Classified Leak Is Result of Man Trying to Impress Online Group of Friends
Today in security, we offer up a roundup of security-related news, beginning with an update on the leak of classified U.S. military and intelligence information.
Imagine a Place…
Update at 3:55 p.m. EDT: U.S. Attorney General Merrick Garland gave a short address saying the FBI had arrested Jack Teixeira and will charge him in conjunction with the leak of classified national defense information. Texeira is a member of the Massachusetts Air National Guard. The New York Times was the first to break the story.
“So Discord is a place with giant flying cows and, uh, goblins, and students?”
That’s actor Danny Devito in a promotional video supporting online social media company Discord’s 2021 “Imagine a place…” campaign. “Imagine a place where a country’s most sensitive military and intelligence secrets can be shared by someone looking to impress his online friends” did not make the script.
In a story that continues to grow, with more leaked information newly exposed, The Washington Post has an inside look at how the person who obtained and leaked the information operated, though no identity for the leaker is publicly known. The inside look includes an interview with one of the individuals—a minor—who was in the private Discord group where the leaker shared the information over several months.
“The young member read OG’s message closely, and the hundreds more that he said followed on a regular basis for months. They were, he recalled, what appeared to be near-verbatim transcripts of classified intelligence documents that OG indicated he had brought home from his job on a ‘military base,’ which the member declined to identify.”
Another article from Wired examines the current nature of the documents and how leaks of classified information have evolved from huge caches of historical documents to a more just-in-time style of leaking. “As real-time accounts of everything from wars to natural disasters play out on social media and other digital communication platforms, it makes sense that leaking has increasingly become targeted and agile as well. So-called ‘hack and leak’ operations have demonstrated this in recent years.”
Louisville Shooter’s Mother Warns About Son on 911 Call
“He has a gun, and he’s heading toward the Old National. …I’m so sorry. I’m getting details secondhand. I’m learning it now. Oh, lord.”
That is a quote from the mother of the man who killed five people and injured eight others at the Old National Bank in downtown Louisville, Kentucky, earlier this week. Louisville police released nearly an hour of 911 calls related to the incident yesterday, including the call from the shooter’s mother. The warning was too late, emergency dispatchers can be heard telling her not to go to the bank as she was planning to do, because the incident was already underway.
The family of the shooter issued a statement through an attorney, apologizing for the shooter’s actions: “While [the shooter], like many of his contemporaries, had mental health challenges which we, as a family, were actively addressing, there were never any warning signs or indications he was capable of this shocking act.”
U.S. Senator Questions Security of Emergency Network
U.S. Senator Ron Wyden from Oregon sent a letter to the National Security Agency and the Cybersecurity and Infrastructure Security Agency calling into question how protected the FirstNet cellular network used by first responders and the military is from cybersecurity attacks.
“I am particularly concerned about FirstNet, the phone network for first responders and the military, which is operated by AT&T under contract with the U.S. government,” Wyden wrote. “In a briefing on February 11, 2022, focused on this issue, CISA’s subject matter expert told my staff that they had no confidence in the security of FirstNet, in large part because they have not seen the results of any cybersecurity audits conducted against this government-only network.”
China and the Potential for the Next Pandemic
A couple of recent news reports detail troubling developments in attempts to safeguard against the possibility of a future infectious disease epidemic. In one, the Associated Press reported that China is not participating in a United Nations program to study markets such as the one in Wuhan, China, suspected of being the origin of the COVID epidemic.
“China is not participating in a United Nations project to survey Asian wet markets and other facilities at high risk of spreading infectious diseases from wild animals to humans, despite long-running talks with Beijing,” the article reported.
Another report, this one from The Washington Post, examined China’s rapidly growing biotechnology sector and worrisome lab accidents that have happened. “Multiple probes into both events by U.S. and international scientists and lawmakers are spotlighting what experts describe as China’s vulnerability to serious lab accidents, exposing problems that allowed deadly pathogens to escape in the past and could well do so again, potentially triggering another pandemic,” the Post reported.
Armed Group Shoots Up Port in Ecuador
Authorities in Ecuador are searching for as many as 30 gunmen who attacked a fishing port in Esmeraldas earlier this week. The gunmen attacked from both sea and land, killing nine people. Interior Minister Juan Zapata speculated that the port’s managers may have paid protection money to a rival gang.
“Many gangs engage in extortion, threatening local businesses and forcing them to pay them regular fees for their ‘protections,’” Reuters reported. “If they refuse, their businesses or the owners themselves are attacked.”
Ecuador has been experiencing a marked increase in gang activity in recent years.
LinkedIn Developing Ways to Verify Accounts
LinkedIn is the world’s largest social network directed specifically at professional networking. Wired reported on the techniques the company recently announced it would use to authenticate members of the network. It is easy to take someone’s information and copy it into a new account, and then use that fake account to try to commit various acts of fraud. One simple way LinkedIn is rolling out to try to combat such fraud is having users respond to an email verification message sent to the user’s work email.
A Tragic American Export
While isolated events happen at many locations around the world, school violence resulting in mass deaths has traditionally been a uniquely U.S. tragedy. This Washington Post report detailed how Brazil has become another hotspot.
“In the last eight months alone, the country has endured 11 assaults, alarming many Brazilians who now fear that the carnage is just beginning,” the Post reported. “Many of the perpetrators fit a profile Americans will recognize: young, disaffected White men and boys in the grip of online groups that worship the killers of schoolchildren. Some have adopted the iconography of hate groups based in the United States: the skull masks of the white supremacist Atomwaffen Division, swastikas, and other hate symbols.”
Industrial Fire in Indiana Forces Evacuations
Fires that started Thursday are still burning at a facility in Richmond, Indiana, near the Ohio border where plastics and other materials are stored prior to recycling. Burning plastic can release toxic substances into the air and as many as 2,000 people within a half mile of the fire have been ordered to evacuate their homes. Fire authorities said they have stopped the spread of the fire, but that it may take until Saturday to fully extinguish.