Showing posts with label ICTEC. Show all posts
Showing posts with label ICTEC. Show all posts

22 July 2019

Outsourcing in Intelligence and Defense Agencies: A Risk of an Increase in the Proliferation of Cyber Weapons?

Omree Wechsler

The many cases of the leakage of classified materials belonging to intelligence and defense agencies have led to claims that contract workers are the reason for these incidents, due to either their lack of loyalty or negligence. In addition, these leaks of classified information, including hacking programs and components, have raised the question of whether this internal threat is also the cause of the increased proliferation of sophisticated cyber weapons among players who do not have the ability to develop them. A prominent case study from the past few years is the leak of the National Security Agency (NSA)’s hacking component, EternalBlue, and its use in the global cyberattack WannaCry, which damaged computers in 150 countries and was attributed to North Korea. Understanding the internal threat and its connection to the proliferation of cyber weapons, along with enumerating the advantages and disadvantages of hiring contractors, is critical for minimizing the threat, coping with it, and in preventing harm to national security and further deterioration of stability in cyberspace.

Is blockchain overhyped? 5 challenges to getting projects off the ground

Over the past few years, there has been a great deal of excitement around blockchain – some warranted, and some not. As the hype dies down, the dust is settling, and the technology is moving into a “build” phase. That is, organizations – large and small – are looking into viable use cases for the technology and deploying them. (You can find our practical framework for deciding whether blockchain is a good fit for your use case here.)

To get a pulse of where blockchain deployments stand, the World Economic Forum and Accenture Research partnered to survey 550 individuals from 13 industries, interview dozens of public and private sector leaders, and analyse 79 blockchain projects. Here are the top obstacles and challenges to getting projects off the ground:

1. Hype remains

Microsoft is like a Monopoly that Just Won’t Die

Michael K. Spencer

Microsoft is the world’s most valuable public company. It is no Amazon or Huawei, but its pivot to the Cloud has been an epic success and Alibaba and Tencent should be taking notes.

Incredibly, half of Microsoft’s acquisitions in 2018 were in the area of video games. Microsoft has tried to copy the success of such solutions as Slack and Twitch, but somehow as a Grandfather of tech company is losing the battle of consumer artificial intelligence and now partners with Alexa, rather than competing against it.

Not part of the volatile FAANG stocks, Microsoft’s stock is rock solid at around $100.00. Azure is easily the second leader in the Cloud that’s still showing incredible global growth and will continue to do so in the 2020s.

Security and the 'Holographic Society'

By Eric B. Schnurer

The very distinction between the virtual and physical worlds is itself dissolving. Is it time we started thinking about security in the physical world as we do in cyber? Successful attacks cannot be entirely prevented but can be survived by building multiple pathways so the enemy cannot take down the entire system. Every point in the network has access to the information, so it can, as a practical matter, never be destroyed or altered, something like a hologram. In that way, blockchain essentially models the logic of “defense” as dispersion and redundancy. "Distributed" rather than concentrated systems are more survivable and secure in the real world, not just the virtual: To the extent that our concern is purely physical survival, even then, the more dispersed or redundant a population, an economy or a culture, the less a physical attack on it will make any sense.

Revealed: This Is Palantir’s Top-Secret User Manual for Cops

By Caroline Haskins

Palantir is one of the most significant and secretive companies in big data analysis. The company acts as an information management service for Immigrations and Customs Enforcement, corporations like JP Morgan and Airbus, and dozens of other local, state, and federal agencies. It’s been described by scholars as a “secondary surveillance network,” since it extensively catalogs and maps interpersonal relationships between individuals, even those who aren't suspected of a crime.

Palantir software is instrumental to the operations of ICE, which is planning one of the largest-ever targeted immigration enforcement raids this weekend on thousands of undocumented families. Activists argue raids of this scale would be impossible without software like Palantir. But few people outside the company and its customers know how its software works or what its specific capabilities and user interfaces are.

World Trade Organization 2.0: Reforming Multilateral Trade Rules for the Digital Age


The rules-based framework, as instantiated in rules established under the World Trade Organization (WTO), is not equipped to address the issues that are emerging under the technological conditions generated by the digital transformation. The emerging knowledge-based and data-driven economy features incentives for strategic trade and investment policy and a confluence of factors contributing to market failure at a global scale; digital social media and platform business models have raised concerns with calls for regulation affecting cross-border data flows; and newfound security issues raised by the vulnerabilities in the infrastructure of the digitized economy have precipitated a potential decoupling of global production networks along geopolitical fault lines.

To date, the response has been fragmented, incomplete and, in large part, conducted outside the WTO. A new WTO digital round is required to create a multilateral framework that is fit for purpose for the digital age.

21 July 2019

The Great Crypto Heist


Cryptocurrencies have given rise to an entire new criminal industry, comprising unregulated offshore exchanges, paid propagandists, and an army of scammers looking to fleece retail investors. Yet, despite the overwhelming evidence of rampant fraud and abuse, financial regulators and law-enforcement agencies remain asleep at the wheel.

NEW YORK – There is a good reason why every civilized country in the world tightly regulates its financial system. The 2008 global financial crisis, after all, was largely the result of rolling back financial regulation. Crooks, criminals, and grifters are a fact of life, and no financial system can serve its proper purpose unless investors are protected from them.

Hence, there are regulations requiring that securities be registered, that money-servicing activities be licensed, that capital controls include “anti-money-laundering” (AML) and “know your customer” (KYC) provisions (to prevent tax evasion and other illicit financial flows), and that money managers serve their clients’ interests. Because these laws and regulations protect investors and society, the compliance costs associated with them are reasonable and appropriate.

CO19137 | Debating Artificial Intelligence: The Fox versus the Hedgehog

Donald K. Emmerson

RSIS Commentary is a platform to provide timely and, where appropriate, policy-relevant commentary and analysis of topical and contemporary issues. The authors’ views are their own and do not represent the official position of the S. Rajaratnam School of International Studies, NTU. These commentaries may be reproduced with prior permission from RSIS and due recognition to the author(s) and RSIS. Please email to Mr Yang Razali Kassim, Editor RSIS Commentary at

Singapore in Southeast Asia and Stanford University in the United States are focal points for discussions of AI and how it can be made to help not hurt human beings. A recent panel at Stanford illustrates the difficulty and necessity of bringing both generalist and specialist perspectives to bear on the problem.

Cyber Resilience and Financial Organizations:

A Capacity-building Tool Box

To enhance the cyber resilience of financial institutions, the Carnegie Endowment for International Peace has partnered with the International Monetary Fund, the SWIFT Institute—the original sponsor of this project, the Financial Services Information Sharing and Analysis Center (FS-ISAC), Standard Chartered, the Cyber Readiness Institute, and the Global Cyber Alliance to develop this capacity-building tool box. This website offers a series of action-oriented, easy-to-use one-page guides; complementary checklists; and a comprehensive, supplementary report detailing how financial institutions, particularly small- and mid-sized organizations as well as those that are less cyber mature, can enhance their own security as well as that of their customers and third parties. The guides and checklists are available in multiple languages (Arabic, Dutch, English, French, Portuguese, Russian, and Spanish.)

Sex, Beer, and Coding: Inside Facebook’s Wild Early Days

by Adam Fisher.

Everyone who has seen The Social Network knows the story of Facebook’s founding. It was at Harvard in the spring semester of 2004. What people tend to forget, however, is that Facebook was only based in Cambridge for a few short months. Back then it was called, and it was a college-specific carbon copy of Friendster, a pioneering social network based in Silicon Valley.

Mark Zuckerberg’s knockoff site was a hit on campus, and so he and a few school chums decided to move to Silicon Valley after finals and spend the summer there rolling Facebook out to other colleges, nationwide. The Valley was where the internet action was. Or so they thought.

In Silicon Valley during the mid-aughts the conventional wisdom was that the internet gold rush was largely over. The land had been grabbed. The frontier had been settled. The web had been won. Hell, the boom had gone bust three years earlier. Yet nobody ever bothered to send the memo to Mark Zuckerberg—because at the time, Zuck was a nobody: an ambitious teenaged college student obsessed with the computer underground. He knew his way around computers, but other than that, he was pretty clueless—when he was still at Harvard someone had to explain to him that internet sites like Napster were actually businesses, built by corporations.

20 July 2019

Facebook’s Face-ID Database Could Be the Biggest in the World. Yes, It Should Worry Us.


Every day, Facebook users upload hundreds of millions of photos to the social network. If they haven’t opted out, the software scans those photos in search of faces it recognizes. As users either agree or disagree with the recommendations of who should be tagged, Facebook’s algorithms get better. The company’s research suggests that Facebook holds “the largest facial dataset to date”—powered by DeepFace, Facebook’s deep-learning facial recognition system.

Unlike Amazon’s Rekognition, which is facial recognition software that scans existing databases provided by clients like law enforcement agencies, Facebook’s system doesn’t need an external trove of face photos to work. Facebook has all that data because we upload it—pictures from different stages of our lives, from various angles, with different clothes and haircuts, in and out of makeup, with new tattoos—every day. Facebook knows it’s us because even if we haven’t tagged ourselves, one of our friends might have.

Pentagon Announces New Digital Modernization Strategy


The Defense Department this week published a multi-pronged digital modernization strategy targeting four areas that can benefit most from a new approach to the digital age: a Pentagon-wide data storage cloud; artificial intelligence; command, control, and communications; and cybersecurity.

Across dozens of objectives, the strategy encompasses current and future efforts like those underway at the Joint Artificial Intelligence Center and in iterative software coding centers to fuel innovative technologies, as well as to make the Pentagon’s information technology enterprise more efficient and capable, boost network security, and cultivate a digital-savvy workforce.

DOD pledges more effective oversight of its nearly $50 billion IT portfolio in a shift that recognizes the importance of data management and secure networks in 21st-century combat. According to a July 15 policy paper, the strategy aims to smooth the department’s move to a globally accessible “cloud” that holds military data, as well as other IT services that DOD would buy as a whole rather than asking each service to opt into them.

Executive Order 13873 Could Expand The Reach Of War Exclusions In Cyber Policies

Daniel B. Garrie Esq.

On May 15, 2019, President Donald Trump issued Executive Order 13873, “Securing the Information and Communications Technology and Services Supply Chain,” which prohibits high-risk information technology transactions with entities under the jurisdiction of a “foreign adversary,” as determined by the Secretary of Commerce. While the executive order will affect buyers and sellers in a variety of industries, it’s influence may even extend to cyber insurance litigation. 

One area that may be affected is the interpretation of the standard war exclusion included in most cyber insurance policies as it applies to cyber hostilities. Specifically, the executive order may be interpreted as conflating private entities in foreign adversary jurisdictions with the foreign adversaries themselves, which could significantly broaden the range of entities that trigger the war exclusion under the terms of many cyber insurance policies. This could lead to a wave of coverage denials under the war exclusion and potentially a reconsideration of this standard policy language in the context of cyber.

How DoD is trying to adapt to the information overload age

By: Mark Pomerleau  

The Department of Defense is reexamining its overarching strategy for operating in what it calls the information environment, according to Mark Esper, the man nominated to lead the Pentagon.

The information environment is essentially the aura surrounding all humans that includes how information is collected, interpreted and disseminated, affecting how decisions are made.

Much has changed in this space since the last strategy was published in 2016, namely an increase in global disinformation campaigns leveraging, in part, social media platforms

In a pre-hearing questionnaire from senators before his July 16 confirmation hearing, Esper said the new strategy is “focused on the central idea that DoD must evolve from a primary focus on executing its preferred method of warfare to one that incorporates information as a foundational element of plans and operations.”

The Geopolitics of 5G


The global race to install next-generation 5G mobile networks is already underway and will be one of the most geopolitically significant technology projects ever undertaken. 5G's high data speeds and other revolutionary features will make economy-changing technology applications such as driverless cars, smart cities, and advanced factory automation feasible on a commercial scale for the first time.

This report by Eurasia Group's Geo-technology practice provides a comprehensive analysis of the political forces that will influence the creation of 5G standards and deployment in key markets. It addresses how the political struggle over 5G and the technologies and services that will be built on top of the new networks will shape the competition for 21st-century dominance between the world's leading technology superpowers, the US and China. It also assesses the difficult choices that third countries will face to determine their own 5G strategies amid an ongoing confrontation between Washington and Beijing over technology and trade.

19 July 2019

Pentagon studies how to secure 5G and beyond

By: Mark Pomerleau 

The Department of Defense is developing a 5G strategy, and now the Defense Science Board has given Pentagon decision-makers its findings on the subject.

The DSB’s quick task force on defense applications of fifth-generation network technology undertook an extensive technical review of 5G-related technologies and communication to offer the DoD recommendations on how to adopt such technologies in the face of concerns.

Specifically, Pentagon officials and members of Congress are increasingly worried that if China invests in and controls the majority of the global 5G network marketplace, the Chinese government can use that network to spy on the communications that cross the network. Worse, some fear that in a conflict or tension, China could cut off communications to certain areas as leverage.

2019 Internet Security Threat Report

The 2019 Internet Security Threat Report takes a deep dive into insights from the Symantec Global Intelligence Network (GIN), revealing the latest trends in cyber security attacks including ransomware, formjacking, cloud security and mobile threats.

Through GIN, Symantec has established the largest civilian threat collection network in the world, and one of the most comprehensive collections of cyber security threat intelligence.

Download this in-depth report now to use this unparalleled intelligence to your advantage.

Why won’t the National Security Commission share its thoughts on AI?

By: Kelsey D. Atherton

Artificial Intelligence is an inherently opaque process. Creating machines that can arrive at new conclusions means setting a process in motion more than carefully orchestrating each step along the path. So, too, it appears are the operations of the National Security Commission on Artificial Intelligence, which held its third plenary session July 11, 2019, in Cupertino, California. In a Department of Defense news release, the Commission shared merely that it listened to classified briefings about AI.

Created by the National Defense Authorization Act in 2018, the Commission is explicitly tasked with reviewing “advances in artificial intelligence, related machine learning developments, and associated technologies,” for the express purpose of addressing “the national and economic security needs of the United States, including economic risk, and any other associated issues.” The form this review will take is annual reports to the president and Congress, made publicly available with the possible exception of a classified annex.

Pentagon studies how to secure 5G and beyond

By: Mark Pomerleau  

The Department of Defense is developing a 5G strategy, and now the Defense Science Board has given Pentagon decision-makers its findings on the subject.

The DSB’s quick task force on defense applications of fifth-generation network technology undertook an extensive technical review of 5G-related technologies and communication to offer the DoD recommendations on how to adopt such technologies in the face of concerns.

Specifically, Pentagon officials and members of Congress are increasingly worried that if China invests in and controls the majority of the global 5G network marketplace, the Chinese government can use that network to spy on the communications that cross the network. Worse, some fear that in a conflict or tension, China could cut off communications to certain areas as leverage.

Securing 5G Networks Challenges and Recommendations

Robert Williams

Fifth-generation (5G) telecommunications networks could revolutionize the digital economy by enabling new applications that depend on ultra-fast communications at industrial scale. Many of these new applications, such as driverless cars, telemedicine, factory automation, smart electric grids, and smart cities, will capitalize on advances in artificial intelligence (AI), and 5G networks themselves will be AI-enabled.

With these opportunities come major cybersecurity challenges. Western governments are grappling with the risks posed by Huawei and other Chinese vendors of 5G infrastructure equipment. On May 15, 2019, U.S. President Donald J. Trump issued an executive order laying the groundwork for a ban on Huawei equipment in U.S. networks, a long-anticipated move that was accompanied by the Commerce Department’s even more consequential decision to restrict the company’s access to U.S. components. Excluding Huawei from U.S. networks, however, is not the same as securing those networks. Instead, U.S. policymakers need to adopt a broader strategy that includes technical measures, regulatory adjustments, a sensible legal liability regime, diplomacy, and investments in research and cybersecurity skills training.

The Technology of 5G