Massive cyberattack ‘detrimental’ for U.S. national security

[homersapien 11,393]

No doubt that after Putin denies it, Trump will take his word over our own intelligence. 

 

Video and transcript:    https://www.pbs.org/newshour/show/massive-cyberattack-a-grave-threat-for-u-s-national-security

"......It is going to take us months to get the Russians out of those networks.

In particular, if it is indeed the SVR, the Russian foreign intelligence service, they are the ones that infiltrated the White House, the Joint Chiefs of Staff, and the State Department back in 2015. And it took many, many weeks for those organizations back then to kick them out, because they are so good at burying themselves in, staying stealthy, maintaining that foothold within the organization, that it's going to take us probably months to get them out of all these networks that they have been able to infiltrate...."

 

 

[homersapien 11,393]

And then there's this:

https://www.pbs.org/newshour/show/what-russia-stands-to-gain-from-a-cyberattack-against-the-u-s

What Russia stands to gain from a cyberattack against the U.S.

excerpt:

• William Brangham:

  So, from this point forward, the tail end of the Trump administration and the beginning of the Biden administration, what do you think we ought to be doing to respond?

   

• Fiona Hill:

  What we need is a coherent, consistent approach. And this is something that we have failed to have under the previous administration.

  And we have some of…

   

• William Brangham:

  When you say previous administration, do you mean the Trump…

   

• Fiona Hill:

  Well, I mean the outgoing administration, the Trump administration, that I was part of for some of this period.

  We have set up entities like CISA, cybersecurity entities within the Department of Homeland Security. Unfortunately, President Trump just sacked the head of CISA, Chris Krebs, for the role that he played in essentially calling out the president and others in the election campaign, calling out their disinformation about the election security.

  So, we need to beef up those entities. And what we really need to do is have a coherent team that are working together and clearly working very closely with the White House, because, under the outgoing administration, we had the president doing one thing. He didn't delegate authority down to even some of his key Cabinet officials.

  And he certainly undermined on many different fronts the efforts to work across all of the departments and agencies. So, we need to have a team of people who trust each other, who are working and pulling together, and also working together with Congress and all the other entities that have to be part of this. We can't just have one set of people going off and doing their own thing.

  We need to be calling this out for what it is. And we also need to be working with our transatlantic partners."

[autigeremt 6,650]

I'll start taking this more seriously when the Democrats start opening up about their secret (and not-so secret) relationships with the Communist of China. Pathetic 

 

[SaltyTiger 7,816]

21 hours ago, homersapien said:

And then there's this:

"Our adversaries should know that, as president, I will not stand idly by in the face of cyber assaults on our nation,” Biden said Thursday, adding his administration would impose "substantial costs" on anyone responsible for malicious attacks to deter such action."

Joe will handle it.

[homersapien 11,393]

10 hours ago, autigeremt said:

I'll start taking this more seriously when the Democrats start opening up about their secret (and not-so secret) relationships with the Communist of China. Pathetic 

 

Yeah, use a myth about "secret" relationships as an excuse to dismiss what we know has - and is - happening.

[homersapien 11,393]

3 minutes ago, SaltyTiger said:

"Our adversaries should know that, as president, I will not stand idly by in the face of cyber assaults on our nation,” Biden said Thursday, adding his administration would impose "substantial costs" on anyone responsible for malicious attacks to deter such action."

Joe will handle it.

Let's hope so.  As far as I know, Trump hasn't even acknowledged it.  (Putin probably told him it wasn't true, so who's he gonna believe??)

[SaltyTiger 7,816]

4 minutes ago, homersapien said:

Let's hope so.  As far as I know, Trump hasn't even acknowledged it.  (Putin probably told him it wasn't true, so who're you gonna believe??)

He hasn't. Have not heard that Putin has told him anything......understand your need to comment on that Brother Homer.

"President Donald Trump has not said anything publicly about the hack despite it being one of the most significant breaches of the US government in years, and US officials say it "poses a grave risk" to networks across both the public and private sector.

The White House said Friday that Trump is being briefed and "working very hard" in dealing with the hack.

Asked about Trump's silence on the matter, Pompeo noted there was work going on behind the scenes."

 

https://www.cnn.com/2020/12/19/politics/pompeo-us-government-hack-russia/index.html

[homersapien 11,393]

18 minutes ago, SaltyTiger said:

He hasn't. Have not heard that Putin has told him anything......understand your need to comment on that Brother Homer.

"President Donald Trump has not said anything publicly about the hack despite it being one of the most significant breaches of the US government in years, and US officials say it "poses a grave risk" to networks across both the public and private sector.

The White House said Friday that Trump is being briefed and "working very hard" in dealing with the hack.

Asked about Trump's silence on the matter, Pompeo noted there was work going on behind the scenes."

 

https://www.cnn.com/2020/12/19/politics/pompeo-us-government-hack-russia/index.html

Well, there is a lot of precedent for Trump to trust Putin before our own security agencies.

And seriously, speculation and excuses from Pompeo?? 

This is not a secret, it's widely known and being discussed.  Guess it just hasn't made Trump's list. He's got more important things to do, like trying to defraud our election.

But I understand your inability to criticize Dear Leader Salty, even at the expense of our nation's security.  It's what MAGAs do.

 

 

https://www.politico.com/news/2020/12/18/trump-veto-ndaa-hack-448492

Trump's defense veto would torpedo cyber overhaul amid unfolding hack

The sprawling defense bill contains provisions meant to strengthen safeguards against foreign cyberattacks. The president may veto it because it doesn't punish social media companies.

President Donald Trump’s promised veto of an annual defense policy bill would also sink one of the most consequential pieces of cybersecurity legislation in years, just as the U.S. is grappling with a massive digital intrusion that appears to be Russia's handiwork.

The revelation that hackers have compromised myriad federal agencies adds a new dimension to the monthslong battle of wills between Trump and lawmakers of both parties about the defense bill's fate. It also comes as the commander in chief is attracting bipartisan criticism for failing to offer any public response to the still-unfolding cyberattack, an intrusion that the Department of Homeland Security's cyber agency has labeled a "grave risk" to range of governments and private organizations.

Top Republicans have seized on the hack while pleading with Trump to sign the National Defense Authorization Act, H.R. 6395 (116), which passed with blowout votes in the House and Senate last week. But many are still wary of crossing Trump, and will be tested by a vote to override his threatened veto.

"There is no doubt that our adversaries will take advantage of any opportunity to attack vulnerabilities in our cyber infrastructure," a half-dozen GOP House members said in a statement Friday, led by outgoing House Armed Services ranking Republican Mac Thornberry of Texas. "The measures in this year’s bill will provide critical safeguards to protect the information and capabilities most foundational to our nation’s security."

Also joining that statement were incoming ranking member Mike Rogers of Alabama and Reps. Liz Cheney of Wyoming, Mike Turner of Ohio, Elise Stefanik of New York and Mike Gallagher of Wisconsin.

For the first time ever, the massive defense spending road map contains a section devoted entirely to cybersecurity, with dozens of provisions intended to augment online defenses. Chief among them is the creation of a national cyber director to coordinate the government’s response to digital assaults.

Senate Armed Services Chair Jim Inhofe (R-Okla.), a top Trump ally who has attempted to steer the president away from a veto, highlighted the bill's cyber upgrades in a joint statement Thursday with the committee's top Democrat, Jack Reed of Rhode Island. Inhofe argued that signing the defense bill is one of “the immediate steps the Administration can take to improve our cyber posture.”

“The NDAA is always 'must-pass' legislation — but this cyber incident makes it even more urgent that the bill become law without further delay,” the pair added.

The president has cited very different reasons for opposing the bill — asserting that Chinese leaders "love" the legislation, and demanding that lawmakers add an unrelated provision stripping legal protections from social media companies that fact-checked him during his reelection campaign.

"I will Veto the Defense Bill, which will make China very unhappy," Trump tweeted Thursday morning, four days after news of the hack became public.

Unlike President-elect Joe Biden, Trump has not condemned the cyberattack or offered any hints at how he thinks the U.S. should respond.

Alarm about the breach has spread across the Capitol, meanwhile, amid revelations that the hackers had wormed their way into targets such as the Commerce, Treasury and State departments, along with DHS, the National Institutes of Health and various arms of the Energy Department, including the agency that manages the U.S. nuclear stockpile. The victims could also include an array of state and local governments as well as private entities, DHS's Cybersecurity and Infrastructure Security Agency said Thursday.

U.S. officials have said the hackers obtained access to the agencies' networks after infecting software updates from a Texas company called SolarWinds, whose customers include much of the federal government and the Fortune 500. Early assessments have blamed the months long attacks on Russia’s elite foreign espionage agency.

Maine Republican Sen. Susan Collins, a senior member of the Intelligence Committee and the Defense Appropriations panel, cited the defense bill's cyber provisions Friday while calling for Trump to sign it.

"The President should immediately sign the NDAA not only to keep our military strong but also because it contains significant cyber security provisions that would help thwart future attacks," Collins wrote on Twitter.

Rep. John Katko of New York, who is set to be the top Republican on the House Homeland Security Committee, also believes Trump should sign the bill, a spokesperson said Friday.

Tom Bossert, Trump's former homeland security adviser, piled on in a New York Times op-ed this week. The former senior White House aide contended that the hack makes the defense bill with its extensive cybersecurity provisions "a must-sign piece of legislation."

The proposal to create a national cyber director is one of the bill's most-noticed proposals. The administration has opposed creating such a position, but lawmakers have expressed a bipartisan desire to put someone in charge of coordinating the digital missions at the various federal agencies.

Trump's former national security adviser John Bolton eliminated a similar White House cybersecurity coordinator position in May 2018. Unlike the proposed role, that post didn't require Senate confirmation.

In all, the bipartisan measure contains more than two dozen recommendations taken from or inspired by the Cyberspace Solarium Commission, a congressionally chartered panel created in a previous defense policy bill.

Many of the provisions are meant to strengthen CISA, which has come under pressure from Trump for refusing to back his election conspiracy theories. The agency has been without a permanent leader since the president fired Director Chris Krebs last month.

The NDAA would also grant CISA the authority to hunt for foreign hackers trying to break into government networks and the power to issue administrative subpoenas to internet service providers when the agency detects vulnerabilities in critical infrastructure.

Mark Montgomery, the Solarium Commission’s executive director, said in a statement that the measure needs Trump’s signature “now.”

“If the president is not careful his cyber legacy will be the SolarWinds disaster,” said Montgomery, who previously served as policy director for Senate Armed Services under the late Sen. John McCain. But he added, "if he signs the NDAA with 70-plus cyber provisions, many that address the SolarWinds challenge, he can take ownership of the long-term solution.

“That would make him the ‘big winner’ not China,” Montgomery added, referring to Trump’s recent, unexplained critique that Beijing supports the bill.

In addition to his last-minute demand that the NDAA repeal a 1996 online liability law called Section 230, Trump vowed over the summer to veto any bill that would force the military to rename bases that honor Confederate leaders. Congress included such a provision in the final bill.

He’s also objected to provisions that limit U.S. troop withdrawals from Afghanistan and Europe.

Trump has until Wednesday to sign or veto the measure or allow it to become law without his signature.

Congressional leaders in both parties are confident they’ll be able to muster enough support to override when a vote happens in late December or early January, shortly before the new Congress is sworn in.

Republicans could sink the bill if enough of them side with Trump on an override vote — though dozens in the House and Senate would have to change their votes to do so.

In the meantime, Trump is coming under criticism from a growing, bipartisan chorus of lawmakers who want him to speak out forcefully about the breach.

On Thursday, Sen. Mitt Romney (R-Utah), a member of the Foreign Relations Committee and a longtime critic of the president, tweeted an abbreviated version of a radio interview he gave where he described “inexcusable silence and inaction from the White House.”

Sen. Mark Warner of Virginia, the top Democrat on the Senate Intelligence Committee, said that as “we learn about the wider impact of this malign effort — with the potential for wider compromise of critical global technology vendors and their products — it is essential that we see an organized and concerted federal response.”

It is “extremely troubling that the President does not appear to be acknowledging, much less acting upon, the gravity of this situation,” Warner said.

 

[homersapien 11,393]

Pompeo blames Russia for a hack on US agencies. Trump disagrees.

President Trump claims “it may” have actually been the work of Chinese hackers.

 

....."President Donald Trump has been slow to speak publicly about the hack. In his interview Friday, Pompeo claimed that this is strategic.

“I saw this in my time running the world’s premier espionage service at the CIA. There are many things that you’d very much love to say, ‘Boy, I’m going to call that out,’ but a wiser course of action to protect the American people is to calmly go about your business and defend freedom,” he said.

Saturday, however, Trump suggested on Twitter that the information Pompeo shared might not be correct, writing, “Russia, Russia, Russia is the priority chant when anything happens because Lamestream is, for mostly financial reasons, petrified of discussing the possibility that it may be China (it may!).”

The president also claimed “The Cyber Hack is far greater in the Fake News Media than in actuality,” and that the hack could be evidence of vote manipulation during the November election. In reality, however, cybersecurity experts have stressed the hack is of grave concern, and election experts have found no evidence of fraud amid numerous recounts.

Saturday, however, Trump suggested on Twitter that the information Pompeo shared might not be correct, writing, “Russia, Russia, Russia is the priority chant when anything happens because Lamestream is, for mostly financial reasons, petrified of discussing the possibility that it may be China (it may!).”

The president also claimed “The Cyber Hack is far greater in the Fake News Media than in actuality,” and that the hack could be evidence of vote manipulation during the November election.

In reality, however, cybersecurity experts have stressed the hack is of grave concern, and election experts have found no evidence of fraud amid numerous recounts"......

 

 

https://www.vox.com/2020/12/19/22190371/pompeo-russia-hack-us-agencies-solarwinds-microsoft

 

[SaltyTiger 7,816]

1 hour ago, homersapien said:

But I understand your inability to criticize Dear Leader Salty, even at the expense of our nation's security.  It's what MAGAs do.

I do understand that it is time for Trump to move on. Feel better after the tweet?

“The Cyber Hack is far greater in the Fake News Media than in actuality. I have been fully briefed and everything is well under control. Russia, Russia, Russia is the priority chant when anything happens because Lamestream is, for mostly financial reasons, petrified of discussing the possibility that it may be China (it may!),” Trump tweeted.

[homersapien 11,393]

1 minute ago, SaltyTiger said:

I do understand that it is time for Trump to move on. Feel better after the tweet?

“The Cyber Hack is far greater in the Fake News Media than in actuality. I have been fully briefed and everything is well under control. Russia, Russia, Russia is the priority chant when anything happens because Lamestream is, for mostly financial reasons, petrified of discussing the possibility that it may be China (it may!),” Trump tweeted.

No, the question is, do YOU feel better after the tweet? 

[SaltyTiger 7,816]

1 minute ago, homersapien said:

No, the question is, do YOU feel better after the tweet? 

No

[homersapien 11,393]

Graham nails it.  Trump is acting exactly how a narcissistic psychopath would be expected to act.

 

Trump Failed to Protect America

The president’s decision not to push back aggressively against Putin’s meddling seems only to have encouraged it.

 

David A. Graham,

December 18, 2020

As he accepted the Republican nomination for president in summer 2016, Donald Trump promised, “We will make America safe again.”

“The most basic duty of government is to defend the lives of its citizens,” he said. “Any government that fails to do so is a government unworthy to lead.”

This promise is worth revisiting as the nation tries to understand a massive hack, blamed on Russia, that affected many departments of the federal government and thousands of businesses. Yesterday, the Cybersecurity and Infrastructure Security Agency labeled the incident a “grave threat.” Although the scale of the intrusion is still difficult to grasp, President Trump’s approach to Russia has clearly failed to keep America safe.

Much about the hack is unknown. First, officials seem not to fully understand what was breached and what hackers acquired. Second, they are not forthcoming about what they do know, offering bland statements that suggest serious concerns but don’t outline them. Third, members of Congress have offered doomsaying interpretations but can’t divulge classified information. They might be exaggerating for partisan effect, or it could be a reprise of the early days of the coronavirus pandemic, when members frantically tried to warn the public but the administration paid no mind.

Read: Donald Trump’s pattern of deference to the Kremlin is clear

Regardless of the details, it’s hard not to see this hack as a fruit of Trump’s refusal to push back on Russian cyberaggression. The best defense against hacks is deterrence, but rather than deter the Kremlin, the president has repeatedly refused to even acknowledge previous Russian actions—basically giving Vladimir Putin an invitation to continue and amplify attacks, secure in the knowledge that whatever sanctions lower-level officials impose, Trump is uninterested in retaliating. The president has remained publicly silent about the new hack even now.

The problem is not that Trump is an active Russian agent. (There is no evidence that he is, despite some hysterical claims.) Nor is it that members of his campaign colluded with Russia in 2016 (though they did). Instead, as I wrote in April 2019, Trump refuses to protect the country from Russian hacking, “because it’s politically inconvenient and personally irritating to him.” The president is so furious over the implication that Russian assistance helped him triumph in 2016 that he has been unable to bring himself to acknowledge not only what happened then but anything that has happened since with regards to Russia.

David A. Graham: Trump refuses to defend the United States

During the 2016 campaign, despite having been briefed on Russia’s role by United States intelligence officials, Trump continued to speculate that the person who hacked the Democratic National Committee “could be somebody sitting on their bed that weighs 400 pounds.” In July 2017, in Poland, he momentarily seemed to acknowledge Russia’s role—“I think it was Russia”—and then promptly muddied the waters: “and I think it could have been other people in other countries. It could have been a lot of people.” At his disastrous summit with Putin in July 2018, Trump announced that he trusted the Russian president’s denials more than he did his own government. “They said, ‘I think it is Russia,’” he said. “I have President Putin. He just said it is not Russia. I will say this: I do not see any reason why it would be.” Trump’s chief of staff reportedly warned against bringing up Russia around the president because it enraged him. Trump never condemned Russian interference in 2016, and his administration blocked some efforts at strengthening election-security defenses.

The irony is that, despite the protestations of some members of the Trump “resistance,” there’s little reason to believe Russia’s meddling was responsible for his victory. There were many factors in that win—Trump’s effective messaging, his willingness to froth up racism, the Hillary Clinton campaign’s strategic choices, FBI Director James Comey’s handling of an investigation into Clinton’s email—but the Russian actions appear to have been a small factor, if they were one at all.

David A. Graham: Collusion happened

The greater problem was the principle: Russia challenged American sovereignty and took from Trump’s reaction the clear message that they could get away with it. The Trump administration, over the past four years, has imposed a long list of sanctions on Russia for a wide variety of problematic actions—including its hacking attempts related to the 2016 and 2018 elections. But the impact of those actions was continually undercut by the president’s repeated public statements downplaying Russian culpability and signaling his conciliatory approach to Putin’s regime.

In 2020, rather than target election systems or social media—both of which had been hardened somewhat—Russia seems to have gone after other parts of the government, in what amounted to a clever bait and switch. In the first weeks after the election, the U.S. congratulated itself on keeping the election safe, only to learn that Russia had been wreaking havoc elsewhere.

Trump’s failure to protect America has not yet received the attention it deserves—perhaps because it is overshadowed by the coronavirus pandemic, another example of Trump failing to protect Americans. If experts are right about the gravity of this hack, however, the U.S. will be dealing with the consequences for years to come. Even if the damage proves moderate, the U.S. finds itself with badly deficient cyberdefenses that need to be repaired.

Either way, it’s clear that the federal government’s posture will soon change. Yesterday, President-elect Joe Biden promised to impose “substantial costs” on hackers. “Our adversaries should know that, as president, I will not stand idly by in the face of cyber assaults on our nation,” he said. That should be a dramatic test of a different approach to Russia.

 

https://www.theatlantic.com/ideas/archive/2020/12/trump-failed-protect-america/617429/

[autigeremt 6,650]

11 hours ago, homersapien said:

Yeah, use a myth about "secret" relationships as an excuse to dismiss what we know has - and is - happening.

It's no "myth", Democrat. 

[homersapien 11,393]

14 hours ago, autigeremt said:

It's no "myth", Democrat. 

It is if you can't reference it.

[caleb1633 1,418]

Political affiliations aside, the U.S. has upped its efforts in hardening its structures against cyber attacks the past 4-5 years. There are lots of problems we are experiencing now that are due, in many ways, to the wars in the Middle East causing us to turn a blind eye to what our near peer/equal peer adversaries were doing. We were building MRAPs to stop IEDs, and China was setting up massive units dedicated solely to cyber warfare. We've caught up some, but still have a long way to go. 

[autigeremt 6,650]

On 12/20/2020 at 12:45 PM, homersapien said:

It is if you can't reference it.

You would just deny it or come up with a bunch of BS media driven spin to say "there's nothing here". Live in your own self truths.....it's obvious the Chinese have had their meat hooks in our system of government for some time through relationships, sexual favors and monetary exchange. 

[caleb1633 1,418]

58 minutes ago, autigeremt said:

You would just deny it or come up with a bunch of BS media driven spin to say "there's nothing here". Live in your own self truths.....it's obvious the Chinese have had their meat hooks in our system of government for some time through relationships, sexual favors and monetary exchange. 

Yes. After 10 years of DOD experience, I can tell you with certainty that it is scary how much we have been infiltrated by the Chinese. They are actively trying to undermine us in every domain. One small example: when I was stationed in Okinawa, there were daily protests by locals at several bases, and one in particular (Camp Schwab). It was well known that the locals were paid by the Chinese to conduct the protests and create the illusion of local dissent towards the presence of the U.S. Military on the island. I can name countless other examples.

[homersapien 11,393]

3 hours ago, autigeremt said:

You would just deny it or come up with a bunch of BS media driven spin to say "there's nothing here". Live in your own self truths.....it's obvious the Chinese have had their meat hooks in our system of government for some time through relationships, sexual favors and monetary exchange. 

Yeah right.  "I'd just deny it". 

Meanwhile, we are most definitely under direct cyber attack by the Russians - the extent of which is still not known - and you are trying to change the subject.  Why???