Why America First Policy Requires US to Push Back Against Russia

My article published on Daily Mail 24:

https://en.dailymail24.com/2017/10/29/why-america-1st-policy/

The US may very well be perfectly fine with living and letting live. It may very well be entirely happy to let someone take play world policeman for a change and focus on providing for its own citizens and protecting its borders. It might be for the best if other countries sorted out their issues among themselves. But it's all a pipe dream.

Russia is not going to let the United States to live and let live. It's not about Putin's stay in power or pursuit of dominance in the Middle East, or the restoration of the Russian Empire.

It's about the simple fact that we are under our attack within our own borders, and Russia will not stop until it brings the US to ruin.

How would that scenario look? Alarmingly, the picture emerging is not too far from where we are now: a nation, lost in confusion, unable to tell propaganda and fake news from reality, its political leadership torn apart by endless scandals and investigations, with its citizens trusting foreign leaders more than they trust their own.

Russia has proven to be a danger, playing both parties against each other, sowing chaos, confusion, and aggressively attacking US interests internally and externally. Its Kaspersky software has been used as an espionage tool across various government agencies, endangering our information. Hacking into voting machines and attacks on various political entities was a crude attempt to compromise the integrity of our democratic election problems, and to cause months of finger-pointing and social divisioins.

Over the years preceding this election, Russia continued aggressive active measures, which ranged from bribery of nuclear trucking companies, to espionage through highly placed officials in an attempt to get to the Secretary of State Hillary Clinton, to aggressive hacking and propaganda measures which intensified through election. Under the Obama administration, Russia sent its "diplomats" on fishing expeditions around our sensitive infrastructure, even in such unusual vacation destinations as Kansas.

Additionally, Russia has presented a direct threat to our interests and security abroad. Russian intelligence aggressively targeted US diplomats in Moscow and Eastern Europe, which included such unprofessional and belligerent actions, as physical attacks, including one that left a diplomat badly beaten outside the Embassy, and having to be evacuated, poisonings, severe destruction of property, and harassment that went far beyond the expected annoyances from the old Soviet KGB playbook expected in that part of the world.

Strategically, Russia continues to present a threat wherever it goes, directly interfering with US interests in the Middle East, Afghanistan, and elsewhere. In Syria, Russia constructed a base, while supporting Iranian militias, adversarial to US interests, attacking US-backed groups, and presenting a threat to the Straight of Hormuz, a strategically important trade rout for US and her allies. At numerous points throughout its presence in Syria, US and Russia neared a point of direct conflict, while Russia continued provocative actions, involving airplanes and submarines. In Afghanistan, Russia supplies Taliban with fuel and even weapons, despite the fact that NATO, including the US, is actively fighting against Taliban. Thanks to Russia's assistance, the Taliban has made significant territorial gains, even as the US surged its own forces inside the country.

Additionally, Russia continues to supply Iran with weapons, now also selling S-400s to Turkey, a country that also presents a significant challenge to US interests in Syria. And Russian government oil company is moving in on the oil fields taken over by the Iraqi forces, IRGC, and Iran-backed militias from the Kurds in Kirkuk, which endangers vested US business interests. Russia's attacks on Ukraine, including cybersecurity attacks, are widely viewed as potential dry runs for similar attacks on US infrastructure, including the electric grid.

And that's not including the aggressive lobbying against the Magnitsky Act, the cruel adoption ban that forbids dangerously ill Russian children from being taken in by American families, the non-stop brainwashing of the Russian citizenry against Americans, the troll farms, which makes old school Soviet propaganda seem like child's play, and the authoritarian actions against foreign NGOs, as well as government-linked hostile takeovers of US hedge funds and other financial institutions in Russia, well documented by Bill Browder and others.

All of that paints a rather dreary picture of the US-Russia relationship, with only one side systematically pursuing hostility and instilling hatred against not only the government of the other, but against all of it institutions, the fabric of society, and way of life. Russia is not acting like a potential partner, even on a strictly limited and professional level. It's looking to undermine every goal and pursuit of the United States, and to cause an internal collapse. The appeal of hardcore Communism is no longer quite as potent, though to be sure, the Soviet Union's fellow travelers took strong root in the academia, governments, the media, and think tank world.  But non-ideological confusion of values and internal social and political divisions are just as destructive, and have met with a deplorable level of success. Intersectionality, radical movements, and fake pseudoright=wing and pseudo-left wing organized groups and violent events all have the classic Soviety-style footprint on them, and a number of articles have come out to show how Russia had duped unwitting Black Lives Matter activists into organizing events that ended up benefiting Russia.

For that reason, placing America First, and American interests first, requires a strong, unequivocal, coordinated, and systematic response to Russia by President Trump, who needs to start enforcing Congressional sanctions he signed into law this summer immediately, members of both parties in Congress, who need to put aside political differences and focus on the common goal of defending US national security and political integrity, our media, who needs to focus on exposing Russian connections wherever they are, and not just to the benefit of one party over another, our institutions, including think tanks, who need to be more alert to the foreign money, lobbyists, and other pro-Russia influences, and finally, US citizens, who need to start learning to spot propaganda that benefits the foreign state, and stop giving in to the divisiveness being sown by bots, trolls, and Russian agents of influence at every opportunity.

We need to keep America great, not make Russia great again.

"Mutually Assured Disruption: Framing Cybersecurity in Nuclear Terms"

The National Committee on American Foreign Policy hosted a discussion featuring David Mussington (Director of the Center for Public Policy and Private Enterprise, at University of Maryland), Michael Sulmayer (Director of the Cyber Security Project at the Belfer Center for Science and International Affairs at Harvard U.),  Andrew Futter (Associate Professor of International Politics at the University of Leicester, focusing on emerging strategic technologies and global nuclear order),  and Rafal Rohozinski (CEO, The SecDev Group).

Much of the discussion was focused on figuring out the extent to which cyber and nuclear issues interact.  Part of the problem is that to a large extent they do not, and the specialists in these areas do not understand each other's disciplines, nor do they interact with each other. That said, cyber and nuclear are also not necessarily automatically similar or connected on every level. Another issue muddling the general discussion is that cyber threats greatly vary among themselves, and one of the easiest ways to get to nuclear technologies is through social engineering which facilitates implementation of cyber threats - or may have nothing to do with cyber at all. One of the conflicts with respect to any technology, whether it's cyber, or nuclear is tension between functionality and security. If something is upgraded to a digital version, it may be faster and better, but is also hackable.

With nuclear technology, there is the additional tension of having them ready to be used at a moment's notice, while also being kept safe from both unauthorized access of any kind and incidental deployment.  Nuclear modernization digitized much of its function, but also made it less secure. And of course, the access by humans, and errors in judgment remains a factor. Additionally, there is the problem of the full spectrum missile defense capabilities, which would utilize cyber functions, but may also have nuclear components. That makes them more effective, but have more ways in which they can be sabotaged.

Other issues of concern are the lack of civilian oversight over devices, the fact that the government security is only as strong as its weakest link, and the weakest link - civilian devices, such as PCs and cell phones - are pervasive.  Additionally, there is a tension between whether vulnerability to cyberattacks is largely an individual and domestic problem or something greater. The argument that it's not limited to educating the society on how to be more aware is that much of the contemporary technology is comprised of internationally made hardware and software, and there are backdoors built into cell phones and so forth, so being simply on guard is not enough.

Added to the complication is the fact that large corporations such as Equifax are not held accountable for poor internal habits, and as a result the regular people suffer and pay the price. The Silicon Valley has a culture of resistance to getting involved in politics, and additionally of being strongly opposed to government oversight, to the point that Facebook was denying any manipulation of data by the Russians, up until the point where it could not engage in any more denials. The strategy may be shifting in Congress to impose greater demands of tech companies and social media companies into taking action to safeguard themselves from external interference.

The one issue that was not mentioned is the impact of data compartmentalization, including the effect of eroding barriers on nuclear susceptibility to attacks. At issue is to what extent can an attack on an unrelated industry or device affect digital functions of nuclear technology, and to what extent is it even functionally possible to keep various types of information separate enough that the damages from serious cyberattacks can be mitigated. In the national security arena, the erasure of compartmentalization as a best practice has had a noticeably negative effect in a variety of areas, but some issues may be just as due to the simple inability to keep track of the vast quantities of data being collected or utilized as to poor agency culture.

Let's Not Wait to Close The Barn Door Until After The Horse Gets Out

A recent report that North Korean hackers targeted US electric grid through spearphishing emails to electric power companies is yet another signal that foreign powers are increasingly viewing the cybersphere as one of the top frontiers in warfare... and our response continues to be largely reactive as we wait until they perfect their methods before taking serious accounting of our vulnerabilities.

Indeed, there may not be much evidence that any of that batch of attacks were successful, but what happens when inevitably one day one of them succeeds? Chances are, sooner or later, a careless employee will click on the link and let the hackers right in. Alternatively, having figured out that this particular line of attack is not worth pursuing, the hackers may already be finding other backdoors to entry. The typical reaction of expressing concern about the future and not much else, exhibited after this report came in, underscores that the problem of inaction in the face of persistent threat is at least as big of a problem as the actual persistent threats. Perhaps the hackers were simply not sophisticated enough to gain entry this time around. Perhaps one day, having figured out what doesn't work, they'll do better. And perhaps spearphishing emails were merely a distraction from a different line of attacks they will be pursuing in the near future.

Regardless, this is yet another reminder about the vulnerabilities of our electric grid, and the generally poor record on cybersecurity. For the record, I don't expect North Korean hackers to go and blow up a physical station. What I do expect them to do, is perhaps either share the information about US infrastructure vulnerabilities with Russia or Iran, who, no doubt, are considering all lines of attack, or perhaps even hack into their services and simply steal that information.  Having dependency on your enemies' known capability is no way to account for your defense.  Keeping a flexible mindset about potential for attacks, especially after numerous hints have been practically given to you on a silver platter about what appears to be of interest to a number of adversaries, constantly updating, innovating, and improving your infrastructure and cyber defense, and keeping not only your staffers, but your enemies on their toes with unpredictable responses is the way to avoid trouble that is sure to follow these first few unsuccessful attempts.

The Obama Administration loses war plans and keys to the front door to North Korean hackers

In the latest in the series of embarrassing cybersecurity incidents involving the Obama administration, which had included giving Pentagon source code to Russia for examination, having NSA data stolen by Russian hackers,  and much more, apparently US-South Korea war contingency plans were grabbed by North Korean hackers last year, just as Obama was condemning candidate Trump for collusion with Russia and screaming bloody murder about Russian hackers hacking voting machines.

Is there anything the Obama Administration didn't manage to lose or have stolen by one deadly adversary or another?

Has anyone checked whether the nuclear codes are still there?

How Obama's policies left the US government vulnerable to Russian hackers

The real story with Russia was not the series of stupid meetings between Trump campaign officials and diplomats who were trying to set them up, playing on Trump's admiration of Putin. The story that should have been all over the front pages then, and now, is the complete lack of security infrastructure across our government, Obama's complete inability to protect the country from cybersecurity threats, and the way Russians were able to easily take advantage of all our vulnerabilities throughout the last 8 years to make a series of devastating blows that are only coming out to public awareness now.

Many of these issues came up during the last two years of the administration when he was busy crying "Russian hackers", while Russian hackers were having a ball right under his eye. This combination of lack of situational awareness, recklessness, arrogance, and ignorance of even the basic factors to take into consideration was evident in Debbie Wasserman-Schultz's watch at the DNC, among Democratic Congressmen in the Pakistani IT staffer scandal, with Hillary's various misuses of email, with John Podesta falling easy bait to a phishing trick, and so much more. But all of that turned out to be just the tip of the iceberg, as we are now learning, mere red flags compared to the utter disaster that was taking place behind the close doors, with Edward Snowden being but the first red flag and warning sign of just how unprepared was our counterintelligence for the combination of cybersecurity threats and social engineering from Russians and other actors.

Much of it has come out within this past year, and with regards to cybersecurity, in the last couple of weeks, with the story of the NSA breach and access to Pentagon source code. Meanwhile our own reaction has been belated and laughable. Over two years after Kaspersky was used to retrieve NSA data, the government finally advised its agencies not to use that software. I don't even want to know what happened after the Russians got the source code and whether that software is still in place, but my guess is, not much has changed. The pervasive problem of such proportions should be a national scandal. Obama left the front door open while looking for boogeymen out in the back. Thanks to the atrocious decisionmaking throughout his administration, the country has been vulnerable, basically naked, to Russian hacking. But the press, instead of thoroughly investigating the extent of the damage and excoriating the officials responsible for it, are dripping their findings, while covering up who's really at fault.

The cybersecurity breaches of the past 8 years deserve a thorough, competent investigation. If Mueller is anything other than a political hack with an agenda, he should be looking at this main stage event, while also investigating whatever improprieties came out from last year's election and the financial shenanigans from some of the actors. I am afraid, however, that most people are not interested in the "whole truth". They just want to be fed stories convenient to propping up their preconceptions.

Obama-Era Cybersecurity Protocols Deserve Scrutiny

Under the Obama administration:

* Russians ratcheted up fake news and other types of information warfare

* Attempted to hack voting machines

* Snowden fiasco took place

* Russians stole NSA data using Kaspersky (despite which fact, US government government proceeded to continue using Kaspersky software until very recently)

* Russians got the source code for Pentagon cybersecurity software

* There were many major hacks

* Hillary's security problems

* DNC server security breach and repeated attempted attacks on various Republican presidential candidates and entites

* The Congressional Pakistani IT staffer scandal is set in place with thousands of unauthorized access units to emails and servers, not to mentioned stolen equipment, various frauds, etc etc.

So we get a Russia probe exploring Donald Trump's connections to Russia, but no probe on poor security protocols promoted by the Obama administration, and in place to this day. Why is that? Inquiring minds want to know.

No Secrets Left Worth Keeping

First we find out that a Russian cybersecurity firm got to examine the source code for central Pentagon software under Obama.

Then we learned that Russian hackers stole NSA data, which may allow for easier penetration.

Now it turns out that Chief of Staff Kelly's phone was compromised since last December, and he didn't learn of the breach until this summer, all the while being the head of the Department of Homeland Security!

If the head of DHS doesn't check for bugs, hacks, and other technical compromises of his devices, what can be said of everyone else in the government?

Aren't there common sense protocols for compromise awareness that our officials are briefed on when taking office?

And that's not even counting the obvious and inexcusable negligence of Javanka keeping officials on private servers after all the brouhaha with Hillary Clinton doing the same thing.

Jeez.

Is Nothing Sacred? Russian hackers get the NSA

Everyone's all upset about the missing DNC server which may or may not have been hacked by the Russians, and possibly the rest of the world; meanwhile, Russian hackers made their way into NSA and got juicy info on US cyber Defense. And that's not counting the epic fail last year, when Hewlett Packard basically gave the Russian cybersecurity firm the source code for Pentagon, if not more.

This proves 2 things: 1. Nothing is unhackable 2. Throwing money at a problem may actually contribute to the problem.

Before allocating any more funding for security to the supposedly secure intelligence agencies, Congress should ask some hard questions about lessons learned from the Edward Snowden fiasco, and the measures they are taking to keep the enemy out. I will not be surprised if, at the end of the instant investigation, it will turn out that it wasn't the superior skills of the Russian hackers, but a combination of indiscretion and various security oversights that did NSA in.

How the Obama Administration Invited Foxes to Guard Chicken Houses While Crying Wolf

In the midst of the Russian hacking scandal in 2016, the HP (Hewlett Packard)  allowed Russian security firm to scrutinize cyberdefense system, which was used as a cybersecurity nerve center for much of the US military. That action may have alerted the Russians to the vulnerabilities in that system. Russians reviewed the source code - and the US intelligence and the Obama administration were aware of that and allowed this move to take place.

They then made lots of noise about DNC and Russian hackers and voting machines. When the real Russian cyberscandal lay elsewhere. The Obama administration was notorious throughout the tech world for its poor implementation of security safeguards across all agencies, and across the homeland security world, for allow Russian "diplomats" to covert near US infrastructure in various states they clearly shouldn't have been.

Now we learn that US just let the Russians examine source code for central Pentagon cybersecurity hub, with nary a word about it to the public. That's not only letting fox guard the chicken house, but inviting the fox to be there, opening all doors, and then crying wolf while pointing somewhere at a distance. Metaphorical heads should roll.