2/19/18, "States Seek To Prevent Election Hacking," wnyc.org, All Things Considered, produced by NPR and WNYC
"NPR's Ari Shapiro speaks with Vermont Secretary of State and President-elect of the National Association of Secretaries of State Jim Condos, about state's efforts to protect elections from hacking. Feb 19, 2018"
NPR host: "America's intelligence agencies are urging officials from Washington to state capitols to get ready. They expect Russia to try to hack this year's midterms, just as it [allegedly] tried to infiltrate the 2016 elections."...
NPR host: "But when it comes to actual attempts to "hack into" voting machines, tell me about the steps Vermont is taking to prevent that from happening."
Jim Condos, Vt. Sec. of State: "First I want to be very, very clear. The vast majority of the states use similar but different machines. And none of those machines are connected to the internet."
Mr. Condos notes that 100% security is not possible on any computer.
==========
Comment: Everyone agrees no computer is 100% safe. Simple solution: Election data such as voter roles, registration, etc., should be handled as they were before computers existed. This will save taxpayers billions. The parasitic "cyber security industry" (eg, CrowdStrike) will have to get along without US taxpayer handouts.
...........
Added: US "hacking" tools, not those of ISIS or Russia, are most likely to be used against US targets in 2018. Since being placed on the internet in August 2016, stolen NSA hacking tools have already been used against US entities. Officials say an NSA insider most likely removed the data. The NSA and US government, not Russia, are proved to be the greatest danger to Americans. "NSA can't keep its most valuable data from being stolen, or as it appears in this case, being used against us."... 8/21/2016, Reuters...."United States intelligence agencies have rushed to create digital weapons that they cannot keep safe from adversaries or disable once they fall into the wrong hands." 6/28/17, NY Times
In August 2016, a group called Shadow Brokers announced it was auctioning off highly classified National Security Agency hacking tools. Since then, NSA's finest cyber weapons have been used to attack US entities:
6/28/2017, "Hacks [using NSA weapons] Raise Fear Over N.S.A.’s Hold on Cyberweapons," NY Times,
"A series of
escalating attacks using N.S.A. cyberweapons have hit hospitals, a
nuclear site and American businesses. Now there is growing concern that
United States intelligence agencies have rushed to create digital
weapons that they cannot keep safe from adversaries or disable once they
fall into the wrong hands....
Though
the identities of the Shadow Brokers remain a mystery, former
intelligence officials say there is no question from where the weapons
came: a unit deep within the agency that was until recently called
“Tailored Access Operations.”...
For
the American spy agency, which has invested billions of [taxpayer] dollars
developing an arsenal of weapons that have been used against the Iranian
nuclear program, North Korea’s missile launches and Islamic State
militants, what is unfolding across the world amounts to a digital
nightmare. It was as if the Air Force lost some of its most
sophisticated missiles and discovered an adversary was launching them
against American allies — yet refused to respond, or even to acknowledge
that the missiles were built for American use.
Officials fret that the potential damage from the Shadow Brokers leaks
could go much further, and the agency’s own weaponry could be used to
destroy critical infrastructure in allied nations or in the United
States....
In
the past two months [2017], attackers have retrofitted the agency’s more
recent weapons to steal credentials from American companies.
Cybercriminals have used them to pilfer digital currency....
The [Tuesday, June 2017] attacks inflicted
enormous collateral damage, taking down some 2,000 global targets in
more than 65 countries, including Merck, the American drug giant,
Maersk, the Danish shipping company, and Rosneft, the Russian state
owned energy giant. The attack so crippled operations at a subsidiary of
Federal Express that trading had to be briefly halted for FedEx stock....
Armed with the N.S.A.’s own tools, the limits are gone.
“We
now have actors, like North Korea and segments of the Islamic State,
who have access to N.S.A. tools who don’t care about economic and other
ties between nation states,” said Jon Wellinghoff, the former chairman
of the Federal Energy Regulatory Commission."...
....................
Added: "Even the arrest of whoever is responsible for the leaks may not end them."11/12/2017, "Security Breach and Spilled Secrets Have Shaken the N.S.A. to Its Core," NY Times, Scott Shane, Nicole Perlroth, David E. Sanger
"A serial leak of the agency’s cyberweapons has damaged morale, slowed intelligence operations and resulted in hacking attacks on businesses and civilians worldwide....
Current and former agency officials say the Shadow Brokers disclosures, which began in August 2016, have been catastrophic for the N.S.A., calling into question its ability to protect potent cyberweapons and its very value to national security. The agency regarded as the world’s leader in breaking into adversaries’ computer networks failed to protect its own....
The Snowden trauma led to the investment of millions of dollars in new technology and tougher rules to counter what the government calls the insider threat. But N.S.A. employees say that with thousands of employees pouring in and out of the gates, and the ability to store a library’s worth of data in a device that can fit on a key ring, it is impossible to prevent people from walking out with secrets....
Mr. Williams said it may be years before the “full fallout” of the Shadow Brokers breach is understood. Even the arrest of whoever is responsible for the leaks may not end them, he said — because the sophisticated perpetrators may have built a “dead man’s switch” to release all remaining files automatically upon their arrest.
“We’re obviously dealing with people who have operational security knowledge,” he said. “They have the whole law enforcement system and intelligence system after them. And they haven't been caught.""...
"If that’s the case, it's one more reason to question the usefulness of an agency that secretly collects private information on millions of Americans but can't keep its most valuable data from being stolen, or as it appears in this case, being used against us."... (8/21/2016, Reuters)
(NY Times): "Long known mainly as an eavesdropping agency, the
as an especially productive way to spy on foreign targets. The intelligence collection is often automated, with malware implants — computer code designed to find material of interest — left sitting on the targeted system for months or even years, sending files back to the N.S.A.
The same implant can be used for many purposes: to steal documents, tap into email, subtly change data or become the launching pad for an attack. T.A.O.’s most public success was an operation against Iran called Olympic Games, in which implants in the network of the Natanz nuclear plant caused centrifuges enriching uranium to self-destruct. The T.A.O. was also critical to attacks on the Islamic State and North Korea.
It was this arsenal that the Shadow Brokers got hold of, and then began to release."...
..................
Additional Reuters source on NSA theft:
8/21/2016, "Commentary: Evidence points to another Snowden at the NSA," Reuters, James Bamford, commentary
.........................
Added: First public awareness of massive NSA code breach was August 2016 with Shadow Brokers announcement (though the theft may have occurred months before). Theft includes NSA code that enables malware to stay on systems for years undetected.
8/16/2016, "Shadow Brokers’ Leak Raises Alarming Question: Was the N.S.A. Hacked?" NY Times, David E. Sanger
Print ed. August 17, 2016, Page A1 of New York ed. with the headline: Top-Secret Code Released by Hackers Points to Breach at N.S.A.
"The release on websites this week of what appears to be top-secret computer code that the National Security Agency has used to break into the networks of foreign governments and other espionage targets has caused deep concern inside American intelligence agencies, raising the question of whether America’s own elite operatives have been hacked and their methods revealed.
Most outside experts who examined the posts, by a group calling itself the Shadow Brokers, said they contained what appeared to be genuine samples of the code--though somewhat outdated--used in the production of the N.S.A.’s custom-built malware.
Most of the code was designed to break through network firewalls and get inside the computer systems of competitors like Russia, China and Iran. That, in turn, allows the N.S.A. to place “implants” in the system, which can lurk unseen for years and be used to monitor network traffic or enable a debilitating computer attack.
According to these experts, the coding resembled a series of “products” developed inside the N.S.A.’s highly classified Tailored Access Operations unit, some of which were described in general terms in documents stolen three years ago by Edward J. Snowden, the former N.S.A. contractor now living in Russia.
But the code does not appear to have come from Mr. Snowden’s archive, which was mostly composed of PowerPoint files and other documents that described N.S.A. programs. The documents released by Mr. Snowden and his associates contained no actual source code used to break into the networks of foreign powers.
Whoever obtained the source code apparently broke into either the top-secret, highly compartmentalized computer servers of the N.S.A. or other servers around the world that the agency would have used to store the files. The code that was published on Monday dates to mid-2013, when, after Mr. Snowden’s disclosures, the agency shuttered many of its existing servers and moved code to new ones as a security measure....
Around the same time, WikiLeaks declared that it had a full set of the files — it did not say how it had obtained them — and would release them all in the future. The “Shadow Brokers” had said they would auction them off to the highest bidder....
The N.S.A. would say nothing on Tuesday about whether the coding released was real or where it came from. Its public affairs office did not respond to inquiries....
There are other theories, including one that some unknown group was trying to impersonate hackers working for Russian or other intelligence agencies. Impersonation is relatively easy on the internet, and it could take considerable time to determine who is behind the release of the code.
The Shadow Brokers first emerged online on Saturday, creating accounts on sites like Twitter and Tumblr and announcing plans for an auction. The group said that “we give you some Equation Group files free” and that it would auction the best ones. The Equation Group is a code name that Kaspersky Labs, a Russian cybersecurity firm, has given to the N.S.A.
While still widely considered the most talented group of state-sponsored hackers in the world, the N.S.A. is still recovering from Mr. Snowden’s disclosures; it has spent hundreds of millions of dollars reconfiguring and locking down its systems.
Mr. Snowden revealed plans, code names and some operations, including against targets like China. The Shadow Brokers disclosures are much more detailed, the actual code and instructions for breaking into foreign systems as of three summers ago.
“From an operational standpoint, this is not a catastrophic leak,” Nicholas Weaver, a researcher at the International Computer Science Institute in Berkeley, Calif., wrote on the Lawfare blog on Tuesday.
But he added that “the big picture is a far scarier one.” In the weeks after Mr. Snowden fled Hawaii, landing in Hong Kong before ultimately going to Russia, it appears that someone obtained that source code. That, he suggested, would be an even bigger security breach for the N.S.A. than Mr. Snowden’s departure with his trove of files.
However, the fact that the code is dated from 2013 suggests that the hackers’ access was cut off around then, perhaps because the agency imposed new security measures."...
.....................
Added: NSA employee, Harold T. Martin III, removed classified NSA material, took it home for 16 years, and no one noticed. His home was finally raided on August 27, 2016. He's not believed to be connected to Shadow Brokers:
5/16/2017, "Malware Case Is Major Blow for the N.S.A.," NY Times, Scott Shane
"He
has long held a high-level clearance and for a time worked with the
N.S.A.’s premier hacking unit, called Tailored Access Operations, which
breaks into the computer networks of foreign countries and which
developed the hacking tools later obtained by the Shadow Brokers.
According to one person briefed on the investigation, Mr. Martin was
able to obtain some of the hacking tools by accessing a digital library
of such material at the N.S.A....
Mr. Martin, an enigmatic loner who according to acquaintances frequently expressed his excitement about his role in the growing realm of cyberwarfare, has insisted that he got in the habit of taking material home so he could improve his skills and be better at his job, according to these officials. He has explained how he took the classified material but denied having knowingly passed it to anyone else....
The material the F.B.I. found in his possession added up to “many terabytes” of information, according to court papers, which would make it by far the largest unauthorized leak of classified material from the classified sector. That volume dwarfs the hundreds of thousands of N.S.A. documents taken by Edward J. Snowden in 2013 and exceeds even the more voluminous Panama Papers, leaked records of offshore companies obtained by a German newspaper in 2015, which totaled 2.6 terabytes. One terabyte of data is equal to the contents of about one million books.
F.B.I. agents on the case, advised by N.S.A. technical experts, do not believe Mr. Martin is fully cooperating, the officials say. He has spoken mainly through his lawyers, James Wyda and Deborah Boardman of the federal public defender’s office in Baltimore....
In interviews, officials described how the Martin case has deeply shaken the secret world of intelligence, from the N.S.A.’s sprawling campus at Fort Meade, Md., to the [Obama] White House. They expressed astonishment that Mr. Martin managed to take home such a vast collection of classified material over at least 16 years, undetected by security officers at his workplaces, including the N.S.A., the Office of the Director of National Intelligence and Pentagon offices. And they are deeply concerned that some of the mountain of material may, by whatever route, have reached hackers or hostile intelligence services.
Investigators discovered the hacking tools, consisting of computer code and instructions on how to use it, in the thousands of pages and dozens of computers and data storage devices that the F.B.I. seized during an Aug. 27 [2016] raid on Mr. Martin’s modest house in suburban Glen Burnie, Md. More secret material was found in a shed in his yard and in his car, officials said.
The search came after the Shadow Brokers leak set off a panicked hunt at the N.S.A. Mr. Martin attracted the F.B.I.’s attention by posting something on the internet that was brought to the attention of the N.S.A. Whatever it was — officials are not saying exactly what — it finally set off an alarm.
The release of the N.S.A.’s hacking tools, even though they dated to 2013, is extraordinarily damaging, said Dave Aitel, a former agency employee who now runs Immunity Inc., an information security company.
“The damage from this release is huge, both to our ability to protect ourselves on the internet and our ability to provide intelligence to policy makers and the military,” Mr. Aitel said.
The N.S.A.’s hacking into other countries’ networks can be for defensive purposes: By identifying rivals’ own hacking methods, the agency can recognize and defend against them, he said. And other countries, with some of the N.S.A.’s tools now in hand, can study past hacks and identify the attacker as the N.S.A., learn how to block similar intrusions, or even decide to retaliate, Mr. Aitel said.
Mr. Martin, 51, a Navy veteran who was completing a Ph.D. in information systems at the University of Maryland, Baltimore County, has worked for several of the contracting companies that help staff the nation's security establishment. After stints at the Computer Sciences Corporation and Tenacity Solutions, where he was assigned to the Office of the Director of National Intelligence, he joined Booz Allen Hamilton in 2009. He worked on that firm’s N.S.A. contract until 2015, when he was moved to a different Pentagon contract in the area of offensive cyberwarfare."...image from NY Times
5/16/2017, "Malware Case Is Major Blow for the N.S.A.," NY Times, Scott Shane
Martin |
Mr. Martin, an enigmatic loner who according to acquaintances frequently expressed his excitement about his role in the growing realm of cyberwarfare, has insisted that he got in the habit of taking material home so he could improve his skills and be better at his job, according to these officials. He has explained how he took the classified material but denied having knowingly passed it to anyone else....
The material the F.B.I. found in his possession added up to “many terabytes” of information, according to court papers, which would make it by far the largest unauthorized leak of classified material from the classified sector. That volume dwarfs the hundreds of thousands of N.S.A. documents taken by Edward J. Snowden in 2013 and exceeds even the more voluminous Panama Papers, leaked records of offshore companies obtained by a German newspaper in 2015, which totaled 2.6 terabytes. One terabyte of data is equal to the contents of about one million books.
F.B.I. agents on the case, advised by N.S.A. technical experts, do not believe Mr. Martin is fully cooperating, the officials say. He has spoken mainly through his lawyers, James Wyda and Deborah Boardman of the federal public defender’s office in Baltimore....
In interviews, officials described how the Martin case has deeply shaken the secret world of intelligence, from the N.S.A.’s sprawling campus at Fort Meade, Md., to the [Obama] White House. They expressed astonishment that Mr. Martin managed to take home such a vast collection of classified material over at least 16 years, undetected by security officers at his workplaces, including the N.S.A., the Office of the Director of National Intelligence and Pentagon offices. And they are deeply concerned that some of the mountain of material may, by whatever route, have reached hackers or hostile intelligence services.
Investigators discovered the hacking tools, consisting of computer code and instructions on how to use it, in the thousands of pages and dozens of computers and data storage devices that the F.B.I. seized during an Aug. 27 [2016] raid on Mr. Martin’s modest house in suburban Glen Burnie, Md. More secret material was found in a shed in his yard and in his car, officials said.
The search came after the Shadow Brokers leak set off a panicked hunt at the N.S.A. Mr. Martin attracted the F.B.I.’s attention by posting something on the internet that was brought to the attention of the N.S.A. Whatever it was — officials are not saying exactly what — it finally set off an alarm.
The release of the N.S.A.’s hacking tools, even though they dated to 2013, is extraordinarily damaging, said Dave Aitel, a former agency employee who now runs Immunity Inc., an information security company.
“The damage from this release is huge, both to our ability to protect ourselves on the internet and our ability to provide intelligence to policy makers and the military,” Mr. Aitel said.
The N.S.A.’s hacking into other countries’ networks can be for defensive purposes: By identifying rivals’ own hacking methods, the agency can recognize and defend against them, he said. And other countries, with some of the N.S.A.’s tools now in hand, can study past hacks and identify the attacker as the N.S.A., learn how to block similar intrusions, or even decide to retaliate, Mr. Aitel said.
Mr. Martin, 51, a Navy veteran who was completing a Ph.D. in information systems at the University of Maryland, Baltimore County, has worked for several of the contracting companies that help staff the nation's security establishment. After stints at the Computer Sciences Corporation and Tenacity Solutions, where he was assigned to the Office of the Director of National Intelligence, he joined Booz Allen Hamilton in 2009. He worked on that firm’s N.S.A. contract until 2015, when he was moved to a different Pentagon contract in the area of offensive cyberwarfare."...image from NY Times
...........
No comments:
Post a Comment