Point(s) of Contact
Pamela Hamilton / FSO
843.327.3273
pamela@appliedsecurityknowledge.com
Richard Carmichael / ITPSO
678.221.7834
rcarmichael@laochservices.com
DoD Hotline
dodig.mil/hotline / 800.424.9098
SOURCE: New York Times by Peter Baker – June 5, 2023
Robert P. Hanssen, a former F.B.I. agent who spied for Moscow off and on for more than two decades during and after the Cold War in one of the most damaging espionage cases in American history, was discovered dead in his prison cell in Colorado on Monday, federal authorities announced. He was 79.
The Federal Bureau of Prisons said in a statement that Mr. Hanssen was found unresponsive just before 7 a.m. at the United States Penitentiary Florence, where he was serving a life sentence. He was pronounced dead after lifesaving efforts by emergency medical workers. The statement did not identify a cause.
Mr. Hanssen's case was considered one of the most notorious spy scandals of his generation, shocking F.B.I. leaders and other government officials when they learned that one of their own had been feeding information to the other side with impunity for so many years. To this day, the F.B.I. describes him as "the most damaging spy in bureau history."
Eric O'Neill (Ryan Phillippe), a low-level surveillance expert with the FBI, believes he is accomplishing his dream of becoming a full-fledged agent, with his unexpected promotion and assignment to work with renowned agent Robert Hanssen (Chris Cooper). However, he soon learns the reason for his promotion is to gain Hanssen's trust and find proof that he is a traitor to the country.
SOURCE: Fedscoop by John Hewitt Jone – May 10, 2023
NIST has published new draft guidelines for the protection of sensitive unclassified information. When implemented, the revised guidelines will govern how federal agencies handle the type of information known as controlled unclassified information (CUI). All federal departments as well as federal contractors and subcontractors handling government data are required to follow the standards set by NIST.
According to Ron Ross, NIST fellow and one of the publication's authors, the update is intended to provide more consistent information security guidelines to members of the defense industrial base and other government contractors. "Many of the newly added requirements specifically address threats to CUI, which recently has been a target of state-level espionage," he said. "We want to implement and maintain state-of-the-practice defenses because the threat space is changing constantly."
SOURCE: Breaking Defense by Sydney J. Freedberg JR– April 6, 2023
WASHINGTON — Imagine a militarized version of ChatGPT, trained on secret intelligence. Instead of painstakingly piecing together scattered database entries, intercepted transmissions and news reports, an analyst types in a quick query in plain English and get back, in seconds, a concise summary — a prediction of hostile action, for example, or a profile of a terrorist.
But is that output true? With today's technology, you can't count on it, at all.
That's the potential and the peril of "generative" AI, which can create entirely new text, code or images rather than just categorizing and highlighting existing ones. Agencies like the CIA and State Department have already expressed interest. But for now, at least, generative AI has a fatal flaw: It makes stuff up.
SOURCE: Government Executive by Alexandria Kelley – May 16, 2023
New legislation is responding to the federal workforce's knowledge gap concerning advancing artificial intelligence systems, with a team of bipartisan senators aiming to create a new training program specifically for leaders at government agencies.
Introduced by Sens. Gary Peters, D-Mich., and Mike Braun, R-Ind., the Artificial Intelligence Leadership Training Act, first announced on May 11, establishes a subagency within the Office of Personnel Management that focuses on training covered and eligible employees in artificial intelligence systems that may be incorporated into federal operations.
The ultimate goal of the bill is to improve the federal workforce's skills and acumen regarding AI applications, a technology that stands to continue to rapidly evolve and seep into daily functions.
SOURCE: US Department of Justice – May 16, 2023
The Justice Department today unsealed two indictments charging a Russian national and resident with using three different ransomware variants to attack numerous victims throughout the United States, including law enforcement agencies in Washington, D.C. and New Jersey, as well as victims in healthcare and other sectors nationwide.
According to the indictment obtained in the District of New Jersey, from at least as early as 2020, Mikhail Pavlovich Matveev, aka Wazawaka, aka m1x, aka Boriselcin, aka Uhodiransomwar, allegedly participated in conspiracies to deploy three ransomware variants. These variants are known as LockBit, Babuk, and Hive, and Matveev transmitted ransom demands in connection with each. The perpetrators behind each of these variants, including Matveev, have allegedly used these types of ransomware to attack thousands of victims in the United States and around the world. These victims include law enforcement and other government agencies, hospitals, and schools. Total ransom demands allegedly made by the members of these three global ransomware campaigns to their victims amount to as much as $400 million, while total victim ransom payments amount to as much as $200 million.
SOURCE: NTD by Joseph Lord – April 24, 2023
Department of Defense Press Secretary Gen. Patrick S. Ryder speaks at a press conference at the Pentagon in Arlington, Va., on April 13, 2023. (Kevin Dietsch/Getty Images).
The U.S. Department of Defense (DoD) has announced new policies to safeguard sensitive information following the most serious leak of U.S. classified material in a decade.
The new measures were unveiled on April 24 by Pentagon Press Secretary Air Force Brig. Gen. Pat Ryder at a DoD press conference.
In his statement, Ryder confirmed that the DoD was conducting a comprehensive review of its security programs, policies, and procedures in response to the recent unauthorized disclosure of classified documents.
Air National Guardsman Jack Teixeira, who worked as an IT specialist and thus had access to highly classified material, is suspected of having been the source of the leak. Reportedly, Teixeira shared documents on issues ranging from Ukrainian battle plans to the identities of U.S. spy assets across the planet.
SOURCE: CNN by Hannah Rabinowitz – May 17, 2023
The Air National Guardsman who is accused of posting a trove of classified documents to social media was repeatedly warned by his superiors in the Air Force over his mishandling of classified documents, prosecutors say.
In court documents arguing for Jack Teixeira's continued detention, prosecutors said that the 21-year-old's "willful disregard" of his obligation to protect classified information has become more apparent in the weeks since he last appeared in court.
"In particular, the Defendant's disclosures (and associated boasting) continued even after being admonished by his superiors on two separate occasions — once in September 2022 and once in October 2022 — amid concerning actions that the Defendant took related to classified information," prosecutors wrote.
SOURCE: ClearanceJobs by Lindy Kyzer – May 11, 2023
Legislation was announced yesterday in response to security clearance reform conversations that began in the wake of scrutiny surrounding classified documents at the homes of former President Donald Trump and then Vice President Joe Biden. The accelerator toward proposed changes got some gas in the past month, in the wake of an alleged leak of classified documents by Massachusetts National Guard Airman Jack Teixeira.
Yesterday, a bipartisan group of senators led by Virginia Senator Mark Warner released two bills aimed at addressing current issues in the national security process. The Classification Reform Act of 2023 and Sensible Classification Act of 2023 propose a number of reforms or reviews, with a heavy focus on overclassification and training on classification procedures. A harmful undercurrent across both statements from the bills' sponsors as well as the legislation itself, however, points to a renewed push to reduce the size of the cleared population, unrelated to mission need, and focused on a blanket belief that four million people with a clearance is 'crazy,' according to comments made by Sen. John Cornyn (R-TX).
SOURCE: BleepingComputer by Bill Toulas – May 16, 2023
Kiddowares 'Parental Control – Kids Place' app for Android is impacted by multiple vulnerabilities that could enable attackers to upload arbitrary files on protected devices, steal user credentials, and allow children to bypass restrictions without the parents noticing.
The Kids Place app is a parental control suite with 5 million downloads on Google Play, offering monitoring and geolocation capabilities, internet access and purchasing restrictions, screen time management, harmful content blocking, remote device access, and more.
Researchers at SEC Consult have found that the Kids Place app versions 3.8.49 and older are vulnerable to five flaws that could impact the safety and privacy of its users.
SOURCE: Fox News by Kim Komando – May 14, 2023
Porsche presents its new cars at the 2023 Shanghai Auto Show in Shanghai, China, April 21, 2023. This year marks the 75th anniversary of the Porsche brand, with a
total
of 13 models on display, demonstrating Porsche's unique understanding of technology, life and future as well as brand heritage. (CFOTO/Future Publishing via Getty Images)
New cars are computers on wheels. The average vehicle nowadays has over 1,400 microchips in it. Because your car is connected, it can also collect a lot of data about you.
Your car is like your phone, computer or tablet now — always listening. Here's how to stop Big Tech from listening in.
There's also stalkerware to worry about. Take steps to spot and block these dangerous spy apps. What is your vehicle collecting? A new online tool shows all the info your car has on you.
SOURCE: CDSE
Tomorrow's internet presents new and unique challenges that we have to prepare for.
SOURCE: DCSA
May was designated as Mental Health Awareness Month, but support for psychological health needs to continue all year. The encouragement for military and civilian personnel to seek mental health treatment is a positive course of action that often mitigates security concerns. According to SEAD 3 it is reportable but avoiding treatment hurts readiness and increases security risks. Seeking behavioral health treatment and practicing mental wellness ensure that security personnel are able to carry out their duties effectively.
Review the CDSE Mental Health and Security Clearances Fact Sheet with FAQ's covering Security, Clearances and Reporting.
