The Day Mainstream Culture Died
Jared Marcel Pollen: No taste is triumphant anymore. This is to say that the mainstream is itself in peril as much as the domination of any narrative art within it. Indeed, the very notion of a mainstream seems to be perishing in overproduction and disaffection with the cultural gatekeepers. – 3AM Magazine
Politico
January 4, 2019
A
bipartisan pair of Senate lawmakers proposed legislation on Friday to compel
the Trump administration to take a stronger stance against digital and
technological threats from countries such as China. The bill from Sen. Mark
Warner (D-Va.), the top Democrat on the Senate Intelligence Committee, and Sen.
Marco Rubio (R-Fla.), who also serves on the panel, is the latest sign of
growing, bipartisan unease with President Donald Trump's attitude toward China
and worries that national security concerns will be given short shrift as the
White House pursues a trade deal with Beijing. Those fears grew last month when
Trump suggested that he might use the case of Meng Wanzhou, the CFO of Chinese
tech giant Huawei who was arrested in Vancouver for violating US sanctions on
Iran, as a bargaining chip in negotiations. “It is clear that China is
determined to use every tool in its arsenal to surpass the United States
technologically and dominate us economically," Warner, a former tech
executive, said in a statement. "We need a whole-of-government technology
strategy to protect U.S. competitiveness in emerging and dual-use technologies
and address the Chinese threat by combating technology transfer from the United
States."
Chinese Investment in the United States and Europe Plummets Foreign Policy (Kevin W)
China offers NASA use of moon mission probeSydney Morning Herald (Kevin W)
WELL, GOOD: Tax Refunds Will Be Paid During Shutdown, White House Says. “New policy meant to ‘mitigate the impact’ of shutdown, Vice President Mike Pence says
Nextgov
January 4,
2019
Less than
two months after the Senate failed to take up the Federal CIO Authorization
Act, the bipartisan bill’s cosponsors reintroduced it to the House Friday.
Sponsored by Reps. Robin Kelly, D-Ill. and Will Hurd, R-Texas, the bill is
unchanged from the version that passed the House unanimously on Nov. 30 but
died in the Senate. The legislation’s main intent is to elevate the authority
of the federal chief information officer by moving the position to a direct
report to the Office of Management and Budget director. It would also codify
the federal CIO and federal chief information security officer position as
presidentially appointed positions. The federal CIO would oversee the federal
CISO.
FCW
The funding
bill introduced by House Democrats to end the shutdown zeroes out a popular
program among the federal IT community: the Technology Modernization Fund.
Authorized via the Modernizing Government Act, the TMF was authorized for up to
$250 million in each of fiscal years 2018 and 2019, ultimately receiving $100 million
this past year. The new House measure would not allocate money for the TMF. The
House bill doesn't appear to be going anywhere, however. A White House policy
statement released Jan. 3 announced that President Donald Trump would veto the
measure if passed by Congress. Senate Majority Leader Mitch McConnell (R-Ky.)
has said he would not advance a bill that Trump wouldn't sign. Still, it's
possible that the TMF funding, a tiny sidelight in a massive appropriations
bill, could remain unfunded as a legislative compromise advances. "It's
disappointing to see new Democratic leadership zero out something that"
with popularity across the political spectrum, said Mike Hettinger, a former
Hill staffer and currently a lobbyist specializing in procurement and IT issues.
"I think year two funding of this program is essential to the program's
success."
CyberScoop
January 3,
2019
House
Democrats will include proposed cybersecurity measures in a massive bill due to
be unveiled Friday as Congress begins a new session. The bill, H.R. 1, includes
an array of legislation, such as a plan to force all presidential nominees to
disclose their tax returns, new campaign finance rules and changes to sexual
harassment law. Cybersecurity also is a major component, as reports indicate
H.R. 1 will repurpose much of the language from the Elections Security Act,
proposed last year by Rep. Bennie Thompson, D-Miss. H.R. 1, known as the “For
the People Act,” also would require states to replace paperless voting systems,
create grants to help states audit their election results, and force election
system vendors to report data breaches, according to the Brennan Center.
ADMINISTRATION
Gov Info
Security
January 2,
2019
With the
aim of helping healthcare entities of all sizes improve their cybersecurity,
the Department of Health and Human Services has issued a four-volume
publication of voluntary best practices. The authors of the publication note
that the document "does not create new frameworks, rewrite specifications,
or 'reinvent the wheel.' We felt that the best approach to 'moving the
cybersecurity needle' was to leverage the NIST Cybersecurity Framework,
introducing the framework's terms to start educating health sector
professionals on an important and generally accepted language of cybersecurity
and answering the prevailing question: 'Where do I start, and how do I adopt
certain cybersecurity practices?'" The goal of the guidance is to aid
healthcare entities - regardless of their current level of cyber sophistication
- in bolstering their preparedness to deal with the ever-evolving cyber threat
landscape.
The Hill
January 2,
2019
Former
Obama homeland security adviser Lisa Monaco in a new interview speaks
critically of the Trump administration’s place on the global stage in defeating
cyber threats. Monaco told former CIA Director Michael Morrell in an interview
for CBS News’s “Intelligence Matters” podcast that aired Wednesday that she
would like the U.S. under President Trump to be involved in more multilateral
agreements to establish norms in cyberspace, rather than just deals with one
country at a time. “I think that the focus on bilateral, to the exclusion of
multilateral, agreements in the cyber realm to try and establish norms of
behavior is something that is a departure from past approaches and past
administrations, again, crossing the political spectrum,” Monaco said. She
added that it “should not be a partisan issue,” but acknowledged that there is
a place for some bilateral cyber agreements, like the 2015 deal between former
President Obama and China's President Xi Jinping aimed at curbing Chinese
economic espionage.
AP
Georgia’s
outdated election system has drawn criticism from cybersecurity experts and voting
integrity advocates, and now a commission tasked with examining potential
replacements is preparing to make recommendations to lawmakers. The paperless
system was closely scrutinized during last year’s nationally watched
gubernatorial race between Democrat Stacey Abrams and Republican Brian Kemp,
who was Georgia’s secretary of state and chief elections official. Abrams and
her allies accused Kemp of suppressing minority votes and mismanaging the
election, including by neglecting elections infrastructure. Kemp, now
governor-elect, has vehemently denied those allegations. Cybersecurity experts
have warned that the touchscreen voting machines Georgia has used since 2002
are unreliable and vulnerable to hacking, and provide no way to do an audit or
confirm that votes have been recorded correctly because there’s no paper trail.
Politico
December
31, 2018
Hours
before a 2016 leak of some of the National Security Agency’s most closely
guarded hacking tools, a former NSA contractor sent a cryptic Twitter message
that prompted alarm on the part of federal investigators, a federal judge has
revealed. Messages that the former NSA computer security specialist, Hal
Martin, sent via Twitter appear to have led to an FBI raid on his Maryland home
and to his arrest on charges of retaining a vast trove of classified
information there without permission, according to a newly released court
ruling. Passages in the decision from U.S. District Court Judge Richard Bennett
were deleted from a version made public by the court, but the remaining details
suggest that investigators believed Martin was offering sensitive information
to someone online shortly before a nebulous internet-based entity, the Shadow
Brokers, released NSA hacking tools in August 2016 through the
attention-grabbing technique of an online auction.
StateScoop
December
31, 2018
Among the
first items the North Dakota legislature will consider when it convenes
Thursday is a radical overhaul of the state’s information technology budget,
proposed earlier this year by the state’s top technology officials, to unify IT
and cybersecurity polices for nearly every public institution across the state
under a single agency. The proposal would give North Dakota an information
technology structure unlike that of any other state. While it takes the
relatively common step of consolidating all of the state government’s IT
operations under a single office, the North Dakota Information Technology
Department is also proposing it be responsible for managing cybersecurity
operations across all of the state’s public entities, including local
governments, schools, courts and the state legislature. If successful, the
project would leave ITD with a broader security mission than any other
statewide IT agency in the country. North Dakota’s universities and local
governments manage their cybersecurity needs individually, though often with
shortages of staff and resources, particularly at educational institutions.
Moving cybersecurity under ITD, state officials argue, will bring unity and
more rigorous governance to those efforts.
INDUSTRY
The New
York Times
January 4,
2019
Marriott
International said on Friday that the biggest hacking of personal information
in history was not quite as big as first feared, but for the first time
conceded that its Starwood hotel unit did not encrypt the passport numbers for
roughly five million guests. Those passport numbers were lost in an attack that
many outside experts believe was carried out by Chinese intelligence agencies.
When the attack was first revealed by Marriott at the end of November, it said
that information on upward of 500 million guests may have been stolen, all from
the reservations database of Starwood, a major hotel chain Marriot had
acquired. But at the time, the company said that the figure was a worst-case
scenario because it included millions of duplicate records. On Friday the firm
said that teams of forensic and data analysts had identified “approximately 383
million records as the upper limit” for the total number of guest reservations
records lost, though the company still says it has no idea who carried out the
attack, and it suggested the figure would decline over time as more duplicate
records are identified.
CBS
January 3,
2019
As
Americans become increasingly connected to the virtual world through phones,
computers and smart appliances, vital utilities like power and water grids, are
also going digital. A massive power plant near Niagara Falls, New York, is
upgrading its systems with artificial intelligence in a move that's raising
concerns among some security experts about the dangers from hackers. New York
state's largest power plant harnesses the awesome energy of the Niagara River
and now the New York Power Authority– or NYPA – is connecting that plant and
miles of transmission lines with tens of thousands of sensors that can
essentially "think," reports CBS News correspondent Errol Barnett.
"So if there are anomalies or if the temperature is outside the range of
design, these sensors will communicate automatically to our integrated smart
operations center," explained Gil Quiniones, president and CEO of the
NYPA. The A.I. network reaches statewide, warning not only of problems on the
grid but predicting where unscheduled maintenance is needed. The aim is to
lower costs and pass savings on to customers, with all data processed and
verified by computer engineers. But with those improvements comes an increase
in potential risk from cyberattacks. "We have to think about cyber
at every step of the process. We have to incorporate cyber defenses in every
step of the software and hardware that we're putting together," Quiniones
said.
Wired
January 3,
2019
A year ago
today, Intel coordinated with a web of academic and independent researchers to
disclose a pair of security vulnerabilities with unprecedented impact. Since
then, a core Intel hacking team has worked to help clean up the mess—by
creating attacks of their own. Known as Spectre and Meltdown, the two original
flaws—both related to weaknesses in how processors manage data to maximize
efficiency—not only affected generations of products that use chips from
leading manufacturers like Intel, AMD, and ARM, but offered no ready fix. The
software stopgaps Intel and others did roll out caused a slew of performance
issues. On top of all of this, Meltdown and particularly Spectre revealed
fundamental security weaknesses in how chips have been designed for over two
decades. Throughout 2018, researchers inside and outside Intel continued to
find exploitable weaknesses related to this class of "speculative
execution" vulnerabilities. Fixing many of them takes not just software patches,
but conceptually rethinking how processors are made. At the center of these
efforts for Intel is STORM, the company's strategic offensive research and
mitigation group, a team of hackers from around the world tasked with heading
off next-generation security threats. Reacting to speculative execution
vulnerabilities in particular has taken extensive collaboration among product
development teams, legacy architecture groups, outreach and communications
departments to coordinate response, and security-focused research groups at
Intel. STORM has been at the heart of the technical side.
Reuters
January 3,
2019
A cyber
security researcher canceled a hacking conference briefing on how he said he
could crack biometric facial recognition on Apple Inc iPhones, at the request
of his employer, which called the work “misleading.” The prospect that Face ID
could be defeated is troubling because it is used to lock down functions on
tens of millions of iPhones from banking and healthcare apps to emails, text
messages and photos. There is a one in 1 million chance a random person could
unlock a Face ID, versus one in 50,000 chance that would happen with the
iPhone’s fingerprint sensor, according to Apple. Face ID has proven more secure
than its predecessor, Touch ID, which uses fingerprint sensors to unlock
iPhones. Touch ID was defeated within a few days of its 2013 launch.
China-based researcher Wish Wu was scheduled to present a talk entitled “Bypass
Strong Face ID: Everyone Can Deceive Depth and IR Camera and Algorithms” at the
Black Hat Asia hacking conference in Singapore in March. Wu told Reuters that
his employer, Ant Financial, asked him to withdraw the talk from Black Hat, one
of the largest and most prestigious organizers of hacking conferences.
CyberScoop
December
31, 2018
It’s too
soon to tell whether North Korean hackers were responsible for a cyberattack
that prevented multiple major U.S. newspapers from delivering weekend editions
on time. The attack last week against the Tribune Company disrupted printing
operations at papers including the Los Angeles Times, the San Diego
Union-Tribune, the New York Times and the Wall Street Journal. Several sources
told the Los Angeles Times the attack appeared to be caused by Ryuk, a type of
ransomware with low technical capabilities. Ryuk has infected hundreds of
computers at multiple companies, according to researchers from security vendor
Check Point. While Ryuk shares attributes with the Hermes malware, which is
often attributed to suspected North Korean hackers known as the Lazarus Group,
researchers say that doesn’t mean Pyongyang has launched a digital assault
against U.S. press institutions. “The style of this attack fits the pattern of
a lot of different groups at this point,” Robert M. Lee, CEO of the industrial
cybersecurity company Dragos, told CyberScoop in an email. “This complicates
the attribution claims of course and at this point any claims of attribution
simply are too early.”
The Los
Angeles Times
December
29, 2018
What first
arose as a server outage was identified Saturday as a malware attack, which
appears to have originated from outside the United States and hobbled computer
systems and delayed weekend deliveries of the Los Angeles Times and other
newspapers across the country. Technology teams worked feverishly to quarantine
the computer virus, but it spread through Tribune Publishing’s network and
reinfected systems crucial to the news production and printing process.
Multiple newspapers around the country were affected because they share a
production platform. The attack delayed distribution of Saturday editions of
the Los Angeles Times and San Diego Union Tribune. It also stymied distribution
of the West Coast editions of the Wall Street Journal and New York Times, which
are printed at the Los Angeles Times’ Olympic printing plant in downtown Los
Angeles.
INTERNATIONAL
The New
York Times
January 4,
2019
After
hackers, later determined to be working for Russia, broke into Parliament’s
main computer network three years ago, the government vowed to fortify its
cybersecurity. The authorities schooled lawmakers about changing passwords,
using two-step identification and other measures to protect online data. But on
Friday, nearly 1,000 lawmakers and other prominent Germans, including rappers,
journalists and internet personalities, awoke to find links to their street and
email addresses, private chats from social media, bank account details and
pictures of their children published on Twitter, in another major breach aimed
at the country’s political establishment. All those attacked had a history of
criticizing the far right, whose politicians appeared to be spared, raising
suspicion that the hacker or hackers were sympathetic to their agenda, though
the authorities said they had no indication yet who was behind the attack.
Haaretz
January 4,
2019
If you
enter the lobby of the Tel Aviv building that acts as its headquarters, you
won’t find its name in the directory. You also won’t find a website for it
because it doesn’t have one. Its 120 or so employees don’t post profiles on
LinkedIn and sign strict confidentiality agreements. Inquiries by TheMarker
elicited a polite but firm “no comment.” The company is known as Candiru, named
after an Amazon fish known for its alleged tendency to invade and parasitize the
human urethra. The name fits the company’s business, which is offensive cyber,
the technology used to hack into computers or smartphones and spy on users.
Offensive cyber is a big business in Israel, with industry sources saying it
generates about $1 billion in sales a year. The biggest and most controversial
of the players is NSO, which has been cited repeatedly for selling its
equipment to countries like Saudi Arabia and Mexico that have used them to spy
and crack down on dissidents.
ABC
January 3,
2019
Three hours north of Romania's capital city of Bucharest, into the
mountains and rural towns of the eastern European country, lies the city of
Ramnicu Valcea. It looks like an idyllic mountain oasis, but around the world
it has a troubling nickname: “Hackerville.” “This is a town that had many
different organized groups of hackers," Peter Traven, an FBI assistant
legal attache at the U.S. embassy in Bucharest. "And then, also,
potentially organized criminals that were basically profiting off of the skill set
of these hackers based in Romania.” This city became a hotbed for cybercrime in
the 1990s, and despite crackdowns by law enforcement, it gained a reputation as
ground zero for hackers.
FT
January 1,
2019
The EU is
looking to toughen scrutiny of potential security risks with Chinese technology
companies in the wake of growing concerns about cyber theft and cyber espionage
allegedly linked to Beijing. Brussels wants to step up efforts to map Chinese
electronic infrastructure in the bloc, after pressure from Washington and
growing unease in capitals from Berlin to Tokyo. “A number of like-minded
countries are increasingly concerned about China’s behaviour in this
[cyber]sphere,” said one western diplomat, who pointed to the importance of
upcoming 5G mobile communications spectrum auctions in Europe. “EU countries,
including Spain, Italy and Finland, held 5G auctions in 2018, with a clutch of
others scheduled for 2019. The sales can raise billions of euros for government.
We are urging everyone to avoid making any hasty moves they might regret
later.” The US justice department charged two Chinese nationals late last month
with conducting a global hacking campaign, on the heels of accusations that a
group linked to the People’s Liberation Army had infiltrated the EU’s
diplomatic communications system — an allegation that Beijing denies.
AFP
January 1,
2019
A law
requiring internet companies in Vietnam to remove content communist authorities
deem to be against the state came into effect Tuesday, in a move critics called
"a totalitarian model of information control". The new cybersecurity
law has received sharp criticism from the US, the EU and internet freedom
advocates who say it mimics China's repressive censorship of the internet. The
law requires internet companies to remove content the government regards as
"toxic". Tech giants such as Facebook and Google will also have to
hand over user data if asked by the government, and open representative offices
in Vietnam. The communist country's powerful Ministry of Public Security (MPS)
published a draft decree on how the law may be implemented in November, giving
companies which offer internet service in Vietnam up to 12 months to comply.
MPS has also said the bill was aimed at staving off cyber-attacks -- and
weeding out "hostile and reactionary forces" using the internet to
stir up violence and dissent, according to a transcript of a
question-and-answer session with lawmakers in October.
TECHNOLOGY
ZDNet
January 2,
2019
A hacker
duo claims to have hijacked thousands of internet-exposed Chromecasts, smart
TVs, and Google Home devices to play a video urging users to subscribe to
PewDiePie's YouTube channel. The main hacker behind this hacking campaign
--codenamed CastHack-- is known online as TheHackerGiraffe. The hacker
explained on Twitter that CastHack takes advantage of users who use incorrectly
configured routers that have the UPnP (Universal Plug'n'Play) service enabled,
service which forwards specific ports from the internal network on the
Internet. The ports are 8008, 8009, and 8443, which are normally used by smart
TVs, Chromecasts, and Google Home for various management functions. The devices
expose these ports on internal networks, where users can send commands from
their smartphones or computers to the devices for remote management purposes.
But routers with incorrectly configured UPnP settings are making these ports
available on the internet. This allowed FriendlyH4xx0r to set up a script that
scans the entire internet for devices with these ports exposed. Once devices
are identified, the hacker said another script renames the devices to
"HACKED_SUB2PEWDS_#" and then tries to autoplay a video.
CyberScoop
December
30, 2018
BGP
security is going global. International agencies including the U.S. Department
of Homeland Security, the National Science Foundation, the European Research
Council and others are funding the Automatic and Real-Time dEtection and
Mitigation System (ARTEMIS), in an effort to stop hackers from rerouting
internet traffic through malicious networks. Border Gateway Protocol hijacking
occurs when attackers redirect web traffic away from its intended destination
and instead send those connections somewhere else. Perhaps the best known
example of BGP hijacking occurred in November when millions of IP addresses
aimed at Google were instead sent to a state-controlled telecom in China,
apparently by accident. The issue has become more urgent since nation-state
hackers and criminal groups started to utilize this technique for their own
gain, Rob Joyce, a senior adviser at the U.S. National Security agency, said in
December. ARTEMIS is seeking to resolve this problem with the release of an
open-source software tool that aims to detect and stop BGP attacks within one
minute. The group also received funding from a grant from the RIPE Network
Coordination Centre, which works as the internet registry for Europe, West Asia
and former Soviet states.