Slashdot Mirror

TechCrunch reports: A major new campaign of disinformation around Brexit, designed to stir up U.K. 'Leave' voters, and distributed via Facebook, may have reached over 10 million people in the U.K., according to new research. The source of the campaign is so far unknown, and will be embarrassing to Facebook, which only this week claimed it was clamping down on "dark" political advertising on its platform. Researchers for the U.K.-based digital agency 89up allege that Mainstream Network -- which looks and reads like a "mainstream" news site but which has no contact details or reporter bylines -- is serving hyper-targeted Facebook advertisements aimed at exhorting people in Leave-voting U.K. constituencies to tell their MP to "chuck Chequers." Chequers is the name given to the U.K. Prime Ministers's proposed deal with the EU regarding the U.K.'s departure from the EU next year.
ABC News reports: When the Justice Department unsealed criminal charges detailing a yearslong effort by a Russian troll farm to "sow division and discord in the U.S. political system," it was the first federal case alleging continued foreign interference in U.S. elections. Earlier Friday, American intelligence officials released a rare public statement asserting that Russia, China, Iran and other countries are engaged in ongoing efforts to influence U.S. policy and voters in future elections. The statement didn't provide details on those efforts. That stood in contrast with the criminal charges, which provided a detailed narrative of Russian activities...

The criminal complaint provided a clear picture that there is still a hidden but powerful Russian social media effort aimed at spreading distrust for American political candidates and causing divisions on social issues such as immigration and gun control.... Court papers describe how the operatives in Friday's case would analyze U.S. news articles and decide how they would draft social media messages about those stories. They also show that Russian trolls have stepped up their efforts with a better understanding the U.S. political climate and messages that are no longer riddled with misspellings.
CNN notes that one week before America's 2016 presidential election, "one of the Kremlin-backed accounts denied that Russian meddling, saying: 'Russia's Putin says Moscow not trying to influence U.S. election.'"

An anonymous reader quotes a report from Ars Technica: Back in April, Facebook published a report called "Information Operations and Facebook" that detailed the company's efforts to combat fake news and other misinformation campaigns on the site. The report was released in the midst of an uproar over potential Russian meddling in the 2016 presidential campaign. But the report doesn't mention Russia by name, saying only that Facebook's data "does not contradict" a January report by the Obama administration detailing Russian meddling in the election. On Friday, The Wall Street Journal reported that the decision not to mention Russia was hotly debated inside Facebook. An earlier draft of the report discussed what Facebook knew at that time about Russian meddling, but that material was ultimately removed from the report before publication. "Some at Facebook pushed to not include a mention of Russia in the report because the company's understanding of Russian activity was too speculative, according to one of the people," according to the Journal.

According to Director of National Intelligence Daniel Coats, IoT devices may be used to shut down US intelligence operations in the future. From a report: At an open hearing today, the Senate Select Committee on Intelligence (SSCI) heard testimony on the worldwide threat assessment of the US intelligence community. Coats' opening statements included a warning of the dangers of poor smart device security as well as the continued inevitability of Russian cyber threats. Coat's testimony lists these concerns first, with Russia topping the list of enemy actors. Coats says that the Kremlin has taken a much more aggressive "cyber posture," which "was evident in Russia's efforts to influence the 2016 US election." Coats' report (PDF) also says that Russian actors have conducted attacks on critical infrastructure networks, even going so far as to pretend to be third parties hiding behind false online personas. "Russia is a full-scope cyber actor that will remain a major threat to US Government, military, diplomatic, commercial, and critical infrastructure," says Coats in the written version of his statement. The document notes that China, Iran and North Korea, as well as terrorists and criminals, are also threats. Coats also spoke at length about "smart" devices, which have increased the number of vectors that hostile actors can attack. The denial-of-service (DDoS) attacks that we already see will only become more prevalent. These botnets use weakly-protected IoT devices to overwhelm websites and other networks. "In the future," Coats says in his report, "state and non-state actors will likely use IoT devices to support intelligence operations or domestic security or to access or attack targeted computer networks."

An anonymous reader quotes a report from Schneier on Security: President Obama has changed the rules regarding raw intelligence, allowing the NSA to share raw data with the U.S.'s other 16 intelligence agencies. The new rules significantly relax longstanding limits on what the N.S.A. may do with the information gathered by its most powerful surveillance operations, which are largely unregulated by American wiretapping laws. These include collecting satellite transmissions, phone calls and emails that cross network switches abroad, and messages between people abroad that cross domestic network switches. The change means that far more officials will be searching through raw data. Essentially, the government is reducing the risk that the N.S.A. will fail to recognize that a piece of information would be valuable to another agency, but increasing the risk that officials will see private information about innocent people. Here are the new procedures. This rule change has been in the works for a while. Here are two blog posts from April discussing the then-proposed changes.

An anonymous reader quotes a report from The Verge: The Office of the Director of National Intelligence has released its unclassified report on Russian hacking operations in the United States. "We assess Russian President Vladimir Putin ordered an influence campaign in 2016 aimed at the U.S. presidential election," according to the report. "Russia's goals were to undermine public faith in the U.S. democratic process, denigrate Secretary Clinton, and harm her electability and potential presidency. We further assess Putin and the Russian Government developed a clear preference for President-elect Trump." The report, titled "Assessing Russian Activities and Intentions in Recent U.S. Elections," details the successful hack of the Democratic National Committee. "The Kremlin's campaign aimed at the U.S. election featured disclosures of data obtained through Russian cyber operations; intrusions into U.S. state and local electoral boards; and overt propaganda," according to the report. The report states that Russian intelligence services made cyber-attacks against "both major U.S. political parties" to influence the 2016 election. The report also publicly names Guccifer 2.0 and DCLeaks.com, two sources of stolen information released to the public, as Russian operatives working on behalf of the country's military intelligence unit, the GRU. Officials from the organization were recently the target of U.S. sanctions. WikiLeaks is also cited as a recipient of stolen information. The report also notes that the U.S. has determined Russia "accessed elements of multiple state or local electoral boards," though no vote-tallying processes were tampered with. The FBI and CIA have "high confidence" the election tampering was ordered by Putin to help then-candidate Trump, according to the report. NSA has "moderate confidence" in the assessment. bongey writes: The declassified DNI report offers no direct evidence of Russia hacking DNC or Podesta emails. Exactly half of the report (subtract blank and TOC) 9 of 18 is just devoted to going after RT.com by claiming they have close ties to Russia and therefore a propaganda arm, trying to imply that rt.com is related to the hacking. "Many of the key judgments in this assessment rely on a body of reporting from multiple sources that are consistent with our understanding of Russian behavior. Insights into Russian efforts -- including specific cyber operations -- and Russian views of key U.S. players derive from multiple corroborating sources. Some of our judgments about Kremlin preferences and intent are drawn from the behavior of Kremlin loyal political figures, state media, and pro-Kremlin social media actors, all of whom the Kremlin either directly uses to convey messages or who are answerable to the Kremlin." UPDATE 1/6/17: President-elect Donald Trump met with U.S. intelligence officials Friday, calling the meeting "constructive" and offering praise for intel officials. "While Russia, China, other countries, outside groups and people are consistently trying to break through the cyber infrastructure of our governmental institutions, businesses and organizations including the Democrat National Committee, there was absolutely no effect on the outcome of the election, including the fact that there was no tampering whatsoever with voting machines," Trump said in a statement after the meeting.

HughPickens.com writes: ABC News reports that the Office of the Director of National Intelligence has released a list of English-language material recovered during the raid the killed Osama bin Laden in Abbottabad, Pakistan in 2011 including one document dubbed "Instructions to Applicants," that would not be entirely out of place for an entry-level position at any American company – except for questions like the one about the applicant's willingness to blow themselves up. The questionnaire includes basic personal details, family history, marital status, and education level. It asks that applicants "answer the required information accurately and truthfully" and, "Please write clearly and legibly." Questions include: Is the applicant expert in chemistry, communications or any other field? Do they have a family member in the government who would cooperate with al Qaeda? Have they received any military training? Finally, it asks what the would-be jihadist would like to accomplish and, "Do you wish to execute a suicide operation?" For the final question, the application asks would-be killers that if they were to become martyrs, who should al Qaeda contact?

The corporate tone of the application is jarringly amusing, writes Amanda Taub, but it also hints at a larger truth: a terrorist organization like al-Qaeda is a large bureaucratic organization, albeit one in the "business" of mass-murdering innocent people. Jon Sopel, the North American editor from BBC News, joked that the application "looks like it has been written by someone who has spent too long working for Deloitte or Accenture, but bureaucracy exists in every walk of life – so why not on the path to violent jihad?"

Nicola Hahn writes NSA director Mike Rogers spoke to a Senate Committee [Thursday], admonishing them that the United States should bolster its offensive cyber capabilities to deter attacks. Never mind that deterrence is problematic if you can't identify the people who attacked you. In the past a speech by a spymaster like Rogers would have been laced with hyperbolic intimations of the End Times. Indeed, for almost a decade mainstream news outlets have conveyed a litany of cyber doomsday scenarios on behalf of ostensibly credible public officials. So it's interesting to note a recent statement by the U.S. intelligence community that pours a bucket of cold water over all of this. According to government spies the likelihood of a cyber Armageddon is "remote." And this raises some unsettling questions about our ability to trust government officials and why they might be tempted to fall back on such blatant hyperbole.

dcblogs writes "This year may be remembered for its striking number of reports and warning of calamitous events. The National Intelligence Council released its Global Trends 2030: Alternative Worlds report that included a number of dire possibilities ahead, including the prospect of a catastrophic solar storm, on par with the 1859 Carrington Event. Historical records suggest a return period of 50 years for a repeat of the Quebec-level storm that knocked out the power for 6 million in 1989, and 150 years for very extreme storms, such as the Carrington Event, according to Lloyd's, in a report this year. Scientists at the Idaho National Laboratory recently demonstrated in tests that 'geomagnetic disturbances have the power to disrupt and possibly destroy electrical transformers, the backbone of our nation's utility grid.' This was also the year the average daily level of CO2 reached a concentration above 400 parts per million. In a recent National Academies report this year, 'Abrupt Impacts of Climate Change: Anticipating Surprises,' scientists recommend creation of a global early warning system to alert mankind to abrupt climate changes. A recent paper in Nature, Abrupt rise of new machine ecology beyond human response time, said financial trading systems are driving transaction times down to the speed of light, and 'the quickest that someone can notice potential danger and physically react, is approximately 1 second.'"

Nerval's Lobster writes "James R. Clapper, the nation's Director of National Intelligence, claimed that recent reports about the NSA monitoring Americans' Internet and phone communications are inaccurate. 'The Guardian and The Washington Post articles refer to collection of communications pursuant to Section 702 of the Foreign Intelligence Surveillance Act,' he wrote in a June 6 statement. 'They contain numerous inaccuracies.' While the statement didn't detail the supposed inaccuracies, it explained why the monitoring described in those articles would, at least in theory, violate the law. 'Section 702 is a provision of FISA that is designed to facilitate the acquisition of foreign intelligence information concerning non-U.S. persons located outside the United States,' it read. 'It cannot be used to intentionally target any U.S. citizen, any other U.S. person, or anyone located within the United States.' Those newspaper articles describe an NSA project codenamed Prism, which allegedly taps into the internal databases of nine major technology companies: Microsoft, Google, Yahoo, Facebook, PalTalk, YouTube, Skype, AOL, and Apple. Both publications drew their information from an internal PowerPoint presentation used to train intelligence operatives. Speaking to Slashdot, Google, Microsoft and Facebook all again denied knowledge of Prism; the Google spokesperson suggested he didn't 'have any insight' into why Google would have appeared in the NSA's alleged PowerPoint presentation. But many, many questions remain."