I’ve Got No Secrets!

We already know that dedicated hackers can pretty much have their way with individuals’ Internet and computer accounts. There are constant reminders from some of the biggest commercial and non-profit organizations that their encrypted data, usually containing some very personal information concerning ordinary consumers, is increasingly hacked. Data, credit card information, medical histories, sensitive personal information, etc. is then bought and sold on the dark Web by nefarious traders, many of whom are in distant lands or living in a virtually untraceable anonymous cyber world.

Each year, billions and billions of dollars are stolen from cyber-linked accounts. Gone, gone, gone! Ransomware generates additional revenues for the criminal element. Not to mention governments – like North Korea – that generate massive income for themselves by cracking into private accounts (bitcoin theft is quite popular) to siphon off money. OK, so we know that the private cybernet world is rather dramatically vulnerable. Our financial systems could fall fast. A hardened enemy is also currently able to take down most of our power grids (inflicting damage that would take years to fix), as several “from Russia with love” exploratory intrusions have proven. All that is pretty terrible, but we have to have consummate security in our government’s most secret information, right?

We’ve seen how federal personnel records have been purloined, compromising information that a foreign power could easily use to figure out our weak links, where the most vulnerable federal agents live and what their weaknesses are. WikiLeaks has released thousands of pages of supersensitive governmental communications to the world. Some of most secret military weapon systems have been hacked, compromising us at every level. Russia, China and North Korea are the most cited culprits, but the Russian cyber-espionage force (overt and clandestine) are far and away the most advanced operators.

Apparently to avoid having to admit that Russia materially aided his 2016 election, even as the Trump-Putin Helsinki summit planned for July 16^th approaches, Donald Trump still takes Putin’s word that Russia did not, is not and will not use its hacking skills and ability to spread malicious disinformation to further polarize the American body politic and influence our elections… even as Congress and our every national security and intelligence agency says Russia is escalating its efforts even beyond their wild success in 2016. The net impact is that Russia does not have to worry about Trump’s prioritizing constraining their planned cyber-political disruptions anytime soon.

That’s a problem. A very, very big problem. Not only does this threaten our democratic institutions and open biased individuals to vent their often “conspiratorial” biases within the political process, but the kinds of defenses we need – those that would parallel containing cyber-political interference – are insufficient within our own governmental agencies to halt data breaches and internal manipulations as to some of this nation’s most vital military and national security interests. You just might be surprised at how governmental agencies are interconnected… and how easy it is to use one agency’s vulnerabilities to access sensitive data in another governmental agency.

Barbara George, PhD, retired military office and executive director of the Washington Cyber Roundtable with a background in national security, cybersecurity and communications, and strategic planning, writing for the June 29^th The Cipher Brief, explains: “Protecting the technology networks connecting more than two million employees working in over 400 government agencies serving about 325 million Americans is a herculean feat. In May, the Office of Management and Budget (OMB) released a report stating 74 percent of these federal agencies are at ‘high risk or risk’ of facing a cyberattack. However, because of the interconnected missions and nature of government networks, if one agency is vulnerable then all are in jeopardy. The solution is not simply for one cyber czar to shepherd those on the National Security Council (NSC) towards sound cyber policy, but rather broadly fostering a government leadership culture that automatically considers cybersecurity when discussing security issues and policy actions.

“While it may initially seem beneficial to have a cyber champion in the room during national security discussions with the president, it is better if everyone at the table is a cyber advocate. This means department secretaries should be in lockstep with their own cyber experts. Chief Information Officers (CIOs) and Chief Information Security Officers (CISOs) need to have a seat at the table with department leadership. Unfortunately, in the government most CIOs do not report directly to the secretary or deputy secretary, which is considered industry best practice, and it will take more than just issuing an executive order to make this a reality. By not including CIOs and CISOs in enterprise discussions, agencies are not exercising holistic approaches to cyber security…

“The key stakeholders based on role are:

• For asset response: the National Cybersecurity and Communications Integration Center (NCICC) within the Department of Homeland Security (DHS)

• For threat response: the National Cyber Investigative Joint Task Force (NCIJTF) within the Federal Bureau of Investigations (FBI)

• For intelligence support: the Office of the Director of National Intelligence (ODNI) through the Cyber Threat Intelligence and Integration Center (CTIIC)

• For managing incident effects on operations, customer and workforce the government will turn to the private sector

“The Cyber Incident Coordination plan was created in 2016, about seven years after the creation of the White House cybersecurity coordinator role, and has since shown tangible results. Following the PPD-41 protocols prevented the U.S. government from being significantly impacted by the WannaCry cyberattacks in 2016, one of the largest cyberattacks that impacted at least 150 countries and 200,000 computers. These efforts were spearheaded by DHS through the NCCIC, not the White House cybersecurity coordinator. As presented at the RSA Conference, the NCCIC credits strategic relationships and global information exchange as key to the successful WannaCry response.

“Rather than focusing on correcting embedded obstacles and praising proven processes, response to the Trump Administration’s decision to eliminate the cybersecurity coordinator role honed in on politics. Nevertheless, agencies with the responsibility and mission will continue to build capacity to address cybersecurity challenges. DHS is continuing to improve its approach to cybersecurity and released its cybersecurity strategy the same day the White House eliminated the cybersecurity coordinator position. Interagency cooperation is not a new concept and together the government can and will move forward to reduce the Nation’s risk of systemic cybersecurity and communications challenges.”

So what does this all mean? While we are improving slightly, we are still woefully uncoordinated and unprepared for cyber-penetration into our federal systems by a determined and sophisticated intruder. Even as recently updated, our legacy systems and practices remain ill-suited to the task at hand and too influenced by political considerations that place the personal interests of the President over the obvious efforts needed for an effective response.

I’m Peter Dekom, and none of this really matters… until it really does on a massive scale.

I50 Mass Shootings in 2018 – Thoughts and Prayers

Prior to departing Wisconsin, I was briefed on the shooting at Capital Gazette in Annapolis, Maryland. My thoughts and prayers are with the victims and their families. Thank you to all of the First Responders who are currently on the scene.                                                 1:49 PM - Jun 28, 2018 Tweet from Donald Trump

Strongly condemn the evil act of senseless violence in Annapolis, MD. A violent attack on innocent journalists doing their job is an attack on every American. Our prayers are with the victims and their friends and families.      3:53 PM - Jun 28, 2018 Tweet from White House spokesperson, Sarah Sanders

The United States is most certainly living up to its sordid reputation as a gun crazy nation that puts purported (and misinterpreted) Second Amendment rights ahead of the lives of its citizens, and particularly ahead of the lives of children. We have about as many guns – including at least 15 million AR-15 military-grade semi-automatic assault rifles – as we do people in this country. Regardless of rather lackadaisical and half-hearted attempts to restrict gun purchases such that those with criminal records, children, those with mental health issues or a clear proclivity towards violence are theoretically denied access to guns, buying a gun in the United States – in complete non-compliance with any such restrictions – remains absolutely wide-open and easy.

This time, the “incident” involved an Annapolis, Maryland newspaper (the Capital Gazette), where a disgruntled subject of a Gazette report, a 38-year-old white male, who had lost a defamation suits against that paper, allegedly used a shotgun to blast away, killing five journalists and seriously injuring two more. Apparently, the killer took his toll and just stopped shooting on his own. His social media pages and his obvious and continuing attacks on the paper were anything but secret, suggesting serious mental issues.

“According to an unreported 2015 opinion filed in the Maryland Court of Special Appeals, He had plead guilty to criminal harassment in July 2011. Five days later, an article about the case appeared in The Capital, one of Capital Gazette's publications. The story detailed accusations by a woman who said the suspect harassed her online and off for months, calling her employer and trying to get her fired. The woman eventually went to the police and he plead guilty to a misdemeanor charge of harassment in 2011.

“The Twitter account that matches the shooter's name began tweeting about Capital Gazette several months after the conviction… In July 2012, he had filed suit against Capital Gazette for defamation, according to the 2015 court filing. The complaint was just four paragraphs long, but he filed a longer 22-page claim several months later… In 2012, a judge dismissed the lawsuit on the basis that ‘there is absolutely not one piece of evidence, or an assertion by you that the statement [in the article] was false.’” CBS News, June 29^th.

Still he had a serious gun to vent his rage. He was taken into custody where he was identified through facial recognition software (he did not cooperate when he was arrested, even having tried to destroy his fingertips to prevent identification)… and charged with multiple counts of murder.

Most mainstream media coverage repeated the almost-always-ignored reality of too many serious and unregulated guns in the United States. With the likely appointment of another conservative justice to the Supreme Court, we are probably going to see an expansion of gun-owners’ rights at the expense of victims, even though even former uber-conservative Justice Antonin Scalia has repeated that the Second Amendment is not an absolute right for citizens to own weapons without restriction.

But what is increasingly interesting about the reactions to such shootings is a combination of disgust, bewilderment and increasing rage at the standard and absolutely vapid “our thoughts and prayers are with the victims” or “we strongly condemn” responses from those most responsible for the virtually unrestrained gun trade in this country… the lock-step followers of the NRA gun manufacturers lobby wish list. The survivors of the Capital Gazette attack were no exceptions to these minimalist right wing memes.

“In an interview with CNN on Thursday night [6/28], Capital Gazette writer Selene San Felice told Anderson Cooper what it was like to hide under her desk while the gunman opened fire. She also said the attack had left the newsroom ‘shaken,’ but she was not interested in politicians’ well-worn platitudes. 

“‘I’ve heard that President Trump sent his prayers. I’m not trying to make this political, right? But we need more than prayers. I appreciate the prayers. I was praying the entire time I was [hiding] under that desk. I want your prayers but I want something else,’ San Felice said… ‘I’m going to need more than a couple days of news coverage and some thoughts and prayers because our whole lives have been shattered,’ she added. ‘Thanks for your prayers, but I couldn’t give a f**k about them if there’s nothing else.’” HuffPost, June 29^th. No Selene, there will be nothing else.

Looking back at the bigger Trump-led attack on mainstream media (excluding Fox News and Breitbart) as the real “enemy” in the United States, the inevitable question arose as to whether Trump’s constant vilification of the press (with a 70% increase in threats against U.S. journalists since Trump took office) might have encouraged this gunman. Typically, one Fox News host instead placed the blame on Democrats and mainstream media:

 “On his daily radio show, Fox News host Sean Hannity appeared to blame the shooting — for which no motive has been given — on Rep. Maxine Waters and President Barack Obama. Hannity implied comments they made had caused ‘something horrible’ to happen:

“You know, as I’ve always said, I mean honestly — I’ve been saying now for days that something horrible was going to happen because of the rhetoric. Really [Rep.] Maxine [Waters]? [Democrat Maxine Waters called for restaurants and retailers to boycott Trump-associated appointees and politicians.] You want people to create — ‘call your friends, get in their faces,’ and Obama said that too. ‘Get in their faces, call them out, call your friends, get protesters, follow them into restaurants and shopping malls,’ and wherever else she said.” Vox.com, June 28^th. The right wing press has frequently stated that liberal attacks on Donald Trump were invitations to violence.

As a very, very recent example, responding to Waters’ words noted above, right-wing activist “Milo Yiannopoulos encouraged vigilantes to start ‘gunning journalists down’ just two days before a Maryland newspaper was targeted in a mass shooting that killed five people.

“Yiannopoulos, the prominent right-wing figure and former senior editor at conservative news website Breitbart, told US news website Observer over text message: ‘I can’t wait for the vigilante squads to start gunning journalists down on sight.’” Business Insider, June 29^th. Words exploded from the press as well.

Reuters Breakingviews editor Rob Cox tweeted: This is what happens when @realDonaldTrump calls journalists the enemy of the people. Blood is on your hands, Mr. President. Save your thoughts and prayers for your empty soul. Cox issued an apology for this tweet shortly thereafter, saying he responded “emotionally and inappropriately.”

There is a lack of civility on both sides of the political spectrum, a fact which makes a bad situation worse. But Trump’s attacks on mainstream media, a bastion of democracy, is heavily statistically correlated with the incredible increase of threats against the press. We have no excuses for our clearly over-the-top gun violence. There is no excuse for a president to attack as the “enemy” and purveyors as “fake news” any criticism of him and expect resulting peace and stability.

I’m Peter Dekom, and as much as we scream “national security” and build a military to protect us from foreign malevolence, we are actually destroying our own nation from within.