Trump

now browsing by tag

 
 

We’re all a #bit of #Trump when it #comes to #cybersecurity

President Trump reportedly sees security procedures as too inconvenient. Unfortunately, he’s not alone.

Let’s face it folks: Security can be “too inconvenient” and when your boss doesn’t want to adhere to your security policy it’s going to be difficult to enforce. Just ask President Trump.

Politico reported that Trump could be the biggest cybersecurity risk to the U.S. government. Why? We all know he likes to Tweet. And he’s not too enthusiastic about staffers who want to put better security around his phone use.

Trump reportedly noted that security procedures are “too inconvenient.”

We’ll stop there with the Trump talk because there are bigger lessons to be learned here: Humans are the weakest security link and there’s a trade-off between usability and thwarting threats. In an ideal world, even bosses would listen to the security pros, but the reality is a bit different.

Do you honestly think Trump is the only CEO who rebuffs his cybersecurity team?

The average enterprise has multiple employees going rogue when it comes to security. Toss in mobile devices and social media accounts and you have the fodder for cybersecurity headaches. Trump just illustrates the point. And when the boss isn’t following procedure the whole food chain ignores security.

To anyone following enterprise security this realization isn’t a newsflash. Social engineering aimed at humans–always good for a cybersecurity incident–have led to a rise in ransomware, according to Verizon.

Meanwhile, securing mobile devices is an increasingly huge headache. Insider errors were at the heart of 17 percent of data breaches, according to Verizon.

Now you can argue that Trump should be following protocol given all the state actors that would find him a compelling target. But the reality is that all of us have a bit of Trump in us when it comes to cybersecurity. In the Trump example the stakes are simply higher.

advertisement:

The post We’re all a #bit of #Trump when it #comes to #cybersecurity appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Why #Trump is #sticking with #Obama’s #China #hacking #deal

Source: National Cyber Security – Produced By Gregory Evans

Why #Trump is #sticking with #Obama’s #China #hacking #deal

President Donald Trump has broken with a host of Obama-era international agreements, from the Trans-Pacific Partnership to the Paris climate pact — but he’s showing every sign of sticking with a 2015 hacking accord with China.

Last month, the Trump administration quietly reaffirmed the agreement, which Republicans had initially greeted with skepticism. And business groups, cyber researchers and international policy experts say they see little reason for Trump to cancel the deal, especially as he’s pressing for China’s cooperation in curbing North Korea’s increasingly bellicose cyber and nuclear programs.

The hacking agreement is not expected to be a major talking point when Trump meets on Wednesday in Beijing with Chinese President Xi Jinping, whose country remains one of the most skilled and aggressive operators in cyberspace.

China appears to be largely complying with the 2015 deal, in which both countries pledged not to steal trade secrets from each other for the benefit of their domestic companies. That has helped calm the friction that once reigned between Washington and Beijing over cyber disputes, leaving Trump free to press his complaints with China on issues such as its protectionist regulations and unfavorable trade balance with the U.S.

“Having the cyber accord that we have helps to narrow the issues in dispute,” said Luke Dembosky, who worked on the 2015 U.S.-China cyber pact as a senior Justice Department official. “We need every bit of goodwill we can muster between our two countries on issues like North Korea. And we should, as a country, capitalize on the breakthrough that was achieved in fall of 2015.”

Perhaps most surprisingly to some, the deal has had its intended effect: Chinese-backed cyber theft of American trade secrets has dropped roughly 90 percent since the September 2015 accord, according to two leading digital security firms. Before then, analysts estimated that the thefts were costing the U.S. hundreds of billions of dollars a year.

“We saw the level of that activity drop off a cliff,” said Chris Porter, chief intelligence strategist at FireEye, which closely tracks major Chinese-linked hacking groups. “At or near zero levels.”

Those same researchers, though, caution that Chinese hacking tactics may have mutated in recent months, once again threatening American businesses through means that push the boundaries of the 2015 accord.

The Trump administration has not made strong public statements either way regarding the U.S.-China cyber pact despite jointly pledging with China in October to continue implementing the deal.

“President Trump believes strongly in protecting intellectual property rights, which are a key part of a fair and reciprocal trade policy,” White House spokesman Marc Raimondi wrote in an email. “We will be closely monitoring [China’s] adherence to both the letter and the spirit of the commitment.”

When Xi visited the White House in 2015, cyber tensions were at an all-time high between the two countries. It was widely believed that Beijing’s cyber spies had been behind the devastating theft that spring of more than 20 million sensitive U.S. government security clearance background-check files. And business groups were imploring the Obama administration to punish China over what they said was a pervasive hacking campaign to steal America’s trade secrets and erode the country’s competitive advantage, costing the U.S. up to $400 billion a year.

But instead of slapping Beijing with sanctions, Obama and Xi announced a mutual vow to end the type of theft that was enraging U.S. business leaders. Republicans — and even some Democrats — were immediately dubious that the diplomatic route would have any tangible effect on China’s behavior. And notably, the deal did not require either side to stop traditional cyber espionage, such as the theft of the U.S. background-check records.

However, just over two years later, the pact has held.

There has been a “massive reduction” in Chinese intrusions of American companies, said Dmitri Alperovitch, co-founder of the digital security firm CrowdStrike, which is working on a report analyzing China’s digital behavior since the agreement.

And it has allowed the two countries to focus more on their trade relationship, making it “a remarkable success” from that perspective, said Porter, of FireEye. “It shows that diplomacy can be used to reduce the cyber threat to Americans.”

Those who worked on the deal also believe it played a broader role in stabilizing U.S.-China relations and set a rare precedent for the international community on cyber norms, which have been notoriously difficult to pin down.

“These are two of the, if not the two, world leaders on cyber issues,” said Dembosky, now a partner at the law firm Debevoise & Plimpton. “So for them to reach any agreement on matters of cyberspace … has huge ripple effects in the international community in a positive way.”

China did not give up its expansive cyber efforts, though. Instead, the country shifted its focus to regional targets, training its digital spies on dissidents in Tibet and Hong Kong, as well as political, military and economic targets across Asia, CrowdStrike’s Alperovitch said. According to FireEye’s Porter, Chinese hackers were able to pilfer intellectual property — from other nations, like Japan — that was largely comparable to what they had been getting in the U.S.

At the same time, Xi was also restructuring his military. The increasingly powerful leader wanted to consolidate the country’s cyber army and rein in government-linked hackers moonlighting as rogue digital actors, a process FireEye detailed in a June 2016 report.

And there are recent signs that Beijing may be testing the limits of its 2015 promises.

In mid-2016, FireEye noticed that one prominent suspected Chinese hacking group had resurfaced, catching it infiltrating a U.S. information technology services firm in a likely attempt to gain access to the firm’s clients. Porter said FireEye had also discovered Beijing-linked hackers spying on corporate executives, giving them access to inside information that might eventually come in handy for Chinese investors looking to purchase an American firm or Chinese companies bidding on a U.S. project.

It’s unclear whether either strategy would technically violate the narrow terms of the 2015 agreement.

“I do think that it’s still too early to call victory here,” Alperovitch said.

Still, cyber watchers say that Trump should stick with the deal.

The U.S. gave up almost nothing in inking the agreement, they note, as it already had a long-established commitment to not steal corporate secrets for domestic economic gain. Plus, the deal established law enforcement channels to swap details on cybercrime, a valuable tool given China’s proximity to North Korea’s increasingly assertive cyber army. Researchers believe Pyongyang was behind a global malware outbreak earlier this year that froze tens of thousands of computer networks, costing businesses hundreds of millions of dollars. South Korea has also blamed its northern neighbor for the digital theft of war plans.

China may have enabled North Korea’s hacking operations by providing network bandwidth or even physical space for Pyongyang’s digital warriors, according to studies and media reports. Details are thin on what assistance China may currently provide.

“China may well be in a position to be able to provide information about North Korean cyber activities,” said Samir Jain, who helped craft the U.S.-China cyber deal as a senior director for cyber policy at the National Security Council. “To the extent that the Chinese can provide information about those actors or about servers or other infrastructure being used by North, then that would all be helpful.”

The White House also doesn’t appear eager to rock the boat over any possible noncompliance with the 2015 deal. A White House blog post about Trump’s upcoming visit to Beijing mentioned only the North Korea situation and “China’s unfair trade practices.”

Indeed, those “unfair trade practices” are where industry leaders’ concerns now lie. They worry that new Chinese cybersecurity regulations could force foreign technology companies to hand over software for “security” reviews before being allowed to enter China’s booming market. Trump recently ordered the U.S. trade representative to investigate the issue, setting up a potential showdown with Beijing on trade.

“We are at risk of a trade war,” Dembosky said. “It may be a cold trade war, but it’s certainly getting much hotter. If we don’t reach some understanding with China on the processes — and the fairness of the processes on both sides for evaluating these risks — then both counties will suffer.”

The post Why #Trump is #sticking with #Obama’s #China #hacking #deal appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Agency blames hackers over ‘F— Trump’ road sign in DC park

Source: National Cyber Security – Produced By Gregory Evans

Authorities are looking into the apparent hack of a road sign in Washington’s scenic Rock Creek Park that was emblazoned with a profane message Monday morning about President Trump. The electronic sign was supposed to inform drivers that a local road was closed for sewer work. Instead, all it said…

The post Agency blames hackers over ‘F— Trump’ road sign in DC park appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Trump approves Obama-era plan for a more independent US Cyber Command

Source: National Cyber Security – Produced By Gregory Evans

President Trump has given the go-ahead for a plan dating from the Obama administration to elevate US Cyber Command to the level of Unified Combatant Command, giving it more operational independence from the National Security Agency. The statement also raised the possibility of splitting off CyberCom from the NSA entirely….

The post Trump approves Obama-era plan for a more independent US Cyber Command appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Trump Stance on Civil Rights Is ‘Distressing and Dangerous,’ Obama Official Says – Education Week

To Purchase This Product/Services, Go To The Store Link Above Or Go To http://www.become007.com/store/ Catherine Lhamon, the civil rights chief in Obama’s Education Department, says she’s worried about how the Trump administration approaches investigations and enforcement in some areas. View full post on Education Week: Bullying #pso #htcs #b4inc Read…

The post Trump Stance on Civil Rights Is ‘Distressing and Dangerous,’ Obama Official Says – Education Week appeared first on Become007.com.

View full post on Become007.com

Trump Drops His Call for a Joint Cyber Security Team With Russia after Much Criticism

Trump Drops His Call for a Joint Cyber Security Team With Russia after Much CriticismSource: National Cyber Security – Produced By Gregory Evans U.S. President Donald Trump on Sunday backtracked on his push for a cyber security unit with Russia, tweeting that he did not think it could happen, hours after his proposal was harshly criticized by Republicans who said Moscow could not be trusted. Trump said on Twitter […] View full post on AmIHackerProof.com | Can You Be Hacked?

Melania Trump kicks off anti-bullying campaign in White House

To Purchase This Product/Services, Go To The Store Link Above Or Go To http://www.become007.com/store/ First Lady Melania Trump finally kicked off her campaign to end cyber bullying by making her first presentation to a very small crowd in the White House yesterday. Melania pledged during …

The post Melania Trump kicks off anti-bullying campaign in White House appeared first on Become007.com.

View full post on Become007.com

Trump admin unveils cyber pact with Israel

Source: National Cyber Security – Produced By Gregory Evans

The Trump administration announced a new bilateral working group between the United States and Israel on cybersecurity. Tom Bossert, White House homeland security and counterterrorism adviser, disclosed the new partnership to combat cyberattacks during remarks at an annual cybersecurity conference in Tel Aviv. “These high-level meetings represent the first step…

The post Trump admin unveils cyber pact with Israel appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Trump Is Ignoring America’s Looming Cybersecurity Threat

Source: National Cyber Security – Produced By Gregory Evans

Trump Is Ignoring America’s Looming Cybersecurity Threat

The “ransomware” attack that crippled computer systems around the globe last week shows once again just how vulnerable the world’s computer systems are to criminals and hackers. The so-called “WannaCry” virus — which threatened to delete a victim’s files absent a $300 ransom — exploited a weakness in the Windows operating system that a simple software update could have blocked. …

The post Trump Is Ignoring America’s Looming Cybersecurity Threat appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Trump signs executive order to prevent computer hacking

Source: National Cyber Security – Produced By Gregory Evans

Trump signs executive order to prevent computer hacking

President Donald Trump has signed an executive order aimed at modernizing and improving the nation’s computer networks. Trump’s homeland security adviser Tom Bossert says the order will help keep the U.S. safer from cybersecurity risks. Among the new requirements is that agency heads must be accountable for implementing risk management measures. Trump pledged in late January to strengthen the government’s …

The post Trump signs executive order to prevent computer hacking appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures