Saturday, June 13, 2015

Saturday 06-13-15

How does it feel, to be spied upon?  Not saying it is right

Union says all federal workers fell victim to hackers

WASHINGTON (AP) -- A major federal union says the cyber theft of employee information is more damaging than it first appeared, asserting that hackers stole personnel data and Social Security numbers for every federal employee.
The Obama administration had acknowledged that up to 4 million current and former employees are affected by the December cyber breach of Office of Personnel Management data, but it had been vague about exactly what was taken.
But J. David Cox, president of the American Federation of Government Employees, said in a letter Thursday to OPM director Katherine Archuleta that based on incomplete information OPM provided to the union, "we believe that the Central Personnel Data File was the targeted database, and that the hackers are now in possession of all personnel data for every federal employee, every federal retiree, and up to 1 million former federal employees."
The OPM data file contains the records of non-military, non-intelligence executive branch employees, which covers most federal civilian employees but not, for example, members of Congress and their staffs.
The union believes the hackers stole military records and veterans' status information, address, birth date, job and pay history, health insurance, life insurance, and pension information; and age, gender and race data, he said.
Also Thursday, Sen. Harry Reid of Nevada, the Democratic Senate leader, said that the hack was carried out by "the Chinese" without specifying whether he meant the Chinese government or individuals. Reid is one of eight lawmakers briefed on the most secret intelligence information. U.S. officials have declined to publicly blame China, which has denied involvement.
The union, which does not have direct access to the investigation, said it is basing its assessment on "sketchy" information provided by OPM. The agency has sought to downplay the damage, saying what was taken "could include" personnel file information such as Social Security numbers and birth dates.
"We believe that Social Security numbers were not encrypted, a cybersecurity failure that is absolutely indefensible and outrageous," Cox said in the letter. The union called the breach "an abysmal failure on the part of the agency to guard data that has been entrusted to it by the federal workforce."
Samuel Schumach, an OPM spokesman, said that "for security reasons, we will not discuss specifics of the information that might have been compromised."
Schumach did, however, address Cox's comment on encryption. "Though data encryption is a valuable protection method, today's adversaries are sophisticated enough that encryption alone does not guarantee protection," he said. "OPM does utilize encryption in some instances and is currently increasing the types of methods utilized to encrypt data."
The central personnel data file contains up to 780 separate pieces of information about an employee.
Cox complained in the letter that "very little substantive information has been shared with us, despite the fact that we represent more than 670,000 federal employees in departments and agencies throughout the executive branch."
The union's release and Reid's comment in the Senate put into sharper focus what is looking like a massive cyber espionage success by China. Sen. Susan Collins, R-Maine, an Intelligence Committee member, has also said the hack came from China.
Mike Rogers, the former chairman of the House Intelligence Committee, said last week that Chinese intelligence agencies have for some time been seeking to assemble a database of information about Americans. Those personal details can be used for blackmail, or also to shape bogus emails designed to appear legitimate while injecting spyware on the networks of government agencies or businesses Chinese hackers are trying to penetrate.
U.S. intelligence officials say China, like the U.S., spies for national security advantage. Unlike the U.S., they say, China also engages in large-scale theft of corporate secrets for the benefit of state-sponsored enterprises that compete with Western companies. Nearly every major U.S. company has been hacked from China, they say.
The Office of Personnel Management is also a repository for extremely sensitive information assembled through background investigations of employees and contractors who hold security clearances. OPM's Schumach has said that there is "no evidence" that information was taken. But there is growing skepticism among intelligence agency employees and contractors about that claim.
In the Senate on Thursday, Democrats blocked a Republican effort to add a cybersecurity bill to a sweeping defense measure. The vote was 56-40, four votes short of the number necessary.
Democrats had warned of the dangers of cyberspying after the theft of government personnel files, but Democrats voted against moving ahead on the legislation, frustrated with the GOP-led effort to tie the two bills together. President Barack Obama has threatened to veto the defense legislation over budget changes by the GOP.
"The issue of cybersecurity is simply too important to be used as a political chit and tucked away in separate legislation." said Sen. Chris Coons, D-Del.

http://hosted.ap.org/dynamic/stories/U/US_GOVERNMENT_HACKED?SITE=AP&SECTION=HOME&TEMPLATE=DEFAULT&CTIME=2015-06-11-15-58-33

American teenager pleads guilty to helping Islamic State

A 17-year-old from Virginia pleaded guilty in court on Thursday to charges of conspiring to help Islamic State militants, the first time the United States has prosecuted a minor as an adult in such a case.
Ali Amin, of Manassas, Virginia, used Twitter and his blog to provide instructions on how to use the virtual currency Bitcoin to send funds to the militants, according to court documents.
Prosecutors said Amin also helped another Virginia resident, Reza Niknejad, to travel to Syria to join the group that has taken control of areas of Iraq and Syria over the past year in a campaign marked by mass killings and beheadings.

The SITE monitoring service, which follows social media postings by Jihadist militants, said Amin had some 4,000 Twitter followers and was in communication with well-known Islamic State fighters and recruiters.
SITE said on his site he displayed a picture of the White House topped with an Islamic State black flag and included a note that the site was "dedicated to raising awareness about the upcoming conquest of the Americas."

U.S. Attorney for the Eastern District of Virginia Dana Boente told a press conference that the magnitude of the charges led to prosecution of Amin as an adult.
"It's something we take very, very seriously, the age of someone...but at the end of the day, it's a matter of public safety," Boente said. Amin faces up to 15 years in prison when he is sentenced on Aug. 28.
Amin's lawyer Joseph Flood described him as a "good guy" who was sympathetic to the opposition against Syrian President Bashar al-Assad in Syria's civil war and got wrapped up in the wrong thing online.

Wearing a prison uniform on his thin frame, Amin appeared calm and polite as he pleaded guilty to the charges. His mother, also in the courtroom, stayed silent and showed little emotion.
"This case serves as a wake-up call that ISIL's propaganda and recruitment materials are in your communities and being viewed by your youth," Assistant Attorney General John Carlin said in a statement, using an acronym for Islamic State.

Northern Virginia has a large Muslim community. Anwar al Awlaki, an American linked to Yemen's al Qaeda branch, preached at a mosque there before leaving the United States shortly after the Sept. 11, 2001 attacks. He died in a drone attack, becoming the first U.S. citizen the White House authorized U.S. agencies to kill overseas.
Andrew McCabe, assistant director of the FBI's Washington field office, said Amin was a "promising young man" who was active in his local mosque and helpful to his family. He said the FBI became aware of Amin in November 2014.
Amin made travel arrangements for Niknejad and drove him to Dulles International Airport in January, prosecutors said. Niknejad is still at large and prosecutors filed terrorism-related charges against him on Wednesday.

http://www.reuters.com/article/2015/06/11/us-usa-security-islamicstate-idUSKBN0OR1V520150611

I guess this is talking more about date rape, but don't put yourself in the situation will prevent more also.

Women trained to resist sexual assault far less likely to be raped: study

Female university students who completed 12 hours of training on resisting sexual assaults experienced far fewer rapes and attempted rapes, according to a new Canadian study.
The study involved 893 female Canadian students who were either given the training -- known as the Enhanced Assess Acknowledge Act Sexual Assault Resistance Program (EAAA) -- or formed a control group where they were asked to read brochures.
One year later, those who took the EAAA had experienced 46 per cent fewer completed rapes (5.2 per cent versus 9.8 per cent) and 63 per cent fewer attempted rapes (3.4 per cent versus 9.3 per cent) than the control group.
Charlene Senn, a University of Windsor women’s studies professor and notable sexual assault expert, was the lead researcher in the study, which was published in the New England Journal of Medicine.
"What this means in practical terms is that enrolling 22 women in the EAAA resistance program would prevent one additional rape from occurring,” Senn said.
Sarah Oszter, 24, took the program during the second year of her psychology and criminology degree at the University of Windsor, in order to get class credit.
“The greatest thing that I took away was the self-defence training,” she said, adding she learned physical methods to get a person off of her in the event of a sexual assault.
Oszter said she also learned how common sexual assault is on university campuses, and skills such as how to spot the body language of someone who may be in danger.
“Whether it’s a woman or a man,” she said, “I think somebody should always step in if somebody looks like they’re in danger.”
Oszter said she also learned while the resistance training focused on how women can prevent assault, rape is not the victim’s fault so men also need training.
The chance of a woman being assaulted during four years at university is estimated at between 20 and 25 per cent over a four-year period, according to the study.
The study involved students and researchers from the University of Guelph, the University of Calgary and the University of Windsor.
Here is a summary of the four units taught during EAAA, as outlined in the journal article:
  • Assess: This unit focused on improving women’s assessment of the risk of sexual assault by male acquaintances and developing problem-solving strategies to reduce perpetrator advantages.
     
  • Acknowledge: This unit assisted women in more quickly acknowledging the danger in situations that have turned coercive, explored ways to overcome emotional barriers to resisting the unwanted sex, and practiced resisting verbal coercion.
     
  • Act: This unit offered instruction about and practice of effective options for resistance, including two hours of self-defence training based on Wen-Do Women’s Self-Defence.
     
  • Sexuality and Relationships: This unit provided sexual information, including the slang and scientific terms for a wide range of possible sexual activities, safer-sex practices and strategies for sexual communication.
http://www.ctvnews.ca/mobile/canada/women-trained-to-resist-sexual-assault-far-less-likely-to-be-raped-study-1.2416122

No comments:

Post a Comment