back to article Wow, look out, hackers: Trump to order 60-day cybersecurity probe

US President Donald Trump will order a 60-day report on the state of the nation's cybersecurity, complete with recommendations on whether new legal powers are required. That's according to a draft executive order leaked to The Washington Post and posted online. For the most part, the draft [PDF] reflects the persistent …

  1. DougS Silver badge

    Time for a Great Firewall

    That'll protect us from hacks, and incidentally from reading that "fake news" coming from overseas, which is all of it in Trump's mind, except for Russia Today.

    1. Gert Leboski

      Re: Time for a Great Firewall

      I've found that the majority of brute force attempts against my ssh servers originate from the USA, so a great US firewall will be of benefit to me, here in the UK, as long as they filter outbound traffic.

      It won't help the USA much against internal attacks though, will it?

      1. cd

        Re: Time for a Great Firewall

        Interesting, here in Norte America the majority come from Ukraine/Russia/China and then various temp Euro IP's which are more like single compromised PC's. There are some bad actors using temp accounts at AWS, DigOcean, OVH, Softlayer, etc, and little guys like DataShack out of KC, but once those DC ranges are blocked it quietens nicely domestically.

        Wonder if it's the thought of impunity through distance or a matter of the reasons for targeting.

        1. Yes Me Silver badge

          impunity

          A bit of phish that I looked at recently traced back to hosts and companies in Samoa, Ukraine and Brazil, although the email address it forged was supposedly in the UK. It's pretty much to be expected that bad actors operate internationally, because it's the best way to obfuscate their true location and make investigation or prosecution difficult. And that's been the case for 30 years to my personal knowledge.

    2. BillG Silver badge
      Megaphone

      Re: Time for a Great Firewall

      The Obama Administration recognized the fact that the vast majority of the internet lies in private hands...

      In 2011 Chinese government hackers got into U.S. Steel's computer systems and stole trade secrets related to a new, lightweight, high strength steel process for automobiles, military vehicles, and ships. Chinese steel makers copied these techniques and started producing identical lightweight steel products. U.S. Steel lost contracts, market share, and jobs. Obama did nothing.

      Chain has been attempting to hack U.S. and U.K aircraft carriers. Of course these ships use the same internet that we do.

      The Internet is vital to any country's economy, as well as its national security. When these things happen it is vital that the government step in to protect its people. Trump is treating internet security as seriously as how the U.K and most other nations treat interest security.

      1. Walter Bishop Silver badge
        Facepalm

        Re: Time for a Great Firewall

        "In 2011 Chinese government hackers got into U.S. Steel's computer systems and stole trade secrets"

        Or else under the pretext of hacking of trade secrets U.S. Steel is looking to ban import of cheaper Chinese steel into the US.

        Or else don't put your trade secrets on the Internet ..

      2. james 68

        Re: Time for a Great Firewall

        Chain has been attempting to hack U.S. and U.K aircraft carriers. Of course these ships use the same internet that we do.

        @BillG You might want to check your sources, the UK at present has no aircraft carriers and hasn't for a while.

        Last was HMS Illustrious which since the Harrier was decommissioned in 2010 was nothing more than a helicopter transport until it's own decommission in 2014. The first of the 2 new carriers won't be ready till 2020.

        Oh, and no, they don't "use the same internet as we do", they use dedicated encrypted satellite networks which while those "connect" to the internet at the endpoint, are heavily firewalled allowing access to only some email services and websites.

        BTW about Obama doing nothing about US Steel. US Steel only filed their grievance in April 2016, and by May the US gov started an ITC investigation into the alleged hacks, by June they had given them the green light to seek sanctions and redress against China. That's quite a lot done in a very short period of time to describe as "nothing".

      3. oldcoder

        Re: Time for a Great Firewall

        What was there to do?

        The failure was U.S. Steel's for using insecure systems.

        The only thing Obama could is say "Why did you do that?"...

      4. Tom 38 Silver badge

        Re: Time for a Great Firewall

        In 2011 Chinese government hackers got into U.S. Steel's computer systems and stole trade secrets related to a new, lightweight, high strength steel process for automobiles, military vehicles, and ships. Chinese steel makers copied these techniques and started producing identical lightweight steel products. U.S. Steel lost contracts, market share, and jobs

        So, to recap, it was super cool when the US ignored international patent and copyright law to advance from an agrarian economy to an industrial one, but when China do it, it is intolerable?

        Chain [sic] has been attempting to hack U.S. and U.K aircraft carriers. Of course these ships use the same internet that we do.

        OHRLY? (You are wrong)

    3. Version 1.0 Silver badge

      Re: Time for a Great Firewall

      Pence's puppet is probably thinking that he can turn the Internet off so that only Christian Americans can use it. I expect the next executive order will be to remove support for Arabic character sets from the Internet.

      1. This post has been deleted by its author

      2. STZ

        Re: Time for a Great Firewall

        "Pence's puppet is probably thinking that he can turn the Internet off so that only Christian Americans can use it. I expect the next executive order will be to remove support for Arabic character sets from the Internet."

        How about also banning numerics written in arabic figures ? (;-))

        1. phils

          Re: Time for a Great Firewall

          The beauty of that is you don't even need to ban them all, just don't allow any 1s or 0s on the internet and the rest of the problem should go away.

    4. Anonymous Coward
      Anonymous Coward

      Re: Time for a Great Firewall

      Will it be a useful as a Troompa Loompa Chocolate Firewall ?

      https://www.youtube.com/watch?v=-fWbOP84Yro

  2. This post has been deleted by its author

  3. Anonymous Coward
    Anonymous Coward

    Off switch is possible.

    Speaking as an employee of one of the UK backbone providers, I agree that a cut-off switch is possible. Lets say that BT, Virgin and Level 3 turn off the power switches, at least 95% of the UKs internet will simply go off. Only the obscure routes will stay up, and even then it will probably be the university to university stuff that stays up.

  4. Anonymous Coward
    Anonymous Coward

    I wonder if the facts of this 'draft' order were checked before publication since the MSM source is well known for making up the news as it goes along especially in regards to the new president.

  5. bombastic bob Silver badge
    Devil

    time to keep an eye on regulators

    it's time to keep an eye on regulators. watch them. scrutinize them. make sure they don't do anything crazy/stupid. And protect the privacy of the individual, above all else.

    Make sure that the government OF THE PEOPLE, which Trump has said is getting the power BACK, isn't screwed over by "the kinds of things" that gummint has been trying to do 'the masses', like FOREVER.

  6. Chris G Silver badge

    President's precedent

    The Trumpster has started with quite a flurry of executive orders being churned out like tweets, it looks as though this is going to be his style of government.

    At some stage the house and senate who are theorectically on his side are going to get a bit snippy if he tries to exclude them and dictate to America via EOs.

  7. Doctor Syntax Silver badge

    And what happens if the review comes back recommending strong encryption?

    But I like his idea of a switch. The US could disappear from the net so we could be sure of data sovereignty and so forth.

  8. tr1ck5t3r

    From what I have seen so far, malware obfuscated into opensource code working with malware in the firmware of Add-on graphics card, HDD firmware with extra code stored in the unused sectors of harddrives, exploiting the Quick Format option seen with todays massive sized hard drives along with CPU virtualisation switched on by default in the bios, and bios malware makes much of the computer systems and controls systems already pwned. Even banks and supermarkets still using their old mainframes, but with PC access are vulnerable, and considering the UK only has between 3-7days of food in the supply chain, the ripple effect for food distribution centres when one goes down would be rendered useless.

    DirtyCow identified in 2007 was never really patched properly until the end of last year, making it very easy to add malware. Throw in the fact that the US tech sector is just a public relations branch of the US military and you start to see the US Military's weaknesses in achieving global domination by 2020.

    Any hardware where the firmware can be updated is a great place to hide malware. The USB bus is perfect for downloading compromised device drivers into systems, just check out how your OS's work to see how easy that one is. Consider who ever unplugs their USB mouse & keyboard, or printer from desktop's? Exploit the psychological and instinctive behaviour of humans in their comfort zones. CEO's are particulary vulnerable as their kids become valid attack vectors for corporate systems.

    If you can take out the ferry ports and the channel tunnel, disrupte NATS's you could bring the UK as a country to its knees in under a fortnight, because theres nothing like hunger to cause problems, chatic problems, why else did David Cameron tell muslims fasting for Ramadan to observe Mecca's hours not UK Summer time as UK day time is longer than Mecca's and the military know all too well what a bit of hunger and testorone is like for creating violence.

    Of course, neighbours like Eire & Europe in general, not to mention the occupying force known affectionately in stupid circles as the US woud come to the country's aid, so disrupting their runways would be on the cards as well. Disabling the ability to fly in tankers, leaving the Royal Navy somewhat up the creak without a paddle or should that be a ferry for container lorry's.

    How many people would it take to achieve an act of terrorism like this?

    Not many. In fact if you really wanted to go to war, the WW's are currently amatuer in comparison to what could be achieve today & all without having to drop a nuke, just to show up the stupidity of leaders.

    You can use Amazon style drones to drop your IED onto runways both civilian and military. Find out what companies look after airport infrastrure, ege LPL/ECorr look's after Stansted Airports runway, other options include LSD (easily made) in water supplies, so targetting their equipment would be valid attack vectors. Even targetting & disrupting major telecom's infrastructure in built-up towns and cities to create panic would be valid attack vectors from a psychological perspective, ala a rerun of the London Riots.

    Reading online literature from places like this http://www.dau.mil/pubscats/ATL%20Docs/Forms/AllItems.aspx identifying their strengths and weaknesses are also valid planning techniques to identify the strengths and weaknesses of the military industrial complex.

    Can you spot the GCHQ & foreign agents working in collaboration by starting with Github account?

    https://github.com/gchq/BoilingFrogs

    You can learn alot by reading online. All you need to do is organise, plan and show up the UK Military & Nato for what is it really is.

    Of course the same could be done to other countries as well, but it wont be as effective on major continents, like a European country, but could Mexico find a way for the US to tear down the wall Trump plans to build? Time will tell.

    And it goes without saying, these are not the only tactics that could be used, there's plenty of low cost tricks one could employ to further get a population to turn on itself or have a revolution.

  9. Palpy

    If this were done with intelligence and integrity...

    ... it would be good indeed.

    It's well known that many lawmakers (US and elsewhere) have a shaky understanding of computers, networking, and the internet. Not all are handicapped thus -- Senator Ron Wyden has an apparently good head for these matters. If he and the few like him were to receive a well-researched, pragmatic, and intelligent report on cybersecurity, much good might come of it.

    Breath is not being held in anticipation of that happening. The wheels of government grind slow but wobbly, and bits fall off, and spokes are loose, and detours into ditches and hedgerows are de rigueur.

  10. Walter Bishop Silver badge
    Big Brother

    I call cyber-bullshit on this report

    I call cyber-bullshit on this report. It'll be used to introduce even more surveillance legislation similar to High Protector Mays Investigatory Powers Bill.

  11. Christoph Silver badge
    Big Brother

    We need total control over everybody's information access. The justification for this is ... err ... hang on a moment. Hey, can anyone remember what this week's justification is?

    1. Chris G Silver badge

      Yes! the same as every other week Paedodrugterrorists...... and the Russians//Chinese/North Koreans did it.

    2. Charles 9 Silver badge

      Simple. It's reached the point where one man could ruin the world with enough motivation. If Armageddon can come from anywhere at anytime without warning, then as they say, all bets are off.

      PS. Not saying it's actually true, but there's your perfect, undefeatable excuse.

  12. Anonymous Coward
    Anonymous Coward

    Hahaha

    Predicted press announcement.

    Journo: What are your Cybersecurity plans?

    Trump: Well let me tell you about cybersecurity. Important. Very important. We're going to build a firewall the length of the southern internet. We're going to use Cisco kit, good American company.

    Journo: But Cisco kit is made in Mexico. So does that mean Mexico is building it and America is paying for it? Will this happen before or after the Mexican wall is built?

    1. allthecoolshortnamesweretaken Silver badge

      Re: Hahaha

      You forgot the bit along the lines of "I don't talk to you anymore, you're one of those fake news guys".

  13. Denarius Silver badge
    Meh

    Missing the obvious

    Remember TPP ? Merkin goals were to legislate their control of trade via IP and multinational friendly clauses. Given these politicians are simple sons of the executive suite, (apologies to Blazing Saddles) they probably intend to effectively "nationalise" everyones hardware, from home routers up to big Telcos via previously mentioned malware preloaded into firmware, as well as "unbreakable" encryption with backdoors. Marketing and mouthpieces will explain the need for security updates and why the networks have suddenly got slower. If you don't co-operate, you must be current villain de-jure. The Chinese probably have sold them the code already. Obligatory Win10 references superfluous.

    This might be the reason for the smokescreen on border control. Outrage can be exhausted. In case you think this has not had a dry run, it explains the Oz version of Attorney general demanding all telcos submit their network changes and plans to the lawyers ( and Oz TLAs) before making changes. Dont you love software defined networking now ?

    <off-topic> What happens when the spyware in the drives and network cards of the TLA archives mirrors the contents to the TLA archives ? Automatic backup or I/O choke at Langely ? </off-topic>

  14. Nameless Faceless Computer User

    The proper title is King Trump, not President Trump.

    1. Michael Thibault

      King Canute, methinks.

      1. Tom 38 Silver badge
        Headmaster

        Pedantry: Trump is definitely not Canute/Knut. Knut and the waves is Knut demonstrating to his sycophantic courtiers that he might be King of Denmark, England and Norway, but that his secular power is nothing compared to God/nature - he can command the tide to stop, but it will not. It is meant as a rebuke to those wielding power; even if you possess power, you cannot control events.

        1. Michael Thibault
          Holmes

          We'll wait for the tide, then.

  15. nijam

    > ... the internet is "currently vulnerable to attacks from ... state..."

    Well, he should know.

  16. EPurpl3

    From now I will sleep so well, knowing that Trump is taking care of this... Lol

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019