Kelly, a four-star general who had been head of the U.S. Southern Command, retired from the Marines in 2016.
Hackers have stolen sensitive information from American energy companies — and have planted malware in the energy grid with the intent to turn off the lights in the future.
Jose Pagliery reports: They even managed to infect at least three energy companies with Cryptolocker ransomware, a particularly nasty computer virus that locks digital files and demands a ransom payment.
Newly released documents from the Department of Homeland Security are finally shedding some light on what exactlyhackers are doing when they sneak into the American electrical grid.
Some of the attacks described in the report are potentially serious.
Aggressive foreign government hackers broke into American companies 17 times between October 1, 2013 and September 30, 2014, according to DHS. In two cases they snuck into U.S. petroleum organizations, and hackers are “suspected of exfiltrating data” from one of them.
It’s rare, but highly sophisticated foreign government hackers have gotten inside the energy grid, DHS said. They hack “primarily to conduct cyber espionage … to conduct a damaging or disruptive attack in the event of hostilities with the United States,” DHS stated in a recent internal “intelligence assessment.”
That sounds alarming, but DHS is throwing cold water on any present worries. The agency concluded that damaging cyberattacks against the American energy sector is “possible but not likely.”
That calm demeanor doesn’t sit well with some cybersecurity experts. Ryan Duff is a researcher and former member of U.S. Cyber Command, the American military’s hacking unit. He warned that once a hacker gets into a computer — even if physical damage hasn’t been caused yet — the potential is there.
“While I agree with the DHS assessment overall, it’s still pretty frightening,” he said. “The fact is that the ability to cause destruction exists. Their assessment that attack is unlikely is based on political realities instead of technical realities. Attack is way more than technically possible.”
DHS prefers to label these cyber incidents as “espionage or some other activity,” rather than “cyberattacks.” To date, there have been “no damaging or destructive attacks against the U.S. energy sector,” DHS said.
“The majority of malicious activity occurring against the U.S. energy sector is low-level cybercrime that is … not meant to be destructive,” DHS analysts wrote.
“Most of the attacks that we’ve witnessed against this sector are in fact criminal in nature,” he told CNNMoney. “In some cases we even see criminals not realizing the importance of some of the machines [they gained access to.]”
Catherine Herridge, Pamela K. Browne report: The intelligence community has deemed some of Hillary Clinton’s emails “too damaging” to national security to release under any circumstances, according to a U.S. government official close to the ongoing review. A second source, who was not authorized to speak on the record, backed up the finding.
The determination was first reported by Fox News, hours before the State Department formally announced Friday that seven email chains, found in 22 documents, will be withheld “in full” because they, in fact, contain “Top Secret” information.
The State Department, when first contacted by Fox News about withholding such emails Friday morning, did not dispute the reporting – but did not comment in detail. After a version of this report was first published, the Obama administration confirmed to the Associated Press that the seven email chains would be withheld. The department has since confirmed those details publicly.
The decision to withhold the documents in full, and not provide even a partial release with redactions, further undercuts claims by the State Department and the Clinton campaign that none of the intelligence in the emails was classified when it hit Clinton’s personal server.
Fox News is told the emails include intelligence from “special access programs,” or SAP, which is considered beyond “Top Secret.” A Jan. 14 letter, first reported by Fox News, from intelligence community Inspector General Charles McCullough III notified senior intelligence and foreign relations committee leaders that “several dozen emails containing classified information” were determined to be “at the CONFIDENTIAL, SECRET, AND TOP SECRET/SAP levels.”
The State Department is trying to finish its review and public release of thousands of Clinton emails, as the Democratic presidential primary contests get underway in early February. Read the rest of this entry »
Oversight Fail: U.S. Has Lost Track of Tens of Thousands of Foreign Students Who Came to Study Then Took JobsPosted: March 10, 2014
U.S. Immigration and Customs Enforcement doesn’t even consistently collect information or have the tools to monitor all of the foreign students who take part in the optional practical training (OPT) program, the Government Accountability Office said in a new report released late Friday.
“The problems with [optional practical training program] are extensive and serious. The report not only calls into question the department’s oversight of the program, but also whether such lack of oversight is a serious national security risk”
— Sen. Charles E. Grassley, the Iowa Republican.
“The problems with OPT are extensive and serious. The report not only calls into question the department’s oversight of the program, but also whether such lack of oversight is a serious national security risk,” Sen. Charles E. Grassley, the Iowa Republican who released the report, said in a letter to Homeland Security Secretary Jeh Johnson.
Officials who run the Student and Exchange Visitor Program have deemed OPT to be a low-risk program, but the new findings suggest that may be wrong.