investigation | BusinessBrokerJournal.com

Why security experts were blindsided by the SolarWinds attack

Posted onFebruary 25, 2021Authoradmin

The SolarWinds cyberattack on U.S. government agencies and private organizations was and is frightening in its scale and success. It proved no match for the government agencies charged with defending against such things, and brought into sharp focus the fact that the government’s current model for responding to cyberthreats is lacking. The Senate Intelligence Committee hosted some of the main players in the SolarWinds saga Tuesday for some soul-searching on how the government and private tech companies should work together to stop future attacks. Some of the main themes discussed in the hearing are likely to end up in new cybersecurity legislation this year, a Congressional source told me. SolarWinds is the name of the Texas-based company whose IT management software is used by many government agencies and large corporations. Back in March 2020, the attackers—widely thought to be employed by Russia’s Foreign Intelligence Service—first planted malware in the SolarWinds system that sends updates to all its clients. When government agencies installed the update, they installed the malware, too. The attack was finally reported in December 2020 by the private security firm FireEye, and then only because the firm discovered its own systems had been infected. The SolarWinds attack was novel, in that it targeted both government and private-sector entities, and for its use of a government supplier (SolarWinds) as a Trojan horse to gain access to government agency systems. The white hats (security good guys) were not ready for this roundabout way of attacking. During the hearing, SolarWinds CEO Sudhakar Ramakrishna said the security community knows how to defend against direct attacks on networks and spear-phishing attacks in which hackers pose as a trusted party and try to trick employees of the target company into giving up their network credentials. Security experts have less experience with attacks that exploit a private-sector supplier of software to the government to gain entry. It’s hard for the eventual target organization—in this case government agencies and corporations—to see that kind of attack coming. The attackers attached malware to an update to SolarWinds’ Orion software. When the company’s clients—18,000 of them—installed the update, they also installed the malware. The attackers are thought to have penetrated the systems of 100 private companies and 11 government agencies, including the Departments of State, Energy, Homeland Security, and Treasury, and the National Nuclear Security Administration Read More …

Trump supporters believe election whistle blowers because they agree with them

Posted onDecember 3, 2020February 3, 2021Authoradmin

It’s amazing who right-wing pundits and politicians decide to take at their word. As Donald Trump continues to lose more and more lawsuits intended to overturn his election loss, his supporters in the media and beyond have put an increased emphasis on personal accounts from alleged whistleblowers. “Many [sworn affidavits] have been thrown out and many debunked, but many still have not. These Americans, these whistleblowers, deserve to be taken seriously and at least heard without threat of reprisal, but that’s not happening,” Fox News host Laura Ingraham said recently . Fine, let’s take a look at some of these whistleblowers. There was the woman at Rudy Giuliani’s circus-like hearing in Michigan on Wednesday, December 2, who argued for stringent voter ID laws because “all Chinese people look alike.” There’s the star witness at that same hearing, Dominion Voting Systems contractor Melissa Carone , an irate rambler who came across as an SNL character rejected for being too broad, and who has already become the subject of parody . a drunk woman is trump team’s star witness in michigan pic.twitter.com/qGxEI3hp2G — marisa kabas (@MarisaKabas) December 3, 2020 Then there’s the trio of whistleblowers who appeared on Sean Hannity’s extremely popular Fox News show on Tuesday, December 1, to share their stories of an alleged conspiracy to commit mass voter fraud. First up are USPS subcontractors Ethan Pease and Jesse Morgan. Pease claims that USPS workers were ordered to illegally backdate ballots so that they’d meet the November 3 deadline, while Morgan claims he picked up several pallets worth of ballots in New York and was ordered to bring them across state lines. The stories are only marginally more believable than Roger Stone’s recent claim of North Korean boats dropping off ballots in Maine Harbor . Whether they are true or not is for the judges to decide, but Hannity found them credible enough to put on air for an audience of millions, and the usual suspects tended to agree . Even just on the surface, though, these witnesses don’t seem terribly credible. All we know about them is that they appeared on Hannity fresh from a mostly maskless, indoor press conference , and that despite the host’s repeated insistence that these two are both “non-partisan,” Pease states that his reason for speaking up is that this is the “most important election of our lifetime.” (Hannity does not pursue this inquiry any further.) The third guest on the show manages to be even less credible. Kristina Karamo, an election observer from Michigan, claims that she was ordered to mark multiple ballots for Biden that may hav been mistakenly filled out for both Biden and Trump or Biden and a third-party candidate. She then zooms out to rant about all the general supposed election fraud evidence that the lamestream media is ignoring Read More …

Silicon Valley expects a chillier relationship with Biden than Obama

Posted onNovember 25, 2020Authoradmin

Now that the Biden administration has announced a transition team and is gradually announcing key advisory and cabinet appointments, the posture of the new administration toward Silicon Valley is becoming clearer. And it’s not the look of a budding friendship. When Biden last worked at 1600 Pennsylvania Ave., the White House had an open and friendly relationship with Silicon Valley. For example, the Obama administration also recruited talent from Silicon Valley to form the U.S. Digital Service , the elite technology “startup” within the White House that helped government agencies streamline systems and exploit new agile development methods. Obama also created the position of U.S. chief technology officer within the Office of Science and Technology Policy. From a regulatory standpoint, the tech industry enjoyed a light touch during the Obama years. Its relationship with the Biden administration will likely be different and less trusting. That’s one of the reasons it’s closely watching the formation of the new Biden administration, now in its beginning stages. There’s a lot to watch, since so many government agencies now impact the business of tech. Some high-level appointments, such as Ron Klain as chief of staff, will deal with a broad spectrum of issues, many of which don’t touch tech directly. But others, like the appointment of Janet Yellen as Treasury secretary could, for example, have implications for digital currencies and other financial tech. “There are enormous fintech issues that will be facing the financial regulators, most principally the office of the Comptroller of the Currency, but some issues that’ll touch upon the FDIC, Federal Reserve ,and Treasury as well,” says Jeff Hauser, founder and director of the Revolving Door Project, which tracks presidential appointees who come from various industries. Antitrust under Biden Of chief concern to Big Tech is the Biden administration’s thinking on antitrust. Proposals for breaking up big tech companies in the last couple of years from people such as Massachusetts senator and former presidential candidate Elizabeth Warren have ridden a wave of populist feeling in the country. The Department of Justice has already filed an antitrust lawsuit against Google in federal court, and the Federal Trade Commission is reportedly in the final stages of deciding whether to file its own suit against Facebook. The agencies are also conducting investigations into alleged anticompetitive aspects of marketplaces run by Amazon and Apple. The Valley is waiting for Biden to announce his attorney general and FTC chair , which could tell a lot about the new administration’s plans to control Big Tech. I don’t think this administration is going be kind to Big Tech in general.” Eric White, Seismic Capital Company Biden said precious little about antitrust on the campaign trail, but his statements on adjacent issues give some clues to his thinking Read More …