News of the Force: Tuesday, August 1, 2017 - Page 3

[Newsoft...@aol.com]

News of the Force: Tuesday, August 1, 2017 - Page 3

---

 

U.S. Navy and Marine Corps

    

    Navy veterans based at the U.S. Naval Reserve Training Center in Cadillac, Mich. (1948-1966) will hold their annual reunion there on Saturday. 

    U.S. Navy shipboard electronics experts are reaching out to industry for new computing and sensor technologies for active and passive sonar systems involved in surveillance, situational awareness, and anti-submarine warfare (ASW).

    Smart munitions designers at the Lockheed Martin Corp. are starting to manufacture the U.S. military's next-generation LRASM anti-ship missile - the Long-Range Anti-Ship Missile (LRASM).

    A U.S. Marine Corps sergeant and volunteer track coach has been arrested in the alleged sexual assault of a Huntington Beach, Calif., teen he was training.

    And Steven Weintraub is Chief Strategy Officer of the Veteran Tickets Foundation (Vet Tix) and a colonel in the U.S. Marine Corps Reserve.

 

Homeland insecurity

    

    Local and state government agencies from Oregon to Connecticut say they are using a Russian brand of security software despite the federal government’s instructions to its own agencies not to buy the software over concerns about cyber-espionage, records and interviews show.

    The federal agency in charge of purchasing, the General Services Administration (GSA), removed Moscow-based Kaspersky Lab this month from its list of approved vendors. In doing so, the agency’s statement suggested a vulnerability exists in Kaspersky that could give the Russian government backdoor access to the systems it protects, though they offered no explanation or evidence of it. Kaspersky has strongly denied coordinating with the Russian government and has offered to cooperate with federal investigators.

    The GSA’s move on July 11th has left state and local governments to speculate about the risks of sticking with the company or abandoning taxpayer-funded contracts, sometimes at great cost. The lack of information from the GSA underscores a disconnect between local officials and the federal government about cybersecurity.

    Interviews suggest that concerns in recent months from Congress and intelligence professionals about Kaspersky are not widely known among state and local officials, who are most likely to consider buying the Russian software. Those systems, while not necessarily protecting critical infra-structure, can be targeted by hackers because they provide access to troves of sensitive information.

    U.S. intelligence chiefs told a Senate panel in May that they wouldn't use the company’s software, during a broader hearing investigating Russia’s alleged meddling in the U.S. presidential election. It was not the first time Congress had heard that message: A former U.S. official told The Washington Post that congressional staff was advised by law enforcement in late 2015 to stop meeting with Kaspersky representatives over national security concerns.

    The GSA’s decision to no longer purchase Kaspersky comes amid an ongoing special counsel investigation into potential collusion between President Donald Trump’s associates and Russian officials during last year’s presidential contest. This has complicated decisions for local government officials who are trying to evaluate potential security risks amid a heated political climate.

    "People need to know that they can trust software updates," said Joseph Lorenzo Hall, chief technologist at the Center for Democracy and Technology, a digital advocacy group. About the government’s decision, he said: "We need more public information."

    In the weeks since Kaspersky’s delisting, The Post found that it continues to be used on government computers in jurisdictions ranging from Portland, Oregon to Fayetteville, Ga., where an official said they have a year-to-year contract. Kaspersky also has been bought for use by the federal government in recent years, including the Bureau of Prisons and the Consumer Product Safety Commission. Both agencies said last week that they needed additional time to determine whether the software is still in use.

    To identify the agencies, The Post reviewed state, local and federal government websites to obtain documents that listed Kaspersky or its programs, including city council agendas, annual agency reports and government procurement records. Officials interviewed in nine jurisdictions all said they had bought or supported software made by Kaspersky within the past two years. Nearly all said they had no immediate plans to replace the software.

    "We use it, and I think it works well," said John Morrisson, systems manager for the Connecticut Division of Public Defender Services. "I don’t have any problems, and we don’t have any viruses. And it’s doing the job I require of it." Morrisson said the concerns about Kaspersky were speculative, but he said he would consider jettisoning the Russian brand if specific vulnerabilities were identified.

    In the District of Columbia, a spokesman for the city’s chief technology officer said that most city agencies used anti-virus software made by McAfee, a Kaspersky competitor. But District employees who connect to the network remotely are allowed for now to use home computers equipped with Kaspersky.

    In Picayune, Miss., Kaspersky is scheduled to be installed soon as the firewall on a new wireless system for all public schools. Network administrator Jason Wheat said he hadn’t seen the news about the GSA’s decision or received any warning from the state about not using Kaspersky. But he said he wasn’t worried about the software because employee Social Security numbers were stored on a separate server maintained by the state.

    In Oregon, Kaspersky is used with other anti-virus software by the Portland city government to scan for malicious emails.

    Connecticut’s public defender said as of early 2016 its office had hundreds of computers that ran Kaspersky.

    And San Marcos, Texas, last month approved a $92,744 contract for Kaspersky’s anti-virus protection; a spokeswoman said the city has held a contract with Kaspersky for many years and renewed the software in June before the delisting notice was issued by the U.S. Government.

    In announcing its decision, the GSA said that its mission was to "ensure the integrity and security of U.S. Government systems and networks"and that Kaspersky was delisted "after review and careful consideration." The action removed the company from the list of products approved for purchase on federal systems and at discounted prices for state governments.

    The GSA included a reference to "System of Operational-Investigative Measures," or SORM - a national Russian electronic eavesdropping network that the U.S. Government publicly warned about in advance of Americans’ traveling to the 2014 Winter Olympics in Sochi, Russia. At the time, the State Department advised travelers to assume that cell phones could be turned into listening devices and laptops could be infiltrated if connected to Russian networks.

    The GSA statement this month said "applicability" of SORM to Kaspersky "supported GSA’s decision to exercise the cancellation clause."

    A former senior U.S. law enforcement official, who works in cybersecurity and spoke on the condition of anonymity, said he thought that the reference to SORM indicated the "GSA is saying there is some kind of vulnerability that gives the [Russian] government access."

    Representatives for the FBI and the Department of Homeland Security referred questions about Kaspersky to the GSA, which declined to comment beyond the original statement.

    Kaspersky officials declined interview requests, referring reporters to a statement denying wrongdoing that was issued after the GSA’s announcement. "Kaspersky Lab has no ties to any government, and the company has never helped, or will help, any government in the world with its cyber-espionage efforts," the company said. "Kaspersky Lab, a private company, seems to be caught in the middle of a geopolitical fight where each side is attempting to use the company as a pawn in their political game."

    Kaspersky Lab was founded in 1997 by Eugene Kaspersky, a decade after he had graduated from a KGB-supported cryptography school and had worked in Russian military intelligence agencies. The company became an international success, sometimes promoting Kaspersky’s background in Russian intelligence. By 2010, it claimed to be the most widely used anti-virus software in Europe. In the United States, for example, Kaspersky was among the anti-virus software packaged with computers sold at Best Buy. Today, Kaspersky boasts 400 million users and 270,000 corporate clients worldwide.

    Kaspersky has tried to advance the company into potentially lucrative government markets. The company created a subsidiary, Kaspersky Government Security Solutions, or KGSS, and began hosting an annual cybersecurity summit in Washington, D.C. In 2015, the keynote address at the annual conference was delivered by Michael Flynn, then the recently departed head of the Defense Intelligence Agency who would go on to briefly become Trump’s national security adviser. Flynn was paid more than $11,000 for the appearance, which he initially failed to disclose this year when he joined the White House.

    The company never became a major player in U.S. Government markets. Popular American firms, often with executives who had their own ties to U.S. intelligence agencies, routinely beat out Kaspersky for the largest federal contracts and defense work. Three current and former defense contractors told The Post that they knew of no specific warnings circulated about Kaspersky in recent years, but it has become an unwritten rule at the Pentagon not to include Kaspersky as a potential vendor on new projects. Another former U.S. official said that some congressional staffers were warned by federal law enforcement officials as early as November 2015 not to meet with employees from Kaspersky over concerns of electronic surveillance. The officials spoke on the condition of anonymity because they were not authorized to speak publicly about the matter.

    Skepticism of Kaspersky became public in May when a panel of U.S. intelligence community leaders testified before Congress that they wouldn't use the firm’s software on their own computers. Sen. Marco Rubio (R-Fla.), noted the widespread use of the software and asked, "Would any of you be comfortable with the Kaspersky Lab software on your computers?"

    "A resounding no from me," said acting FBI director Andrew McCabe.

    CIA Director Mike Pompeo, Director of National Intelligence Daniel Coats and National Security Agency Director Adm. Michael Rogers also said they would not use Kaspersky.

    The government’s unease about Kaspersky follows the conclusion by U.S. intelligence agencies that Russian President Vladimir Putin last year ordered a campaign of cyber-attacks to undermine the election. The Justice Department has named a special counsel to investigate possible coordination between Trump’s associates and Russian officials during the campaign.

    James Lewis, a cybersecurity expert at the Center for Strategic and International Studies in Washington, D.C., said, "it’s difficult, if not impossible" for a company like Kaspersky to be headquartered in Moscow "if you don’t cooperate with the government and the intelligence services."

    Kaspersky has worked to protect its image since the GSA decision. It said this month that it would be willing to turn over its software source code to federal investigators.

    The Senate Armed Services Committee this month unanimously adopted an amendment by Sen. Jeanne Shaheen (D-N.H.), that would force the government to strip Kaspersky from any government systems connected to defense networks. In a statement, Shaheen said the Trump administration and Congress should go further and require all government systems to drop Kaspersky. "The ties between Kaspersky Lab and the Kremlin are very alarming," Shaheen said.

 

Today in history

    On this date in 1831, the new London Bridge opened. In 1876, Colorado was admitted as the 38th U.S. state. In 1961, the first ever Six Flags amusement park opened in Texas. In 1978, Pete Rose's date with destiny was stopped as his hit streak ended at 44. In 1980, Iceland voters elected Vigdis Finnbogadottir as their first ever female president. In 1981, MTV, the American network broadcasting music videos was launched on TV in New York City. In 2011, the HSBC bank announced cuts to 5,000 jobs, as well as an additional 25,000 in 2013.

 

The parting shots

    Rapper Artis Leon "Coolio" Ivey, Jr., is 54 years old today. And today is the birthday of rock guitarist and singer Jerry Garcia ("The Grateful Dead") (1942-1995).

    Temporary air conditioning units delivered to the City Workhouse in St. Louis, Mo., after protests over hot conditions are now making it too cold for some inmates, according to the mayor's office. "There have been multiple complaints from inmates that the facility is too cold following the city's setting up of temporary air conditioning at the facility," said Koran Addo, Mayor Lyda Krewson's spokesman. One inmate has been sent to administrative segregation after using a broom handle to try to damage a vent blowing cool air into the dormitories, Addo said. The city spent more than $75,000 on temporary air conditioning units, which were delivered to the facility on July 24th. Five units from TempAir, ranging from 25 to 50 tons, were installed in the older sections of the jail. The expectation was that the units would cool the temperature to about 78 degrees in the facility, more formally known as the St. Louis Medium Security Institution. It wasn't immediately clear how low the temperature was getting in particular areas.

    A self-described "email prankster" in the U.K. fooled a number of White House officials into thinking he was other officials, including an episode where he convinced the White House official tasked with cyber security that he was Jared Kushner.

    There's never a good time to discharge black sewer gunk into Niagara Falls. But doing it on a beautiful Saturday afternoon at the height of tourist season may be the worst timing ever.

    And Nia Long has joined the cast of CBS' veteran crime drama series NCIS: Los Angeles as a series regular. She will be introduced in the upcoming ninth season.

 

 

 

Page 3