Tolga Akmen/Anadolu Agency/Getty Images
It’s been evident for a while that the current Ecuadorian government isn’t so fond of WikiLeaks founder Julian Assange staying in its London embassy to avoid extradition, and now he may be close to getting the boot. Sources speaking to both the Times of London and CNN state that Assange is facing “imminent” expulsion. It’s not certain when he might leave (if he does at all), but his team is reportedly prepping plans if he had to leave within “hours, days or weeks,” according to the Times. The situation is “untenable,” as CNN puts it — and not just because of politics.
There’s a degree of additional pressure following the US’ indictment of 12 Russian officers over election-related hacking — the charges offered not-so-subtle hints that investigators believed Russia coordinated the leak of hacked data with WikiLeaks to maximize its impact. However, Assange’s legal team also asserted that his health is “deteriorating” after six years of living in the same place, with few chances to experience natural light. He didn’t help matters when he lost internet privileges in March for violating Ecuador conditions forbidding political commentary, further cutting him off from the outside world.
Just what happens in an expulsion isn’t clear. While Sweden suspended the sexual assault case that prompted Assange to hide in the Ecuadorian embassy, there has been talk of the US prepping espionage charges against him. CNN has confirmed that the UK is in “ongoing” negotiations with Ecuador and the US to make sure Assange isn’t in danger if he leaves, but there’s no guarantee that he’ll exit with those kinds of promises in place. Short of a successful court objection, Assange might might face a prompt US extradition regardless of his condition.
SAUL LOEB via Getty Images
It looks like Donald Trump’s tweets are getting him into trouble yet again. The New York Times reports today that special counsel Robert Mueller is looking into the president’s tweets and statements about Attorney General Jeff Sessions and former FBI director James Comey, according to sources familiar with the matter. Mueller also reportedly wants to question Trump himself about his tweets. The interest is part of Mueller’s ongoing probe into whether the president has engaged in any obstruction of the special counsel’s investigation into potential links between Trump’s campaign and Russian efforts to influence the 2016 presidential election.
Attorney General Jeff Sessions has taken a VERY weak position on Hillary Clinton crimes (where are E-mails & DNC server) & Intel leakers!
— Donald J. Trump (@realDonaldTrump) July 25, 2017
As it has turned out, James Comey lied and leaked and totally protected Hillary Clinton. He was the best thing that ever happened to her!
— Donald J. Trump (@realDonaldTrump) October 18, 2017
Other aspects of Mueller’s obstruction probe include the president’s questioning of key witnesses about what they discussed with investigators, misleading official White House new releases and the reported consideration of pardon offers to targets of the investigation who might choose to cooperate with Mueller. Mueller is reportedly looking into whether these actions add up to witness intimidation. The New York Times reports that Rudolph Giuliani, Trump’s lead lawyer, has rejected the interest in the president’s tweets as desperation. “If you’re going to obstruct justice, you do it quietly and secretly, not in public,” Giuliani told the publication.
“There’s rarely evidence that someone sits down and says, ‘I intend to commit a crime,’ so any type of investigation hangs on using additional evidence to build a narrative arc that hangs together,” Samuel Buell, a Duke University law professor and former senior federal prosecutor, told the New York Times. “That’s why a prosecutor wants more pieces of evidence. You need to lock down the argument.”
Another legal issue surrounding Trump’s tweets has to do with his tendency to block other users, namely critics. Because he uses his personal account to discuss matters of national interest, many have argued that the account constitutes an official communication and one that anyone should be allowed to read. In May, a federal judge agreed, saying the president shouldn’t be allowed to block users as it’s a violation of the First Amendment. Last month, the US Department of Justice announced that it would be appeal the ruling.
Facebook’s outgoing security chief, Alex Stamos, sent a damning internal memo just days after the Cambridge Analytica scandal came to light, urging the company to “intentionally not collect data where possible, and to keep it only as long as we are using it to serve people.” The note, titled “A Difficult Week” and dated March 23, states, “We need to listen to people (including internally) when they tell us a feature is creepy or point out a negative impact we are having in the world.
“We need to deprioritize short-term growth and revenue and to explain to Wall Street why that is ok,” the memo continues. “We need to be willing to pick sides when there are clear moral or humanitarian issues. And we need to be open, honest and transparent about our challenges and what we are doing to fix them.”
He also says that he deserves “as much blame (or more) as any other exec at the company,” and that while “it would be really simple to believe the outcomes of arguments between a handful of people got us to this point…the truth is that we need to all own this.” He also urged the company to focus on “the hard things we have to do to win back the world’s trust.”
Stamos wrote the memo six days after the New York Times and The Observer revealed how political consultancy Cambridge Analytica had exploited the data of Facebook users for advertising purposes, culminating in the company’s largest privacy scandal in its 14-year history. Stamos, who had reportedly clashed with other executives over privacy concerns regarding election interference, also touched on his planned August departure in the memo, which had apparently been in the pipeline for some time due to internal structuring, and was not directly related to the Cambridge Analytica issue.
Russian hackers infiltrated the control rooms of US utility companies last year, reaching a point where they “could have thrown switches,” The Wall Street Journal reports. The paper cites officials from the Department of Homeland Security (DHS) confirming that the hackers — from a state-sponsored group previously known as Dragonfly or Energetic Bear — gained access to allegedly secure networks, where they could have caused blackouts.
According to the DHS, the long-running Russian campaign has affected “hundreds of victims,” and some companies may not even know they’ve been compromised as the attacks relied on the credentials of actual employees, making intrusions harder to identify. The attack is believed to have surfaced in spring 2016 and could still be continuing.
However, while the potential consequences of these attacks are serious, some experts maintain that the tangible risks are no greater than they were before these fresh attacks came to light. After a similar hacking revelation last year, CEO of cybersecurity firm Dragos Robert M. Lee wrote that “Our adversaries are at the starting point of their journey to cause significant disruption to our power grid, not the finish line.”
Following the most recent news of Russian interference, Lee took to Twitter to reiterate that while the warnings of threats are important, much of the language used in reporting them is “not helpful and often misleading.” He noted that cyber threats to industrial infrastructure are getting more aggressive, but urged people not to “hype up” the issue, adding that “It’s bad enough without added fear.”
The warnings of the threats are extremely important as they are becoming more frequent. But much of the language in these articles is not helpful and often misleading https://t.co/KsyZAhyZ8L
— Robert M. Lee (@RobertMLee) July 24, 2018
As an example this article, and many like it, use subtle word choices like noting that penetrating the control centers was “easy” and that it was “hundreds of victims” but not necessarily hundreds of control centers which is what they’re referring to when discussing “black outs”
— Robert M. Lee (@RobertMLee) July 24, 2018
Then there’s the almost mocking note that supposedly these networks were supposed to be air gapped; except no one serious in the discussion considers control centers for electric grid functionality air gapped. It’s subtle but positions that this is a shock but it’s not
— Robert M. Lee (@RobertMLee) July 24, 2018
And language such as “throwing switches” and noting it would cause “black outs” is in no way representative of what was seen in these intrusions. In these cases the adversary was taking screenshots of HMIs.
— Robert M. Lee (@RobertMLee) July 24, 2018
So in short, please take cyber threats to industrial infrastructure serious. They are getting far more aggressive and numerous. But let’s not use word choices that mislead and hype up the
MLADEN ANTONOV via Getty Images
Russia is considering a new law that would allow the government to punish websites and social networks for user posts deemed inaccurate, the New York Times reports. If passed, the new law would require websites with more than 100,000 daily visitors and a comment feature to remove inaccurate information posted by users within 24 hours. If they don’t comply, the sites could face a fine of up to 50 million rubles ($793,000).
The law would join others that already limit what social media users are allowed to write and it’s currently under consideration in Russia’s lower house of parliament, the State Duma. Of course the proposed legislation is already sparking concerns about censorship. Artem Kozlyuk, founder of anti-censorship site Roskomsvoboda, told the New York Times that though the bill is being packaged as a way to boost public safety and stem harmful misinformation, these types of efforts typically end the same way, with the “expansion of the government’s powers and censorship.”
Earlier this year, Malaysia passed a law that criminalized the spread of fake news while Egypt’s parliament recently approved legislation that will treat and regulate popular social media accounts and blogs as traditional media outlets.
Nicholas Kamm/AFP/Getty Images
The President might have claimed that Russia stopped hacking the US, but intelligence officials know otherwise — and they’re stepping up their fight against the ongoing threat. Recently installed NSA and Cyber Command chief Paul Nakasone has created a dedicated task force (the Russia Small Group) to tackle online threats from Putin’s regime. While he wasn’t specific about what the group would do, he said it was “in line” with what intelligence agencies have been doing ever since the 2016 presidential election. In short: they’re devoting extra energy to preventing a repeat of the widespread hacking from two years ago.
Nakasone argued that this wasn’t optional. If the US decided to “stand on the sidelines” and didn’t focus its energy on digital adversaries like Russia and China, it risked letting those opponents shape the virtual battlefield. They “undermine” elections, stoke social tensions and steal sensitive info, Nakasone said — you need people who can tackle this on a “continual basis.”
It’s not shocking that Nakasone would pursue this route. He’s a four-star Army general who is running both the NSA as well as a recently elevated Cyber Command. If anyone is likely to both focus on threats from specific countries and see the bigger picture of online security, it’s him. The question is whether or not the Russia Small Group will have a meaningful effect on the 2018 mid-term elections. It might, but it was formed so recently that it may need time to reach its full potential and give Russia second thoughts.
Russia is still launching cyberattacks against the US, a Microsoft exec has revealed, contradicting what the President claimed just a few days ago. According to Microsoft VP for customer security and trust Tom Burt (shown above second from right, with his hand raised), his team discovered a spear-phishing campaign targeting three candidates running for office in 2018. Burt announced his team’s findings while speaking on a panel at the Aspen Security Forum, where he also revealed that they traced the new campaign to a group believed to be operated by the GRU, Russia’s largest foreign intelligence agency. In other words, those three candidates are being targeted by the same organization that infiltrated the DNC and Hillary Clinton’s Presidential campaign in 2016.
The US recently indicted 12 Russian GRU officials, 11 of whom are accused of hacking the DNC and leaking the party’s emails with the purpose of influencing the 2016 elections. If you’ll recall, a “Guccifer 2.0” dumped names, phone numbers, emails and a bunch of other information stolen from the party, from Hillary Clinton and from the Clinton Foundation on the internet.
The last GRU official named in the indictment is accused of breaking into the state board of elections and the systems owned by companies making election software to steal half a million voters’ information.
While Burt divulged Microsoft’s findings to the public, he refused to name the targets and their parties due to security concerns. He did say, however, that they’re “candidates of note” who are “running for reelection.” Neither party would confirm whether their candidates are being targeted, but DNC rep Xochitl Hinojosa told BuzzFeed News: “We saw the Russians attack our democracy in 2016 and we know they’re a threat in 2018, 2020 and beyond.” He added that it’s unfortunate how the President isn’t taking the issue seriously and how House Republicans refuse to increase funding for election security.
Xinhua/Lehtikuva/Heikki Saukkomaa via Getty Images
President Trump is still dealing with the repercussions of appearing to agree with Vladimir Putin that Russia didn’t interfere with the 2016 US election (and the subsequent attempted walk back of this statement), but that isn’t stopping him from further controversial statements on cybersecurity. In a cabinet meeting, Trump told a reporter that Russia was no longer “targeting” the US with cyberattacks. The claim strains credulity, to put it mildly — it contradicts both his previous remarks and the findings of intelligence agencies.
To start, Trump told members of Congress in a July 17th meeting that the US was reportedly “doing everything in [its] power to prevent Russian interference in 2018.” If cyberattacks weren’t a real possibility, why show concern about Russian meddling just a day earlier? Director of National Intelligence Dan Coats also stressed in a July 16th statement that Russia was conducting “ongoing, pervasive efforts” to undermine the US, indicating a continued threat.
It’s certainly an unusual statement to make in light of dozens of indictments (some made just before Trump’s meeting with Putin) against Russian intelligence officers and Russia-linked individuals for attempting to interfere with the 2016 election through everything from ad campaigns to hacking electoral systems. And that’s not even including the reams of evidence of ongoing cyberattacks against the West, including Twitter bots as well as hacks targeting the Olympics and chemical warfare prevention labs. There’s simply no good reason to believe Russia has changed its ways ahead of the US mid-term elections, regardless of what Trump says.
Tuesday marked another chapter in the “Tech Companies go to Congress” story, with Facebook, Twitter and YouTube testifying before the House Judiciary Committee. The hearing, titled “Examining the Content Filtering Practices of Social Media Giants,” was supposed to shed light on how these companies are keeping their sites safe for users by filtering out toxic content. But, instead, we learned very little. Executives from Facebook, Twitter and YouTube simply echoed what they’ve been saying in other congressional hearings since 2017. They talked about how they’re using a combination of artificial intelligence and human reviewers to fight fake news, bots and toxic content like hate speech.
Those are efforts we were already aware of, though we did find out out that Facebook, apparently, can’t decide when it should ban offensive pages like InfoWars. But the fact that the latest hearing was another wasted opportunity, just like Mark Zuckerberg’s appearance before Congress in April, isn’t completely Facebook, Twitter or YouTube’s fault.
Throughout yesterday’s session, US House Representatives from both sides of the aisle seemed to be more interested on their personal agenda. Republicans like Rep. Smith (TX) talked about how he felt conservatives were being censored, accusing Google of blocking his searches for “Jesus, Chick-fil-A and the Catholic religion.” Democrats, on the other hand, said the committee should be having hearings on Russian election interference and Trump’s relationship with Vladimir Putin instead. “This committee needs to proceed with hearings involving the question of the Russian intrusion and stealing of the 2016 election,” Rep. Lee (D-CA) said. “And I’ve come to a conclusion now that it was truly stolen. Dealing with these engines that have been effective for the United States on that issue seems to be a stretch and inappropriate.”
Rep. Lieu (D-CA) went as far as calling the hearing “dumb” and “stupid,” saying there were more important issues the House Judiciary Committee should be focusing on. “I served on active duty in the US military, I never thought I would see the American Commander-in-Chief deliver the talking points of the Kremlin. Are we having a hearing on that? No.” he said. “As we sit here today there [are] nearly three thousand babies and kids ripped away from their parents by the Trump administration, they have not been reunified yet. Are we having a hearing on that? No.” Instead, he added, “we’re having this ridiculous hearing on the content of speech of private sector companies. It’s stupid because there’s this thing called the First Amendment — we can’t regulate content. The only thing worse than an Alex Jones video is the government trying to tell Google not to do it, to prevent people from watching [it]. “
Meanwhile, Chairman Goodlatte (R-VA) asked Facebook, Twitter and YouTube why the shouldn’t be regulated as non-utilities like hotels or clubs, which at a certain point have a legal liability for how consumers use their services. Goodlatte’s concern is that these social media giants