Is The CIA Ready For Post-Election Chaos?

Uploaded on 2016-11-04 in NEWS-Cybersecurity News, GOVERNMENT-Defence, FREE TO VIEW

A months-long campaign backed by the Russian government to undermine the credibility of the US presidential election, through hacking, cyberattacks, and disinformation campaigns, is likely to have peaked on voting day.

Russian officials deny any such effort. But current and former US officials warn that hackers could have posted fictional evidence online of widespread voter fraud, release a final tranche of embarrassing hacked emails, and slow the internet to a crawl through cyber-attacks.

“Don’t underestimate what they can do or will do. We have to be prepared,” Leon Panetta, who served as Central Intelligence Agency director and defense secretary in President Barack Obama’s first term, said. “In some ways, they are succeeding at disrupting our process. Until they pay a price, they will keep doing it.”

John Brennan, the current CIA director, (above) declined to comment on the Russian efforts. But he said Russian intelligence operatives have a long history of marrying traditional espionage with advances in technology. More broadly, Brennan he said, the digital age creates enormous opportunities for espionage. But it also creates vulnerabilities.

Citing an array of new cyber, conventional, and terrorist threats, Brennan announced the most sweeping reforms of the CIA in its 69-year history 18 months ago. Weakening the role of the Directorate of Operations, the agency’s long-dominant arm responsible for gathering intelligence and conducting covert operations, Brennan created 10 new “mission centers” where CIA spies, analysts, and hackers work in teams focused on specific issues. He also created a new Directorate for Digital Innovation to maximise the agency’s use of technology, data analytics, and online spying.

The information age “has totally transformed the way we are able to operate and need to operate,” Brennan said in a series of interviews. “Most human interactions take place in that digital domain. So the intelligence profession needs to flourish in that domain. It cannot avoid it.”

This blend of the criminal actor, the nation-state actor, and the terrorist actor, that’s going to be the trend over the next five years.

When a new American diplomat arrives for duty at the US embassy in Moscow or Beijing, CIA officials say, Russian and Chinese intelligence operatives run data analytics programs that check the “digital dust” associated with his or her name. If the newcomer’s footprint in that dust, social-media posts, cell phone calls, debit card payments, is too small, the “diplomat” is flagged as an undercover CIA officer.  

The Russian-backed campaign to discredit the US election is not isolated. Hackers believed to have links to Chinese intelligence began stealing the personnel records of 21.5 million federal employees and job applicants in 2014, the worst known data breach in US government history. Islamic State propagandists online continue to inspire lone-wolf attacks in the United States even as the group loses territory.

James Clapper, the Director of National Intelligence, praised Brennan and his efforts to retool the CIA for this new digital era in an interview. So did Lisa Monaco, Brennan’s successor as Obama’s homeland security and counterterrorism adviser.

But some current and former officials question Brennan’s strategy, arguing his reforms are too digitally focused and will create a more cautious, top-heavy spy agency. At a time when the agency needs to refocus its efforts on human espionage, they say, the concentration of power in the new mission centers weakens the ability of the Directorate of Operations to produce a new generation of elite American spies.

Glenn Carle, a former CIA covert officer, praised Brennan and his reforms but said they have sparked a mixed reaction among Directorate of Operations officials who believe human intelligence is getting short shrift. “The value the CIA can fundamentally add is to steal secrets, and the ultimate secret is intention,” Carle said, referring to the often inscrutable aims of foreign leaders. “Obtaining that is a human endeavor.”

DefenseOne:               Is Moscow Trying To Influence The US Presidential Election?
 

« Healthcare Industry Lacks Basic Security Knowhow
Big Hack At Tesco Bank – Money Vanished »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

SecPoint

SecPoint

SecPoint provides products to secure & protect your network from remote and local attacks.

Ripjar

Ripjar

Ripjar is a global company of talented technologists, data scientists and analysts designing products that will change the way criminal activities are detected and prevented.

Intruder

Intruder

Intruder is a cloud-based vulnerability scanner that finds cyber security weaknesses in your digital infrastructure, to avoid costly data breaches.

Digitronic Computersysteme

Digitronic Computersysteme

Digitronic focus on innovative software to protect your personal and sensitive corporate data.

Computing Technology Industry Association (CompTIA)

Computing Technology Industry Association (CompTIA)

CompTIA is dedicated to advancing industry growth through its educational programs, market research, networking events, professional certifications, and public policy advocacy.

National Center for Manufacturing Sciences (NCMS) - USA

National Center for Manufacturing Sciences (NCMS) - USA

NCMS is a cross-industry technology development consortium, dedicated to improving the competitiveness of the US industrial base. Strategic initiatives include industrial cyber security.

ISMS Accreditation Center (ISMS-AC)

ISMS Accreditation Center (ISMS-AC)

ISMS-AC is the national accreditation body for Japan. The directory of members provides details of organisations offering certification services for ISO 27001.

Cloud Managed Networks

Cloud Managed Networks

Cloud Managed Networks provides enterprise grade IT network solutions for cloud-based and on premise network security, Wi-Fi, data switching, collaboration, device management and more.

Securis

Securis

Securis provides organizations and agencies with the highest level of professional, ultra-secure data destruction and IT recycling.

SOC.OS Cyber Security

SOC.OS Cyber Security

SOC.OS is an alert correlation and triage automation tool. It correlates and prioritises your alerts, boosting productivity, enhancing threat visibility and shortening mean time to respond.

Sydeco

Sydeco

Sydeco offer a complete range of products that secure computer and industrial networks, servers, programs and data against any type of computer attack.

Xscale Accelerator

Xscale Accelerator

Xscale's vision is to create world-class startups out of India by transforming sales and providing access to global markets.

Rolls-Royce Cybersecurity Technology Research Network

Rolls-Royce Cybersecurity Technology Research Network

Rolls-Royce has partnered with Purdue University and Carnegie Mellon University to create the Rolls-Royce Cybersecurity Technology Research Network.

Tracebit

Tracebit

Tracebit uses decoys to detect and respond to cloud intrusions in minutes.

SureCloud Cyber Services

SureCloud Cyber Services

Our Cyber Testing capability has been honed since we were founded in 2006 as a disrupter in the penetration testing market.

Centum Digital

Centum Digital

Centum Digital provide services, products and solutions specialized in communications engineering, control and signal intelligence.