Mediaboss Marketing

Tucker Carlson, host of Tucker Carlson Tonight, on the set of his Fox News program in 2017. Richard Drew/AP hide caption

Tucker Carlson, host of Tucker Carlson Tonight, on the set of his Fox News program in 2017.

On consecutive nights this week, Fox News prime-time host Tucker Carlson has alleged that the National Security Agency charged with monitoring communications abroad to keep the U.S. safe is spying on him in hopes of getting his top-rated show canceled.

"We heard from a whistleblower within the U.S. government who reached out to warn us that the NSA, the National Security Agency, is monitoring our electronic communications and is planning to leak them to take this show off the air," Carlson said Monday night.

Ascribing political motivations to the Biden administration, Carlson said the whistleblower had information about a story he's working on that could only have been derived from his own texts and emails.

On Tuesday, the NSA denied spying on him or wanting his show canceled. That night, Carlson returned to the air, crackling with indignation. He followed up his incendiary charge of possible criminal acts by saying the agency had notably not denied it was reviewing his communications.

He did not, however, offer anything more concrete. And Fox News has notably not reported on Carlson's allegations within its news programs, according to a review of transcripts. Not on Fox News political anchor Bret Baier's show. Not on Fox anchor John Roberts' afternoon news program. Not even on the often conspiracy theory-friendly morning show, Fox & Friends.

Online, Fox News has published two brief posts one without a byline simply rounding up what Carlson said but offering no new reporting. And Fox News public relations executives have not responded to repeated requests for comment from NPR and other outlets asking whether the network stands behind Carlson's claims. They instead pointed to Carlson's own remarks.

Asked by NPR for greater verification or documentation, Carlson wrote, "My word. Why would I make something like that up? Doesn't help me. I've got enough drama."

"But it's true," he said. "They haven't denied it, including tonight. The NSA was reading my email. That's absolutely confirmed."

Carlson did not answer NPR's questions of whether he was in contact with people in Russia or Ukraine over the 2016 elections, the president's son Hunter Biden or any related matter.

The NSA is banned from targeting U.S. citizens for direct eavesdropping unless a secret federal court finds there is reason to believe they are terrorists or agents of a foreign power. Yet the agency often sweeps up the emails or other communications of Americans who are in touch with one of the agency's foreign targets. Because the agency operates on such a massive global scale, the communications that are "incidentally" collected can be extensive.

"Tucker Carlson has never been an intelligence target of the Agency and the NSA has never had any plans to try to take his program off the air," the NSA said in a formal statement Tuesday. "We target foreign powers to generate insights on foreign activities that could harm the United States. With limited exceptions (e.g. an emergency), NSA may not target a U.S. citizen without a court order that explicitly authorizes the targeting."

The NSA's statement saying Carlson was not a "target" of its intercept operations does not conclusively mean the agency did not collect some of his emails or texts. If, hypothetically, Carlson was exchanging messages with someone in Russia or Ukraine as part of his show's coverage of the 2016 election or the Trump administration or Hunter Biden, and the person overseas was being monitored by the NSA, the agency might well have gathered his messages. The agency is supposed to conceal the names of any Americans whose communications are gathered that way.

House Minority Leader Kevin McCarthy, a California Republican, announced Wednesday he had asked Rep. Devin Nunes of California to investigate the NSA over Carlson's claims and other episodes. Nunes, a former chairman of the House Intelligence Committee when Republicans controlled the chamber, has pushed conspiracy theories from former President Donald Trump and his allies over numerous matters, including the 2016 elections, Russia and Ukraine.

Carlson is right on one score at least: He has had more than enough drama. Carlson has come under attack for some of his claims surrounding COVID-19 and public health officials and his defense of Trump against critics. Yet Carlson has navigated a delicate dance on those, taking the pandemic more seriously, more quickly, than many of his opinion colleagues at Fox, and also acknowledging, at times, Trump's flaws.

More problematically, Carlson has embraced rhetoric that inspires white supremacists, even as a top writer for his show quit after his online posts were revealed to have been racist and bigoted. Carlson also defended those who laid siege to the U.S. Capitol in January as patriots wrongly singled out for denigration by overbearing law enforcement authorities and liberals.

And most recently, and seemingly paradoxically, Carlson has also argued that the FBI may have been behind the siege.

"His audience is in perpetual state of anger and outrage, where now the target has shifted from 'the radical left' and the [D]emocrats, to the security state," tweeted Joan Donovan, research director of Harvard University's Shorenstein Center and a scholar of online misinformation and hate groups.

"He's making stronger and stronger claims about a conspiracy to overthrow the government without requisite proof," Donovan wrote. "This propaganda feeds into ... his audience's collective desperation that NO ONE is going to bring about justice. To them, the govt is now occupied by illegitimate forces."

Carlson's assertions could prove true or contain grains of truth. But that's not necessary for him to keep broadcasting: Lawyers for Fox News prevailed in a slander suit against Carlson by arguing his words could not literally be believed. A federal judge embraced that reasoning.

Read the original post:
Tucker Carlson Says The NSA Wants Him Off The Air. Fox News Isn't Following His Lead - NPR

WASHINGTON (AP) U.S. and British agencies disclosed on Thursday details of brute force methods they say have been used by Russian intelligence to try to break into the cloud services of hundreds of government agencies, energy companies and other organizations.

An advisory released by the U.S. National Security Agency describes attacks by operatives linked to the GRU, the Russian military intelligence agency, which has been previously tied to major cyberattacks abroad and efforts to disrupt the 2016 and 2020 American elections.

In a statement, NSA Cybersecurity Director Rob Joyce said the campaign was likely ongoing, on a global scale.

Brute force attacks involve the automated spraying of sites with potential passwords until hackers gain access. The advisory urges companies to adopt methods long urged by experts as common-sense cyber hygiene, including the use of multi-factor authentication and mandating strong passwords.

Issued during a devastating wave of ransomware attacks on governments and key infrastructure, the advisory does not disclose specific targets of the campaign or its presumed purpose, saying only that hackers have targeted hundreds of organizations worldwide.

The NSA says GRU-linked operatives have tried to break into networks using Kubernetes, an open-source tool originally developed by Google to manage cloud services, since at least mid-2019 through early this year. While a significant amount of the attempted break-ins targeted organizations using Microsofts Office 365 cloud services, the hackers went after other cloud providers and email servers as well, the NSA said.

The U.S. has long accused Russia of using and tolerating cyberattacks for espionage, spreading disinformation, and the disruption of governments and key infrastructure.

The Russian Embassy in Washington on Thursday strictly denied the involvement of Russian government agencies in cyberattacks on U.S. government agencies or private companies.

In a statement posted on Facebook, the embassy said, We hope that the American side will abandon the practice of unfounded accusations and focus on professional work with Russian experts to strengthen international information security.

Joe Slowik, a threat analyst at the network-monitoring firm Gigamon, said the activity described by NSA on Thursday shows the GRU has further streamlined an already popular technique for breaking into networks. He said it appears to overlap with Department of Energy reporting on brute force intrusion attempts in late 2019 and early 2020 targeting the U.S. energy and government sectors and is something the U.S. government has apparently been aware of for some time.

Slowik said the use of Kubernetes is certainly a bit unique, although on its own it doesnt appear worrying. He said the brute force method and lateral movement inside networks described by NSA are common among state-backed hackers and criminal ransomware gangs, allowing the GRU to blend in with other actors.

John Hultquist, vice president of analysis at the cybersecurity firm Mandiant, characterized the activity described in the advisory as routine collection against policy makers, diplomats, the military, and the defense industry.

This is a good reminder that the GRU remains a looming threat, which is especially important given the upcoming Olympics, an event they may well attempt to disrupt, Hultquist said in a statement.

The FBI and the Cybersecurity and Infrastructure Security Agency joined the advisory, as did the British National Cyber Security Centre.

The GRU has been repeatedly linked by U.S. officials in recent years to a series of hacking incidents. In 2018, special counsel Robert Muellers office charged 12 military intelligence officers with hacking Democratic emails that were then released by WikiLeaks in an effort to harm Hillary Clintons presidential campaign and boost Donald Trumps bid.

More recently, the Justice Department announced charges last fall against GRU officers in cyberattacks that targeted a French presidential election, the Winter Olympics in South Korea and American businesses.

Unlike Russias foreign intelligence agency SVR, which is blamed for the SolarWinds hacking campaign and is careful not to be detected in its cyber ops, the GRU has carried out the most damaging cyberattacks on record, including two on Ukraines power grid and the 2017 NotPetya virus that caused more than $10 billion in damage globally.

GRU operatives have also been involved in the spread of disinformation related to the coronavirus pandemic, U.S. officials have alleged. And an American intelligence assessment in March says the GRU tried to monitor people in U.S. politics in 2019 and 2020 and staged a phishing campaign against subsidiaries of the Ukrainian energy company Burisma, likely to gather information damaging to President Joe Biden, whose son had earlier served on the board.

The Biden administration in April sanctioned Russia after linking it to election interference and the SolarWinds breach.

___

Bajak reported from Boston.

Originally posted here:
NSA discloses hacking methods it says are used by Russia - The Associated Press

Adversaries have heavily invested in cyberspace operations and capabilities. As such, cyber operations, cybersecurity and information operations are increasingly important to the joint force, said the commander of U.S. Cyber Command, who's also the director of the National Security Agency.

"The scope of what we need to defend and protect has dramatically expanded," Army Gen. Paul M. Nakasone said today during a virtual address to the U.S Naval Institute and Armed Forces Communications and Electronics Association's WEST Conference.

The Defense Department's information network is composed of 15,000 sub-networks, 3 million users, 4 million computers, 180,000 mobility devices and 605 million website requests a day, he said.

"We used to think about cyberspace as merely the need to protect these computer networks. And while it's a good place to start, the attack surface is much broader," Nakasone said.

For example, protecting weapons systems is a related but distinct challenge compared to networks, he said. They require software updates and patches. In the case of the Navy, they're onboard ships that don't return to port for months at a time, making it even more challenging to provide timely updates.

Another challenge with weapons systems is ensuring that cybersecurity considerations are implemented in the earliest phases of the acquisition cycle, he said.

Protecting DOD's data is also a major challenge, he said.

Understanding how state and non-state adversaries are able to successfully carry out cyberattacks is important, he said. "They learn over time in terms of what they can do. They're not static in the terms of how they approach cyberspace."

In about the past 150 days, adversaries have successfully conducted supply chain attacks, particularly ransomware attacks, he said. In the last several years, election cybersecurity has taken on an increasingly important role.

Terrorist groups are also mounting cyberattacks, he said. In response, the department has emphasized close teamwork between the NSA, Cybercom, and other commands U.S. Special Operations Command, in particular.

"We learned how to work closely with U.S. Special Operations Command, both to support their efforts against kinetic targets and to leverage their capabilities against virtual ones," he said.

Nakasone also emphasized the importance of working with industry, academia, interagency partners like the FBI and the Department of Homeland Security, as well as with allies and partners.

Having a skilled and motivated workforce is also critically important, he said. They need to have the right training and career paths and professional development opportunities, and the DOD must be open to their new ideas.

Read the original post:
NSA, Cybercom Leader Says Efforts Have Expanded > US DEPARTMENT OF DEFENSE > Defense Department News - Department of Defense

An ongoing brute-force attack campaign targeting enterprise cloud environments has been spearheaded by the Russian military intelligence since mid-2019, according to a joint advisory published by intelligence agencies in the U.K. and U.S.

The National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and the U.K.'s National Cyber Security Centre (NCSC) formally attributed the incursions to the Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (GTsSS).

The threat actor is also tracked under various monikers, including APT28 (FireEye Mandiant), Fancy Bear (CrowdStrike), Sofacy (Kaspersky), STRONTIUM (Microsoft), and Iron Twilight (Secureworks).

APT28 has a track record of leveraging password spray and brute-force login attempts to plunder valid credentials that enable future surveillance or intrusion operations. In November 2020, Microsoft disclosed credential harvesting activities staged by the adversary aimed at companies involved in researching vaccines and treatments for COVID-19.

What's different this time around is the actor's reliance on software containers to scale its brute-force attacks.

"The campaign uses a Kubernetes cluster in brute force access attempts against the enterprise and cloud environments of government and private sector targets worldwide," CISA said. "After obtaining credentials via brute force, the GTsSS uses a variety of known vulnerabilities for further network access via remote code execution and lateral movement."

Some of the other security flaws exploited by APT28 to pivot inside the breached organizations and gain access to internal email servers include -

The threat actor is also said to have utilized different evasion techniques in an attempt to disguise some components of their operations, including routing brute-force authentication attempts through Tor and commercial VPN services, such as CactusVPN, IPVanish, NordVPN, ProtonVPN, Surfshark, and WorldVPN.

The agencies said the attacks primarily focused on the U.S. and Europe, targeting government and military, defense contractors, energy companies, higher education, logistics companies, law firms, media companies, political consultants or political parties, and think tanks.

"Network managers should adopt and expand usage of multi-factor authentication to help counter the effectiveness of this capability," the advisory noted. "Additional mitigations to ensure strong access controls include time-out and lock-out features, the mandatory use of strong passwords, implementation of a Zero Trust security model that uses additional attributes when determining access, and analytics to detect anomalous accesses."

Read the original:
NSA, FBI Reveal Hacking Methods Used by Russian Military Hackers - The Hacker News

Scene from the Netflix show Pine Gap, showing one of the maps that the government of Vietnam took issue with.Screenshot: Netflix

Netflix has pulled a spy drama called Pine Gap from the video streaming platform in Vietnam after the government complained about maps that appear in at least two episodes. The maps are a misrepresentation of Vietnams sovereignty, according to officials in Hanoi.

The maps in Pine Gap include the so-called nine-dash line, which appears on maps promoted by the Chinese government. The maps show Chinas claim to water and islands in the South China Sea, something Vietnam doesnt recognize.

Its at least the third time Vietnams government has complained to Netflix about maps showing the nine-dash line, which appears in an unaltered screenshot from the program above in red, and annotated in yellow below.

Netflixs violations angered and hurt the feelings of the entire people of Vietnam, Vietnams Authority of Broadcasting and Electronic Information said on Thursday, according to a report from Reuters.

G/O Media may get a commission

Pine Gap is a fictional portrayal of the very real U.S. spy facility located in the middle of Australia. The real Pine Gap was created with an agreement between the U.S. and Australian governments in 1966 and has been used since the first Cold War to collect signals intelligence for the Five Eyes spy alliance. Its more or less the CIA and NSAs hub for hoovering up information from all of Asia.

The two episodes of Pine Gap in question, both the second and third in the series, briefly show maps that include the nine-dash line. Several countries in Southeast Asia, including Vietnam and the Philippines, dont recognize Chinas territorial claims in the South China Sea. China regularly spars with countries over even the smallest incursions into what the Chinese Communist Party sees as its territory.

As Reuters notes, authorities in Vietnam banned the DreamWorks animated movie Abominable in 2019 over maps showing the nine-dash line. Vietnam has also taken issue with nine-dash line maps in a Chinese show called Put Your Head on My Shoulder, which has been pulled from Netflix, as well as the U.S. series Madam Secretary, which is still available in the country.

The nine-dash line that appears in Put Your Head on My Shoulder, flashes on screen for roughly one second and is hard to make out, as you can see in the screenshot Gizmodo captured below from the ninth episode of the series.

Following a written legal demand from the Vietnamese regulator, we have removed the licensed series, Pine Gap, from Netflix in Vietnam, to comply with local law. It remains available on our service in the rest of the world, a Netflix spokesperson told Gimzodo early Friday via email.

View original post here:
Netflix Pulls NSA-Themed Show in Vietnam Over Offensive Maps - Gizmodo