter’s phone

The FBI has confiscated the phone of the gunman who opened fire at a Texas church Nov 5 but is unable to access it for the ongoing investigation.  FBI Special Agent Christopher Combs, who is leading the investigation, told reporters that the bureau had flown the device to Quantico (VA) Nov 6 and that agents have been reviewing the phone but have not been able to get into it.  “It actually highlights an issue that you’ve all heard about before with advance of the phones and the technology and the encryption, law enforcement, whether it’s at the state, local or the federal level, is increasin

Reps Poe, Lofgren Seek to Slam Surveillance Back Door

Reps Ted Poe (R-TX) and Zoe Lofgren (D-CA) have proposed amending the USA Liberty Act to toughen protections against warrantless searches and seizures of emails and other online communications. In Oct, House Judiciary Committee Chair Bob Goodlatte (R-VA) and Ranking Member John Conyers (D-MI) introduced the USA Liberty Act, which would reform and reauthorize Sec. 702 of the Foreign Intelligence Surveillance Act, which authorizes the surveillance of communications from non-U.S. residents.

Donald Trump a victim of hackers years before election

Four years ago, well before the furor over allegations Moscow meddled in the 2016 election that put Donald Trump in the White House, at least 195 web addresses belonging to Trump, his family or his business empire were hijacked by hackers possibly operating out of Russia.  The Trump Organization denied the domain names were ever compromised. But a review of internet records by the AP and cybersecurity experts shows otherwise. And it was not until the week of Oct 30, after the Trump camp was asked about it by the AP, that the last of the tampered-with addresses were repaired.