RUTHFULLY YOURS

https://www.frontpagemag.com/point/2021/07/woke-military-failed-miserably-wargame-taiwan-daniel-greenfield/

As the David Horowitz Freedom Center has extensively chronicled in Disloyal Military Leaders, the military leadership has descended into racist virtue signaling and woke antics even while its core warfighting capability continues to be degraded.

This ought to be another wakeup call for a military leadership that is pursuing political correctness at the expense of competence with potentially deadly results for our personnel and for our national security.

A brutal loss in a wargaming exercise last October convinced the Vice Chairman of the Joint Chiefs Gen. John Hyten to scrap the joint warfighting concept that had guided U.S. military operations for decades. 

“Without overstating the issue, it failed miserably. An aggressive red team that had been studying the United States for the last 20 years just ran rings around us. They knew exactly what we’re going to do before we did it,” Hyten told an audience Monday at the launch of the Emerging Technologies Institute, an effort by the National Defense Industrial Association industry group to speed military modernization.   

The Pentagon would not provide the name of the wargame, which was classified, but a defense official said one of the scenarios revolved around a battle for Taiwan. One key lesson: gathering ships, aircraft, and other forces to concentrate and reinforce each other’s combat power also made them sitting ducks. 

That’s not exactly surprising. 

The strategies of a variety of opponents, from China to Iran, has been based around deploying mobile and flexible forces against concentrations of American forces. The Taliban in Afghanistan pursued a variation on that same course of action. Being the biggest kid on the block means that the smaller kids will look to their strengths, rather than try to match us blow for blow.

https://www.wsj.com/articles/does-the-pentagon-take-china-seriously-11625503914?mod=opinion_lead_pos6

U.S. defense leaders have a problem: What they say doesn’t line up with what they do. The mismatch is apparent in the latest Pentagon budget, and a “say-do” gap undermines the trust of Congress and the American people.

Military leaders identify China as our No. 1 challenge, often calling Beijing “an increasingly capable strategic competitor,” as Joint Chiefs Chairman Gen. Mark Milley has warned, or a “pacing” threat. Yet the budget request reduces the ability of the Navy and the Air Force—the services that would have outsize roles in any conflict in the Western Pacific—to respond to threats in that region. Meanwhile, the budget promises undeveloped weapons that may take decades to enter the fleet, funded by a “divest to invest” strategy.

The Navy wants to retire 15 ships, including seven guided-missile cruisers and four littoral combat ships, while procuring only two surface combatant ships and two submarines. (Congress’ budget draft would buy another destroyer and limit the retirements.) Naval aviation procurement dropped 15.6% over 2021 even as the Navy speeds up F/A-18 retirements. The USS Ronald Reagan, based in Japan to counter a threat from China, is overseeing the Afghanistan withdrawal in the Middle East because no other aircraft carrier is available. Meanwhile, China is building warships at an astonishing rate. In 2010 the U.S. Navy had 68 more ships than the Chinese navy. Today, it has 63 fewer, a swing of 131 ships in 10 years.

The Air Force is also following the Pentagon’s “divest to invest” lead. Combat aircraft procurement is down 22% from 2021. The force wants to retire 137 aircraft, more than double the number it plans to buy. After the retirement of 17 B-1s last year, the Air Force’s bomber inventory is at a level top officers have called the bare minimum. Ammunition procurement is down more than 40%. China in recent years has focused on procuring advanced aircraft and has the world’s third-largest air force. In addition, China has an extensive ground-based conventional missile force, including the DF-26, known as the “carrier killer” which is capable of striking Guam.

https://www.reuters.com/technology/hackers-demand-70-million-liberate-data-held-by-companies-hit-mass-cyberattack-2021-07-05/

Between 800 and 1,500 businesses around the world have been affected by a ransomware attack centered on U.S. information technology firm Kaseya, its chief executive said on Monday.

Fred Voccola, the Florida-based company’s CEO, said in an interview that it was hard to estimate the precise impact of Friday’s attack because those hit were mainly customers of Kaseya’s customers.

Kaseya is a company which provides software tools to IT outsourcing shops: companies that typically handle back-office work for companies too small or modestly resourced to have their own tech departments.

One of those tools was subverted on Friday, allowing the hackers to paralyze hundreds of businesses on all five continents. Although most of those affected have been small concerns – like dentists’ offices or accountants – the disruption has been felt more keenly in Sweden, where hundreds of supermarkets had to close because their cash registers were inoperative, or New Zealand, where schools and kindergartens were knocked offline.

The hackers who claimed responsibility for the breach have demanded $70 million to restore all the affected businesses’ data, although they have indicated a willingness to temper their demands in private conversations with a cybersecurity expert and with Reuters.

“We are always ready to negotiate,” a representative of the hackers told Reuters earlier Monday. The representative, who spoke via a chat interface on the hackers’ website, didn’t provide their name.

Voccola refused to say whether he was ready to take the hackers up on the offer.

“I can’t comment ‘yes,’ ‘no,’ or ‘maybe’,” he said when asked whether his company would talk to or pay the hackers. “No comment on anything to do with negotiating with terrorists in any way.”

The topic of ransom payments has become increasingly fraught as ransomware attacks become increasingly disruptive – and lucrative.

Voccola said he had spoken to officials at the White House, the Federal Bureau of Investigation, and the Department of Homeland Security about the breach but declined to say what they had told him about paying or negotiating.

https://cybersecurity.att.com/blogs/security-essentials/a-mid-year-update-for-cybers

It is nearing the mid-year point of 2021, and already it can be characterized as” the year of the breach.” Many companies and institutions saw their security perimeters pierced by hackers including the mega-breaches of Solar Winds and the Colonial Pipeline.  The scale of penetration and exfiltration of data by hackers and the implications are emblematic of the urgency for stronger cybersecurity.  Although there are a variety of trends emerging in the first six months, below are four that stand out as barometers of what lies ahead.  

1. Ransomware attacks are taking center stage as Cyber-threats

There is ample evidence that ransomware has become a preferred method of cyber-attack choice by hackers in 2021. As of May 2021, there has been a 102% surge in ransomware attacks compared to the beginning of 2020, according to a report from Check Point Research.

Hackers have found ransomware ideal for exploiting the COVID-19 expanded digital landscape. The transformation of so many companies operating is a digital mode has created many more targets for extortion. One office with 4,000 employees has become 4,000 offices. In addition to an expanding attack surface, hackers are more active than before because they can get paid easier for their extortion via cryptocurrencies that are more difficult for law enforcement to trace. Criminal hacker groups are becoming more sophisticated in their phishing exploits by using machine learning tools. They are also more coordinated among each other sharing on the dark web and dark web forums.

In 2020, according to the cybersecurity firm Emsisoft, ransomware gangs attached more than 100 federal, state, and municipal agencies, upwards of 500 health care centers, 1,680 educational institutions and untold thousands of businesses. As a result of the Colonial Pipeline Ransomware attack and others, the U.S. Department of Justice and the FBI have prioritized investigating and prosecuting hackers who deploy ransomware.

The impact for the rest of 2021 will be more ransomware attacks against institutions and corporations who are less cyber secure, especially to targets that cannot afford to have operations impeded such as health care, state & local governments, educational institutions, and small and medium sized businesses.

See: The New Ransomware Threat: Triple Extortion – Check Point Software

Why Ransomware is So Dangerous and Difficult to Prevent | Manufacturing.net

2. Cyber-attacks are a real threat to commerce and economic prosperity

So far this year, cyber-attacks have grown in number and sophistication, repeating a trend of the last several years. The recent cycle of major industry and governmental cyber breaches is emblematic of growing risk. The attacks are also becoming more lethal and costly to industry. A new NIST report was released on the economic impact to the U.S. economy by breaches, and it is alarming. The report suggests that the U.S. Loses hundreds of billions to cybercrime, possibly as much as 1 % to 4 % of GDP annually. The beach stats are part of a bigger global trend. The firm Cybersecurity Ventures predicts that global cybercrime damages will reach $6 trillion annually by this end of this year. The firm’s damage cost estimation is based on historical cybercrime figures including recent year-over-year growth, a dramatic increase in hostile nation-state sponsored and organized crime gang hacking activities, and a cyberattack surface.

In both the public and private sectors, there is a growing understanding of the seriousness and sophistication of the threats.  The list of adversarial actors is a large one that include states, organized crime, terrorists, and loosely affiliated hackers. To protect economic prosperity, there has been a movement for more threat information sharing and technical coordination between industry and government to filed tools and procedures that can better protect the crown jewels of critical infrastructure.

See:  Evidence suggests that the U.S. Loses Hundreds of Billions to Cybercrime, Possibly as much as 1 % to 4 % of GDP Annually | NIST

Global Cybercrime Damages Predicted to Reach $6 Trillion Annually By 2021 (cybersecurityventures.com)

3. Emerging technologies such as 5G and artificial intelligence are impacting the digital ecosystem

https://thefederalist.com/2021/06/21/democrats-are-turning-homeland-security-into-a-political-weapon/

When a former FBI assistant director for counterintelligence says directly into a camera that fighting terror may now mean arresting members of Congress, the blood sport of politics has been taken to a new and more dangerous level.

Speaking on MSNBC recently, Frank Figliuzzi opined to Chuck Todd that: “Arresting low-level operatives is merely a speed bump, not a road block. In order to really tackle terrorism … and this time domestically … you’ve got to attack and dismantle the command-and-control element of the terrorist group, and unfortunately, and I know this is painful to hear … that may mean people sitting in Congress right now, people in and around the former president.”

It is the stuff of banana republics when political opponents are locked up, and this was urged not by a fringe activist on an obscure YouTube channel, but by a former high-ranking U.S. intelligence official on the second-most-watched cable news network, with no gasp from the host. Is this what “homeland security” has become?

Clearly, much has changed since 9/11, when President George W. Bush instituted a new office to “secure the United States from terrorist threats of attacks” that eventually became the Department of Homeland Security (DHS). With a $40 billion budget and more than 240,000 employees, it is now a behemoth eclipsed in size only by the departments of Defense and Veterans Affairs.

Although established with noble purpose, there is growing evidence that its focus has evolved in a direction those voting for its creation never imagined. Those with the secret clearances and shiny badges are increasingly scrutinizing our homeland, not for external attackers, but our own people.

https://www.americanthinker.com/articles/2021/06/cyberfollies_at_homeland_security.html

Russia, China, and the balance of the world’s bad cyber-actors won’t stop attacking American commercial and infrastructure targets like the Colonial Pipeline and JBS, the world’s largest meat-processing company, until we make them pay an unacceptable price.  Unfortunately, Congress and the federal government accept that grave risk.

America is a sitting duck to cyber-criminals and state actors, who easily harvest our intellectual property, degrade our communications, create false information that influences our politics, and erode our national will from keyboards abroad.

Yes, cyberspace operations are the new nuclear weapons and can be scaled from pinpricks up to attacks that cripple entire countries.  The threat is so serious that it ought to capture the attention of every American.

The tip of the threat is cyber-crime, which costs the world perhaps $6 trillion annually, but more worrisome are state-sponsored cyber-attacks.  After all, cyber is an invisible weapon to impose a cost and consume resources.  No wonder our enemies in Moscow and Beijing host significant offensive cyber-armies and a variety of cyber-proxies that sow discontent and keep America tied down — an effective strategy.

President Joe Biden’s promise to put Russian president Vladimir Putin on notice for harboring cyber-criminals is an empty threat.  Putin knows that America offers easy cyber-targets, such as last month’s ransomware attack, which locked up Colonial Pipeline’s computers, leaving East Coast gas tanks empty for more than a week.

• GovCon Expert Chuck Brooks: Chief Data Officers Growing Importance In Digital Transformation of Government – GovCon Wire
• https://www.govconwire.com/2021/06/chuck-brooks-on-chief-data-officers-role-in-government-digital-transformation/
•
• 4 Beckoning Cyber-Threat Challenges
• by Chuck Brooks ⁦‪
•
• https://www.forbes.com/sites/chuckbrooks/2021/05/09/4-beckoning-cyber-threat-challenges/
•
• A Look into Chuck Brooks’s Alarming Cybersecurity Stats
• A Look into Chuck Brooks’s Alarming Cybersecurity Stats – Security Boulevard
•
•
•
• The Emerging Paths Of Quantum Computing by Chuck Brooks
•
• https://www.forbes.com/sites/chuckbrooks/2021/03/21/the-emerging-paths-of-quantum-computing/
•
•
• GovCon Expert Chuck Brooks: Strategic Paths of Cybersecurity”
•
• https://www.govconwire.com/2021/03/govcon-expert-chuck-brooks-strategic-paths-of-cybersecurity/
•
•
•
• Technado: Georgetown University’s Chuck Brooks
•
• Technado, Ep. 202: Georgetown University’s Chuck Brooks – Bing video
•
• Priority of Protecting Digital Critical Infrastructure Will Grow in 2021
• Chuck Brooks, President of Brooks Consulting International
• https://cip-association.org/priority-of-protecting-digital-critical-infrastructure-will-grow-in-
•
•
• 3 Key Cybersecurity Trends To Know For 2021
https://www.forbes.com/sites/chuckbrooks/2021/04/12/3-key-cybersecurity-trends-to-know-for-2021-and-on-/?sh=232922c14978
•
•
• GLOSERV The Growing Cybersecurity Threats To Services and Retail Industries by Mr. Chuck Brooks

• GLOSERV The Growing Cybersecurity Threats To Services and Retail Industries by Mr. Chuck Brooks – Bing video

https://www.newsmax.com/henryfcooper/cme-covid-emp-gmd/2021/06/01/id/1023479/

Ambassador Henry F. (Hank) Cooper, Chairman of High Frontier and an acknowledged expert on strategic and space national security issues, was President Ronald Reagan’s Chief Negotiator at the Geneva Defense and Space Talks with the Soviet Union and Strategic Defense Initiative (SDI)

My recent Newsmax articles discussed natural and manmade existential electromagnetic pulse (EMP) threats to the nation’s electric grid; and reported that in South Carolina we have demonstrated that protecting the grid is affordable.

Changes are required to assure our survival — and can be supported via the current infrastructure funding debate.

My March 16 article built on two previous articles emphasizing 1.) The “Cold Weather” Texas Grid Failure warning all Americans of the dangers of losing electricity for only 5-days (several times officially acknowledged 151 fatalities); and 2.) That President Biden’s proposed “American Rescue Plan” should protect all Americans against a major electric grid failure — from a major “solar storm” that for sure will one day occur.

My May 27 article discussed reports that major solar storms are likely in the next few years. A coronial mass ejection (CME) passing through the Earth’s orbit may envelop it and interact with its geomagnetic field to produce a major Geomagnetic Disturbance (GMD) not seen since the 1859 Carrington Event that today would crash electric grids leaving Americans without life support for months.

Most would die within a year due to the consequent disease, starvation and societal collapse — according to the Congressional EMP Commission.

Lower-level CME/GMDs could also seriously damage our unprotected grid.

My March 16 article referred to a March 6, 2021 Wall Street Journal report that proposed legislation then included $350-billion for state and local authorities, with $10-billion designated for infrastructure — an opportunity. Various reports indicated follow-on legislation would include additional infrastructure funding.

My April 23 discussion noted a proposal by Rep. Yvette Clark, D-N.Y., — chair of the Cybersecurity Subcommittee of the U.S. House Homeland Security Committee — that an Infrastructure Bill include funds for local and state authorities to protect the grid against cyberattack.

As cochair of the Congressional EMP Caucus, she knows that the military doctrine of Russia, China, North Korea and Iran includes EMP as the most consequential cyberattack strategy — a connection that infrastructure negotiations should address.

Hopes grew as the Biden administration proposed even more spending and seemed open to improving traditional infrastructure. I hoped to see the grid (as traditional infrastructure) protected against the existential EMP threat.

But ongoing negotiations among the “powers that be” offer little encouragement.

Senator Shelly Moore Capito, R-W. Va., who is leading Republication negotiators —including with President Biden (meeting scheduled tomorrow) has insisted on “real” or “physical” infrastructure — including new “broadband” that depends on electricity.

https://www.nationalreview.com/2021/06/the-rising-economic-cost-of-cyberattacks/?utm_source=recirc-desktop&utm_

The Biden administration should build on the Trump administration’s strategy to confront the increasing security and economic threat of cyberattacks.

It was recently revealed that DarkSide raked in $90 million worth of Bitcoin — including $4.4 million in ransom from the Colonial Pipeline operator — from its cyberattacks stretching back to October 2020. The ransoms paid to DarkSide and similar organizations, however, do not capture the total economic cost of cyberattacks. Targeted firms acting in their individual interests may not fully account for the economic costs that spill over to consumers and to other firms. The result is underinvestment in cybersecurity from the private sector as a whole. While the Biden administration’s “private sector decision” remark helped define its Colonial Pipeline response, the federal government has an important role in closing this cybersecurity investment gap and limiting the future cost of cyberattacks.

Cyberattacks are perpetrated by numerous types of actors and stretch far beyond ransomware attacks such as the attack on the Colonial Pipeline. In fact, ransomware is on average a less costly form of cyberattack. While ransomware attacks on large firms tend to make headlines, according to one report, 70 percent of such attacks are directed at small- and medium-sized firms with fewer than 1,000 employees with 90 percent of the losses against these firms uninsured. The widespread nature of cyberattacks, their pervasiveness across industry and firm type, the varying components that make up the total cost, and the prevalence of underreporting all contribute to the difficulty in estimating the overall economic impact of these incidents, though some studies do exist.

In 2018, the Council of Economic Advisers (CEA) published a report evaluating the total costs associated with malicious cyberactivity by measuring the stock-price reaction of publicly traded firms to news of cyberattacks that had been made public. After taking into account firms’ underreporting of cyberattacks, spillover effects to other firms, and private costs incurred alongside the costs to publicly traded firms, the CEA estimated that the total cost posed by malicious cyberactivity to the U.S. economy in 2016 was as high as $109 billion (roughly 0.6 percent of 2016 GDP). These estimated costs are very likely to have increased since 2016.

According to annual studies by Accenture and the Ponemon Institute based on extensive surveys of firms and cybersecurity experts, between 2016 and 2018, the average total cost incurred by firms due to malicious cyber activity increased by 58 percent in the United States. Assuming that the total cost to the U.S. economy increased at the same rate as the average cost faced by those surveyed firms, the total cost of cyberattacks in 2018 would be as high as $172 billion (roughly 0.8 percent of 2018 GDP). This assumption likely serves as a lower-bound estimate, however, as the average number of cyberattacks faced by firms globally increased over this period, making it more than likely that the frequency of attacks against U.S. firms also increased. Since 2018 — the last year the study was conducted — the number of cyberattacks, the average cost of cyberattacks, and the total economic costs are likely to have risen even further.