Gaslighting Biden SOTU Fails to Address Cyber-Disaster

Written by Julio Rivera on . Posted in Guest Articles

Joe Biden’s presidency has hit new lows in 2024. Despite what many media outlets and talking heads on the left wanted to portray as an “energetic” and “fiery” State of the Union address last week, most Americans were not impressed by the speech, as the customary post SOTU polling spike that most presidents enjoy hasn’t been there for Joe Biden.

In fact, multiple polls released in the days since the speech have gone in the opposite direction for Biden, as according to the Yahoo News/YouGov poll, Biden’s approval rating went from 40% prior to the speech to 39% this week. This increasing dissatisfaction in the current president was echoed in polling conducted by FiveThirtyEight, where prior to the SOTU, Biden held a 38% approval rating on March 6th vs a 37% approval rating on March 12th.

The speech itself was a clinic in beltway gaslighting, with Biden making a number of questionable to outright dishonest claims related to job growth, inflation, and so many other issues of concern to Americans. 

On job growth, Biden’s claim to have created "15 million new jobs" in 3 years fails to acknowledge the fact that about 12 million of those jobs can and should be classified as post-COVID “Return-To-Work” jobs that were actually created by his predecessor, President Donald Trump. 

On the topic of inflation, Biden actually told the joint session of Congress that the United States had achieved the “Lowest (inflation) in the world.” But in reality, the United States is experiencing higher inflation than a number of industrialized nations and new reports show that the rate has actually ticked upward.  

Despite all the misleading chest pounding during the address, one major issue that President Biden mostly stayed away from was America’s crumbling cybersecurity infrastructure. This was most likely by design, as the current administration has failed to distinguish itself as a global leader in the cybersphere.  

And 2023 was a tough enough year for the US in dealing with cyber events, with ransomware attacks, intrusive browser hijackers, data stealers, and countless other threats compromising devices deployed for use in both the private and public sectors. But the first few months of 2024 have seen a rash of attacks against critical sectors, including healthcare, telecom, and state and local governments. 

These attacks come at a time where the cyber landscape has changed tremendously, with major changes at the top for tech giant Microsoft, as well as the Securities and Exchange Commission ushering in a new era of forced private sector compliance regarding cyber events. 

One of the more critical attacks has been the cyber-attack against Change Healthcare. The healthcare technology giant manages the medical records for roughly one-third of American patients and manages billions of healthcare transactions annually. As of mid-March, the US Department of Health and Human Services has launched an investigation into the attack, due to the “unprecedented magnitude of the cyberattack.”

The Change Healthcare attack represents one of the largest data hauls ever accessed in the history of cybercrime and the reason for this kind of attack boils down to one simple motive – Money. On the “dark web” where the personal data of victimized Americans is bought and sold every day, medical records sell can fetch as much as $60 per person, compared to $15 for a Social Security number or $3 for credit card information.

Additionally, warnings issued earlier this year from the Cybersecurity and Infrastructure Security Agency (CISA), the FBI, and the Multi-State Information Sharing and Analysis Center (MS-ISAC), highlighted new threats against municipal and county governments, emergency services, educational institutions, public healthcare facilities, and critical infrastructure related to the Phobos ransomware gang

It has become apparent that the Biden administration is handling our digital borders as poorly as they have handled out physical southern border with Mexico, and the best advice we can take here is to become as vigilant as we possibly can when dealing with our own personal online security. Educating ourselves regarding new attack vectors that include phony security pop-up scams and backdoors, which negate normal authentication procedures to access a system, is critical.

Other than that, there really is little we can do to prevent the major data breaches that continue to afflict major data warehouses, but with common sense precautions we can make 2024 a safer year online as we hope for a much-needed leadership change in 2025. 

 

Julio Rivera is a business and political strategist, cybersecurity researcher, and a political commentator and columnist. His writing, which is focused on cybersecurity and politics, is regularly published by many of the largest news organizations in the world.

 

When objective truth and reality are no longer held by culture.

Written by Terry M. Hestilow on . Posted in Guest Articles

Publisher's note:  Terry Hestilow is a man I've known via social media for a number of years.  He is an accomplished man who served our nation with honor and is a retired Captain in the US Army.  Additionally, he is a former Chaplain, a father, grandfather, and all around great patriot who has a firm grasp on what is happening in our culture.  I am honored that he has allowed us to repost this very insightful perspective.

Terry Hestilow:  I’m confused.  The Left has declared that there is no “right” and no “wrong,” except when you don’t agree with their vivid imaginations; then you are wrong and should be thrown into jail.  Of course, education means nothing anymore if 1+1 can mean anything a person identifies it to equal!  If a teacher punishes a student with counting an answer “wrong” because they disagree with the student’s answer isn’t that an injustice?  After all, if biology, and DNA can be wrong, why not arithmetic?

And aren’t our courts unjust when they define some people as living human beings based upon “age and place of residence” (“pre-born” living in the “mother’s womb”), or based upon if the mother wants her child to live, and punish or praise those who kill them according to politics?  After all, if a doctor kills a pre-born child without being “wrong,” should other doctors be able to kill unwanted parents?  Is that “fair”?  Or is that “wrong”?

Young people need to start asking question.  If things like biology does not determine ”right” and “wrong” physical natural laws (“follow the science”), how can teachers count any answers you give to be wrong?  And if you believe, against all evidence, that you are entitled to a state university’s doctoral degree, how can you be denied?

I might suggest that such thinking is “wrong” on a fundamental epistemological level; but according to today’s lack of rationality any discussion of epistemology might cause me to fall into error and prosecution for calling a noun a verb, or some other word that has lost all rational meaning.

Time is running out for all of us.  If objective truth is nonexistent, and “right” and “wrong” is predicated only upon my imagination, feeling, and accepted confusion on objective reality, then “right and wrong, truth and falsity,” indeed objective reality itself is only an illusion and is only relevant to the particular individual.  If that is the case no one can ever be punished for their error or their truth; and, I might be wrong here, but no one believes any of that objective nonsense.  If you don’t believe me, just watch their reaction when you “misgender” them.  They will prosecute you quicker than you can say, “[G]ive me a break, man!”

Captain Terry M. Hestilow 

United States Army 

March 10, 2024

 

Can Biden Administration Secure the Cybersphere in 2024?

Written by Julio Rivera on . Posted in Guest Articles

In the ever-evolving landscape of digital technology, cybersecurity remains a cornerstone issue, critical to both national security and individual privacy. Especially in this time of heightened international conflict, in many instances, weaker and poorer countries are looking to focus their attacks in the cybersphere in the form of infrastructure breaches that can prove to have wide ranging consequences.  As we begin to navigate through 2024, cybersecurity trends that began to emerge in 2023 are reshaping the way we understand and confront digital threats. In this context, it becomes imperative to assess the effectiveness of the Biden administration in tackling these challenges, especially as current regime struggles with even the basic tenets of securing the nation from virtually every kind of danger that exists.

What Are the Primary Emerging Trends in Cybersecurity?

Rise of AI-Driven Threats: Artificial Intelligence (AI) is increasingly being used by cybercriminals to automate attacks, create more sophisticated malware, and execute phishing campaigns with alarming precision. The evolution of AI means threats are becoming more adaptive, capable of learning from defensive measures and evolving accordingly.

Increased State-Sponsored Cyber Attacks: Geopolitical tensions are manifesting in the cyber realm, with nation-states either directly engaging in or sponsoring cyberattacks. These attacks are not only aimed at causing immediate disruption but also at long-term espionage and data theft.

The Expanding Internet of Things (IoT) Vulnerability: As the IoT ecosystem continues to grow, so does the attack surface for cybercriminals. Many IoT devices lack robust security measures, making them easy targets for network infiltration and data breaches. Many of these devices are outfitted by default with Microsoft applications, and recent changes at the tech giant may potentially serve to either improve security or further invade the privacy of private citizens data.

Remote Work and Security Gaps: The post-pandemic world has seen a permanent shift towards remote work, which brings its own set of cybersecurity challenges. Organizations are grappling with securing remote access, ensuring data protection, and educating employees about security best practices.

Ransomware and Data Harvester Evolution: Ransomware attacks have become more sophisticated, with attackers targeting critical infrastructure and demanding higher ransoms. Additionally, increasing sophisticated data harvesters like Prime Stealer have become adept at seizing digital wallets, as the rise of cryptocurrency makes for a growing target for hackers.

What has The Biden Administration’s Cybersecurity Strategy Thus Far?

Under Biden, the administration has instituted several programmatic changes to very mixed results. The jury is still out as to whether they have done enough to address the evolving landscape. Taxpayer investment has been allocated at a very steep cost, but America still finds herself in a very vulnerable position. Like most costly government endeavors, it is difficult to approximate the return-on-investment (ROI) of what seems to be generally inefficient government initiatives like the National Cybersecurity Strategy

These have been Biden’s most important moves thus far.

Investment in Cyber Infrastructure: Throwing money at the problem is a common theme in the swamp that is Washington, D.C. The administration has allocated significant resources in the name of strengthening the nation’s cyber infrastructure, including funding for upgrading government systems and new programs and grants for private sector efforts in cybersecurity.

International Collaboration: Recognizing that cyber threats are a global issue, the Biden administration needs to enhance international cooperation in combating cybercrime. This includes working with allies to establish norms and hold accountable countries that harbor cybercriminals. We saw a glimpse of what can be last year, when a bipartisan group of U.S. senators unveiled a new proposal known as the Abraham Accords Cybersecurity Cooperation Act.

 

Focus on Critical Infrastructure and Other Sensitive Technology Sectors: In response to recent attacks on critical infrastructure and the aerospace industry, the administration has emphasized the need to secure these vital sectors. This involves both regulatory measures and collaborative efforts with private entities that manage these resources.

Changes to Public-Private Partnerships: The administration has made strides in fostering collaboration between the government and the private sector. Although increased partnership is crucial for sharing threat intelligence, developing cybersecurity best practices, and coordinating responses to threats, some, including some GOP members of Congress, feel that new Securities and Exchange Commission (SEC) rules regarding reporting of cybersecurity events amount to governmental overreach.

Workforce Development: Perhaps the biggest failure of the Biden administration regarding cybersecurity has been the unquestionable talent gap in the cybersecurity field. The US is lacking hundreds of thousands of qualified information technology personnel as of the end of 2023. Ramping up initiatives to train and recruit cybersecurity professionals in 2024 is critical for building a robust defense against cyber threats.

The Biden administration needs to work harder to address the countless cybersecurity challenges that face America in the new year. The focus on infrastructure investment, international cooperation, and public-private partnerships are steps in the right direction, however, there are many areas where the administration could further bolster its strategy.

Firstly, the rapid evolution of AI-driven threats requires a more dynamic approach. This includes investing in AI-based defense mechanisms and staying ahead in the technological arms race against cybercriminals. Additionally, while international collaboration is beneficial, the U.S. must also be prepared to act unilaterally in its position as the leading nation on the planet, especially in attributing and responding to state-sponsored attacks.

The administration must also place greater emphasis on the human element of cybersecurity. This involves not just training professionals but also educating the general public about basic cyber hygiene practices. The increasing sophistication of phishing attacks, like a recent scam known as "Missing Invoice" which involves malicious emails for example, highlights the need for heightened public awareness.

Lastly, as IoT devices become ubiquitous, the administration needs to enforce stricter security standards for these devices. Manufacturers must be held accountable for integrating robust security features into their products.

In conclusion, while the Biden administration has taken some notable steps towards enhancing the nation’s cybersecurity posture, there is a lot of room for improvement. Cybersecurity is an ever-evolving field, and the strategies employed must be dynamic and adaptive. It’s not just about the technology but also about the people behind and affected by it.  As we attempt to best prepare ourselves digitally in 2024, it will be crucial for the administration to stay vigilant and proactive in the face of these new challenges. The security of our digital future depends on it.

Julio Rivera is a business and political strategist, cybersecurity researcher, and a political commentator and columnist. His writing, which is focused on cybersecurity and politics, is regularly published by many of the largest news organizations in the world.

 

Don’t Let Online Scammers Take You For A Ride on Cyber Monday

Written by Julio Rivera on . Posted in Guest Articles

As we approach the eagerly anticipated holiday shopping season, with Black Friday and Cyber Monday around the corner, it's crucial for consumers to stay vigilant against the increasing tide of cyber threats. While these shopping events offer tempting deals, they also present golden opportunities for cybercriminals to exploit unsuspecting shoppers. 

In this digital age, the responsibility to safeguard American consumers from such threats is shared by various US agencies, including the Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA).

Under the Biden administration, there has been a noticeable rise in cyber attacks targeting both retailers and consumers. This uptick necessitates an increased focus on cybersecurity, not just by the government and security agencies but also by individuals. It's a shared responsibility, where being informed and cautious plays a key role in defense.

Since early 2021, several new forms of cyber attacks have emerged. One prominent method involves the creation of fake retail websites. These websites mimic legitimate online stores, offering high-demand products at significantly reduced prices. However, their real purpose is to steal sensitive personal and financial information from shoppers. Oftentimes, victims will not know they have been victimized until well after the attack has taken place and they receive their credit card statement.

Another growing concern is the various forms of adware that redirect consumers to fake merchandise sites. Unsuspecting users are lured away from legitimate online shopping platforms to these deceptive websites, where their information becomes vulnerable to theft.

Another common scam is related to solicitations to from supposed email providers for users to change their password. The email in question takes users to a fake site that collects an individual’s sensitive information. People often fall victim unfortunately, but once aware, they should immediately update their log-in credentials.

Social media users are also at a heightened risk this season, particularly Facebook account holders, as an innovative new malvertising scheme was observed launching around 140 NodeStealer ad campaigns adorned with appealing images of women that initiated the download of a malicious payload on to the user’s device. These incidents highlight the ever-present danger in the online shopping world and the need for constant vigilance.

CISA, the NSA, and other cybersecurity agencies play a pivotal role in protecting American consumers. Their responsibilities include monitoring cyber threats, issuing warnings about new forms of attacks, and providing guidelines to both businesses and individuals on how to safeguard themselves against these threats.

For instance, CISA regularly publishes advisories and safety tips, especially during the holiday shopping season, to educate the public about potential cyber threats. The NSA contributes by focusing on foreign cyber threats and providing critical insights that help shape national cybersecurity strategies.

As consumers gear up for Black Friday and Cyber Monday, here are some essential tips to help safeguard their personal and financial information:

Verify Website Authenticity: Before making a purchase, ensure the website is legitimate. Check for correct URLs and look for trust seals.

Use Secure Payment Methods: Opt for credit cards or secure online payment services. Avoid using debit cards, as they offer fewer protections against fraud.

Be Wary of Too-Good-To-Be-True Deals: Extraordinary deals might be a trap. If an offer seems too good to be true, it probably is.

Update Your Security Software: Keep your antivirus and anti-malware software updated to protect against the latest threats.

Use Strong Passwords: Create unique and complex passwords for different online accounts, and consider using a password manager.

Enable Two-Factor Authentication: This adds an extra layer of security, making it harder for attackers to access your accounts.

Monitor Your Accounts: Regularly check your bank and credit card statements for any unauthorized transactions.

Beware of Phishing Emails: Avoid clicking on links or downloading attachments from unknown or suspicious emails.

Use a VPN on Public Wi-Fi: A Virtual Private Network (VPN) can provide a secure connection and protect your data on public networks.

Stay Informed: Follow updates from reputable cybersecurity agencies and be aware of the latest scams.

Although this may be the “best time of the year,” the holiday shopping season, while full of exciting deals and offers, also brings with it a heightened risk of cyber attacks. The collaborative efforts of US agencies like CISA, the NSA, and others are crucial in mitigating these threats. However, consumers must also play their part by staying informed and adopting safe online shopping practices. By doing so, we can all ensure a safer and more secure shopping experience.

Julio Rivera is a business and political strategist, cybersecurity researcher, and a political commentator and columnist. His writing, which is focused on cybersecurity and politics, is regularly published by many of the most respected news organizations in the world.

 

While New War Breaks Out in Middle East, America Observes 20th Annual Cybersecurity Awareness Month

Written by Julio Rivera on . Posted in Guest Articles

This month marks the 20th Annual Cybersecurity Awareness Month

Since 2004, the federal government has declared the month of October to be Cybersecurity Awareness Month, which has acted as a vehicle for both the public and private sectors to work together to raise awareness about the importance of cybersecurity. This milestone provides an excellent opportunity to reflect on the United States government's handling of cyber threats during this period, acknowledging both victories and failings in this ever-evolving battlefield of the digital age.

Over the past two decades, we've witnessed a series of high-profile cyber attacks that have shaken the foundations of digital security. These incidents serve as stark reminders of the ever-present danger lurking in the cybersphere.

One of the first internationally notable attacks occurred in 2007 when Estonia faced a massive and coordinated distributed denial-of-service (DDoS) attack at the hands of Russian state-sponsored attackers. The hack crippled the nation's digital infrastructure, including the Estonian parliament, banks, and ministries, and foreshadowed the cryptic future of cyber warfare that we currently reside in.

In the years since, Russian actors have also been said to be responsible for the SolarWinds hack in 2020, a cyber-espionage operation that compromised numerous U.S. government agencies and corporations, including the Department of Defense and Microsoft, and the multitude of attacks that have surfaced in the aftermath of the war in Ukraine, where hackers on both sides of the conflict have initiated countless digital intrusions. 

The attack that is generally accepted as the first example of literal cyber warfare, the Stuxnet attacks against Iranian nuclear facilities, is now well over a decade old, and should be retrospectively seen as even more historically significant as tensions in the Middle East have erupted into a week-old war between Hamas and Israeli forces. 

 

Hacktivism in the Israel-Hamas Conflict: Identification, Classification, and Implications - Reactionary Times

The attack compromised the software of at least 14 industrial sites in Iran, including a uranium-enrichment plant, and gave Stuxnet’s operators the ability to cause the fast-spinning centrifuges to tear themselves apart, thus limiting Iranian nuclear capacity. 

Although the cyber warfare element of digital security remains the most potentially destructive aspect of hacking, the general public is the most frequent target of bad actors, as hundreds of millions of people have been affected by data breaches and cyber attacks in the 20 years since the inception of Cybersecurity Awareness Month. 

One of the more significant examples of these kinds of attacks was the 2013 Target data breach, where cybercriminals gained access to the credit card information of over 40 million customers. The incident highlighted the critical importance of securing personal data and spurred discussions about better data protection laws, particularly financial data.

Another attack that had the potential for high leverage extortion occurred in 2018, when over 120 million Facebook users were exposed to a hacking attack that saw 81,000 users' private messages be exposed online. The sheer volume of data housed by the major social media outlets (Facebook, Twitter, TikTok) represents a treasure trove that is under constant attack by threat actors on the dark web. 

While cyberattacks can originate from various sources, a few threat actors have garnered a reputation for their audacity and capabilities. The aforementioned Russia, as well as China, North Korea, and Iran, have consistently ranked among the most dangerous players among Advanced Persistent Threats (APTs) in the global cyber arena. China in particular has been at the forefront of cyber operations, often accused of state-sponsored economic espionage and widespread intellectual property theft. The 2015 breach of the U.S. Office of Personnel Management, compromising sensitive information of millions of government employees, remains one of the most significant cyber intrusions attributed to China, and the fact that millions of Americans, including members of Congress, are either currently using or have previously used the Chinese mega-app Tiktok also raises data privacy concerns as the app’s creators open their first European data center.

 

In the face of these evolving threats, the U.S. government has had its share of both successes and failures. One notable success is the establishment of both US Cyber Command (USCYBERCOM) in 2009, a dedicated military command responsible for defending against cyber threats and the Cybersecurity and Infrastructure Security Agency (CISA), the operational lead for federal cybersecurity and the national coordinator for critical infrastructure security and resilience. The federal government has also taken steps to enhance cybersecurity awareness and resilience with initiatives like Cybersecurity Awareness Month and public-private partnerships that have fostered a more informed and proactive approach to digital security.

However, there have been significant failings as well. The slow response to the evolving threat landscape and inadequate legislation to protect critical infrastructure have left vulnerabilities exposed. The lack of a comprehensive federal data privacy law has hindered the protection of personal information, leaving citizens at risk.

As we look ahead, securing the future of the cybersphere requires a multi-pronged approach that addresses the complex and dynamic nature of cyber threats. Some of the more necessary actions America can choose to take are:

Supply Chain Security: The Colonial Pipeline Ransomware Attack highlighted the need for rigorous supply chain security. The government should establish standards and best practices for supply chain risk management to prevent similar incidents.

Adaptive Defense Strategies: Cyber threats evolve rapidly. The government should adopt adaptive defense strategies that combine proactive threat intelligence, rapid response capabilities, and resilience planning, especially with the rise of cyberespionage malware strains like LuaDream.

 

Public-Private Collaboration: Collaboration between government and the private sector is paramount. Sharing threat intelligence, best practices, and resources can collectively strengthen cybersecurity defenses against threats like ransomware, trojans, and other malware.

 

As we celebrate two decades of Cybersecurity Awareness Month, we must acknowledge the progress made and the challenges that lie ahead. The US government, in partnership with the private sector and the international community, must take decisive actions to secure the future of the cybersphere. The 20-year journey has been marked by both triumphs and setbacks, but the path forward offers an opportunity to build a safer, more resilient digital world for all.

Julio Rivera is a business and political strategist, cybersecurity researcher, Editorial Director for Reactionary Times, and a political commentator and columnist. His writing, which is focused on cybersecurity and politics, has been published by many of the most respected news organizations in the world.