Category Archives: NSA

On August 15th the NSA and FBI published a joint security alert containing details about a previously undisclosed Russian malware.

The agencies say that the Linux strain malware has been developed and deployed in real-world attacks by Russian military hackers. The FBI says, The Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (GTsSS) military unit 26165, whose activity is sometimes identified by the private sector as Fancy Bear, Strontium, or APT 28, is deploying malware called Drovorub, designed for Linux systems as part of its cyber espionage operations.

The name Drovorub comes from a variety of artifacts discovered in Drovorub files, Drovo translates to firewood or wood, while Rub translates to to fell, or to chop. Together, they translate to woodcutter or to split wood.

Drovorub is like a Swiss-army knife for hacking Linux. The Linux malware toolset consists of an implant coupled with a kernel module root kit, a file transfer and port forwarding tool, and logic for connecting back to a Command and Control (C2) server. The below figure shows the Drovorub components and their functions.

Drovorub malware is made up of four executable components: Drovorub-client, Drovorub-agent, Drovorub-kernel module and Drovorub-server. The components communicate via JSON over WebSockets. Below is a brief overview of each component.

Installed on actor-controlled infrastructure, enables C2 for the Drovorub-client and Drovorub-agent. mySQL is used by the Drovorub-server to manage the connecting Drovorub-client(s) and Drovorub-agent(s). The database stores data that is used by the Drovorub-agent and client for registration, authentication and tasking.

The Drovorub-client is installed on target endpoints by the actor. The client receives commands from the remote Drovorub-server and offers file transfer to/from the victim, port forwarding, and a remote shell capability. The Drovorub-client is packaged within (Read more...)

See the original post:
Drovorub Taking systems to the wood chipper What you need to know - Security Boulevard

National Security Agency (NSA), U.S. intelligence agency within the Department of Defense that is responsible for cryptographic and communications intelligence and security. Its headquarters are in Fort Meade, Maryland.

Britannica Quiz

World Organizations: Fact or Fiction?

France is a member of the Group of Eight.

The NSA grew out of the communications intelligence activities of U.S. military units during World War II. It was established in 1952 by a presidential directive from Harry S. Truman in which he specified its mission as

to provide an effective, unified organization and control of the communications intelligence activities of the United States conducted against foreign governments, to provide for integrated operational policies and procedures pertaining thereto.

The NSA was created in part out of the belief that the importance and distinct character of communications intelligence warranted an organization distinct from both the armed forces and the other intelligence agencies. While it operates within the Department of Defense, the NSA also belongs to the Intelligence Community (a coalition of 17 intelligence agencies) and as such acts under the supervision of the director of national intelligence. The director of the NSA is a military officer of flag rank (i.e., a general or an admiral) with a minimum of three stars. Not being a creation of Congress, the NSA often acts outside of congressional review; it is the most secret of all U.S. intelligence agencies.

The agencys mission includes the protection and formulation of codes, ciphers, and other cryptology for the U.S. military and other government agencies as well as the interception, analysis, and solution of coded transmissions by electronic or other means. The agency conducts research into all forms of electronic transmissions. It also operates posts for the interception of signals around the world. In 1972 a joint organization, the Central Security Service (CSS), was created to coordinate the intelligence efforts of the NSA with the U.S. military. The director of the NSA also heads the CSS (under the title of Chief, CSS).

The 1978 Foreign Intelligence Surveillance Act (FISA) restricts the NSA mandate to the interception of foreign communications and forbids the agency from targeting a U.S. citizen unless the latter is considered an agent of a foreign power. In exceptional cases that are considered critical to national security, the agency can obtain a warrant to intercept domestic communications. In 2008, amendments to FISA relaxed those restrictions and allowed the agency to monitor domestic communications without a warrant as long as one party is reasonably believed to be outside the United States.

In 2013 NSA activities were put in the limelight after a former computer security contractor, Edward Snowden, leaked classified information about two surveillance programsone collecting information from U.S. Internet service providers (PRISM) and the second collecting so-called metadata on cellular phone calls (information including phone numbers and length of the calls but not their content). Those programs were designed to target non-Americans, but they also collected a massive amount of information from Americans with whom those individuals had communicated. Other NSA programs included the extensive, worldwide, and allegedly untargeted collection of text messages (Dishfire) and of the locations of cell phones.

While less known to the American public than the Central Intelligence Agency, the NSA is believed to be far larger in size in terms of workforce and budget. According to Michael Hayden, a former director (19992005) of the NSA, it is also the worlds largest collector of foreign signals intelligence.

See original here:
National Security Agency | History, Role, & Surveillance ...

Microsoft released a patch for Windows 10 and Server 2016 today after the National Security Agency found and disclosed a serious vulnerability. It's a rare but not unprecedented tip-off, one that underscores the flaw's severityand maybe hints at new priorities for the NSA.

The bug is in Windows' mechanism for confirming the legitimacy of software or establishing secure web connections. If the verification check itself isn't trustworthy, attackers can exploit that fact to remotely distribute malware or intercept sensitive data.

"[We are] recommending that network owners expedite implementation of the patch immediately as we will also be doing," Anne Neuberger, head of the NSA's Cybersecurity Directorate, said on a call with reporters on Tuesday. "When we identified a broad cryptographic vulnerability like this we quickly turned to work with the company to ensure that they could mitigate it."

"It will be a long day for a lot of Windows administrators around the world."

Kenn White, Open Crypto Audit Project

The flaw is specifically in Microsoft's CryptoAPI service, which helps developers cryptographically "sign" software and data or generate digital certificates used in authenticationall to prove trustworthiness and validity when Windows checks for it on users' devices. An attacker could potentially exploit the bug to undermine crucial protections, and ultimately take control of victim devices.

"Think of signing malware as if it's trusted by Microsoft or intercepting encrypted web traffic," says David Kennedy, CEO of the corporate security evaluation firm TrustedSec, who formerly worked at the NSA. "That would completely evade so many protections."

As researchers and cyber criminals alike study the vulnerability and rush to develop a hacking tool that takes advantage of it, the scale of the risk to users will become more clear. But a flaw in a crucial cryptographic component of Windows is certainly problematic, especially given that Windows 10 is the most-used operating system in the world, installed on more than 900 million PCs.

"This is a core, low-level piece of the Windows operating system and one that establishes trust between administrators, regular users, and other computers on both the local network and the internet," says Kenn White, security principal at MongoDB and director of the Open Crypto Audit Project. "If the technology that ensures that trust is vulnerable, there could be catastrophic consequences. But precisely what scenarios and preconditions are requiredwe're still analyzing. It will be a long day for a lot of Windows administrators around the world."

The NSA's decision to share the vulnerability brings to mind the NSA hacking tool known as Eternal Blue, which exploited a Windows bug patched in early 2017. That flaw was present in all versions of Windows available at the time, and the NSA had known about the bugand exploited it for digital espionagefor more than five years. Eventually, the NSA lost control of Eternal Blue; a few weeks after Microsoft issued a fix, a mysterious hacking group known as the Shadow Brokers leaked the tool online. Criminals and nation state hackers alike had a field day with the tool, as Windows machines around the world slowly got around to patching.

The Windows 10 validation bug may be the NSA's attempt to avoid a similar debacle. And unlike Eternal Blue, Neuberger made a point to say that the agency had not used the exploit itself.

In fact, Neuberger said that disclosing the code verification bug to Microsoft and the public is part of a new NSA initiative in which the agency will share its vulnerability findings more quickly and more often. The effort will work alongside the existing Vulnerability Equities Process run by the National Security Council, which weighs the national security importance of keeping hacking tools secret versus disclosing vulnerabilities.

That's why the NSA didn't just disclose the vulnerability, but made its role public. "Its hard for entities to trust that we indeed take this seriously," she said, "and [that] ensuring that vulnerabilities can be mitigated is an absolute priority."

View post:
Windows 10 Has a Security Flaw So Severe the NSA Disclosed ...

Ted McConnell is Senior Policy Advisor forCivXNow Coalition, and Elizabeth Rindskopf Parker, is former General Counsel at CIA and NSA and is a member of the executive board of the Center for Ethics and the Rule of Law. @CivXNow

OPINION These are confounding and painful times. In recent months, the COVID-19 pandemic has laid bare a tragic divide in health outcomes among communities based on race, ethnicity, and wealth. And now, this problem which exists in every aspect of society and its opportunitiesincluding in education, housing, and employmenthas been further exacerbated by yet another example of the cultural disconnect between local police and the minority residents they are sworn to protect. The resulting outrage at the latest gratuitous killing of a Black man was predictable.

Long simmering grievances within the Black community about the governments historic mistreatment that has been enabled by a dominant white societys lack of concern have been worsened by the frustrating inability to effectuate real change. It has been gratifying to see how largely peaceful protests have brought these inequities so clearly and responsibly to the fore. At the same time, it is also troubling that some parties appear to view this tragedy irresponsibly as a way to stoke even greater anger and dissension and increasing polarization. Unfortunately, as recent experience teaches, they will not be alone. We must expect that some, among them hostile foreign actors, will take full advantage of the current crisis to amplify anger as a way to deepen the nations ethnic, racial, and income divides. As always, their goal will be to erode confidence in our democratic system and foster a sense of hopelessness about the possibility of reform and accountability.

Such foreign threats, well documented inrecent reports, are the topic of a subsequent blog post. What will be clear is that these efforts are designed to weaken the United States from within, encouraging internal dissension and undermining support for government institutions and civil society, particularlyamong those long marginalized. Such efforts end-run the historic U.S. national security posture of projecting force away from the domestic arena to keep the homeland safe. By operatingwithinthe United States to amplify domestic grievances, such attacks undermine national cohesionwithout the need for an external challenge. As such, they are as much a national security threat as would be an externally launched attack by a hostile armed force. These threats find fertile ground in the current outrage over police misconduct and the disparate impact of COVID-19 on our disadvantaged minority citizens.

While profoundly disturbing, the widespread protests and the outrage they reflect should not surprise us. They result from inattention to legitimate grievances of those who have long suffered from inequitable treatment based on race, ethnicity, and income. This situation is reflected in the sharp decline in public confidence in government and civil society which has been apparent for some time. In 2019, this lack of trust in the government was well documented by the Pew Research Center. The centersJuly 2019 reportdetails the loss of trust of Americans in the government, the news media, and one another. Perhaps most disturbing was the finding that almost half of young adults between the ages of 18 and 29 fell into the low trust category, as compared to one-fifth of those over 65. Furthermore, [o]nly 17%of Americans today say they can trust the government in Washington to do what is right just about always (3%) or most of the time (14%). And last month,The New YorkTimesinterviewed a cross section of people and reached the same conclusion. In fact, thisreportingsuggested that the level of trust in the government to do the right thing may have actually declined below the troubling 17% reported by Pew.

The picture is bleak but not without hope. The Pew Research Center reported that more than 90% of those surveyed, regardless of political affiliation, believed it important to improve the level of confidence Americans have in government and each other. And an encouraging 80% believed such improvement was possible. Perhaps the deeply upsetting current crisis can nonetheless serve as a catalyst for change. If so, we dare not ignore this opportunity.

And so now, even in the midst of a singularly painful period of protests, a brief pause is in order. If we are to formulate an approach to addressing the current situation effectively, the first step must be to understand how we arrived at this point. Only then can we fashion a strategy to begin addressing what can be done in useful response to the outpouring of rage at the current state of affairs across a broad range of issuesissues that disproportionately impact the nations disadvantaged minority populations. Stated otherwise, the COVID-19 pandemic and protests about police misconduct have made clear the problems our democracy faces. The question that remains is how best to achieve lasting change. It is a question thateveryAmerican, white and non-white alike, must acknowledge and embrace. In the end, our democracy only works for any one of us if it works for all.

The answer begins with a truism. A democratic republic depends on a citizenry and an electorate that is informed about the issues and challenges of the day and is equipped to take advantage of the mechanisms of its government to achieve change. This is, of course, the fundamental premise on which our system of public education is based. Our schools are expected to teachallcitizens about their history and their government and, most importantly, to enable their effective participation. Indeed, one explanation for the outrage exhibited in recent demonstrations may be that those most directly impacted by unacceptable policies in policing, health care, education, and economic opportunity are frustrated by their inability to achieve lasting change. This may be because they have not received the civic education they need to empower them in managing the levers of public policy and government fundamental to achieving real change.

In fact, this analytical construct finds considerable support when todays state of civic education is considered. In subsequent blog posts, we will describe countless surveys that chart a decline in civic education and document the lack of understanding of all citizens about their government. The conclusion is unassailable: in recent decades there has been a precipitous decline in attention to civic literacy at all levels of the educational continuum, from secondary schools to college and graduate teacher education. Most recently, the Department of Education released the National Assessment of Educational Progress (NAEP) which documents the outcome of the 2018 Civics and U.S. History exams given to 8thgraders across the country. Considered the nations Report Card, theNAEP resultsshow that between 2014 and 2018, only 24% of respondents scored at or above the level of proficiencya dismal showing relatively unchanged for many years. Upon release of the results, Secretary of Education Betsy DeVos candidlynotedthat We cannot continue to excuse this problem away. Instead, we need to fundamentally rethink education in America. It is the only way our nations students will be in a position to lead our nation and the world.

Even more significantly, this failure of civic education resulting from declining time and attention over several generations has likely contributed to aloss of appreciation for democracyas a system of government based on the rule of law. It seems equally obvious that the fall-off in civic literacy is part of the explanation for the current political dysfunction and loss of faith in our politics and government institutions. It may also contribute to the intense frustration of those now protesting a wide range of societal inequities from police misconduct to health, education, and economic disparities laid bare by COVID-19.

Yet despite the grave state of civic education today, efforts at reform are underway and have begun to show promise. The CivXNow Coalition has created a national movement to improve and strengthen state and national policies and practices in delivering civic education. These efforts have produced recent successes in several states which, among other things, have developed and implemented new learning standards, measures of assessment and accountability, and course and time requirements for civic education. These measures are designed to engage and empower students rather than to rely upon rote learning.

In the end, however, an even broader commitment to civic education reform and understanding, both in formal education and throughout society, is needed. Once again, there is hopeful news. In March 2020, reports by two commissions formed to address completely different challenges facing the nation found that improving civic literacy was a fundamental starting point. After two and a half years of review, the final report, Inspired to Serve of the congressionally chartered National Commission on Military, National, and Public Service (NCMNPS), concluded that to increase participation in a wide range of service activities it would be essential to strengthen and expand civic educationthe necessary foundation for developing a culture of service. Similarly, The Cyberspace Solarium Commission found that enhancing civic education and media literacy would be critical to protecting the nation against democracy-undermining cyber threats.

These developments should inform any response to the current tragic circumstances that have so galvanized protesters in countless cities around the nation. The slide into civic illiteracy disproportionately impacts those communities most in need of advocating for themselves, once again highlighting the divide based on race, ethnicity, and income. The lack of civic education available in these communities translates into reduced levels of political engagement. While overall voting participation by youth is poor, not surprisingly black and Latinx youth vote at even lower rates than their white counterparts. This adds to the dysfunction in our political and governmental systems todaythe heart of protestors concerns. To protect our constitutional democracy from internal and external threats, improved civic understanding and engagement across all parts of our society, in our educational institutions and beyond, are more than critical needs. In todays threat environment, they have become a national security imperative.

We hope this introduction will encourage learning more about the relationship among civic education, domestic tranquility, and national security at what may arguably be an existential moment in the history of our democracy.

This piece was first published by our friends at the Center for Ethics and the Rule of Law at The University of Pennsylvania

Read more expert-driven national security insight, perspective and analysis in The Cipher Brief

View post:
A National Crisis: The Imperative for Improving Civic Education - The Cipher Brief

By Chris Kocher

July 20, 2020

Protecting the U.S. information infrastructure and the privacy of data have become top concerns, especially over the past decade and Binghamton University is now ready to take a greater role in combating these threats.

In June, the National Security Agency and the Department of Homeland Security named Binghamton a National Center of Academic Excellence in Cyber Research (CAE-R) through 2025.

The designation recognizes the work being done by the Center for Information Assurance and Cybersecurity (CIAC), a Binghamton University research center, as well as other research efforts around the campus. CIAC is a joint effort among faculty members from the Thomas J. Watson Watson School of Engineering and Applied Science, the Harpur College of Arts and Sciences, the School of Management, the College of Community and Public Affairs, and the Decker College of Nursing and Health Sciences.

Your ability to meet the increasing demands of the program criteria will serve the nation well in contributing to the protection of the national information infrastructure, Jillian Curcio, national CAE-R program manager for the NSA, said in a letter.

Associate Professor Ping Yang

Watson School Dean Krishnaswami Hari Srihari praised the efforts of Associate Professor Ping Yang, who is the director of CIAC, and other faculty members collaborating as part of the new CAE-R at Binghamton.

Our faculty continues to gain international recognition for their diligent research and academic excellence, Srihari said. We are very proud to be a Center of Academic Excellence in Cyber Research, and we know that Professor Yang and her colleagues are committed to keeping data secure.

To become a CAE-R, Binghamton University had to complete a rigorous 200-page application detailing published cybersecurity research, core faculty rsums, research grants, the advanced certificate in cybersecurity program and more. Multiple letters were also submitted, with help from Associate Vice President for Research Mary Beth Curtin, Research Development Assistant Michael Jacobson and Computer Science Department Chair Weiyi Meng.

This designation shows that Binghamton University has a strong academic program in cybersecurity research, Yang said. It also opens up cybersecurity grants and scholarship opportunities for our students and faculty. Were now eligible to apply for some large grants from the Department of Defense and the National Science Foundation. I also hope that this designation will attract more students to apply for our cybersecurity certificate program.

Yang arrived at Binghamton in 2006, after earning her PhD at SUNY Stony Brook. She developed the Department of Computer Sciences first graduate course on cybersecurity.

Since then, a lot more people are using computers and the internet, she said. Children also use the internet, especially during this COVID-19 pandemic. So it becomes more urgent to educate students and community members on possible cyber threats and how to address such threats.

The mandates from the NSA and DHS regarding the CAE-R program are clear, she added, and she looks forward to Binghamton University meeting or exceeding them.

The main goals, she said, are to reduce the vulnerability in the information infrastructure of the United States by promoting higher education and research in cyber-defense and producing professionals with cyber-defense expertise.

Follow this link:
Homeland Security, NSA name Binghamton a cyber research center - Binghamton University

One of America's top spy chiefs vowed that the U.S. will hit back at foreign nations attempting to interfere in the 2020 presidential election, a warning delivered days after fresh charges of Russian hacking against the West.

"We're going to act when we see adversaries attempting to interfere in our elections," General Paul Nakasone, director of the National Security Agency and head of U.S. Cyber Command, said Monday during an event hosted by the Association of the U.S. Army.

Nakasone's comments come after reports of Russian hacking once again surfaced last week, with the U.K., U.S. and Canada accusing Russia of attempting to steal international research to develop a coronavirus vaccine. Britain also accused Russia of attempting to interfere in the country's general election last year, by disseminating documents relating to trade talks with the U.S. Russia rejected the charges.

In a sign of the rising concern about election-year threats, top congressional Democrats said Monday that they want FBI Director Christopher Wray to provide all House and Senate members a classified and "defensive counter-intelligence briefing" before August regarding foreign efforts to interfere in the 2020 U.S. presidential election.

In a letter to Wray, lawmakers including House Speaker Nancy Pelosi, D-Calif., Senate Minority Leader Chuck Schumer, D-N.Y., and the top Democrats on the House and Senate intelligence committees said that "we are gravely concerned, in particular, that Congress appears to be the target of a concerted foreign interference campaign, which seeks to launder and amplify disinformation in order to influence congressional activity, public debate, and the presidential election in November."

Aides to the lawmakers declined Monday to provide specifics on the threats mentioned in the letter.

Democratic presidential nominee Joe Biden on Monday condemned President Donald Trump's "failure to act" and said in a statement that he was putting "the Kremlin and other foreign governments on notice."

"This is a violation of our sovereignty," Biden said on MSNBC. "And if in fact it occurs there will be response in kind."

NSA efforts to secure the November election include broadening its interagency partnerships and studying the techniques of U.S. adversaries, Nakasone said in his speech.

"We're going to know our adversaries better than they know themselves," he said.

The 2018 U.S. midterm elections demonstrated the country's enhanced "agility" across government agencies, Nakasone said, adding that the NSA's capabilities were now "battle-tested."

The cyber chief also addressed the ongoing debate over 5G technology as countries across the world assess the role of Chinese telecommunications giant Huawei.

"Part of the 5G conversation has been, do nations want to entrust the security of what will likely be the most important platform for their communications to nations that do not share their values?" he asked. "We're in an era of great-power competition. We see it every day in cyberspace."

Link:
NSA head vows to strike back at nations meddling with U.S. vote - San Antonio Express-News

Reality Winner, an NSA whistleblower imprisoned for leaking secrets about Russian interference in Americas 2016 elections, has tested positive for Covid-19 and says guards are mocking infected prisoners at FMC Carswell, the Fort Worth all-womens prison where more than 500 inmates are now confirmed positive.

The officer went out of her way to come to my room and say, I just wanted to congratulate you on your positive results. Winner wrote in an email sent early Monday to her sister Brittany.

Winner, who is serving a 63-month sentence, has repeatedly denounced inadequate cleaning and isolation practices in FMC Carswell, the US federal governments only specialized medical prison for female prisoners with underlying health conditions.

They allowed someone positive from our unit to go to a hospital unit where dialysis and chemo patients live, starting the infection spread down there, Winner wrote on Monday.

[Winner] has had bronchial problems and some issues with bulimia and we know that she is considered to be medically vulnerable, said Alison Grinter, a civil rights attorney based in Dallas, Texas.

Despite weeks of pleas for cleaning supplies and commissary privileges, attorneys, health providers and even the guards union are all denouncing the rudimentary protocols inside FMC Carswell.

Cloth face masks were given to the prisoners weeks ago but crowded four to a cell, the virus spread rapidly through a population of prisoners considered to be high risk with medical conditions including cancer and chronic illnesses including diabetes.

They are all sitting together in a concrete room facing the real possibility of dying hundreds of miles away from their family. That is a shared experience that is terrifying, said Grinter, one of the defense lawyers working the case.

Winner was the first person the Trump administration charged under the Espionage Act for leaking documents.

Prosecutors said Winner, who was working for a defense contractor, printed a classified document that revealed Russian military intelligence hacking of at least one voting software supplier and had attempted to breach more than 100 local election systems before the 2016 election.

Confirmed cases at FMC Carswell have soared and two prisoners have died including Andrea Circle Bear who was infected while pregnant, had her child by emergency caesarean, then died four weeks after her baby was born.

Reality is concerned that she is going to die in there. Her concern before was that she would test positive, which she just did and now she is concerned that she is going to get sick and they are not going to be able to do anything to help her, said her sister Brittany Winner in an interview from Virginia.

She qualifies for compassionate release. We applied. She is appealing. Its like a race against time to get her out of there before she gets sick. And before it is too late.

See the original post:
NSA whistleblower Reality Winner tests positive for Covid-19 in prison - The Guardian

BALTIMORE, Md. iNovex Information Systems, Incorporated (iNovex), located in Annapolis, Maryland, has agreed to pay the United States $962,747.42 to resolve federal False Claims Act allegations that iNovex knowingly billed the National Security Agency (NSA), a component of the Department of Defense, for work performed by certain iNovex employees who did not meet all of the specialized qualifications required under their contract with NSA.

The civil settlement was announced by United States Attorney for the District of Maryland Robert K. Hur; Assistant Inspector for Investigations G. Shawn Tate of the NSA Office of Inspector General; and Special Agent in Charge Robert E. Craig, Jr. of the Defense Criminal Investigative Service - Mid-Atlantic Field Office.

Defense contractors are required to bill for costs actually incurred, and to be truthful in the claims they submit to federal agencies, said U.S. Attorney Robert K. Hur. The U.S. Attorneys Office and our partners are committed to protecting taxpayer dollars and ensuring integrity and compliance with federal agency standards. This agreement settles the allegations that iNovex billed the federal government for work performed by employees who did not meet the qualifications required under their contract.

iNovex provides advanced information technology (IT) consulting, engineering, development, and integration services to both the public and private sectors. In March 2012, iNovex was awarded an NSA contract (the contract). Given the complexity of the work that was to be performed under the contract, the NSA specifically included as a term of the contract the requirement that iNovex provide personnel possessing the training, qualifications, and clearances to accomplish all tasks identified in the contract. To assure that iNovex understood the skills its employees were required to have to perform the services under the contract, NSA included an appendix to the contract that expressly referenced and attached a set of labor categories prescribing the experience, educational qualifications, and specialized certifications needed for the classes of personnel billed under the corresponding labor category, including the hourly rate that would be paid by the NSA.

According to the civil settlement agreement, the settlement resolves the allegation that between November 9, 2012 and April 14, 2016, iNovex knowingly billed the NSA, and the NSA paid, for work performed by iNovex employees who were identified by iNovex, on the invoices it presented to the NSA, as System Administrator-IV (SA-IV) and System Administrator-III (SA-III) positions, despite the fact that those employees did not timely obtain a specific certification required for payment of the rates corresponding to those two labor categories.

The claim resolved by this settlement is an allegation. The settlement is not an admission of liability by iNovex, nor a concession by the United States that its claim is not well founded.

United States Attorney Robert K. Hur commended the NSAs Office of the Inspector General and the Defense Contract Audit Agency for their work in the investigation. Mr. Hur thanked Assistant U.S. Attorney Tarra DeShields who handled this case.

More here:
Defense Contractor to Pay Nearly $1 Million to the United States to Resolve Allegation of Overbilling on NSA Contract - Bay Net

DISA Director Vice Adm. Nancy Norton (center) cuts a ribbon last to celebrate a new DISA Global Operations Center West at Hill AFB in Utah.

WASHINGTON: Agencies from across the Defense Department are coming together to turn zero trust from buzzword to reality. Led by the Defense Information Systems Agency (DISA) and the National Security Agency (NSA), the workshops goal is to create a set of best practices to guide upgrades across DoD, said Vice Adm. Nancy Norton. Norton commands both DISA, the Pentagons tech support agency, and JHFQ-DoDIN, the DODs operational HQ for day-to-day cybersecurity.

The initial Zero Trust Reference Architecture will be out towards the end of this year, Norton told AFCEAs annual Army Signal conference this morning. While lots of companies are eager to sell products labeled zero trust, the architecture is intended to show Defense Department organizations how they can upgrade the technology they already have.

That means converting systems that now rely on a single line of defense to a layered defense based on zero trust. Most current information technology including countless aging systems in the Defense Department relies on perimeter security, where logging in means you can access all the data on a given device or even a whole network. But cybersecurity experts assume these days that the enemy will get through that perimeter or be already inside it with legitimate credentials, as Ed Snowden was at NSA. So zero trust constantly checks and re-checks each user and software process each time they try to access data, operating under the principle of deny by default. You dont get access unless you specifically prove you should have it.

The standard analogy is a castle with a moat. Perimeter security checks visitors at the drawbridge and then gives them free run of the castle, while zero trust posts guards at every chamber.

Thats a huge change, requiring a complex kit of analytic software, identification and verification systems, and bureaucratic policies. But the Pentagon cant afford to rip out its entire IT system and buy a replacement.

We very much understand that this is not going to be a wholesale, green-field approach to new network architecture, Norton said. Were not starting over again [buying] wholesale new equipment. We are taking whats out there today with our legacy equipment and incorporating new principles and new analytics and specific kinds of policies adding devices and automation into the architecture that we already have.

Since the plan is to add zero trust to existing systems, DISA and NSA need to understand how those systems work. Hence the workshops theyre conducting with other agencies, from roughly quarterly meetings of top officials down to more frequent conclaves at the working level.

The workshops are going really well and were getting lots of participation, Norton said. There is definitely a lot of interest in there.

The Armys plan to integrate its enterprise (homebase) and tactical (battlefield) networks.

Ambivalence in the ArmyThe Armys chief information officer, Lt. Gen. Bruce Crawford, has been particularly enthusiastic and ahead of the curve, Adm. Norton told an Army-heavy audience at AFCEA.

The Army very definitely has from the beginning said, we want to be part of zero trust, Norton said. Gen. Crawford was pushing, actually, DISA [to] move to a zero trust environment.

The Armys Network Enterprise Technology Command (NETCOM) is already working on a zero trust pilot project with Nortons JFHQ-DODIN, NETCOMs chief engineer told the AFCEA conference. A few months ago [US Cyber Command] asked each of the services to conduct a zero-trust pilot, Patrick Dedham said. We stood up a team thats actually trying to implement a zero-trust environment using a [Microsoft] 365 environment.

As with the DISA-led, DoD-wide effort, the NETCOM pilot is focused on the nitty-grity of implementing zero trust in existing technology, not some grand plan to rip everything out and replace it with shiny new stuff. As we go through that pilot and discover what does it really mean to implement zero trust principles on our network today, then thatll allow us to come up with a much better architecture, Dedham said. Zero trust is going to be a journeyRight now were very perimeter-security-based.

As hard as it is to implement zero trust in the Defense Departments enterprise networks which are largely based in the US with easy access to fiber optic landlines it might take even longer to implement in the tactical units that units deploy with, which largely depend on radio and which must work alongside foreign allies.

Maj. Gen. Peter Gallagher

We have to connect with coalition teammates, okay? We absolutely have to, said Maj. Gen. Peter Gallagher, who leads the network modernization team at Army Futures Command. We use terms like zero trust and identity management and all that stuff, [but in a combat zone] you cant necessarily confirm the security clearance of everyone youre sharing information with.

Theres always a fine line between security and operational effectiveness the ability to command and control and fight as a coalition, Gallagher said. Indeed, one of the biggest decisions the Army has made about its future tactical network is to keep as much data as possible unclassified because it streamlines information-sharing not just with allies but even with other US units.

Properly implemented, zero trust could make it easier to share data across a coalition, said Paul Puckett, who heads the Army CIOs nine-month-old Enterprise Cloud Management Office. Perimeter security often required you have to have one network for all the US users and another, separate and unequal, for non-US users. But with zero trust, you can have a single network that manages individual users and their access in a much more nuanced way. Every user, device, and piece of data gets labeled with metadata attributes that clearly describe its identity and what its allowed to connect with, he said, whether theyre a US person or not, whether they have clearances or not.

Gallagher is watching this work on zero trust with interest but considerable caution. Were going to have to follow where NETCOM goes, Gallagher told the conference, because weve got to get the enterprise set first, and do it right, before were going to be able to really capitalize on it in the tactical space.

Read more:
Zero Trust Cybersecurity Plan This Year From DISA & NSA - Breaking Defense

By: PTI | Washington | Updated: July 15, 2020 12:42:26 pm Trump administration is looking not just at TikTok but at WeChat and some other Chinese apps as well, because the Chinese are big consumers of Americas personal data. (Representational)

China will lose a big tool of espionage and surveillance if America and some western European countries ban Chinese apps like TikTok as done by India, US National Security Advisor Robert OBrien has said.

India last month banned 59 Chinese apps, including TikTok and UC Browser, saying they were prejudicial to the sovereignty, integrity and security of the country.

OBrien told Fox News Radio in an interview that the Trump administration was very seriously taking a look at TikTok, WeChat and some other apps coming out of China.

India has already banned those apps, as you know. And if they lose India and the United States, they lose some western European countries, that takes a big tool away from the espionage work or the surveillance work of the CCP (Chinese Communist Party), he said in response to a question on the dangers posed by apps like TikTok.

The kids who are using TikTok and it can be a lot of fun but there are a lot of other social media platforms they could use. TikTok is getting facial recognition on you, OBrien said. They are getting all of your personal, private data, your most intimate data. They are getting to know who your friends are, who your parents are. They can map all your relationships, he added.

All the information is going straight to the massive supercomputers in the cloud in China, OBrien said. So China is going to know everything about you. They are going to have biometrics on you. You ought to be very careful regarding who you give such personal information to, he said.

The Trump administration, he said, is looking not just at TikTok but at WeChat and some other Chinese apps as well, because the Chinese are big consumers of Americas personal data. They will either try and get you to give it to them for free through WeChat or TikTok if they cannot get it that way, they will steal it, OBrien said.

China, he said, has hacked into Marriott and stolen the personal data of hundreds of millions of people, including their passport numbers.

They have hacked into Experian and other credit rating agencies to get most intimate credit details. They have hacked into Anthem healthcare so that they can get medical details. So this is not just an advertiser trying to find out what you are interested in searching for on Google so they can sell you a different brand of car, this is a country that is looking to get every bit of personal, private information they can, so they know everything about you, OBrien said.

He said there were social credit scores in China for people based on how compliant they are with the Communist party dictates.

They are going to be able to put social credit scores together on all Americans and everyone in the world soon because of artificial intelligence and supercomputing, he said. We need to make sure that does not happen, the US National Security Advisor said.

Secretary of State Mike Pompeo last week said the US is certainly looking at banning Chinese social media apps, including TikTok.

The American leaderships remarks on the Chinese social media apps came amid growing tensions in bilateral ties with Beijing on a range of issues, including on the coronavirus outbreak and the controversial national security law imposed in Hong Kong.

The US has banned Huawei from their 5G networks over concerns of security and Washington has been pressuring other countries to restrict the operations of the Chinese telecom firm.

The Indian Express is now on Telegram. Click here to join our channel (@indianexpress) and stay updated with the latest headlines

For all the latest World News, download Indian Express App.

IE Online Media Services Pvt Ltd

Continue reading here:
Banning TikTok takes a big espionage tool away from China: US NSA - The Indian Express