Category Archives: NSA

Recent NSA exploits were partially responsible for multiple major ransomware outbreaks. In most cases, these NSA exploits could only be leveraged against older versions of the Windows operating system. It now appears that a security researcher has successfully made the ETERNALSYNERGY exploit applicable to newer versions of the popular OS. If researchers canmake this happen, criminals couldcertainly do so as well.

The NSA has built many different exploits to take advantage of weakened protocol found in the Windows operating system. In most cases, these exploits relate to the SMB protocol, which can be exposed to external connections. Ever since the Shadow Brokers unveiled these exploits to the public, we have seen multiple global ransomware campaigns leveraging them. WannaCry is just one of those examples.

ETERNALSYNERGY is one of the NSA exploits exposed by The Shadow Brokers several months ago. At the time of this reveal, thisexploit would only work on older versions of the Windows operating system. All versions up to and including Windows 8 were prone to this SMB exploit. Most security-aware computer users have switched to newer versions of the operating system, but there are plenty of vulnerable machines running older Windows versions right now.

Microsoft has always claimed that the technique used by ETERNALSYNERGY would not work with newer versions of Windows due to several security improvements found in the Windows kernel. Unfortunately, that does not appear to be the case any longer. Worawit Wang, a Thai security researcher, has successfully ported the exploit to newer versions ofWindows. Theported version targets the exact same vulnerabilityusing a different technique.

The new ETERNALSYNERGY exploit will not crash a Windows system. This exploit affects a long list of Windows versions, including Windows 8.1, Windows 2016, and many others. Users of Windows 10remain safe from harm for the time being, but that could change.

About75% of all Windows PCs in the world are now vulnerable to this new attack. These vulnerable computers are actually susceptible to three different exploits, including the original ETERNALSYNERGY and ETERNALROMANCE. Some form of solution needs to be found before more damage is done. Protecting ones computer should be onestop priority, and upgrading to Windows 10 seems to be the best course of action.

Wang also made his own exploit public, which couldhave some interesting consequences. There is also a step-by-step guide on how people can leverage this exploit against vulnerable computers. Any user not implementing the MS17-010 security update soon will remain vulnerable to these attacks. It will be interesting to see if more NSA exploits will be ported to Windows 10 in the future.

Read this article:
Security Researcher Publishes NSA Exploit Capable of Affecting Newer Windows Versions - The Merkle

Newswise COLUMBUS, GA --- In what may be a first for Georgia, Columbus State University is partnering with the Muscogee County School District on a National Security Agency (NSA) grant to develop and implement a course in cybersecurity education specifically designed for middle school students.

The $50,000 NSA grant allows Columbus State University's TSYS School of Computer Science and its developing TSYS Center for Cybersecurity to work with Rothschild Middle School Leadership Academy to develop and implement a course in cybersecurity education specifically designed for 7th and 8th grade middle school students.

We do not think that a cybersecurity curriculum of this magnitude has been attempted at the middle school level in Georgia, said Tom Hackett, chair of the university's Department of Counseling, Foundations, and Leadership and executive director P-12/University Partnerships. This STEM project is expected to raise interest in cybersecurity and will encourage students to continue learning about cybersecurity, a field very much in-demand by todays workforce.

The course will be structured on the National Security Agency (NSA) Cybersecurity First Principles but will be broken down into age-specific topics understandable by 7th- and 8th-grade students, Hackett said. The NSA Cybersecurity First principles include: domain separation, process isolation, resource encapsulation, least privilege, modularity, layering, abstraction, data hiding, simplicity and minimization.

He said the course will facilitate a learner-centered classroom with numerous hands-on exercises that provide opportunities for middle school students to apply their newly gained knowledge of cybersecurity education.

This program is just one example of what will be many developing partnerships between the Muscogee County School District (MCSD) and Columbus State University. Hackett, Columbus State University (CSU) President Chris Markwood and MCSD Superintendent David Lewis are working on more ways to develop programs and education goals to benefit P-12 students, university students and the local businesses that will be hiring these graduates.

We are proud of this unique partnership with CSU and excited for the opportunities it will afford our students as they begin exploration in this high-demand field, said David F. Lewis, superintendentof the Muscogee County School District.

About 140 7th and 8th grade students at Rothschild Middle School will have the appropriate prerequisite to take the year-long elective course on cybersecurity education during the 2017-2018 school year.

Whether you are 6 or 60 years old, cybersecurity is important to us all, said Wayne Summers,professor and Distinguished Chairperson of CSUs TSYS School of Computer Science. Byteaching the elements of cybersecurity in middle school, we will encourage safe computing practice as well as expand the pool of candidates for future cybersecurity professionals. Based on a comprehensive study supported by the National Initiative for Cybersecurity Education, there are nearly 13,000cybersecurity job openings in Georgia and nearly 350,000 openings nationally.

The TSYS School of Computer Science, its TSYS Center for Cybersecurity and Muscogee County School District will ensure the cybersecurity education course will provide age-appropriate and performance based cybersecurity education in a safe environment for middle school students and will meet Georgia curriculum standards.

Hackett said the course curriculum will be available for download on the projects website and the course can be replicated in other middle schools across the nation.

The Rothschild teacher developing this falls course to be called Business Principles & Computer Science is enrolled at CSU this summer in the Information Security course in the TSYS School of Computer Science, which is designated by NSA as a National Center of Academic Excellence in Information Assurance Education. Additionally, CSU is part of aconsortium of seven University System of Georgia (USG) institutions to develop the USGs capabilities in IT and cyber security as well as significantly increase the number of IT and cyber security industry qualified graduates coming from USG institutions.

See original here:
Columbus State University Partners With Local School System on NSA Grant for Middle School Cybersecurity Education - Newswise (press release)

Today, the American Center for Law and Justice (ACLJ) just filed its second lawsuit against the National Security Agency (NSA).

We made lawful demands for government records that will shed light on the Susan Rice unmasking scandal that rocked the intelligence community. The NSA failed to comply with the law. So, today, we took the NSA to federal court.

Heres what Fox News reported back in April:

Susan Rice, former national security adviser under then-President Barack Obama, requested to unmask the names of Trump transition officials caught up in surveillance. The unmasked names, of people associated with Donald Trump, were then sent to all those at the National Security Council, some at the Defense Department, then-Director of National Intelligence James Clapper and then-CIA Director John Brennan essentially, the officials at the top, including former Rice deputy Ben Rhodes.

The only way we even know about the Obama Administrations apparent politically motivated unmasking is because this raw intelligence information - classified national security secrets - was illegally leaked to the media.

The ACLJ went to work in our effort bring these secret and unlawful actions to the forefront. Our Government Accountability Project prepared a series of Freedom of Information Act (FOIA) requests designed to get to the bottom of this disturbing revelation.

Our FOIA Request sought:

records pertaining to any and all requests former National Security Advisor Susan Rice made to National Security Agency (NSA) officials or personnel regarding the unmasking of the names and/or any other personal identifying information of then candidate and/or President-elect Donald J. Trump, his family, staff, transition team members, and/or advisors who were incidentally caught up in U.S. electronic surveillance.

The NSA acknowledged our FOIA request and even granted expedited processing which means the NSA acknowledged the time-sensitive urgency behind our requests. But, even though expedited processing means the NSA is bound to process the request faster than other requests, we have heard nothing from them since.

So, today, we filed a critical lawsuit and we will force the NSA to answer to a federal court for its blatant disregard for the law. Among other things, we asked the Court for [a]n Order enjoining Defendant from continuing to withhold any and all non-exempt records responsive to Plaintiffs FOIA request.

This is not our first time weve taken the NSA to federal court. We filed a lawsuit earlier this year to force the NSA to produce government records that could expose the people and purposes behind the Obama Administrations eleventh hour rule change that dramatically expanded access to raw signal intelligence signed by the Obama Administration officials on their way out the door. It was these changes that have lead to an unprecedented avalanche of dangerous national security leaks.

Both of these lawsuits are part of our ongoing effort to aggressively combat the dangerous national security leaks that have been plaguing the federal government. The deep state shadow government bureaucracy must not be allowed to endanger the national security of the American people as it carries out a vicious vendetta against the current Administration. We will not stop fighting until we defeat and expose the shadow government leaks.

You can be part of our effort. We need your voice. Sign our petition today.

View post:
Today, the American Center for Law and Justice (ACLJ) just filed its second lawsuit against the National Security ... - American Center for Law and...

The idea of a hostile country hijacking computers deep inside the United States sounds frightening. But is it really so different from what countriesincluding the U.S.have always done in the name of espionage?

That was a question posed to Gen. Keith Alexander, a former director of the NSA, at Fortune's Brainstorm Tech conference on Tuesday in Aspen, Colo.

Alexander responded by saying there's a clear distinction between countries using computers to spy and to attack.

"Its intent. Cyber war is to inflict damage while spying is to learn secrets," he said, adding that every nation engages in cyber-spying.

As a examples of computer activity that rises to the level of cyber war, Alexander pointed to the alleged attack on Sony by North Korea, and to attacks in Ukraine aimed at the company's economy and infrastructure.

Get Data Sheet , Fortunes technology newsletter.

The distinction between spying and cyber war is important since the latter has the potential to trigger military retaliation, or invoke responses under treaties like NATO, while espionage is considered less serious.

Nations are going to test us in cyber space," said Alexander without elaborating as to whether recent hacking activities directed at the U.S. approach the level of war.

Alexander and others on the panel also discussed what the United States should do to protect itself against cyber attacks. According to Oren Falkowitz, the CEO of an anti-phishing service called Area 1 security, a lot of this responsibility should fall to the private sector.

Its just not the role of the government to protect everyone in this country, he said, explaining that businesses should be responsible for securing their own networks unless critical infrastructure is involved.

Falkowitz also downplayed the cyber threat posed by new technologies like artificial intelligence, stating that 95% of all hacks begin with phishing, so there is no reason for hackers to pursue more exotic AI-based tactics.

Gen. Alexander, who now heads a company called IronNet Cybersecurity, was less sanguine about the AI threat.

As countries look to cyber as an element of national power, theyll turn to AI and other new tech," he warned.

Meanwhile, another U.S. company is having considerable success in using an unorthodox techniquepaying hackersto protect companies from cyber attacks. The company, HackerOne, runs programs called "bug bounties" that involve inviting a large network of friendly hackers to attempt to break into a company's network, and then rewarding them if they are successful.

The bug bounty programs have proved so successful that even the U.S. military is using them. Last year, the military paid HackerOne to run a program called "Hack the Pentagon" that flushed out numerous computer vulnerabilities.

See the original post here:
Spying or Cyber War? How to Tell the Difference - Fortune

An undated aerial handout photo shows the National Security Agency headquarters building in Fort Meade, Maryland. Photo by NSA via Reuters

WASHINGTON After months of delay, the Trump administration is finalizing plans to revamp the nations military command for defensive and offensive cyber operations in hopes of intensifying Americas ability to wage cyberwar against the Islamic State group and other foes, according to U.S. officials.

Under the plans, U.S. Cyber Command would eventually be split off from the intelligence-focused National Security Agency.

Details are still being worked out, but officials say they expect a decision and announcement in the coming weeks. The officials werent authorized to speak publicly on the matter so requested anonymity.

The goal, they said, is to give U.S. Cyber Command more autonomy, freeing it from any constraints that stem from working alongside the NSA, which is responsible for monitoring and collecting telephone, internet and other intelligence data from around the world a responsibility that can sometimes clash with military operations against enemy forces.

Making cyber an independent military command will put the fight in digital space on the same footing as more traditional realms of battle on land, in the air, at sea and in space. The move reflects the escalating threat of cyberattacks and intrusions from other nation states, terrorist groups and hackers, and comes as the U.S. faces ever-widening fears about Russian hacking following Moscows efforts to meddle in the 2016 American election.

The U.S. has long operated quietly in cyberspace, using it to collect information, disrupt enemy networks and aid conventional military missions. But as other nations and foes expand their use of cyberspying and attacks, the U.S. is determined to improve its ability to incorporate cyber operations into its everyday warfighting.

Experts said the command will need time to find its footing.

Right now I think its inevitable, but its on a very slow glide path, said Jim Lewis, a cybersecurity expert with the Center for Strategic and International Studies. But, he added, A new entity is not going to be able to duplicate NSAs capabilities.

The NSA, for examples, has 300 of the countrys leading mathematicians and a gigantic super computer, Lewis said. Things like this are hard to duplicate.

He added, however, that over time, the U.S. has increasingly used cyber as a tactical weapon, bolstering the argument for separating it from the NSA.

The two highly secretive organizations, based at Fort Meade, Maryland, have been under the same four-star commander since Cyber Commands creation in 2009.

But the Defense Department has been agitating for a separation, perceiving the NSA and intelligence community as resistant to more aggressive cyberwarfare, particularly after the Islamic States transformation in recent years from an obscure insurgent force into an organization holding significant territory across Iraq and Syria and with a worldwide recruiting network.

While the military wanted to attack IS networks, intelligence objectives prioritized gathering information from them, according to U.S. officials familiar with the debate. They werent authorized to discuss internal deliberations publicly and requested anonymity.

Then-Defense Secretary Ash Carter sent a plan to President Barack Obama last year to make Cyber Command an independent military headquarters and break it away from the NSA, believing that the agencys desire to collect intelligence was at times preventing the military from eliminating IS ability to raise money, inspire attacks and command its widely dispersed network of fighters.

Carter, at the time, also pushed for the ouster of Adm. Mike Rogers, who still heads both bodies. The Pentagon, he warned, was losing the war in the cyber domain, focusing on cyberthreats from nations such as Iran, Russia and China, rather than on countering the communications and propaganda campaigns of internet-savvy insurgents.

Officials also grew alarmed by the growing number of cyberattacks against the U.S. government, including several serious, high-level Defense Department breaches that occurred under Rogers watch.

NSA is truly an intelligence-collection organization, said Lauren Fish, a research associate with the Center for a New American Security. It should be collecting information, writing reports on it. Cyber Command is meant to be an organization that uses tools to have military operational effect.

After President Donald Trumps inauguration, officials said Defense Secretary Jim Mattis endorsed much of the plan. But debate over details has dragged on for months.

Its unclear how fast the Cyber Command will break off on its own. Some officials believe the new command isnt battle-ready, given its current reliance on the NSAs expertise, staff and equipment. That effort will require the department to continue to attract and retain cyber experts.

Cyber Command was created in 2009 by the Obama administration to address threats of cyber espionage and other attacks. It was set up as a sub-unit under U.S. Strategic Command to coordinate the Pentagons ability to conduct cyberwarfare and to defend its own networks, including those that are used by combat forces in battle.

Officials originally said the new cyber effort would likely involve hundreds, rather than thousands, of new employees.

Since then, the command has grown to more than 700 military and civilian employees. The military services also have their own cyber units, with a goal of having 133 fully operational teams with as many as 6,200 personnel.

Its proposed budget for next year is $647 million. Rogers told Congress in May that represents a 16 percent increase over this years budget to cover costs associated with building the cyber force, fighting IS and becoming an independent command.

Under the new plan being forwarded by the Pentagon to the White House, officials said Army Lt. Gen. William Mayville would be nominated to lead Cyber Command. Leadership of the NSA could be turned over to a civilian.

Mayville is currently the director of the militarys joint staff and has extensive experience as a combat-hardened commander. He deployed to both Iraq and Afghanistan, leading the 173rd Airborne Brigade when it made its assault into Iraq in March 2003 and later heading coalition operations in eastern Afghanistan.

Visit link:
US to create the independent US Cyber Command, split off from NSA - PBS NewsHour

By LOLITA C. BALDOR , Associated Press July 17, 2017 - 2:20 AM

WASHINGTON After months of delay, the Trump administration is finalizing plans to revamp the nation's military command for defensive and offensive cyber operations in hopes of intensifying America's ability to wage cyberwar against the Islamic State group and other foes, according to U.S. officials.

Under the plans, U.S. Cyber Command would eventually be split off from the intelligence-focused National Security Agency.

Details are still being worked out, but officials say they expect a decision and announcement in the coming weeks. The officials weren't authorized to speak publicly on the matter so requested anonymity.

The goal, they said, is to give U.S. Cyber Command more autonomy, freeing it from any constraints that stem from working alongside the NSA, which is responsible for monitoring and collecting telephone, internet and other intelligence data from around the world a responsibility that can sometimes clash with military operations against enemy forces.

Making cyber an independent military command will put the fight in digital space on the same footing as more traditional realms of battle on land, in the air, at sea and in space. The move reflects the escalating threat of cyberattacks and intrusions from other nation states, terrorist groups and hackers, and comes as the U.S. faces ever-widening fears about Russian hacking following Moscow's efforts to meddle in the 2016 American election.

The U.S. has long operated quietly in cyberspace, using it to collect information, disrupt enemy networks and aid conventional military missions. But as other nations and foes expand their use of cyberspying and attacks, the U.S. is determined to improve its ability to incorporate cyber operations into its everyday warfighting.

Experts said the command will need time to find its footing.

"Right now I think it's inevitable, but it's on a very slow glide path," said Jim Lewis, a cybersecurity expert with the Center for Strategic and International Studies. But, he added, "A new entity is not going to be able to duplicate NSA's capabilities."

The NSA, for examples, has 300 of the country's leading mathematicians "and a gigantic super computer," Lewis said. "Things like this are hard to duplicate."

He added, however, that over time, the U.S. has increasingly used cyber as a tactical weapon, bolstering the argument for separating it from the NSA.

The two highly secretive organizations, based at Fort Meade, Maryland, have been under the same four-star commander since Cyber Command's creation in 2009.

But the Defense Department has been agitating for a separation, perceiving the NSA and intelligence community as resistant to more aggressive cyberwarfare, particularly after the Islamic State's transformation in recent years from an obscure insurgent force into an organization holding significant territory across Iraq and Syria and with a worldwide recruiting network.

While the military wanted to attack IS networks, intelligence objectives prioritized gathering information from them, according to U.S. officials familiar with the debate. They weren't authorized to discuss internal deliberations publicly and requested anonymity.

Then-Defense Secretary Ash Carter sent a plan to President Barack Obama last year to make Cyber Command an independent military headquarters and break it away from the NSA, believing that the agency's desire to collect intelligence was at times preventing the military from eliminating IS' ability to raise money, inspire attacks and command its widely dispersed network of fighters.

Carter, at the time, also pushed for the ouster of Adm. Mike Rogers, who still heads both bodies. The Pentagon, he warned, was losing the war in the cyber domain, focusing on cyberthreats from nations such as Iran, Russia and China, rather than on countering the communications and propaganda campaigns of internet-savvy insurgents.

Officials also grew alarmed by the growing number of cyberattacks against the U.S. government, including several serious, high-level Defense Department breaches that occurred under Rogers' watch.

"NSA is truly an intelligence-collection organization," said Lauren Fish, a research associate with the Center for a New American Security. "It should be collecting information, writing reports on it. Cyber Command is meant to be an organization that uses tools to have military operational effect."

After President Donald Trump's inauguration, officials said Defense Secretary Jim Mattis endorsed much of the plan. But debate over details has dragged on for months.

It's unclear how fast the Cyber Command will break off on its own. Some officials believe the new command isn't battle-ready, given its current reliance on the NSA's expertise, staff and equipment. That effort will require the department to continue to attract and retain cyber experts.

Cyber Command was created in 2009 by the Obama administration to address threats of cyber espionage and other attacks. It was set up as a sub-unit under U.S. Strategic Command to coordinate the Pentagon's ability to conduct cyberwarfare and to defend its own networks, including those that are used by combat forces in battle.

Officials originally said the new cyber effort would likely involve hundreds, rather than thousands, of new employees.

Since then, the command has grown to more than 700 military and civilian employees. The military services also have their own cyber units, with a goal of having 133 fully operational teams with as many as 6,200 personnel.

Its proposed budget for next year is $647 million. Rogers told Congress in May that represents a 16 percent increase over this year's budget to cover costs associated with building the cyber force, fighting IS and becoming an independent command.

Under the new plan being forwarded by the Pentagon to the White House, officials said Army Lt. Gen. William Mayville would be nominated to lead Cyber Command. Leadership of the NSA could be turned over to a civilian.

Mayville is currently the director of the military's joint staff and has extensive experience as a combat-hardened commander. He deployed to both Iraq and Afghanistan, leading the 173rd Airborne Brigade when it made its assault into Iraq in March 2003 and later heading coalition operations in eastern Afghanistan.

See the original post here:
US to create independent military cyber command - Minneapolis Star Tribune

Former Director of National Intelligence James Clapper famously (or infamously) told Congress the National Security Agency did not wittingly collect data on Americans. That turned out to be false.

More recently, Sen. Ron WydenRon WydenOPINION | On Trump-Russia probe, dont underestimate Senator Chuck Grassley How many Americans are swept up in the NSA's snooping programs? Overnight Finance: Yellen pushes back on GOP banking deregulation plan | Trump dodges on Russia sanctions bill | Trump floats tariffs on steel imports | Budget director touts MAGAnomics MORE (D-Ore.) asked the current director of national intelligence, Dan CoatsDan CoatsHouse moves to bar Pentagon contracts with firms backing North Korean cyberattacks How many Americans are swept up in the NSA's snooping programs? Granting NSA permanent bulk surveillance authority would be a mistake MORE whether the government could use Section 702 of the Foreign Intelligence Surveillance Act to collect communications it knows are entirely domestic.

Not to my knowledge. That would be illegal, Coats responded.

However, a subsequent letter from Coats office to Wydens office suggests the directors answer was incomplete. The Office of the Director of National Intelligence clarified that section 702(b)(4) plainly states we may not intentionally acquire any communication as to which the sender and all intended recipients are known at the time of acquisition to be located in the United States. The DNI interpreted Senator Wydens question to ask about this provision and answered accordingly.

FISA Section 702 authorizes two major NSA snooping programs. One is upstream collection, a process in which the NSA collects digital communications through the internets backbone undersea cables that process large volumes of internet traffic, which internet service providers send to the government. The government attempts to sort the data for foreign targets information and then is supposed to discard the rest.

We know some Americans information is retained when they communicate with a target, though minimization procedures are in place to protect their identities. Until recently, the information also could be swept up if they communicated about a target. The NSA recently announced it was ending about collection in the wake of a series of compliance incidents and privacy concerns. Some other Americans data may be swept up due to technological limitations that affect scope of collection. In other words, the NSA hasnt invested in infrastructure that can narrow their collection.

The problem is that we do not know how many Americans are swept up in 702 surveillance. We do not even have a rough estimate. A recent letter from privacy groups admonished Coats for refusing to provide information on the number of Americans swept up in 702 collection information that both he and his predecessor had promised to deliver.

Coats intransigence follows a familiar pattern of the NSA promising transparency and then reneging on those promises. Indeed, for the past six years the agency has flummoxed congressional oversight, with its reluctance to give the public hard data on this matter. When a powerful bureaucracy ignores both civil-society groups and its constitutional overseers, what is the solution?

Congress should step in and do its job, which requires going beyond public reprimands from a handful of members. The first branch has the power to legislate and write laws requiring the executive branch to reveal the number of Americans swept up in 702 collection. The letter from privacy groups recommended such a deep dive, but the intelligence community argued it would be counterproductively invasive. A clear legal mandate from Congress could outline how the search would be conducted, with accurate protections for Americans who potentially could be unmasked.

As to why the NSA would be so reluctant to answer such a simple request, privacy blogger Marcy Wheeler recently detailed a culture of ignorance that has emerged within the NSA in the wake of an July 2010 ruling by Foreign Intelligence Surveillance Court Judge John Bates concerning the deliberate collection of domestic content via upstream collection. In Wheeler's characterization, Bates said that if the government knew it had obtained domestic content, it had to delete the data, but if it didnt know, it could keep it. A perfect catch-22.

These instructions cultivate a practice of willful ignorance, which probably explains the hesitance of the intelligence community to answer Wyden's question publicly. A new law would nip this habit in the bud and place heavy incentives for transparency. Until a new law is passed, privacy advocates will be at the mercy of the NSAs mood.

Civil-society groups have nobly tried to fill the gap where Congress has been lacking in its oversight and lawmaking role. It is imperative then that Section 702 be updated substantially, before it is reauthorized at the end of the year. Both Americans privacy rights and the intelligence community stand to benefit from clearer legal boundaries. It is Congress job to hold the executive branchs feet to the fire the very notion of the separation of powers, of checks and balances and of a free democracy depend on it.

Jonathan Haggerty (@RplusLequalsJLH) is a research assistant at the R Street InstituteandArthur Rizer (@ArthurRizer) is the national security and justice policy director.

The views expressed by contributors are their own and are not the views of The Hill.

Originally posted here:
How many Americans are swept up in the NSA's snooping programs? - The Hill (blog)

It has been almost three months since the Moscow Board of Adjustment approved a conditional use permit allowing New Saint Andrews College to expand into the former Cadillac Jack's building on North Main Street.

After appeals and City Council review, the board will make a decision on the CUP again at 7 p.m. Tuesday at City Hall's council chambers.

Mike Ray, assistant community development director, said the board will reconsider all the information previously presented to them in addition to reviewing a new survey of the availability of public parking in the area that city staff conducted at the direction of the City Council. After considering all the information, Ray said the board can approve the CUP with or without conditions, reject it or table the matter for a future meeting.

The board voted 3-2 to approve the CUP April 25 but five people appealed the board's decision during a 10-day appeal period in early May.

While the board approved the CUP in late April, it said NSA must provide 47 off-street parking spaces within about half a mile of the former CJ's property, subject to the approval of the zoning administrator. The other condition was NSA would be allowed to phase in the off-street parking requirement by providing 50 percent of it on occupancy of the building and the remainder when NSA's enrollment reaches 150 students, or five years from the date of occupancy, whichever comes first.

The City Council listened to the five appellants June 5. It upheld Ryanne Pilgeram's appeal and remanded the CUP decision to the board.

At the June 5 council meeting, the City Council directed city staff to conduct an additional survey of parking use within 600 feet of the proposed educational institute. City staff had conducted a parking survey over a five-day work week in April to assess the average availability of public parking spaces within 600 feet of the property. Counts were taken at 9 a.m. and 2 p.m.

Ray said city staff conducted new counts at 9 a.m., 12:30 p.m. and 2 p.m, and those results will be presented to the board Tuesday night.

Ray said the City Council also wanted the board to consider studying the parking mitigation calculation, which determined that 47 off-street parking spaces be required within roughly half of a mile of the former CJ's building.

The City Council further directed the board to reconsider its decisions that "the location, design and size of the proposed use will be adequately served by existing streets, public facilities and services" and "will not be in conflict with the Comprehensive Plan."

Although Tuesday's public hearing is open to the public, no public comment will be allowed at the direction of the City Council.

Ray said it is a public hearing only to accept the new parking count information that the City Council requested the board to consider.

"The City Council did not intend for additional public comment to be considered since there was already three, four hours of public comment at the initial hearing," Ray said.

The NSA's proposed expansion would include a maximum enrollment of 300 full-time equivalent students with up to an additional 44 faculty and staff.

The roughly 15,900 square-foot facility would include five classrooms/studios, nine offices, a multi-purpose room, a student lounge and a music conservatory with seating for 680 occupants.

Read the original post:
Moscow board to reconsider NSA permit Tuesday - Moscow-Pullman Daily News

Adm. Mike Rogers heads both the NSA and Cyber Command, which would separate under a White House plan.

Jacquelyn Martin - Associated Press

By LOLITA C. BALDOR , Associated Press July 15, 2017 - 5:46 PM

WASHINGTON After months of delay, the Trump administration is finalizing plans to revamp the nation's military command for defensive and offensive cyber operations in hopes of intensifying America's ability to wage cyberwar against the Islamic State group and other foes, according to U.S. officials.

Under the plans, U.S. Cyber Command would eventually be split off from the intelligence-focused National Security Agency.

Details are still being worked out, but officials say they expect a decision and announcement in the coming weeks. The officials weren't authorized to speak publicly on the matter so requested anonymity.

The goal, they said, is to give U.S. Cyber Command more autonomy, freeing it from any constraints that stem from working alongside the NSA, which is responsible for monitoring and collecting telephone, internet and other intelligence data from around the world a responsibility that can sometimes clash with military operations against enemy forces.

Making cyber an independent military command will put the fight in digital space on the same footing as more traditional realms of battle on land, in the air, at sea and in space. The move reflects the escalating threat of cyberattacks and intrusions from other nation states, terrorist groups and hackers, and comes as the U.S. faces ever-widening fears about Russian hacking following Moscow's efforts to meddle in the 2016 American election.

The U.S. has long operated quietly in cyberspace, using it to collect information, disrupt enemy networks and aid conventional military missions. But as other nations and foes expand their use of cyberspying and attacks, the U.S. is determined to improve its ability to incorporate cyber operations into its everyday warfighting.

Experts said the command will need time to find its footing.

"Right now I think it's inevitable, but it's on a very slow glide path," said Jim Lewis, a cybersecurity expert with the Center for Strategic and International Studies. But, he added, "A new entity is not going to be able to duplicate NSA's capabilities."

The NSA, for examples, has 300 of the country's leading mathematicians "and a gigantic super computer," Lewis said. "Things like this are hard to duplicate."

He added, however, that over time, the U.S. has increasingly used cyber as a tactical weapon, bolstering the argument for separating it from the NSA.

The two highly secretive organizations, based at Fort Meade, Maryland, have been under the same four-star commander since Cyber Command's creation in 2009.

But the Defense Department has been agitating for a separation, perceiving the NSA and intelligence community as resistant to more aggressive cyberwarfare, particularly after the Islamic State's transformation in recent years from an obscure insurgent force into an organization holding significant territory across Iraq and Syria and with a worldwide recruiting network.

While the military wanted to attack IS networks, intelligence objectives prioritized gathering information from them, according to U.S. officials familiar with the debate. They weren't authorized to discuss internal deliberations publicly and requested anonymity.

Then-Defense Secretary Ash Carter sent a plan to President Barack Obama last year to make Cyber Command an independent military headquarters and break it away from the NSA, believing that the agency's desire to collect intelligence was at times preventing the military from eliminating IS' ability to raise money, inspire attacks and command its widely dispersed network of fighters.

Carter, at the time, also pushed for the ouster of Adm. Mike Rogers, who still heads both bodies. The Pentagon, he warned, was losing the war in the cyber domain, focusing on cyberthreats from nations such as Iran, Russia and China, rather than on countering the communications and propaganda campaigns of internet-savvy insurgents.

Officials also grew alarmed by the growing number of cyberattacks against the U.S. government, including several serious, high-level Defense Department breaches that occurred under Rogers' watch.

"NSA is truly an intelligence-collection organization," said Lauren Fish, a research associate with the Center for a New American Security. "It should be collecting information, writing reports on it. Cyber Command is meant to be an organization that uses tools to have military operational effect."

After President Donald Trump's inauguration, officials said Defense Secretary Jim Mattis endorsed much of the plan. But debate over details has dragged on for months.

It's unclear how fast the Cyber Command will break off on its own. Some officials believe the new command isn't battle-ready, given its current reliance on the NSA's expertise, staff and equipment. That effort will require the department to continue to attract and retain cyber experts.

Cyber Command was created in 2009 by the Obama administration to address threats of cyber espionage and other attacks. It was set up as a sub-unit under U.S. Strategic Command to coordinate the Pentagon's ability to conduct cyberwarfare and to defend its own networks, including those that are used by combat forces in battle.

Officials originally said the new cyber effort would likely involve hundreds, rather than thousands, of new employees.

Since then, the command has grown to more than 700 military and civilian employees. The military services also have their own cyber units, with a goal of having 133 fully operational teams with as many as 6,200 personnel.

Its proposed budget for next year is $647 million. Rogers told Congress in May that represents a 16 percent increase over this year's budget to cover costs associated with building the cyber force, fighting IS and becoming an independent command.

Under the new plan being forwarded by the Pentagon to the White House, officials said Army Lt. Gen. William Mayville would be nominated to lead Cyber Command. Leadership of the NSA could be turned over to a civilian.

Mayville is currently the director of the military's joint staff and has extensive experience as a combat-hardened commander. He deployed to both Iraq and Afghanistan, leading the 173rd Airborne Brigade when it made its assault into Iraq in March 2003 and later heading coalition operations in eastern Afghanistan.

Read the original:
Military cyberoperations headed for revamp after long delay - Minneapolis Star Tribune

Cmdr. Douglas Huggan, who has a long and illustrious career with the Navy, serving on three continents in five countries and six states, had led NSA Panama City since July 2015.

NAVAL SUPPORT ACTIVITY I relieve you sir.

With those words, command over Naval Support Activity Panama City passed from Cmdr. Douglas Huggan, known as Huggie to friends and associates, to Cmdr. Jay Sego in a simple but tradition-steeped ceremony Friday morning.

Huggan, who has a long and illustrious career with the Navy, serving on three continents in five countries and six states, had led NSA Panama City since July 2015. Capt. Stephen Barnett, the chief of staff for the Navys Southeast Region, and retired Navy Capt. Dennis Warren were among a dozen military and local officials on hand to wish Huggan fair winds on his retirement and return to Oklahoma, where he attended the University of Oklahomaand met his wife, Inge, more than 20 years ago.

Huggie has made a really big impact on the community during his command, Barnett said, adding that Huggans name is synonymous with pride in the community.

Warren, who has known Huggan for 17 years after they met at Tinker Air Force Base in Oklahoma, said the Navy and the country as a whole are better because of Huggans service. From a hockey-playing kid from Boston to safely landing a Cessna aircraft with his family on board when its engine seized, to turning a small naval air operation in Japan into a major international airport after the 2011 earthquake and tsunami, Warren commended Huggan for his lifetime of dedication and service.

Doug, Warren said, you will now be known as Skipper by those who served with you for the rest of your life.

Sego, who like Huggan is a graduate of the University of Oklahoma, hails originally from Fayetteville, Ark. He comes to Panama City from Duke University, where he was a public policy fellow at the Triangle Center on Terrorism and Homeland Defense. He has worked at the Pentagon with the Joint Chiefs of Staff, and with legislators developing defense policy. He also has completed numerous deployments during Operation Enduring Freedom and Operation Iraqi Freedom, as well as a deployment in the South China Sea.

Im truly and extremely blessed with this opportunity to join Naval Support Activity Panama City, Sego said. Im dedicated to giving you my all.

Sego said he was extremely excited to start working with the talented team at NSA Panama City, saying the bases stellar reputation is well known throughout the country.

More here:
Huggan retires, hands over command of NSA Panama City - The News Herald