Alan W. Dowd is a Senior Fellow with the American Security Council Foundation, where he writes on the full range of topics relating to national defense, foreign policy and international security. Dowd’s commentaries and essays have appeared in Policy Review, Parameters, Military Officer, The American Legion Magazine, The Journal of Diplomacy and International Relations, The Claremont Review of Books, World Politics Review, The Wall Street Journal Europe, The Jerusalem Post, The Financial Times Deutschland, The Washington Times, The Baltimore Sun, The Washington Examiner, The Detroit News, The Sacramento Bee, The Vancouver Sun, The National Post, The Landing Zone, Current, The World & I, The American Enterprise, Fraser Forum, American Outlook, The American and the online editions of Weekly Standard, National Review and American Interest. Beyond his work in opinion journalism, Dowd has served as an adjunct professor and university lecturer; congressional aide; and administrator, researcher and writer at leading think tanks, including the Hudson Institute, Sagamore Institute and Fraser Institute. An award-winning writer, Dowd has been interviewed by Fox News Channel, Cox News Service, The Washington Times, The National Post, the Australian Broadcasting Corporation and numerous radio programs across North America. In addition, his work has been quoted by and/or reprinted in The Guardian, CBS News, BBC News and the Council on Foreign Relations. Dowd holds degrees from Butler University and Indiana University. Follow him at twitter.com/alanwdowd.

ASCF News

Scott Tilley is a Senior Fellow at the American Security Council Foundation, where he writes the “Technical Power” column, focusing on the societal and national security implications of advanced technology in cybersecurity, space, and foreign relations.

He is an emeritus professor at the Florida Institute of Technology. Previously, he was with the University of California, Riverside, Carnegie Mellon University’s Software Engineering Institute, and IBM. His research and teaching were in the areas of computer science, software & systems engineering, educational technology, the design of communication, and business information systems.

He is president and founder of the Center for Technology & Society, president and co-founder of Big Data Florida, past president of INCOSE Space Coast, and a Space Coast Writers’ Guild Fellow.

He has authored over 150 academic papers and has published 28 books (technical and non-technical), most recently Systems Analysis & Design (Cengage, 2020), SPACE (Anthology Alliance, 2019), and Technical Justice (CTS Press, 2019). He wrote the “Technology Today” column for FLORIDA TODAY from 2010 to 2018.

He is a popular public speaker, having delivered numerous keynote presentations and “Tech Talks” for a general audience. Recent examples include the role of big data in the space program, a four-part series on machine learning, and a four-part series on fake news.

He holds a Ph.D. in computer science from the University of Victoria (1995).

Contact him at stilley@cts.today.

Justice Department, Federal Court System Hit by Russian Hack

Thursday, January 7, 2021

Categories: ASCF News National Preparedness Cyber Security

Comments: 0

WASHINGTON (AP) — The Justice Department and the federal court system disclosed on Wednesday that they were among the dozens of U.S. government agencies and private businesses compromised by a massive, months-long cyberespionage campaign that U.S. officials have linked to elite Russia hackers.

The extent of the damage was unclear.

The department said that 3% of its Microsoft Office 365 email accounts were potentially affected, but did not say to whom those accounts belonged. There are no indications that classified systems were affected, the agency said. Office 365 isn't just email but a collaborative computing environment, which means that shared documents were also surely accessed, said Dmitri Alperovitch, former chief technical officer of the cybersecurity firm CrowdStrike.

Separately, the Administrative Office of U.S. Courts informed federal judicial bodies across the nation that the courts’ nationwide case management system was breached. That potentially gave the hackers access to sealed court documents, whose contents are highly sensitive.

The Justice Department said that on Dec. 24 it detected "previously unknown malicious activity" linked to the broader intrusions of federal agencies revealed earlier that month, according to a statement from spokesman Marc Raimondi.

Separately, the court office said on its website that “an apparent compromise” of the U.S. judiciary's case management and electronic case file system was under investigation.

The Department of Homeland Security was scouring the system, it said, and cited a particular

risk to sealed court filings, whose disclosure could jeopardize a lot more than active criminal investigations.

“The potential reach is vast. The actual reach is probably significant,” said a federal court official who spoke on condition of anonymity because they were not authorized to disclose the information. The official confirmed that the scope of the compromise was national but it was not clear how widespread.

The sealed court files, if indeed breached, could hold information about national security, trade secrets and wiretap transcripts, along with financial data from bankruptcy cases and the names of confidential informants in criminal cases, the official added.

On Tuesday, federal law enforcement and intelligence agencies formally implicated Russia in the intrusions, calling them part of a suspected intelligence gathering operation. President Donald Trump had previously questioned that consensus, suggesting without foundation that China could be to blame.

The hacking campaign was extraordinary in scale, with the intruders stalking through government agencies including the Treasury and Commerce departments, defense contractors and telecommunications companies for months by the time the breach was discovered.

Experts say that gave the foreign agents ample time to collect data that could be highly damaging to U.S. national security, although the scope of the breaches and exactly what information was sought is unknown.

An estimated 18,000 organizations were seeded with malicious code that piggybacked on popular network-management software from an Austin, Texas, company called SolarWinds. But only a subset are believed to have been compromised. Tuesday's statement said that fewer than 10 federal government agencies have so far been identified as having been hacked.

Johns Hopkins cyberespionage expert Thomas Rid said the 3% figure of email accounts accessed at Justice may not sound like a lot, but that it doesn’t mean that the hackers "didn’t get to the interesting stuff.”

Cybersecurity experts responding to the hack say highly skilled cyber spies of the caliber behind the SolarWinds hack are apt to keep their footprint as small as possible to avoid detection — targeting only high-value email and documents.

Rid wondered how sure the Justice Department could be about the extent of its compromise.

“How good is their own visibility given that U.S. government agencies totally missed the breach in the first place?” he said. “Are they really on top of the problem? Are we only really seeing the tip of the iceberg?”

The breach was discovered by FireEye, a prominent cybersecurity company, on its network. It then identified and notified other victims.

Experts expect the severity of the hack and the number of victims identified to increase over time.

“History tells us that if you have a large breach, not just in one organization but across an entire government — an entire sector — it will take a long time to identify who are the victims and how badly they are compromised,” said Rid.

Microsoft declined to comment on long the intruders were reading emails in the Justice Department's Office 365 environment, which is typically a cloud-based service hosted by the software provider.

Photo: FILE - In this June 14, 2018, file photo, the FBI seal is seen before a news conference at FBI headquarters in Washington. The U.S. government on Tuesday, Jan. 5, 2021, said a devastating hack of federal agencies is “likely Russian in origin” and said the operation appeared to be an “intelligence gathering” effort. The assessment was disclosed in a rare public statement from the FBI and other investigative agencies. (AP Photo/Jose Luis Magana, File) THE ASSOCIATED PRESS

Link: Justice Department, Federal Court System Hit by Russian Hack | Business News | US News

Comments RSS feed for comments on this page

There are no comments yet. Be the first to add a comment by using the form below.

Search