NSI Security NewsWatch Banner

A weekly roundup of news, trends and insights designed exclusively for security professionals. This publication is intended for security staff only.


In this issue — September 4, 2019

  • U.S. counter-spies launch campaign against 'insider' threats
  • Chinese Spies Tried To Recruit Him On LinkedIn
  • 5 Signs Your Security Culture Is Toxic (And 5 Ways to Fix It)
  • U.S. Unleashes Military to Fight Fake News, Disinformation
  • Chem-Bio Defense Office Reorganizes to Take On New Threats
  • DHS: Despite Flaws, App Vetting Tools Are a Must-Have for Agencies
  • How DoD Is Tackling Deepfakes as National Security Problem
  • Sizing Up Impact of U.S. Cyberattack Against Iran
  • Photos Show North Korea Closer to Building Submarine That Can Launch Missiles
  • Report: National Security Concerns Threaten Undersea Cable to China

U.S. counter-spies launch campaign against 'insider' threats (Reuters, 9/3/19)

The National Counterintelligence and Security Center, a branch of the Office of Director of National Intelligence, said that in partnership with spy and law enforcement agencies, it was declaring September “National Insider Threat Awareness Month” as part of an effort to educate both government and private sectors on how to spot and report potential data security and violent behavior threats to appropriate authorities. 

“All organizations are vulnerable to insider threats from employees who may use their authorized access to facilities, personnel or information to harm their organizations - intentionally or unintentionally,” said William Evanina, a former FBI and CIA official who heads the counterintelligence center. “The harm can range from negligence, such as failing to secure data or clicking on a spear-phishing link, to malicious activities like theft, sabotage, espionage, unauthorized disclosure of classified information or even violence,” Evanina said. More

Chinese Spies Tried To Recruit Him On LinkedIn. Now He's Preaching Constant Vigilance (NPR.com, 9/3/19)

For all the controversy surrounding Russian spies, one former diplomat says it’s China the U.S. should be worried about — and he knows from experience.  The federal government needs to be vigilant about the authoritarian Chinese Communist Party trying to influence people in the U.S., says Jonas Parello-Plesner, a former Danish diplomat who the Chinese failed to recruit. 

Parello-Plesner is a fellow at the conservative-leaning Hudson Institute, where in 2018 he published a comprehensive report about the Chinese Communist Party’s foreign interference tactics and how the U.S. should respond. He saw the subject he studies in practice in 2011 when the Chinese tried to recruit him through the professional networking platform LinkedIn. “The Chinese try to use LinkedIn and many other means to gain influence in the West and basically pass their messages,” he said. More

5 Signs Your Security Culture Is Toxic (And 5 Ways to Fix It) (CSO, 9/2/19)
If a company’s culture is the heart and soul of an organization, then its security culture is its omnipresent guardian.  More than just policies and procedures put in place, a company’s security culture is that “social” operating system that influences and guides employees to integrate security awareness and behaviors into their daily lives.
When the security culture starts to break down, whether inside the security team itself or between the security team and the rest of the organization, it can lead to a toxic environment of lax cyber practices, cynicism and finger-pointing. More


What’s the Number One Cause of Security Breaches and Insider Threats?

It can blow through any firewall, defeat expensive technology controls, expose sensitive data, cause laptops and mobile devices to go missing, and leak corporate or national security secrets.  What, you ask, is it?  Employee negligence — the single most common cause of damaging insider threats. If there's a common thread the experts all agree on, it’s that poor training and unaware employees lie at the root of many if not most employee security breaches.

So, how do you make sure that your company's information assets are protected? The first line of defense is employee awareness – the critical "humanware” component of your data security armor. NSI’s SECURITYsense awareness program gives your employees the tools and information they need to make security second nature.  Don’t put your organization at risk.  Get SECURITYsense and build awareness quickly and affordably. Click here https://www.nsi.org/securitysense/what-is-securitysense.shtml for more information.

U.S. Unleashes Military to Fight Fake News, Disinformation (Bloomberg, 8/31/19)
Fake news and social media posts are such a threat to U.S. security that the DoD is launching a project to repel “large-scale, automated disinformation attacks.”  The Defense Advanced Research Projects Agency wants custom software that can unearth fakes hidden among more than 500,000 stories, photos, video and audio clips.  If successful, the system after four years of trials may expand to detect malicious intent and prevent viral fake news from polarizing society.
“A decade ago, today’s state-of-the-art would have registered as sci-fi — that’s how fast the improvements have come,” said Andrew Grotto at the Center for International Security at Stanford University.  “There is no reason to think the pace of innovation will slow any time soon.”  Officials have been working on plans to prevent outside hackers from flooding social channels with false information ahead of the 2020 election. More

Chem-Bio Defense Office Reorganizes to Take On New Threats (National Defense, 8/30/19)
The Pentagon’s joint program executive office for chemical, biological, radiological and nuclear defense — which is tasked with protecting the military from some of the world’s most dangerous pathogens and nerve agents — is emerging from a major reorganization that officials believe will better position it to meet new threats.  The office, as it worked to streamline its operations across the board, mulled over how it could get technology into the hands of warfighters faster and do business better, said Doug Bryce, the head of the JPEO.  
That required a rejiggering of its programs.  “Our mission and vision have not changed, but we did reorganize,” he said last week.  The office facilitates a number of projects across multiple lines of effort, but officials were finding that some programs were not always working together seamlessly, Bryce said.  To better establish a holistic enterprise that ensured the highest priority items were put into the hands of warfighters quickly, the organization sorted itself into three joint project manager offices — protection, sensors and medical. More

DHS: Despite Flaws, App Vetting Tools Are a Must-Have for Agencies (NextGov, 8/30/19)
Agencies can boost their cyber posture by integrating two popular mobile security products into a single system, but none of the combinations available on the market today would meet all the government’s needs, according to DHS researchers.  However, adopting an imperfect device security platform is still better than not using one at all, they said.
As mobile devices proliferate across the government, agencies need a way to manage their expanding tech ecosystems and ensure their devices—and the software running on them—are free of vulnerabilities.  Federal cyber leaders have identified two popular technologies that could help meet those needs: continuous app vetting, which scans individual applications for potential exploits, and enterprise mobility management, or EMM, which allows organizations to remotely manage their devices’ security settings.  Merging both these tools into a unified system would give agencies a bird’s-eye view of their entire mobile ecosystem, allowing officials to push security settings and approve or reject apps across the enterprise.  More

How DoD Is Tackling Deepfakes as National Security Problem (C4ISRNET, 8/29/19)
Deepfakes are a national security issue, said Lt. Gen. Jack Shanahan, director of the Pentagon’s Joint Artificial Intelligence Center, and the DoD needs to invest heavily in technology that can counter them.  Deepfakes are videos in which one person’s face is superficially imposed onto another person’s to make it look like they said or did things they did not.  As the technology becomes more sophisticated and proliferates, the task of verifying that the video is authentic becomes more difficult.
During a panel at an AI conference, Shanahan noted that while deepfakes are a particular concern, they’re simply another step in similar disinformation efforts “to cause friction and chaos” that have been tried previously by adversaries.  “We saw strong indications of how this could play out in the 2016 election, and we have every expectation that — if left unchecked — it will happen to us again,” said Shanahan. More

Sizing Up Impact of U.S. Cyberattack Against Iran (Gov Info Security, 8/28/19)
The United States' June cyberattack against Iran wiped out a critical database used by the nation's paramilitary arm to plan attacks against oil tankers and at least temporarily degraded Iran's ability to covertly target Persian Gulf shipping traffic, according to reports citing unnamed senior American officials.  The attack, which took place June 20, targeted a database used in various operations by the intelligence division of the Islamic Revolutionary Guards Corps, which is Iran's main paramilitary force.
Iranian officials are still working to recover data and restart some systems more than two months after the attack took place.  In May and June, Iran stepped up attacks against ships near its territorial waters, including mines that damaged Japanese and Norwegian vessels.  But no tankers have been targeted in significant covert attacks since the June 20 cyber operation, although Iran seized a British tanker in retaliation for the detention of one of its own vessels.  More

Photos Show North Korea Closer to Building Submarine That Can Launch Missiles (ABC News, 8/28/19)
New satellite imagery seems to confirm North Korea's recent claim that it has built a new submarine capable of launching ballistic missiles that could carry nuclear warheads.  According to analysis by a Washington think tank, the photos also indicate that North Korea may be preparing for a new test of a submarine launched ballistic missile.
On July 23, North Korean state media released photos of North Korean leader Kim Jong Un inspecting a "newly built submarine" and said that the new submarine's "operational deployment is near at hand."  New commercial satellite images of the Shinpo South Shipyard provide confirmation of that claim as well as the readying of a new missile test.  Analysis by the Center for Strategic and International Studies says the new submarine is likely a successor to North Korea's existing experimental SINPO-class ballistic missile submarine.  More

Report: National Security Concerns Threaten Undersea Cable to China (Reuters, 8/28/19)
U.S. officials are seeking to block an undersea cable between Los Angeles and Hong Kong, backed by Alphabet Inc’s Google, Facebook, and a Chinese partner, over national-security concerns, the Wall Street Journal reported last week.  The DOJ has signaled staunch opposition to the project because of concerns over its Chinese investor, Dr. Peng Telecom & Media Group Co, and the direct link that the cable would provide to Hong Kong, the WSJ reported, citing people involved in the discussion.
“DOJ does not comment on its ongoing assessment of applications that the FCC has referred for national security and law enforcement concerns arising out of foreign investment or control,” said Marc Raimondi, a national security spokesman for the DOJ.  Google, Facebook and Dr. Peng did not respond to Reuters’ requests for comment.  Subsea cables form the backbone of the internet by carrying 99% of the world’s data traffic. More

Keep Getting This Newsletter

To ensure delivery to your inbox (not bulk or junk folders), please add NSI@nsi.org to your address book.

SUBSCRIBE: If you were sent this by a colleague and wish to subscribe to NSI's complementary Security NewsWatch e-newsletter, visit http://nsi.org/newsletter.html.


Please feel free to share this e-mail with your colleagues and encourage them to sign up to get their own copy at http://nsi.org/newsletter.html

ADVERTISERS: For information about sponsoring this e-letter, contact sburns@nsi.org or call

NSI LogoNational Security Institute
165 Main Street, Suite 215
Medway, MA 02053
Tel: 508-533-9099
Fax: 508-507-3631
Internet: http://nsi.org



Who's Worse:
Employees or Hackers?

Experts agree, well intentioned but careless employees pose just as much of a danger to your organization as faceless hackers on the outside. In fact, 95 percent of successful hack attacks or incidents are attributed to human error.

Learn how to mitigate the accidental insider threat and empower your employees to think securely with these valuable lessons:

  1. How to recognize and respond to social engineering attacks
  2. How to avoid spear-phishing and email scams
  3. How avoid becoming an easy target for hackers
  4. How to prevent human errors that cause security breaches
  5. How to protect sensitive data from hackers, spies and ID thieves

Learn More Button