Deleted tweet detection is currently running at reduced
capacity due to changes to the Twitter API. Some tweets that have been
deleted by the tweet author may not be labeled as deleted in the PolitiTweet
interface.
Showing page 200 of 2161.
Eric Geller @ericgeller
A new warning from Russia: "The militarization of the information space by the West, and attempts to turn it into an arena of interstate confrontation, have greatly increased the threat of a direct military clash with unpredictable consequences." https://t.co/XmGMk2m7la — PolitiTweet.org
Eric Geller @ericgeller
Unlike w/ Energy Star, there won't be one cyber labeling standard that all IoT manufacturers will seek to meet, Megas said. NIST wants to see a variety of standards, b/c not all products need to meet same criteria. “There's a way to go" b4 those standards exist, Megas said. — PolitiTweet.org
Eric Geller @ericgeller
Also: * How to communicate to consumers that the labels only cover specific products, not the other tech (e.g. cloud platforms) to which those products connect? * How often will NIST need to update the guidelines likely to be used as a reference for many labeling schemes? — PolitiTweet.org
Eric Geller @ericgeller
Some of the lingering Qs: * How much liability do companies take on by getting certified and displaying a label? * What are certification authorities' obligations to monitor marketplace for changes that might affect certification criteria? — PolitiTweet.org
Eric Geller @ericgeller
Also in today's @MorningCybersec (https://t.co/FHDBZmGV4Q), my report from an #RSAC panel about NIST's work on IoT cybersecurity labeling. “There is still a journey ahead of us,” said Katerina Megas, who leads NIST’s IoT cybersecurity program. — PolitiTweet.org
Eric Geller @ericgeller
So do Western takedowns matter, given that gangs often rebrand & reemerge? "That's still some friction,” Hickey argued. “I view that as a limited success. It's evidence that we are having some impact. It's better than operating with impunity under the same banner forever.” — PolitiTweet.org
Eric Geller @ericgeller
Cooperation between Moscow and Russian cyber criminals used to be a bit quieter, Hickey said. “Now, with that lawyer's comment, I feel like the quiet part is being said out loud.” — PolitiTweet.org
Eric Geller @ericgeller
On Russia's approach to cyber criminals, Hickey pointed out that a lawyer for one of the REvil hackers arrested in January reportedly asked a Russian court to release his client so he could help Moscow fight Ukrainian hackers. https://t.co/062eHhADp0 — PolitiTweet.org
Eric Geller @ericgeller
DOJ is mindful of the limitations of its authorities and functions, Hickey said. “There's a lot more to do,” and “part of the push will have to be a diplomatic or political push, because a lot of these actors are operating from territories where we can't get to them directly.” — PolitiTweet.org
Eric Geller @ericgeller
Of course, there are crime-oriented cryptocurrency services, such as mixers and tumblers, "where I think it might be prudent for us to use some state power,” Hickey said. He noted that Treasury recently sanctioned a mixer. https://t.co/RxatJ0PdyC — PolitiTweet.org
Eric Geller @ericgeller
@victoriadillon @CISAgov @boblord talk about a message from the lord! — PolitiTweet.org
Eric Geller @ericgeller
“You don't see a lot of ransomware sets based in Western Europe, the United States, or elsewhere" in the West, said Hickey, a deputy assistant AG for national security. "If there were meaningful consequences for the activity where they were doing it, that would end ransomware.” — PolitiTweet.org
Eric Geller @ericgeller
I interviewed Adam Hickey, a top DOJ cyber official, about the range of issues on his plate. In today's @MorningCybersec from #RSAC, he argues that diplomatic pressure, not cryptocurrency crackdowns, is the real solution to the ransomware crisis. https://t.co/FHDBZmGV4Q — PolitiTweet.org
Eric Geller @ericgeller
everything is going great https://t.co/aG82tq8zva https://t.co/NhCkL43uB6 — PolitiTweet.org
Eric Geller @ericgeller
Never change, cybersecurity industry. #RSAC https://t.co/FBkrLmzcpX — PolitiTweet.org
Eric Geller @ericgeller
@bgluckman @MorningCybersec 🙏🙏 — PolitiTweet.org
Eric Geller @ericgeller
@jvagle @martinmatishak 👀 — PolitiTweet.org
Eric Geller @ericgeller
Success. Thank you to the loyal @MorningCybersec reader who answered my prayers. #RSAC https://t.co/29ln23mPMo — PolitiTweet.org
Eric Geller @ericgeller
@birnbaum_e yupppp — PolitiTweet.org
Eric Geller @ericgeller
The NSA has also been able to lean on private-sector research when cyber firms see the same threats as the govt. If the NSA wants to warn a company about a threat, the ability to cite private research instead of govt intel "gives us cover" to issue that warning, Joyce said. — PolitiTweet.org
Eric Geller @ericgeller
“You don't change culture in a day," Joyce said, "but it's amazing how far the knob has turned." Senior policymakers' thinking has shifted since creation of NSA's cyber directorate, standup of industry collab center focused on protecting DIB, & Russia's invasion of Ukraine. — PolitiTweet.org
Eric Geller @ericgeller
That's not the case anymore, with hackers holding hospitals at ransom and developing malware specifically to disable safety systems on industrial equipment. Inside the IC, there's now less reflexive deference to sources and methods, according to Joyce. — PolitiTweet.org
Eric Geller @ericgeller
It used to be that cyber threats were more nebulous, so it was easier for intelligence officials to err on the side of protecting the sources used to learn about them — esp. since those same sources were also producing intel about bigger threats, like nuclear weapons programs. — PolitiTweet.org
Eric Geller @ericgeller
“Our default is, we need to use the things we know,” Joyce said. “If you know something and don't do anything about it, you've ... accepted a different risk. And I think that risk wasn't asked about deliberately as much in the past.” — PolitiTweet.org
Eric Geller @ericgeller
More from today's #RSAC press roundtable: As cyber threats become more dangerous, the IC has been reevaluating the tradeoffs of protecting sources and methods vs. declassifying info to stop hackers, @NSA_CSDirector said. https://t.co/5zBbpJ9OIb — PolitiTweet.org
Eric Geller @ericgeller
@sparksjls I ACCEPT — PolitiTweet.org
Eric Geller @ericgeller
When it's Log4j, "everybody is willing to come to the burning building and bring their insights," Joyce said. But when it's early in an attack campaign, a company might think it's alone and be nervous. "They're not going to go to a room where they don't know everybody." — PolitiTweet.org
Eric Geller @ericgeller
Companies are more willing to tell the government what they're seeing when they know they're not alone, @NSA_CSDirector said. — PolitiTweet.org
Eric Geller @ericgeller
The "flexibility and agility" required to know how many partners to bring together, and in what setting, "is a lesson learned that we've been able to share with JCDC a bit as they've stood up and started to build these relationships across sectors," Adamski told us. — PolitiTweet.org
Eric Geller @ericgeller
Small-scale engagements allow "very open and frank conversations," Adamski said. But then "there are also times when you have information that you need to get out to the masses, and so you need to be able to have a platform to be able to do that as well." — PolitiTweet.org
