now browsing by tag
Source: National Cyber Security – Produced By Gregory Evans The Speaker of the House who called a border wall with Mexico “an immorality” is still sitting on a Mexican request to approve a new trade agreement. What is the morality of ignoring this key priority of our southern neighbors? In a letter this week, Mexico’s […] View full post on AmIHackerProof.com
Source: National Cyber Security – Produced By Gregory Evans Chaos is a pit, the all-knowing eunuch Lord Varys warns in Game of Thrones, “a gaping pit waiting to swallow us all.” The conniving Peter Baelish, known as Littlefinger, disagrees: “Chaos isn’t a pit,” he replies. Too few realize, he says, that, “Chaos is a ladder… […] View full post on AmIHackerProof.com
Perhaps no one is more involved in turning Ethereum into a new way of doing business than Joe Lubin, an Ethereum cofounder along with Vitalik Buterin and others, and the founder of ConsenSys, a company that largely consists of interconnected startups building every aspect of what they call the Global Computer. After skyrocketing to a leadership position in 2015 in the blockchain world, thanks to the founding of ConsenSys and his willingness to see potential in far-fetched ideas, Lubin and his amorphously-governed company suffered a setback at the end of 2018 when he had to lay off more than 10% of his staff thanks in part to longer than expected time to build the technology, and slower than expected adoption.
Now Lubin says ConsenSys has returned to a state of equilibrium and is slowly starting to hire again. In a rare in-depth interview with Forbes Crypto & Blockchain Advisor, Lubin waxed poetic about his willingness to work with the Chinese government to teach them the benefits of a public blockchain, shared his thoughts on Facebook’s Libra, chatted about blockchain consortium Hyperledger’s largest project to date, and meticulously laid out his master plan for the next phase of Ethereum, which he and others working on the open-source project have dubbed Ethereum 2.0. Lubin’s work could end up laying the foundation for a new world order or prove to be a pipe dream.
Excerpted from Forbes CryptoAsset & Blockchain Advisor.
Forbes: How much of your work is focused on enterprises?
Joe Lubin: ConsenSys or my personal work? Well, my personal work is ConsenSys, so ConsenSys itself is probably 65% focused on public mainnet. But almost everything we do is applicable in private permission context. We really see the distinction falling away increasingly over time. We’ve been saying that for a long time, so that’s been the vision.
I spend a lot of time on the enterprise side in different nations, speaking to different businesses about business blockchain networks that we are standing up in ways that we can build on the public mainnet, or ways that we can link a business blockchain network into another business blockchain network. Such as Komgo—a group of companies using blockchain to streamline trade commodity finance and other applications—and some other network down into the base trust layer for collusion resistance or increased trust levels. I pay lots of attention to Ethereum 2.0. So, we’ve got a lot of people at ConsenSys, and are very close with many of the other groups around the world that are driving that effort.
Forbes: What is Ethereum 2.0?
Lubin: It is the natural extension of the Ethereum 1.0 platform. It will be realized as a separate network, but there will be a smooth evolution from Ethereum 1.0, both in terms of developer experience and in terms of how activity will flow from Ethereum 1.0 directly onto Ethereum 2.0 in the form of moving tokens and having smart contracts across the two systems that speak to one another. Pretty soon after phase zero of Ethereum 2.0 is stood up, the proof-of-stake mechanism for Ethereum 2.0—what we call the beacon chain—will be able to finalize blocks on Ethereum 1.0. So, there will be this cross linkage and a bunch of interdependency early on.
Forbes: Can you give us specifications for Ethereum 2.0?
Lubin: Ethereum 2.0 will be composed of three major phases: phase zero (the beacon chain), phase one where you hang 1,024 different shards off the beacon chain [this will allow transactions to settle in groups instead of on the entire Ethereum blockchain], and phase two where you turn those shards into not just storage but execution environments, just like the smart contract machine systems on Ethereum 1.0.
Phase zero and phase one are not driven by user or developer experience. It’s a bunch of incredibly smart people solving very deep, distributed computing issues. Phase two is very much driven by developer experience. We have a team that’s building something called Quilt, which is focused first on what the users might want to see in a development environment.
There’ll be different kinds of execution environments so Ethereum 2.0 won’t be homogeneous in its execution environment—we’ll build some of the early execution environments essentially, and they will be very pleasant to use because we’re focusing on that early. It’ll enable us to build a much more scalable system in time and enable us to build different kinds of focused execution environments for different kinds of problems. Different architectures are more efficient for different problem domains.
Forbes: Who are the users?
Lubin: Software developers. But we also have many software developers that build products and services, and so their users are actual customers, whether they’re enterprise, or government, or bank, or central bank customers, or whether they’re game players or people working on journalism platforms or music platforms.
Forbes: How is enterprise demand changing things at the ones and zeros level?
Lubin: Enterprise demand is just starting to change things at the ones and the zeros level. Ultimately this is all being built in the context of building out the decentralized worldwide web—evolving web 2 to web 3. That involves public permissionless blockchains and it involves lots of other blockchains that link into those things.
It also involves decentralized storage, bandwidth and heavy compute, among other things. We started with the toughest thing—the public permissionless blockchain, where anybody could attach byzantine environments. We solved that problem in effectively a not very scalable way, but it’s turning out to be remarkably scalable because we can build interesting solutions at layer two. This basic trust foundation so revolutionized trust on the planet, from subjective trust to automated trust, and guaranteed execution of agreements or objective trust upon that layer, that we’re now building what looks like the financial plumbing for the emerging decentralized economy. So, all that stuff is going on while at the same time all these businesses figure, “hey, we have this new trust tool so that we can collaborate much better.”
Projects like PegaSys (formerly Pantheon)—it’s really the only project that spans that whole range where it’s implementing the enterprise specs. It’s an excellent client at the public mainnet level. And it has all the permissionless, or the permissioning systems, and the privacy confidentiality that businesses need. So, we now have this component that’s situated in three really interesting places. It’s situated in the public Ethereum space; it’s situated in the enterprise Ethereum space; and now it’s situated in the Hyperledger space. Now enterprises are driving the evolution of the product.
Forbes: Are you seeing enterprises getting comfortable with the idea of having to spend gas (pricing value required to conduct a transaction or execute a contract on the Ethereum blockchain platform) to take advantage of these decentralized systems?
Lubin: Whenever you build out a revolutionary new technology you don’t focus on ease of use, you focus on demonstrating the principles and showing why it’s revolutionary. The Ethereum public machine has a whole bunch of gears and pulleys and sharp edges exposed, and you have to get in and turn cranks manually, etc.
Paying gas as a user is not a good element if you care about onboarding a whole bunch of users. But if I’m a software developer and I’m releasing a game or any other application, I’d pay a huge amount for infrastructure. And so, somebody’s paying for that. There is the potential for certain use cases for users to pay miners or validators in the future for the infrastructure. Businesses already incur lots of those costs in the form of paying gas.
Forbes: What is the Ethereum gas station network?
Lubin: It’s a tool that’s getting a bunch of usage now, which basically flips things. It makes use of a technology called metatransactions, where you can just interact with a decentralized application (dapp). Anytime anything needs to be sent into the network and gas would have to be paid, the gas station network basically takes care of that. And that would usually be paid so there’d be a bunch of people who set up software to monitor those things and send them in and they would usually be paid by the developers. So, it gets smoothed, and it avoids the scourge of the internet, which is relying on advertising to power all these applications.
Forbes: Five years ago, did you think gas was going to be such a big obstacle to adoption?
Lubin: I think we knew that user experience was problematic. We were looking at long strings of hexadecimal digits, so we knew we had to build the machine before painting it and covering it over with nicely shaped enclosures.
Forbes: Has it been more difficult than you expected?
Lubin: I’m kind of a stunned by how much progress has been made in such a short time. If you look at all the previous massive societal revolutions—mobile phones, the internet itself, the web, cars, electricity—they all took a lot longer. We’re not really ten years into the decentralized web revolution or evolution, we’re more like five years into it. Because bitcoin was a very narrow implementation and smart contracts were really invented about five years ago. And so, it’s astonishing how many big companies, startups and just people care and think it’s going to be important.
Forbes: Can you unpack the business component of reimagining the web on a blockchain?
Lubin: It’s not just on a blockchain; it’s on decentralized protocols. Blockchain is just one of them, but you need other ones like storage and bandwidth. What is the decentralized worldwide web? It’s all the services we care about realized in collaborative networks that we can trust. Because they’re not owned by a single or subset of actors that are controlling the whole thing.
Forbes: How important is the burgeoning network of 5G support going to be?
Lubin: It’s really important. We’re looking into decentralized bandwidth. There’s WiFi Aware, which is a technology that can enable us to link our phones to one another without anybody being able to shut down over pretty sizable distances now. Blockchain networks and tokenization will enable us to build those networks and enable us to share resources and pay each other with different tokens.
Forbes: When you see what’s going on with the global race to 5G and China’s willingness to build a firewall to try to prevent its citizens from using competing cryptocurrencies, where does Ethereum fit into this sociopolitical turmoil?Lubin: It depends how good deep packet inspection gets; it depends how focused places like China are on controlling its digital borders because it can do it if it wants to. It may get more interesting as we have these satellite constellations—OneWeb, SpaceX and a couple others—and as we can do mesh networking, across borders, potentially. Ultimately, I feel like the ideas are so powerful. Essentially the internet woke up so much of the world by just enabling free access to information. I think it’s been complicated, but very largely positive for the planet.
And if you see the potential of a new trust infrastructure and a new collaboration infrastructure and tokenization because you can have digital scarcity—and again, that’s dependent on trust—companies within nations like China are going to start to build on that, and it’s a powerful concept. Lots of people will say, “What if?” and “Why not?” and “Why isn’t this?”
So, I think in terms of getting the ideas out, the ideas are pretty powerful. Ultimately, unless everybody owns decent amounts of the infrastructure on which they live their lives, things will be unstable. So, if we can build a society maybe in the Western world where it’s an ownership society, a stakeholdership society—and proof of stake is interesting, because we will be holding all these tokens that power the networks we live our lives on. You’re going to have to erect some pretty opaque, tall walls to keep that promise out. And unstable societies where a broad swath of the population isn’t benefitting probably won’t last.
Forbes: Years ago, there was this mentality that there was almost no such thing as bad adoption. Like, anybody using anything blockchain or anything crypto was good. Companies that were committing horrendous crimes on the weekends were dropping press releases on the weekdays about how awesome blockchain is for transparency. Are you worried that China could subvert the benefits of blockchain?
Lubin: I would love to help China get expert in Ethereum technology. One reason is if the Belt and Road Initiative [a program trying to connect Asia with Africa and Europe via land and maritime networks] uses one of the weaker technologies and it sort of mandates that those networks be built in that technology, maybe it won’t be as interoperable. But the main idea is that Ethereum is the strongest of the blockchain technologies and it’s a very positive virus to implant in people’s minds.
Forbes: China has made it very clear that it wants to increase transparency and wants to prevent anti-money laundering. It’s saying all the things we’ve been saying for years about what blockchain could do. But when it’s a notoriously oppressive regime talking about it, we start wondering, “How is it going to define money laundering, and what are they going to do with that transparency?”
Lubin: China is a business that writes its own rules and has an enormous customer base—1.4 billion people. That’s a tough economic force to compete with. I do think there’s an instability. I think leaders are constantly terrified of revolution, so they have to keep the people relatively happy at some baseline level.
Forbes: Do you assume that China’s cryptocurrency is going to be interoperable with other cryptocurrencies?
Lubin: I assume it is going to be exactly what Chinese leadership thinks is most beneficial to Chinese leadership. Hopefully that’s also open and we can interoperate with it, but I don’t know. The country could do the calculation and decide there needs to be a firewall around it, or it could do the calculation and decide, “hey, this is an incredible vector for destroying the American reserve currency status,” which is probably my guess.
Forbes: Do you see a world where people might be spending crypto yuan on bread in Nebraska?
Lubin: Have you seen Alipay in American airports?
Forbes: Yes, I have. But isn’t it still U.S. dollars? I think that’s an important difference, isn’t it?
Lubin: It is. But what’s it going to be next year and five years from now? China has the vector and it will do what it can as quickly as it can.
Forbes: Is there a technological development that is not blockchain that is capturing your attention right now?
Lubin: Lots of decentralized stuff is really interesting. Many years ago, I had deep expertise in neural nets or deep learning. It should have been called shallow learning back then. So, I’m paying much more attention to that again. I’ve been in the financial world. I was pretty well-read on finance and economics 10, 15 years ago, and haven’t been paying too much attention there until recently.
In the last year or so it’s become clear that what I’ve been saying for a long time, that our global financial and economic systems are essentially bankrupt, and the central bankers have been kicking the can down the road for a long time, and now that yield curves are flattening we may not have enough dry powder in the central banks to kick the can down the road and this recession could be really problematic. So, I’ve been talking about potential cascading collapses if certain contagions happen.
Forbes: What happened that got your attention to your old career in finance again?
Lubin: We’ve been building and hoping that central bankers could keep kicking the can down the road so that we could build alternative infrastructure—sounder foundations that enable more-sustainable growth on these systems. We’re not there yet; we need more time because the technology isn’t mature enough. Hopefully we get out of this one and it isn’t a horrendous recession; no matter how deep it is, it’ll be called a recession, I think.
What I’ve been paying attention to is the intersection of our ecosystem with the transition from the current economic regime on the planet, and the current monetary regime on the planet, because our monetary systems are end-of-life’ing right now. Facebook’s Libra is an interesting project—not based on who’s going to run it—if it does end up launching. But the idea that we could have cryptocurrency essentially with underlying baskets of currencies or nation-state bonds or commodities—that’s really, really interesting.
Forbes: Going back to the concept of, “there’s no such thing as bad adoption,” do you think this is progress or are you scared about Libra?
Lubin: I don’t mind Libra at all. I don’t think Libra will be implemented because its biggest asset is its biggest liability. Lots of people should be able to sit up there on business blockchain networks with their own currencies. JPMorgan’s doing it, Signature Bank, etc. That’s all good. But linking its 1.3 billion global Facebook citizens through Collibra into all this, is pretty scary.
And essentially giving Mark Zuckerberg control over monetary politics of lots of small nations is concerning. So, I do think that we should have lots of these systems; there should be choice and I think that lots of smaller countries would really benefit from the currency stability and being able to buy stuff frictionlessly across borders.
I think those are great systems and as long as we have a bunch of them, providing choice, providing different underlying baskets, I think that’s going to be our new dominating monetary regime. And I think governments are going to like that because they’re going to be able to sell their debt into those systems.
Forbes: You talked about the central banks kicking the can, is this an improvement, or is it just kicking the can down further?
Lubin: I think it’s an improvement. I think it’s borne of a really broken system that’s end-of-life’ing. But I think conceptually—if implemented well—it’s great. It’s optionality, it’s money. It is kind of dumb that a capitalist society controls the price of money. These systems will behave like businesses and they will succeed or fail based on how they serve their customers.
Forbes: In the time since Libra was announced, we’ve confirmed three interesting central bank concepts: the Libra concept, the People’s Bank of China concept and the idea that Mark Carney floated about a basket of currencies that the central banks willingly participate in. Do you have a favorite?
Lubin: My favorite is optionality. I’d like to see lots of different experiments.
Forbes: Is China’s cryptocurrency a threat to the U.S. dollar?
Lubin: I don’t think so. Lots of things are threats to the U.S. dollar. China and Russia are making lots of effort to do business without using U.S. dollars, and other countries following suit. There are lots of reasons why American influence is shrinking and will probably continue to shrink. That may not be a bad thing but in some ways, it’ll be a bad thing. China’s particular cryptocurrency I don’t think is a major factor.
Forbes: My colleague Jeff Kauflin wrote an article a while ago about ConsenSys and its job situation. How is the slightly more-slender version of ConsenSys, progressing? Are you hiring again yet?
Lubin: We’ve probably hired 100-150 people since December.
Forbes: Since the culling is there a net growth?
Lubin: Pretty steady state. We’re at 1,000.
Forbes: Where is the growth coming from with respect to zero knowledge proof?
Lubin: Our own Pegasus Group is doing some breakthrough work there. You’re aware of Ernst & Young’s activities on that front so it’s doing some cool stuff. And we have a portfolio company that we work really closely with called Aztec, which is building out a whole bunch of zero knowledge components that you’ll be able to stack together and compose in two different kinds of solutions, so like Lego blocks.
Forbes: What do you think about the work currently underway at Hyperledger where a number of giant companies are trying to work together to build the Trusted Compute Framework, which would move computational trust off-chain?
Lubin: That’s an even bigger stew of different technologies. Trusted computing involves hardware and software, and trusted execution environments and secure enclaves. Even within narrow categories like zero knowledge proofs, there are many different approaches, usually varying depending on the setup of the system—whether it’s trusted, or whether there’s one big setup where you have to do it a bunch of times. And how much computation is required to essentially do the encryption, and how much to verify it? It’s a very young technology, and lots of different groups are employing it.
Forbes: How is this going to be done successfully? There’s a lot of different people trying to build the Trusted Compute Framework at the same time. It’s open-source; it’s part of the foundation. It feels like a Frankenstein monster, but it might be beautiful.
Lubin: It’s a Frankenstein monster, just like the internet and the web are Frankenstein monsters. It’ll be built through merit, through lots of different really talented people exploring the solutions base, openly collaborating—not 100% openly—but collaborating a lot. And the best there won’t be one best technology because there will be different technologies that are suited to different use cases. It’s moving fast and if you read or are aware of the cathedral in the bazaar, it’s not being built in a top down, control-like fashion. That wouldn’t be as effective as a whole lot of brilliant ants scurrying around and getting collective work done.
Forbes: Thank you.
View full post on National Cyber Security
WASHINGTON — President Donald Trump on Thursday urged another foreign government to probe former Vice President Joe Biden and his son Hunter, saying the Chinese government should look into Hunter Biden’s involvement with an investment fund that raised money in the country.
“China should start an investigation into the Bidens because what happened in China is just about as bad as what happened with Ukraine,” Trump told reporters outside the White House.
While Trump said he hasn’t asked Chinese President Xi Jinping to investigate the Bidens, the public call mirrors the private behavior on which Democrats are partially basing their impeachment inquiry — using the office of the presidency to press a foreign leader to investigate a political rival.
It is “certainly something we can start thinking about, because I’m sure that President Xi does not like being on that kind of scrutiny, where billions of dollars is taken out of his country by a guy that just got kicked out of the Navy,” Trump said Thursday of asking China to probe the Bidens. “He got kicked out of the Navy, all of the sudden he’s getting billions of dollars. You know what they call that? They call that a payoff.”
The U.S. in the midst of a tense trade war with China. The president, discussing progress on negotiations with Beijing on a possible trade agreement just moments before his remarks about the Bidens, told reporters that “if they don’t do what we want, we have tremendous power.”
Chinese officials will be in Washington next week in another attempt to revive talks, Trump said.
Trump, seeking to expand his corruption accusations against the Bidens beyond Ukraine, has in recent days repeatedly accused Hunter Biden of using a 2013 trip on Air Force Two with his father, then the vice president, to procure $1.5 billion from China for a private equity fund he had started.
Prior to Thursday, Trump had not called for an investigation into the matter. The White House declined to comment on Trump’s remarks.
Despite Trump’s accusations, there has been no evidence of corruption on the part of the former vice president or his son. In a statement, Biden’s deputy campaign manager and communications director, Kate Bedingfield, said the president “is flailing and melting down on national television, desperately clutching for conspiracy theories that have been debunked and dismissed by independent, credible news organizations.”
“As Joe Biden forcefully said last night, the defining characteristic of Donald Trump’s presidency is the ongoing abuse of power,” Bedingfield said. “What Donald Trump just said on the South Lawn of the White House was this election’s equivalent of his infamous ‘Russia, if you’re listening’ moment from 2016 — a grotesque choice of lies over truth and self over the country.”
Trump, during a 2016 campaign rally, encouraged the country to meddle in the 2016 election by trying to access Hillary Clinton’s emails, saying, “Russia, if you’re listening, I hope you’re able to find the 30,000 emails that are missing.”
Special counsel Robert Mueller’s Russia investigation found that within hours of Trump’s invitation, Russian military intelligence initiated a hack against Clinton’s office. Trump and his allies have said he wasn’t serious when he made the comment.
In pushing back on Trump, Biden’s campaign previously pointed to a fact-check from The Washington Post that found Trump’s claims false while tracing the origins of the $1.5 billion figure he has used to a 2018 book by conservative author Peter Schweizer.
In addition, Hunter Biden’s spokesman, George Mesires, told NBC News previously that Hunter Biden wasn’t initially an “owner” of the company and has never gotten paid for serving on the board. He said Hunter Biden didn’t acquire an equity interest in the fund until 2017, after his father had left office.
And when he did, he put in only about $420,000 — a 10 percent interest. That puts the total capitalization of the fund at the time at about $4.2 million — a far cry from the $1.5 billion that Trump has alleged.
Trump also said Thursday that he still wants Ukraine to conduct “a major investigation” into Joe and Hunter Biden.
“I would think that if they were honest about it, they would start a major investigation into the Bidens,” he said, adding, “They should investigate the Bidens.”
House Democrats have launched a formal impeachment inquiry against Trump centered on a July 25 phone call between him and the president of Ukraine during which Trump asked his Ukrainian counterpart to investigate the family of the former vice president, Trump’s possible 2020 opponent. The House is also looking into whether Giuliani’s overtures were proper and whether the White House was using almost $400 million in frozen aid to Ukraine as leverage.
The White House has since released a detailed description of the July call, while the House Intelligence Committee made public a lightly redacted version of the intelligence community whistleblower complaint that brought to light the allegations against Trump. The complaint alleged that Trump, in the July phone call, used the power of his office “to solicit interference from a foreign country” in the 2020 election.
The impeachment inquiry has unleashed a torrent of activity in the House and key cabinet agencies.
House Democrats have so far issued subpoenas for Trump’s personal lawyer Rudy Giuliani as well as for Secretary of State Mike Pompeo for Ukraine-related documents. They have also threatened the White House with subpoenas for Ukraine-related documents. And on Thursday, the Department of Defense said its general counsel had directed all agency offices and leadership to turn over any pertinent information dealing with military funding to Ukraine.
Democrats, meanwhile, immediately excoriated Trump’s latest comments Thursday as “unacceptable” and “indefensible,” suggesting that the president is only strengthening their case for impeachment.
“The president cannot use the power of his office to pressure foreign leaders to investigate his political opponents. His rant this morning reinforces the urgency of our work. America is a Republic, if we can keep it.” House Intelligence Committee Chairman Adam Schiff, D-Calif., said in a tweet.
Rep. Emanuel Cleaver, D-Mo., tweeted: “This is absolutely unacceptable. It’s clear the president understands he’s been caught red-handed and has now moved to normalize this kind of corrupt behavior.”
“GOP must speak out,” he added.
Rep. G.K. Butterfield, D-N.C., also had a message for Republican lawmakers.
“To my Republican colleagues, I implore you to listen to the words that came out of Trumps’ mouth this morning. From the SOUTH LAWN OF THE WHITE HOUSE,” he said on Twitter. “Think about the detrimental impact these actions will have on our democracy and our national security. This is indefensible.”
The remarks also elicited the attention of the top elections official in the U.S., Federal Election Commission Chair Ellen Weintraub, who re-shared a tweet she had posted in June explaining that “it is illegal for any person to solicit, accept, or receive anything of value from a foreign national in connection with a U.S. election.”
Weintraub had initially posted the tweet in June, after Trump said he’d consider taking information on opponents from other countries.
View full post on National Cyber Security
President Trump reportedly sees security procedures as too inconvenient. Unfortunately, he’s not alone.
Let’s face it folks: Security can be “too inconvenient” and when your boss doesn’t want to adhere to your security policy it’s going to be difficult to enforce. Just ask President Trump.
Politico reported that Trump could be the biggest cybersecurity risk to the U.S. government. Why? We all know he likes to Tweet. And he’s not too enthusiastic about staffers who want to put better security around his phone use.
Trump reportedly noted that security procedures are “too inconvenient.”
We’ll stop there with the Trump talk because there are bigger lessons to be learned here: Humans are the weakest security link and there’s a trade-off between usability and thwarting threats. In an ideal world, even bosses would listen to the security pros, but the reality is a bit different.
Do you honestly think Trump is the only CEO who rebuffs his cybersecurity team?
The average enterprise has multiple employees going rogue when it comes to security. Toss in mobile devices and social media accounts and you have the fodder for cybersecurity headaches. Trump just illustrates the point. And when the boss isn’t following procedure the whole food chain ignores security.
To anyone following enterprise security this realization isn’t a newsflash. Social engineering aimed at humans–always good for a cybersecurity incident–have led to a rise in ransomware, according to Verizon.
Meanwhile, securing mobile devices is an increasingly huge headache. Insider errors were at the heart of 17 percent of data breaches, according to Verizon.
Now you can argue that Trump should be following protocol given all the state actors that would find him a compelling target. But the reality is that all of us have a bit of Trump in us when it comes to cybersecurity. In the Trump example the stakes are simply higher.
The post We’re all a #bit of #Trump when it #comes to #cybersecurity appeared first on National Cyber Security Ventures.
View full post on National Cyber Security Ventures
President Donald Trump has broken with a host of Obama-era international agreements, from the Trans-Pacific Partnership to the Paris climate pact — but he’s showing every sign of sticking with a 2015 hacking accord with China.
Last month, the Trump administration quietly reaffirmed the agreement, which Republicans had initially greeted with skepticism. And business groups, cyber researchers and international policy experts say they see little reason for Trump to cancel the deal, especially as he’s pressing for China’s cooperation in curbing North Korea’s increasingly bellicose cyber and nuclear programs.
The hacking agreement is not expected to be a major talking point when Trump meets on Wednesday in Beijing with Chinese President Xi Jinping, whose country remains one of the most skilled and aggressive operators in cyberspace.
China appears to be largely complying with the 2015 deal, in which both countries pledged not to steal trade secrets from each other for the benefit of their domestic companies. That has helped calm the friction that once reigned between Washington and Beijing over cyber disputes, leaving Trump free to press his complaints with China on issues such as its protectionist regulations and unfavorable trade balance with the U.S.
“Having the cyber accord that we have helps to narrow the issues in dispute,” said Luke Dembosky, who worked on the 2015 U.S.-China cyber pact as a senior Justice Department official. “We need every bit of goodwill we can muster between our two countries on issues like North Korea. And we should, as a country, capitalize on the breakthrough that was achieved in fall of 2015.”
Perhaps most surprisingly to some, the deal has had its intended effect: Chinese-backed cyber theft of American trade secrets has dropped roughly 90 percent since the September 2015 accord, according to two leading digital security firms. Before then, analysts estimated that the thefts were costing the U.S. hundreds of billions of dollars a year.
“We saw the level of that activity drop off a cliff,” said Chris Porter, chief intelligence strategist at FireEye, which closely tracks major Chinese-linked hacking groups. “At or near zero levels.”
Those same researchers, though, caution that Chinese hacking tactics may have mutated in recent months, once again threatening American businesses through means that push the boundaries of the 2015 accord.
The Trump administration has not made strong public statements either way regarding the U.S.-China cyber pact despite jointly pledging with China in October to continue implementing the deal.
“President Trump believes strongly in protecting intellectual property rights, which are a key part of a fair and reciprocal trade policy,” White House spokesman Marc Raimondi wrote in an email. “We will be closely monitoring [China’s] adherence to both the letter and the spirit of the commitment.”
When Xi visited the White House in 2015, cyber tensions were at an all-time high between the two countries. It was widely believed that Beijing’s cyber spies had been behind the devastating theft that spring of more than 20 million sensitive U.S. government security clearance background-check files. And business groups were imploring the Obama administration to punish China over what they said was a pervasive hacking campaign to steal America’s trade secrets and erode the country’s competitive advantage, costing the U.S. up to $400 billion a year.
But instead of slapping Beijing with sanctions, Obama and Xi announced a mutual vow to end the type of theft that was enraging U.S. business leaders. Republicans — and even some Democrats — were immediately dubious that the diplomatic route would have any tangible effect on China’s behavior. And notably, the deal did not require either side to stop traditional cyber espionage, such as the theft of the U.S. background-check records.
However, just over two years later, the pact has held.
There has been a “massive reduction” in Chinese intrusions of American companies, said Dmitri Alperovitch, co-founder of the digital security firm CrowdStrike, which is working on a report analyzing China’s digital behavior since the agreement.
And it has allowed the two countries to focus more on their trade relationship, making it “a remarkable success” from that perspective, said Porter, of FireEye. “It shows that diplomacy can be used to reduce the cyber threat to Americans.”
Those who worked on the deal also believe it played a broader role in stabilizing U.S.-China relations and set a rare precedent for the international community on cyber norms, which have been notoriously difficult to pin down.
“These are two of the, if not the two, world leaders on cyber issues,” said Dembosky, now a partner at the law firm Debevoise & Plimpton. “So for them to reach any agreement on matters of cyberspace … has huge ripple effects in the international community in a positive way.”
China did not give up its expansive cyber efforts, though. Instead, the country shifted its focus to regional targets, training its digital spies on dissidents in Tibet and Hong Kong, as well as political, military and economic targets across Asia, CrowdStrike’s Alperovitch said. According to FireEye’s Porter, Chinese hackers were able to pilfer intellectual property — from other nations, like Japan — that was largely comparable to what they had been getting in the U.S.
At the same time, Xi was also restructuring his military. The increasingly powerful leader wanted to consolidate the country’s cyber army and rein in government-linked hackers moonlighting as rogue digital actors, a process FireEye detailed in a June 2016 report.
And there are recent signs that Beijing may be testing the limits of its 2015 promises.
In mid-2016, FireEye noticed that one prominent suspected Chinese hacking group had resurfaced, catching it infiltrating a U.S. information technology services firm in a likely attempt to gain access to the firm’s clients. Porter said FireEye had also discovered Beijing-linked hackers spying on corporate executives, giving them access to inside information that might eventually come in handy for Chinese investors looking to purchase an American firm or Chinese companies bidding on a U.S. project.
It’s unclear whether either strategy would technically violate the narrow terms of the 2015 agreement.
“I do think that it’s still too early to call victory here,” Alperovitch said.
Still, cyber watchers say that Trump should stick with the deal.
The U.S. gave up almost nothing in inking the agreement, they note, as it already had a long-established commitment to not steal corporate secrets for domestic economic gain. Plus, the deal established law enforcement channels to swap details on cybercrime, a valuable tool given China’s proximity to North Korea’s increasingly assertive cyber army. Researchers believe Pyongyang was behind a global malware outbreak earlier this year that froze tens of thousands of computer networks, costing businesses hundreds of millions of dollars. South Korea has also blamed its northern neighbor for the digital theft of war plans.
China may have enabled North Korea’s hacking operations by providing network bandwidth or even physical space for Pyongyang’s digital warriors, according to studies and media reports. Details are thin on what assistance China may currently provide.
“China may well be in a position to be able to provide information about North Korean cyber activities,” said Samir Jain, who helped craft the U.S.-China cyber deal as a senior director for cyber policy at the National Security Council. “To the extent that the Chinese can provide information about those actors or about servers or other infrastructure being used by North, then that would all be helpful.”
The White House also doesn’t appear eager to rock the boat over any possible noncompliance with the 2015 deal. A White House blog post about Trump’s upcoming visit to Beijing mentioned only the North Korea situation and “China’s unfair trade practices.”
Indeed, those “unfair trade practices” are where industry leaders’ concerns now lie. They worry that new Chinese cybersecurity regulations could force foreign technology companies to hand over software for “security” reviews before being allowed to enter China’s booming market. Trump recently ordered the U.S. trade representative to investigate the issue, setting up a potential showdown with Beijing on trade.
“We are at risk of a trade war,” Dembosky said. “It may be a cold trade war, but it’s certainly getting much hotter. If we don’t reach some understanding with China on the processes — and the fairness of the processes on both sides for evaluating these risks — then both counties will suffer.”
The post Why #Trump is #sticking with #Obama’s #China #hacking #deal appeared first on National Cyber Security Ventures.
View full post on National Cyber Security Ventures
Authorities are looking into the apparent hack of a road sign in Washington’s scenic Rock Creek Park that was emblazoned with a profane message Monday morning about President Trump. The electronic sign was supposed to inform drivers that a local road was closed for sewer work. Instead, all it said…
The post Agency blames hackers over ‘F— Trump’ road sign in DC park appeared first on National Cyber Security Ventures.
View full post on National Cyber Security Ventures
President Trump has given the go-ahead for a plan dating from the Obama administration to elevate US Cyber Command to the level of Unified Combatant Command, giving it more operational independence from the National Security Agency. The statement also raised the possibility of splitting off CyberCom from the NSA entirely….
The post Trump approves Obama-era plan for a more independent US Cyber Command appeared first on National Cyber Security Ventures.
View full post on National Cyber Security Ventures
To Purchase This Product/Services, Go To The Store Link Above Or Go To http://www.become007.com/store/ Catherine Lhamon, the civil rights chief in Obama’s Education Department, says she’s worried about how the Trump administration approaches investigations and enforcement in some areas. View full post on Education Week: Bullying #pso #htcs #b4inc Read…
The post Trump Stance on Civil Rights Is ‘Distressing and Dangerous,’ Obama Official Says – Education Week appeared first on Become007.com.
View full post on Become007.com
Source: National Cyber Security – Produced By Gregory Evans U.S. President Donald Trump on Sunday backtracked on his push for a cyber security unit with Russia, tweeting that he did not think it could happen, hours after his proposal was harshly criticized by Republicans who said Moscow could not be trusted. Trump said on Twitter […] View full post on AmIHackerProof.com | Can You Be Hacked?