How not to respond. OR How to respond, not! Have we taken any effective action?
Senate Intel Releases Bipartisan Report on Obama Admin Response to Russian Election Interference
“Senate Select Committee on Intelligence Chairman Richard Burr (R-NC) and Vice Chairman Mark Warner (D-VA) today released the third volume in the Committee’s bipartisan investigation into Russian election interference, “U.S. Government Response to Russian Activities.” The report examines the Obama Administration’s reaction to initial reports of election interference and the steps officials took or did not take to deter Russia’s activities. Today’s installment is the third of five volumes in the Committee’s bipartisan investigation. The first volume, “Russian Efforts Against Election Infrastructure” was released in July 2019. The second, “Russia’s Use of Social Media,” was released in September 2019. The two remaining installments will examine the 2017 Intelligence Community Assessment (ICA) on Russian interference and the Committee’s final counterintelligence findings.
After discovering the existence, if not the full scope, of Russia’s election interference efforts in late-2016, the Obama Administration struggled to determine the appropriate response. Frozen by ‘paralysis of analysis,’ hamstrung by constraints both real and perceived, Obama officials debated courses of action without truly taking one. Many of their concerns were understandable, including the fear that warning the public of the election threat would only alarm the American people and accomplish Russia’s goal of undermining faith in our democratic institutions. In navigating those valid concerns, however, Obama officials made decisions that limited their options, including preventing internal information-sharing and siloing cyber and geopolitical threats…”
(Related) Perhaps a few have taken some action. I suspect security is not universally ‘top level.’ We will see.
FBI Outlines Technique Behind DDoS Attacks on US Voter Registration Website
Hackers who unleashed DDoS attacks (Distributed Denial of Service) attacks on a state-level voter registration and voter information website in the US used a technique called Pseudo Random Subdomain Attack (PRSD,) which is a form of attack that uses DNS queries for nonexistent and randomized subdomains, according to the FBI.
… “The requests occurred over the course of at least one month in intervals of approximately two hours, with request frequency- peaking around 200,000 DNS requests during a period of time when less than 15,000 requests were typical for the targeted website.”
PRSD attacks can be dangerous if the DNS servers lack the tools to deal with such incidents. Fortunately, that wasn’t the case. The FBI said the DNS servers had rate-limiting algorithms in place, which help to filter incoming and outgoing traffic.
Targets for small, angry nations? (No details)
Cyber attacks could cause financial crisis, says ECB chief Christine Lagarde
A combined cyber attack on important banks could trigger financial instability, the head of the European Central Bank has warned.
… “As an operator of critical infrastructures, the ECB obviously takes such threats very seriously,” she said in France on Wednesday evening. She said there were several “plausible channels” through which a cyber attack could morph into a serious financial crisis.
Ms Lagarde said an operational outage that destroyed or encrypted the balance accounts of a major financial institution could trigger a liquidity crisis. “History shows that liquidity crises can quickly become systemic crises,” she said. “The ECB is well aware that it has a duty to be prepared and to act pre-emptively.”
(Related)
SEC Releases Cybersecurity and Resiliency Observations: A Potentially Useful Guide for Businesses
In today’s connected world, businesses face constant pressure to improve their cybersecurity practices and to confirm that they are meeting industry standards. To continue helping businesses achieve those goals, the SEC Office of Compliance Inspections and Examination (OCIE) published on January 27 its latest Examination Observationsrelated to cybersecurity and operational resiliency practices.
The camera sees, and AI can recognize more than a face.
Joe Cadillic writes:
In the span oftwo years, law enforcement’s ability to identify the public using BriefCam has gone from disturbing to frightening.
A recentarticle in Twin Cities Pioneer Press revealed how the St. Paul Police Department uses Briefcam to identify people, cars, and physical objects.
Read more onMassPrivateI.
It’s not quite counter-surveillance, but more evidence that people (and that includes police officers) do not like to be photographed/videoed/recorded.
Robert Patrick reported:
A lawsuit by a man who said a Pevely police officer illegally detained him and seized his cellphone has been settled for $75,000, according to settlement documents obtained Monday.
Matthew Rankin, of Corpus Christi, Texas,sued in U.S. District Court in St. Louis in June, claiming that Officer Wayne Casey pried his phone out of his hand using a “thumb lock” and repeatedly threatened him with arrest after Casey spotted Rankin filming a traffic stop on Jan. 16, 2019.
Read more onSt. Louis Post-Dispatch.
No comments:
Post a Comment