Cyberdefenses – COOPER GENERAL NEWS

Last month, top executives from Amazon, Microsoft, Cisco, FireEye and dozens of other companies worked with the Justice Department to deliver an 81-page report calling for an international coalition to fight ransomware. Heading the Justice Department is Lisa Monaco, the assistant attorney general, and John Carlin, who headed the agency’s national security division during the Obama administration.

Last month, the two ordered a four-month review of what Ms. Monaco described as “a mixed threat from nation-states and criminal corporations that sometimes work together to exploit our own infrastructure against us.” So far, the Justice Department has largely pursued a strategy of indicting hackers – including Russians, Chinese, Iranians and North Koreans – few of whom are ever tried in the US.

“We have to rethink,” said Ms. Monaco at the recent Munich cyber security conference.

Recommendations in the coalition’s report include urging ransomware-safe havens like Russia to prosecute cybercriminals with sanctions or restrictions on travel visas. It is also recommended that international law enforcement agencies join forces to hold money laundering cryptocurrency exchanges accountable and to know the “know your customers” laws.

The Executive Ordinance also seeks to fill in blind spots in the country’s cyber defense mechanisms uncovered in recent cyber attacks in Russia and China carried out from domestic servers in the United States, where the National Security Agency is legally banned from operating .

“It’s not the fact that we can’t connect the dots,” General Paul M. Nakasone, who heads both the National Security Agency and the Pentagon’s Cyber Command, told Congress in March, reviving the indictment against American intelligence after 9/11 “We can’t see all the points.”

The contract will establish a real-time intelligence exchange ship that will allow the NSA to share threat intelligence with private companies and enable private companies to do the same. The concept has been debated for decades and has even found its way into earlier “feel good laws” – as Senator Ron Wyden, Democrat of Oregon, described a 2015 bill encouraging voluntary threat propagation – but never got implemented at the speed or speed Scale needed.

The idea is to create a ship that would allow government agencies to share classified cyberthreat data with businesses, and encourage businesses to share more incident data with the government. Companies are not legally required to disclose a breach unless hackers have come to terms with personal information such as social security numbers. The order wouldn’t change that, although lawmakers recently called for a stand-alone law to disclose violations.

He urged the government to downgrade what it knows and what it doesn’t.

On Wednesday morning, Illinois Democrat Senator Richard J. Durbin called the Russian cyberattack “practically a declaration of war”.

So far, however, President Trump has not said anything, perhaps knowing that his term is beginning to end, with questions about what he knew about Russian cyber operations and when. The National Security Agency has largely remained silent and has hidden behind the classification of the secret services. Even the Cybersecurity and Infrastructure Security Agency, the group within the Department of Homeland Security tasked with defending critical networks, picked up the Russian mega-hack in a noticeably quiet manner.

Mr Blumenthal’s message on Twitter was the first official confirmation that Russia was behind the intrusion.

Trump administration officials have confirmed that several federal agencies – the State Department, the Department of Homeland Security, parts of the Pentagon, and the Treasury Department and the Department of Commerce – have been compromised. Investigators struggled to determine the extent to which the military, intelligence services and nuclear laboratories were affected.

The same questions are asked at many Fortune 500 companies that use the Orion network management tool, made by SolarWinds, based in Austin, Texas. The Los Alamos National Laboratory, which develops nuclear weapons, uses it, as does large defense companies.

“How is that not a massive secret service failure, especially since we were supposedly all Russian threat actors before the elections,” asked Robert Knake, a senior cyber officer in the Obama administration, on Twitter on Wednesday. “Did the NSA fall into a huge honey pot while the SVR” – Russia’s most sophisticated spy agency – “quietly plundered” the government and private industry?

Of course, even after placing its probes and beacons on networks around the world, the NSA is barely all-seeing. But if there is a larger investigation – and it’s hard to see how to avoid it – the responsibilities of the agency, led by General Paul M. Nakasone, one of the country’s most skilled cyber warriors, will be paramount.