RUTHFULLY YOURS

Mr. Chuck Brooks – one of the world’s most known experts and the cyber security guru, shares his thoughts about Industry 4.0 and cyber threats in an interview with Ludmila Morozova-Buss.

As the capabilities and connectivity of cyber devices have grown exponentially, so have the cyber intrusions and threats from malware and hackers requiring restructuring of priorities and missions.

According to Chuck Brooks, a successful 4.0 cyber threat consequences strategy requires stepping up assessing situational awareness, information sharing, and especially resilience. Cyber resilience is an area that must be further developed both in processes and technologies because no matter what, breaches will happen.

Currently, Ransomware mostly via Phishing activities is the top threat. In the recent past, 2014 code vulnerabilities such as Heartbleed, Shellshock, Wirelurke, POODLE and other open source repositories caused chaos and harm. There is a growing understanding the seriousness and sophistication of the threats, especially denial of service and the adversarial actors that include states, organized crimes, and loosely affiliated hackers.

In the US, most (approximately 85%) of the cybersecurity critical infrastructure including defense, oil, and gas, electric power grids, healthcare, utilities, communications, transportation, banking, and finance is owned by the private sector and regulated by the public sector. DHS has recognized the importance of private sector input into cyber security requirements across these verticals and along with NIST in developing a strategy to ameliorate shortcomings.

The Strategic Grid, in the US and Europe, is in great need for enhanced security. An accelerated effort to fund and design new technologies to protect the utilities from natural or man-made electromagnetic surges; further, harden hardware and software in SCADA networks from cyber-attack, and provide enhanced physical security for the grid.

Mobile management that involves securing millions of BYOD devices is currently a challenge for information security both in government and in the private sector. Cloud computing has also taken center stage and securing cloud applications. There is always a need for better encryption, biometrics, smarter analytics and automated network security in all categories.

Supercomputing, machine learning, and quantum computing technologies are an exciting area of current exploration that may remedy many of the threats.

Chuck’s Brooks list of future cyber security 4.0 priorities includes:

Internet of Things (society on new verge of exponential interconnectivity)
Wearables
Drones and Robots
Artificial intelligence
Smart Cities
Connected transportation

The full interview by Ludmila Morozova-Buss can be read here.

Editor’s Note: This Article originally appeared on IIOT World, and is featured here with Author permission.

Once again the U.S. government has failed to protect sensitive personal information, this time highly sensitive information on 4,000 Air Force officers. This information, contained in extensive 127-page individual security questionnaires known as SF-86 were found on a backup hard drive that was neither password protected or encrypted. In addition, extensive information on high-profile visitors to sites in Afghanistan was also on the same drive along with gigabytes of Outlook emails whose content has yet to be assessed.

This follows a number of other similar cases, the most notorious was the highly successful penetration of SF-86 files and other data held by the Office of Personnel Management (OPM) in June, 2015. In that case, 21.5 million American’s personal data was compromised, again involving the SF-86 security questionnaire. On top of that, 5.6 million fingerprints were also stolen. In applying for a security clearance, the government collects fingerprint data and photos.

Full disclosure: my personal data was also compromised in the OPM hack and I received an OPM letter and some worthless “free for a year” coverage of my personal data going forward.

Does the government have any responsibility to protect sensitive information?

Apparently, anyone who believes that the government has this responsibility is sadly misguided. Not only does the government not protect personal information, it hands it around to other agencies routinely and gives it to private contractors for “processing.”

Like your passport! You go to a passport office, fill out all the information, provide a birth certificate and all the requisite contact information, and you give the passport office photos, one of which will wind up embossed into your passport. Then the Passport Office sends all that (how, by mail?) to a private contractor to “process.” Who has access to it is anyone’s guess. The information is not classified and therefore is not formally protected in any manner.

The same holds true for your tax return, which you send in to the IRS. nowadays electronically. Maybe it is semi-encrypted when you electronically transmit the form, or your accountant does it for you, but when it arrives at the IRS it is stored as an ordinary file with no protection.

The SF-86 form is an especially pernicious example because it contains a vast amount of information, everything from every place you may have worked, who your friends and colleagues are, to your business involvements and who your family members and relatives may be. All of this provides hugely valuable information to potential adversaries who may be nation-states, but who also could be terrorist organizations.

Everyone is shocked, shocked by WikiLeaks’ latest exposé that the Central Intelligence Agency (CIA) has been exploiting software vulnerabilities in our digital and electronic devices. All those “shocked” should have known better by now.

After the publications of files stolen by former National Security Agency’s contractor, Edward Snowden, on U.S. military capabilities, operations, tactics, techniques and procedures, and surveillance details, President Obama announced, “Nobody is listening to your telephone calls.”

In the spring of 2016 — months before Hillary Clinton’s and John Podesta’s emails were published by WikiLeaks — the Pew Research Center survey showed that many Americans “do not trust modern institutions to protect their personal data — even as they frequently neglect cybersecurity best practices in their own personal lives.”

For well over a decade, cyber experts have been testifying in open and closed Congressional hearings on the escalation of hacking into United States government agencies and private industries, communication, websites, and email. All without exception issued warnings on the short-term damages and the long-term threat posed by such hacking to U.S. national security and interests, and the American people by Chinese, Iranian, Russian, and other cybersavvy intelligence agencies, criminal and terrorist organizations. All the while very few, if any, warned of the proliferation of ground-based jammers and their growing interference with GPS timing and locations services, or data corruption and insertion.

In 2010, then Former Under Secretary of Defense for Policy Jim Miller lamented, “The scale of compromise, including the loss of sensitive and unclassified data, is staggering. We’re talking about terabytes of data, equivalent to multiple libraries of Congress.” (The Library of Congress is the world’s largest library, archiving millions of books, photographs, maps, and recordings.)

Successive governments and the private sector have failed to secure our communications, exposing our personal and national secrets, costing untold economic damage to individuals, companies, and our national security.

While the Obama administration oversaw the accelerated pace of moving to wireless communications — leaving very few alternatives, if any, for a time when those will be unavailable due to attack or natural disaster — it has adopted a slow knee-jerk cybersecurity policy. In 2014, the Obama administration was tasked by Congress to develop cyber countermeasure policies. But in response to Sen. John McCain’s (R-AZ) question “Is it correct that these are policy-decisions that have not been made?” U.S. Cyber Command Commander Admiral Michael S. Rogers responded: “The way I would describe it is, we clearly still are focused more on” an “event-by-event” approach to cyber incidents.” He urged to “accelerate debate on how to balance security and privacy in the ever-changing digital realm.” Otherwise, Rogers warned, “an enemy could change and manipulate data — rather than enter a computer system and steal — that action would be a threat to national security.”

Conservatives see the threat of aggressive Islam, which puts us far ahead of liberals, who merely live in stupefied denial. But conservatives tend to treat Islam as monolithic, which it is not.

Right now the Trump administration is considering whether to designate the Muslim Brotherhood as a terrorist organization, which sounds to Arab ears like “Is the Pope Catholic?” Do the Saudis play double games?” “Are the mullahs of Iran really genocidal?”

The answer is Yes! Yes! and Yes!

Which is why even Saudi Arabia, Russia, Syria, Bahrain, and the UAE have officially designated the Muslim Brotherhood as a terror group. One of biggest on the Sunni side of the street.

A new article in Cairo’s Al Ahram this week gives an explanation even the New York Times could understand (if it wanted to). The MBs promote violent Jihad, and carry it on themselves in their civil war against Egypt. They sponsor Hamas terror against Israel. They follow radical doctrines. Most of all (and here comes a new word), the MB’s are taqfiri. (TAHK-fear-ey). They regularly declare other Muslim groups to be infidels, which means they will kill other Muslims unless they submit to the MB version of Islam. From its most basic belief, the Ikhwan is at war with all Muslims who do not follow its militant war doctrine. The doctrine of taqfir is basic, and deviation puts you outside of the circle.

And yes, there are peaceful Muslim sects, like the Ahmadiyya. But they are small minorities in constant trouble from the violence-supporting majority.

There are also rational Muslims like Egypt’s President Abdel Fattah al-Sisi, who has said in a famous speech:

It’s inconceivable that the thinking that we hold most sacred should cause the entire umma [Islamic world] to be a source of anxiety, danger, killing and destruction for the rest of the world. Impossible! …

Is it possible that 1.6 billion people [Muslims] should want to kill the rest of the world’s inhabitants — that is 7 billion — so that they themselves may live? Impossible!

Those may be the most important words any Muslim leader has said since 9/11/01.

Yet Obama chose to ignore Sisi and supported the Muslim Brotherhood instead. What does that tell you?

Hillary’s closest confidante, Huma Abedin, comes from an MB family, was indoctrinated from childhood onward, and is paid by a family “charity” who are all MBs. Hillary and Bill know all that, of course, but the Moobs bring in huge amounts of money to the Democrats, and that’s what counts for the Clintons. (It should also matter to the rest of us.)

The Justice Department has enlisted a former Islamic State fighter in what they say is an effort to combat radicalization.

But the program, centered around Brooklyn native Mohimanul Alam Bhuiya, is fraught with considerable risks as so-called “deradicalization” efforts around the globe have failed spectacularly, and recent high-profile cases of former terrorists-turned-therapists experiments have not ended well.

The Wall Street Journal reports:

Mo, a U.S. citizen whose full name is under seal, left New York City in the summer of 2014 to join Islamic State in Syria.

Mo, now 28 years old, quickly became disillusioned, he says now. Four months in, he sent an email to the Federal Bureau of Investigation. “Please help me get home,” he wrote, according to court documents. “I’m fed up with this evil.”

[…]

Authorities in November 2014 deported Mo back to Brooklyn, where he pleaded guilty to two terrorism charges. He told the FBI that he acted as a building guard for Islamic State and taught other recruits how to use computer software.

Since then, Mo’s work with the U.S. government has included an unusual form of cooperation: conducting an intervention with a 15-year-old boy from Brooklyn who was posting tweets that appeared to support violence and Islamic State, also known as ISIS. The intervention so far has successfully dissuaded the teenager from joining the terrorist group.

It turns out that the Justice Department program is intended to reduce the sentences of U.S. terror supporters:

Under the new initiative, Brooklyn federal prosecutors will also use more discretion before charging someone with providing “material support” to terrorists, a broad violation that carries a maximum of 20 years in prison. Prosecutors may try to arrest some individuals on a lesser charge without the terrorism stigma, such as wire fraud.

For suspects already in custody, prosecutors will give more consideration to a shorter prison sentence in exchange for a longer period of supervised release that includes counseling or treatment.

There’s certainly no reason to question the motives of federal prosecutors backing this program, but there is evidence that calls into question their judgment.

Self-styled “community organizer” and “civil rights activist” Hesham El-Meligy was detained earlier today by the NYPD after refusing a bag search while attempting to board the Staten Island Ferry.

Predictably, El-Meligy is claiming racial profiling and “Islamophobia,” and insisting his rights were denied. But fellow Staten Islanders are pushing back on his claims.

A religious and political activist on Staten Island claims he was placed in handcuffs, frisked and issued two summonses by NYPD officers based on the way he looks.

Hesham El-Meligy, a Muslim who was born in Egypt, was temporarily detained and searched by police at about 8 a.m. Wednesday at the Staten Island Ferry terminal in St. George, after he refused a random bag check.

After a search of his backpack, he was issued summonses for trespassing and disorderly conduct and allowed on to the ferry, police said Thursday.

El-Meligy, founder of the Islamic Civic Association on Staten Island and chairman of the Staten Island Libertarian Party, said he believes the bag check wasn’t so random.

He took to Facebook hours after the incident, saying he felt singled out because his Egyptian heritage.

“I have no doubt that many (people) are in fact stopped randomly, but the manner this was done in my particular case made it feel different,” said El-Meligy.

But at least one eyewitness to El-Meligy’s detention disputes his account: