Is The CIA Ready For Post-Election Chaos?

A months-long campaign backed by the Russian government to undermine the credibility of the US presidential election, through hacking, cyberattacks, and disinformation campaigns, is likely to have peaked on voting day.

Russian officials deny any such effort. But current and former US officials warn that hackers could have posted fictional evidence online of widespread voter fraud, release a final tranche of embarrassing hacked emails, and slow the internet to a crawl through cyber-attacks.

“Don’t underestimate what they can do or will do. We have to be prepared,” Leon Panetta, who served as Central Intelligence Agency director and defense secretary in President Barack Obama’s first term, said. “In some ways, they are succeeding at disrupting our process. Until they pay a price, they will keep doing it.”

John Brennan, the current CIA director, (above) declined to comment on the Russian efforts. But he said Russian intelligence operatives have a long history of marrying traditional espionage with advances in technology. More broadly, Brennan he said, the digital age creates enormous opportunities for espionage. But it also creates vulnerabilities.

Citing an array of new cyber, conventional, and terrorist threats, Brennan announced the most sweeping reforms of the CIA in its 69-year history 18 months ago. Weakening the role of the Directorate of Operations, the agency’s long-dominant arm responsible for gathering intelligence and conducting covert operations, Brennan created 10 new “mission centers” where CIA spies, analysts, and hackers work in teams focused on specific issues. He also created a new Directorate for Digital Innovation to maximise the agency’s use of technology, data analytics, and online spying.

The information age “has totally transformed the way we are able to operate and need to operate,” Brennan said in a series of interviews. “Most human interactions take place in that digital domain. So the intelligence profession needs to flourish in that domain. It cannot avoid it.”

This blend of the criminal actor, the nation-state actor, and the terrorist actor, that’s going to be the trend over the next five years.

When a new American diplomat arrives for duty at the US embassy in Moscow or Beijing, CIA officials say, Russian and Chinese intelligence operatives run data analytics programs that check the “digital dust” associated with his or her name. If the newcomer’s footprint in that dust, social-media posts, cell phone calls, debit card payments, is too small, the “diplomat” is flagged as an undercover CIA officer.  

The Russian-backed campaign to discredit the US election is not isolated. Hackers believed to have links to Chinese intelligence began stealing the personnel records of 21.5 million federal employees and job applicants in 2014, the worst known data breach in US government history. Islamic State propagandists online continue to inspire lone-wolf attacks in the United States even as the group loses territory.

James Clapper, the Director of National Intelligence, praised Brennan and his efforts to retool the CIA for this new digital era in an interview. So did Lisa Monaco, Brennan’s successor as Obama’s homeland security and counterterrorism adviser.

But some current and former officials question Brennan’s strategy, arguing his reforms are too digitally focused and will create a more cautious, top-heavy spy agency. At a time when the agency needs to refocus its efforts on human espionage, they say, the concentration of power in the new mission centers weakens the ability of the Directorate of Operations to produce a new generation of elite American spies.

Glenn Carle, a former CIA covert officer, praised Brennan and his reforms but said they have sparked a mixed reaction among Directorate of Operations officials who believe human intelligence is getting short shrift. “The value the CIA can fundamentally add is to steal secrets, and the ultimate secret is intention,” Carle said, referring to the often inscrutable aims of foreign leaders. “Obtaining that is a human endeavor.”

DefenseOne:               Is Moscow Trying To Influence The US Presidential Election?
 

« Healthcare Industry Lacks Basic Security Knowhow
Big Hack At Tesco Bank – Money Vanished »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

TitanFile

TitanFile

TitanFile is an award-winning, easy and secure way for professionals to communicate without having to worry about security and privacy.

TSUNAMI

TSUNAMI

The TSUNAMi center focuses on software and system security and how trustworthy software can be built from COTS software components.

Verimatrix

Verimatrix

Verimatrix is a global provider of innovative cybersecurity solutions that protect content, devices, software and applications.

Intensity Analytics

Intensity Analytics

Intensity Analytics is a software firm that develops next-generation, physical user and entity behavioral authentication ("physical UEBA") security software technology.

Office of the National Security Council (UVNS) - Croatia

Office of the National Security Council (UVNS) - Croatia

UVNS coordinates, harmonizes the adoption and controls the implementation of information security measures and standards in the Republic of Croatia.

Secon Cyber Security

Secon Cyber Security

Secon Cyber Security is an Advanced Managed Security Services Provider with long standing experience of providing cyber security solutions to customers ranging from small to large enterprises.

Red4Sec

Red4Sec

Red4Sec are experts in ethical hacking, audits of web and mobile applications, code audits, cryptocurrency audits, perimeter security and incident response.

Amadeus Capital Partners

Amadeus Capital Partners

Amadeus Capital Partners offers over 20 years’ experience in technology investment. Our areas of focus include AI & machine learning and cyber security.

ThreatX

ThreatX

ThreatX provides complete web application & API protection to address expanding app footprints and complex attacks.

SilverSky

SilverSky

SilverSky offers a comprehensive suite of products and services that deliver unprecedented simplicity and expertise for compliance and cybersecurity programs.

Zephyr Project

Zephyr Project

The Zephyr Project strives to deliver the best-in-class RTOS for connected resource-constrained devices, built to be secure and safe.

Security BSides Cayman Islands

Security BSides Cayman Islands

Security BSides is a non-profit, community-driven event built for and by information security community members. Our aim is to help build an Information Security community in the Cayman Islands.

ATSG

ATSG

ATSG is a global leader in transformational technology solutions for today’s digital enterprise. Cybersecurity ranging from Advisory & Assessment to Fully Managed Detection and Response Services.

ImagineX Consulting

ImagineX Consulting

ImagineX Consulting is a cybersecurity-focused boutique technology consultancy whose mission is to help our clients #BeBetter by reducing their corporate risk.

Gogolook

Gogolook

Gogolook is a leading TrustTech company. With "Build for Trust" as its core value, it aims to create an AI- and data-driven global anti-fraud network as well as Risk Management as a Service.

Offenso Hackers Academy

Offenso Hackers Academy

At Offenso we focus on cyber security training focused on producing cyber security professionals with a wide range of abilities to counter threats from the internet and cloud to a business.

SOCRadar

SOCRadar

SOCRadar is an Extended Threat Intelligence (XTI) SaaS platform that combines External Attack Surface Management (EASM), Digital Risk Protection Services (DRPS), and Cyber Threat Intelligence (CTI).