NSI Security NewsWatch Banner

A weekly roundup of news, trends and insights designed exclusively for security professionals. This publication is intended for security staff only.

View in Your Browser at https://nsi.org/Security_NewsWatch/NewsWatch/11.26.19.html

In this issue — November 26, 2019

  • Continuous Evaluation Enrollment Will More than Double in 2020, DoD Says
  • Pentagon Races to End China’s ‘Dream’ of Space Domination
  • Former CIA Officer Gets 19 Years for Conspiring to Sell Secrets to China
  • FCC Blocks Funding for Chinese Telecoms Huawei, ZTE
  • Cyber Command Calling Out North Korean Hackers
  • Chinese Man who Worked at Monsanto Faces Espionage Charge
  • Report: Global Deaths from Terrorism Fell 15% Last Year
  • House Bill Would Remove Marijuana as Security Clearance Factor
  • Federal CISO: Better Info Sharing Will Lead to More Secure Supply Chain
  • Chicago Man Charged with Writing Code to Spread ISIS Propaganda

Continuous Evaluation Enrollment Will More than Double in 2020, DoD Says (Fed News Network, 11/25/19)

The Trump administration is planning to dramatically ramp up the number of people it has enrolled in continuous evaluation programs next year.  The Defense Counterintelligence and Security Agency expects continuous evaluation enrollment will reach 3.6 million — more than double the 1.4 million clearance holders currently enrolled in the Pentagon’s CE program — by the end of 2020, said Ned Fish, deputy director for DCSA’s defense vetting directorate.

Enrollment will likely be contingent on at least three major upcoming policy directives, which defense and intelligence officials say are imminent.  They’re designed to kick-start a broad overhaul of the suitability, credentialing and security clearance system under Trusted Workforce 2.0.  The president is expected to first sign a national security memo, which will direct both the ODNI and OPM to begin suitability, credentialing and security clearance modernization efforts.  More

Pentagon Races to End China’s ‘Dream’ of Space Domination (Washington Times, 11/24/19)

The United States and China are rapidly building space warfare capabilities as part of a race to dominate the zone outside Earth’s atmosphere.  Air Force Gen. John W. Raymond, commander of the Pentagon’s new Space Command, said last week that the threat of attacks against vital American satellites is real.  “I can tell you from my perspective, the scope, scale and complexity of that threat is alive and well and very concerning,” Raymond said.

China’s strategy for dominating space was detailed this month in the annual report of the congressional U.S.-China Economic and Security Review Commission.  The commission report warned that China wants to dominate the zone between the Earth and the moon, known as cislunar space, as part of what the ruling Communist Party of China calls the “Space Dream.”  China is planning a permanent base on the moon as part of the dual military and commercial program. More

Former CIA Officer Gets 19 Years for Conspiring to Sell Secrets to China (UPI, 11/22/19)

A former CIA officer was sentenced to 19 years in prison last week for conspiring to provide American intelligence secrets to the Chinese government.  Jerry Chun Shing Lee, 55, pleaded guilty in May to conspiracy to deliver national defense information to a foreign government.  He was arrested in 2018.  The DOJ has acknowledged there is no evidence Lee gave secrets to the Chinese—merely that he conspired to do so.

Lee worked for the CIA for 13 years in a variety of locations, including China in 2007.  He has admitted that in 2010 he was recruited by Chinese intelligence agents, promising financial rewards in exchange for secret information.  Prosecutors say between May 2010 and December 2013 Lee deposited $840,000 cash into his Hong Kong bank account, though he was operating an unsuccessful consulting business at the time. More


What’s the Number One Cause of Security Breaches and Insider Threats?

It can blow through any firewall, defeat expensive technology controls, expose sensitive data, cause laptops and mobile devices to go missing, and leak corporate or national security secrets.  What, you ask, is it?  Employee negligence — the single most common cause of damaging insider threats. If there's a common thread the experts all agree on, it’s that poor training and unaware employees lie at the root of many if not most employee security breaches.

So, how do you make sure that your company's information assets are protected? The first line of defense is employee awareness – the critical "humanware” component of your data security armor. NSI’s SECURITYsense awareness program gives your employees the tools and information they need to make security second nature.  Don’t put your organization at risk.  Get SECURITYsense and build awareness quickly and affordably. Click here https://www.nsi.org/securitysense/what-is-securitysense.shtml for more information.


FCC Blocks Funding for Chinese Telecoms Huawei, ZTE (Washington Times, 11/22/19)

The FCC last week banned U.S. companies from using federal funds to purchase equipment from two leading Chinese telecommunications firms and is prepared to spend $2 billion to replace existing unsecure gear.  The measure targets China’s Huawei Technologies and ZTE, companies that have sold state-subsidized equipment to rural wireless carriers, including one service provider near a U.S. nuclear missile base in Montana.

The commission adopted a new rule prohibiting American telecommunications companies from buying equipment from foreign companies that pose a threat to U.S. security with FCC money in the Universal Service Fund, an $8 billion pot of funds used to subsidize rural telecommunications networks.  The measure effectively bans rural carriers reliant on federal subsidies from buying new Chinese equipment or maintaining existing foreign equipment. More

Cyber Command Calling Out North Korean Hackers (CPO, 11/21/19)

In its ongoing cat-and-mouse game with state-sponsored hackers from North Korea looking to steal state secrets, conduct corporate espionage and find backdoors into the nation’s critical infrastructure, the U.S. government has a new strategy: publicly outing these hackers on public forums.  The U.S. Cyber Command, the DoD unit that works alongside the NSA in guarding against foreign cyberspace threats, is now posting malware samples from North Korean hackers on an information-sharing platform known as VirusTotal.

According to Cyber Command, North Korean hackers are constantly adapting their tactics.  On one hand, these cyber actors are engaged in corporate espionage attacks, such as those that involve remote access, backdoors and other forms of malware designed to infiltrate a computer network and then exfiltrate data to another server within North Korea.  On the other hand, North Korean hackers are engaged in smash-and-grab bank heist-style operations, in which the end goal is “fund generation” for the North Korean state.  More

Chinese Man who Worked at Monsanto Faces Espionage Charge (AP, 11/21/19)

Authorities say a 42-year-old Chinese national who worked at Monsanto in St. Louis stole important proprietary property and tried to take it to China.  Federal prosecutors announced that Haitao Xiang was indicted by a federal grand jury on eight charges, including conspiracy to commit economic espionage and three counts of theft of trade secrets.

According to the indictment, Xiang worked at Monsanto and its subsidiary, The Climate Corporation, from 2008 to 2017.  He is accused of taking an algorithm called the Nutrient Optimizer that aimed to improve agricultural productivity.  Federal prosecutors said the day after Xiang quit at Monsanto, he bought a one-way ticket to China.  He was arrested before he boarded his flight and investigators confiscated copies of the Nutrient Optimizer. More

Report: Global Deaths from Terrorism Fell 15% Last Year (Forbes, 11/20/19)

The 2019 Global Terrorism Index has found that the number of deaths from terrorism fell 15% between 2017 and 2018.  The good news is that the longer-term trend is going downward and deaths from terrorism have now halved in the past four years.  Unfortunately, there is still some bad news and the number of countries affected by terrorist incidents is growing.

Over 70 countries recorded at least one death from terrorism last year, the highest number since 2002.  The report also highlighted some more bad news: an upswing in far-right terrorism.  It has increased for the third year running with deaths up 52% in Western Europe, North America and Oceania in 2018.  Last year, Afghanistan suffered the highest death toll from terrorism with 7,379 people killed, a 46% increase on 2017.  The rise in violence came amid a surge in Taliban activity with the group perpetrating attacks across all of the country's provinces and one province in Tajikistan.  More

House Bill Would Remove Marijuana as Security Clearance Factor (FedWeek, 11/20/19)

A bill up for consideration in the House Judiciary Committee would address a conflict between state laws and federal employment laws regarding the use of marijuana.  While some states have decriminalized the medicinal and/or recreational use of small amounts of marijuana, a 2014 policy statement from the Office of the Director of National Intelligence and 2015 guidance from OPM stress that for federal law purposes marijuana is characterized as a controlled substance.

That means that regardless of state law, knowing or intentional marijuana possession is illegal for purposes including suitability for employment—in many cases meaning eligibility for the security clearances that are required for many federal jobs—and in disciplinary actions.  The bill before the House committee would remove marijuana and its related substances from the schedule of controlled substances, among other changes, including a provision that “federal agencies may not use past or present cannabis or marijuana use as criteria for granting, denying, or rescinding a security clearance.” More

Federal CISO: Better Info Sharing Will Lead to More Secure Supply Chain (Nextgov, 11/19/19)

Supply chain security threats will receive more direct attention in 2020, culminating with guidance from the newly created Federal Acquisition Supply Chain Council, according to the federal government’s top cyber official.  The council, created in late 2018 under the SECURE Technologies Act, is comprised of various high-level officials from the intelligence community, civilian agencies and the Pentagon, and charged with collecting supply chain threat data from agencies and providing them guidance in addressing such threats.

Last week, Federal Chief Information Security Officer Grant Schneider previewed what to expect from the council—which he chairs—in the coming year.  Chief among them, Schneider said, is providing guidance to federal agencies legally obligated to create supply chain risk management programs.  “The law says each agency needs a program and we need to give them guidance,” Schneider said.  “We need to figure out what information we need to collect around supply chain risk management and where to have that information shared from.” More

Chicago Man Charged with Writing Code to Spread ISIS Propaganda (Cyber Scoop, 11/19/19)

U.S. authorities have arrested a 20-year-old Chicago man for allegedly writing computer code to help the Islamic State terrorist group spread propaganda.  Thomas Osadzinski, a student at DePaul University, is accused of writing a computer script to make ISIS propaganda more accessible to social media users.  U.S. prosecutors charged Osadzinski with one count of attempting to provide material support to a foreign terrorist group.

A criminal complaint alleges Osadzinski shared the script and instructions on using it earlier this year with people he thought were ISIS supporters.  Osadizinski told undercover FBI agents that he was in the process of creating a custom Gentoo Linux system that was solely to be used by ISIS members, according to the complaint.  Osadzinski made a brief appearance in court last week and was ordered to be held without bond. More

Keep Getting This Newsletter

To ensure delivery to your inbox (not bulk or junk folders), please add NSI@nsi.org to your address book.

SUBSCRIBE: If you were sent this by a colleague and wish to subscribe to NSI's complementary Security NewsWatch e-newsletter, visit http://nsi.org/newsletter.html.


Please feel free to share this e-mail with your colleagues and encourage them to sign up to get their own copy at http://nsi.org/newsletter.html

ADVERTISERS: For information about sponsoring this e-letter, contact sburns@nsi.org or call

NSI LogoNational Security Institute
165 Main Street, Suite 215
Medway, MA 02053
Tel: 508-533-9099
Fax: 508-507-3631
Internet: http://nsi.org



Impact 2020 Banner


Who's Worse:
Employees or Hackers?

Experts agree, well intentioned but careless employees pose just as much of a danger to your organization as faceless hackers on the outside. In fact, 95 percent of successful hack attacks or incidents are attributed to human error.

Learn how to mitigate the accidental insider threat and empower your employees to think securely with these valuable lessons:

  1. How to recognize and respond to social engineering attacks
  2. How to avoid spear-phishing and email scams
  3. How avoid becoming an easy target for hackers
  4. How to prevent human errors that cause security breaches
  5. How to protect sensitive data from hackers, spies and ID thieves

Learn More Button