Tuesday Morning: Flip Off

/29 Comments/in , , /by

Flip off a few caps; Death came for a few more well-loved artists. Rest well, Glenn Frey, Dale Griffin, Dallas Taylor. Gonna’ be one heck of a band on the other side. [Edit: Mic Gillette, too? Stop already, Grim Reaper, check your targeting.]

Hope the cull is done because obituaries are not my thing. Hard to type and sniffle copiously at the same time.

GM Opel dealers may be altering emissions control software on Zafira diesel cars
Great, just great. Like GM didn’t have enough on its plate with the ignition switch debacle. A Belgian news outlet reports GM Opel dealers have been changing the software on the 2014 Zafira 1.6l diesel engine passenger vehicles in what looks like a soft recall. This comes on the heels of an EU-mandated recall of Zafira B models due to fires caused by bad electronics repairs. Sorry, I don’t speak Dutch, can’t make out everything in this video report. What little I can see and read doesn’t look good. Wouldn’t be surprised if the EU puts the hurt on GM Opel diesel sales until all are fixed to meet EU emissions regulations. Should also note that a different electronics manufacturer may be involved; images online of ECUs for late model Zafiras appear to be made by Siemens — unlike Volkswagen’s passenger diesel ECUs, which are made by Bosch.

Texas manufacturer swindled out of cash by fraudulent email request, sues cyber insurer
AFGlobal, based in Houston, lost $480,000 in May 2014 after staff wired funds based on orders in emails faked by crooks overseas. The manufacturing company had a cyber insurance policy with a subsidiary of the Chubb Group, and filed a claim against it. The claim was denied and AFGlobal filed suit. This isn’t the first such loss nor the first such lawsuit. Companies need to create and publish policies documenting procedures for authorizing any online payments, including two-step authentication of identities, and review overall spending authorization processes with an eye on audit trails.

Ukrainian officials say Kiev’s main airport hacked
Hackers who attacked Ukrainian power companies in late December are believed to be responsible for the malware launched on Kiev’s airport servers. There are very few details — okay, none, zero details — about the attack and its affect on airport operations. A military spokesman only said “the malware had been detected early in the airport’s system and no damage had been done,” and that the malware’s point of origin was in Russia. Among the details missing are the date the attack was discovered and how it was detected as well as the means of removal.

Hold this thought: FBI still looking for info on cable cuts, with eye to Super Bowl link
Remember the post last summer about the 11 communications cable cuts in the greater San Francisco Bay Area near Silicon Valley? This is a hot issue again, given the impending Super Bowl 50 to be held at Levi’s Stadium in Santa Clara. But reports now mention 15 or 16 cuts, not 11 — have there been more since last summer, or were there more not included in the FBI’s request for information? I’ll do some digging and post about this in the near term.

All right, carry on, and don’t drink all the añejo at once.

Share this entry

Monday Morning: So Good to Me

/14 Comments/in , , /by

Yeah, Mondays start off well as we emerge from the safe warm cocoon of our beds to begin our day. But Monday evenings are a different kettle of fish.

Like this Monday — we’ve enjoyed a weekend’s cozy glow from soft power exercised through diplomacy now that the IAEA kicked off the new Joint Comprehensive Plan of Action (JCPOA). By mid-morning the flying monkey hoard of dissent will saturate media, making a cesspool out of the evening news.

Can hardly wait. Meanwhile…

Un grupo de 66 accionistas de Volkswagen
I admit my command of Spanish is weak, but even at first glance this article didn’t look good for VW. A group of shareholders—again? Let’s translate:

A group of 66 shareholders of Volkswagen (VW) take legal action against the German automaker after the company distorted evidence of greenhouse gas emissions. The complaint will be presented this week, according to the British newspaper Financial Times.

El Pais reports this is the second class-action lawsuit against VW in relation to the emissions controls defeat technology; plaintiffs for this suit are believed to be investment banks. However there were dozens of class action suits in the U.S. as of last fall, including dealerships stuck with rapidly depreciating but unsalable inventory.

A second article in El Pais also noted VW’s Mueller announced additional investment in its Tennessee-based plant after apologizing to the U.S. for the emissions control ‘trick’ (this last word was ‘trucaje‘ in Spanish). VW has now lost marketshare in the EU for the first time in eight years.

USDOT, NHTSA, Automakers agree on Proactive Safety Principles — including improved cybersecurity
Seems rather feel-good in a non-binding sort of way, but USDOT and NHTSA managed to convince automakers to agree to collaborate on vehicle safety and cybersecurity. The agreement announced last week at Detroit’s auto show coordinates with the Obama administration’s proposed $4 billion budget earmark for automated vehicle research and development.

I still can’t see the benefit in individual autonomous cars over public mass transit. My gut says this White House-driven effort at coordination is really aimed at cybersecurity — and surveillance. And no mention of the Three Laws of Robotics, either.

Formic acid fuel cell to power Dutch students’ car
Now this is a great bit of automotive and alternative energy news. Students at Eindhoven University of Technology in the Netherlands are working on automotive fuel cells powered by formic acid instead of hydrogen. Much of the fuel cell technology to date relies on hydrogen, but the problem has been hydrogen generation and storage. This challenge has stymied fuel cell-powered cars for nearly two decades. Formic acid could be handled like gasoline; it is fairly easy to produce from wood pulp and other fibrous plant mass, or by catalysis, and is low in toxicity, though care must still be used in its handling.

Given the potential application beyond vehicles, I’d rather see investment in this line of automotive research.

U.S.-China Economic and Security Review Commission looking into China’s military robots
Since the 1990s there have been a number of organized cyber attacks originating in China which seek out military and industrial content. China’s recently-developed military robots look an awful lot like those developed by QinetiQ. USCESRC is hiring researchers to assess China’s current robotics capabilities, and how much of this capability arose from U.S. sources.

The article in NextGov about USCESRC’s effort characterizes QinetiQ as a “Pentagon contractor.” Funny, that.

Enjoy your peaceful Monday morning while it lasts.

Share this entry

Friday Morning: Damned Long Week Done

/30 Comments/in , /by

If another artist of note has died, don’t tell me. After losing David Bowie and now Alan Rickman this week, I can’t deal. We should have had another 20 years with these guys. I can think of some people I’d trade to have them back, can’t you?

JetBlue had a boo-boo: temporary data center service outage for airline
At least, that’s what was reported — JetBlue’s data center provided through Verizon went down yesterday for a couple of hours. I’m having a really tough time believing there wasn’t adequate fail-over. Hope the FAA is all over this. JetBlue’s customers must have been very angry, frustrated, and worried.

Microsoft ended support for Windows 8 on Tuesday
Yikes! Somehow in all the discussion about Microsoft ending support for all of its Internet Explorer versions except for the most current edition, I missed the end of support for the original Windows 8 as of this week’s Patch Tuesday.

If you updated your system to Windows 8.1, it’s all good. That version is still supported.

App uses wearables to identify love interest based on heartbeat
I am shaking my head as I type this. There’s no hope for humans when we turn over one of the most fundamental human processes over to machines. Is this really even human? Slap on your FitBit, check out your one curated candidate, check your heart rate. If it’s elevated, you reach out to see if they are interested.

Absolutely pathetic. Riddled with flaws. What if a user consumed too much caffeine, or had a stressful day at work, resulting in a tetchy heartbeat? What about all the other non-visual clues we use to identify candidates worth approaching? Ugh. This brave new world sucks.

Make mine with Svedka. Skip the olives, don’t bother with the vermouth. Skål!

Share this entry

Thursday Morning: Fast and Furious Edition

/21 Comments/in , , /by

[image (modified): Adam Wilson via Flickr]

[image (modified): Adam Wilson via Flickr]

Insane amount of overseas news overnight. Clearly did not include me winning $1.5B Powerball lottery. Attacks in Jakarta and Turkey are no joke.

Let’s move on.

Some U.S. utilities’ still wide open to hacking
Dudes, how many times do you need to be told your cheese is still hanging out in the wind? Some heads should roll at this point. US government’s Industrial Control Systems Cyber Emergency Response Team’s Marty Edwards sounded pretty torqued about this situation at the S4 ICS Security Conference this week. I don’t blame him; if a utility gets hacked, it’s not like your grandmother’s PC getting held ransom. It means the public’s health and safety are at risk. Get on it.

Your cellphone is listening to your TV — and you
Bruce Schneier wrote about the Internet of Things’ expansive monitoring of consumers, citing the example of SilverPush — an application which listens to your television to determine your consumption habits. Bet some folks thought this was an app still in the offing. Nope. In use now, to determine current TV program listings and ratings. Listening-to-your-consumption apps have now been around for years.

Wonder if our pets can hear all this racket inaudible to humans? Will pet food companies embed ads shouting out to our pets?

But you may be able to hide from devices
…depending on whether you are using location-based services, and if you can use the app developed by Binghamton University. A paper on this technology was presented last month at the Institute of Electrical and Electronics Engineers (IEEE) GLOBECOM Conference, Symposium on Communication & Information System Security. The lead researcher explained the purpose of the app:

“With Facebook, Twitter, LinkedIn and others we provide a huge amount of data to the service providers everyday. In particular, we upload personal photos, location information, daily updates, to the Internet without any protection,” Guo said. “There is such a chance for tragedy if that information is used to in a bad way.”

The app isn’t yet available, but when it is, it should prevent personally identifying location-based data from being used by the wrong folks.

VW emissions scandal: Well, this is blunt
I think you can kiss the idea of nuance goodbye, gang.

“Volkswagen made a decision to cheat on emissions tests and then tried to cover it up,” said CARB chair Mary Nichols in a statement.
“They continued and compounded the lie, and when they were caught they tried to deny it. The result is thousands of tons of nitrogen oxide that have harmed the health of Californians.”

Yeah. That.

The last bits
Nest thermostats froze out consumers after a botched update. (Do you really need internet-mediated temperature controls?)
Phone numbers may become a thing of the past if Facebook has its way. (Um, hell no to the Facebook. Just no.)
Senator Al Franken quizzes Google about data collection and usage on K-12 students. (Hope he checks toy manufacturers like Mattel and VTech, too.)

That’s a wrap, hope your day passes at a comfortable speed.

Share this entry

Wednesday Morning: Wonderful, Just Wonderful

/10 Comments/in , , /by

I debated about posting Jonny Lang’s Lie to Me. Nah, we’re lied to every day, might as well ask for the truth for once, even if it’s ugly. The truth is that nothing’s okay though we wish like hell it were otherwise.

That said, let’s forge on into the fraught and frothing fjords…

‘Nope.’ That’s what California Air Resources Board said
Huh-uh, no way, nada — CARB told Volkswagen in response to VW’s proposed recall plans for emissions standard-cheating 2.0L vehicles sold into California. Because:

  • The proposed plans contain gaps and lack sufficient detail.
  • The descriptions of proposed repairs lack enough information for a technical evaluation; and
  • The proposals do not adequately address overall impacts on vehicle performance, emissions and safety

Wonder if CARB’s response will be different with regard to VW’s 3.0L vehicles? Shall we take bets?

Fugly, in multiples — cybersec edition
Ebay’s got bugs, and not just at auction.

Need more than tape to fix this problem with cheap web cameras.

Popular antivirus may pose a hacking threat, patch has been issued. Same antivirus manufacturer has a nifty relationship with INTERPOL, too, to share information about cyberthreats. Wonder if they phoned INTERPOL and said, “Cyberthreat. It me!”

(BTW, I love it when spell check helpfully says, “‘Cybersec’ is wrong, don’t you mean ‘cybersex’?”…um, no.)

General Motors: We won’t sue white hats doing our work for us!
No lawsuits, but don’t expect any rewards for finding vulnerabilities (unlike competitor Tesla’s bug report program).

Big of you, GM. Way to protect your intellectual property and brand at the same time.

The biggest threat to nation’s power grid is S_______
Beady-eyed and focused, slips beneath our radar, gnaws into our electricity transport with annoying frequency, causing hundreds of hours of power outages. Stuxnet? No. Bloody squirrels.

In short, it’s all wonderful this Wednesday. Just wonderful. Pass the Glenmorangie, please.

Share this entry

Will James Clapper Be the First Known Victim of OmniCISA’s Regulatory Immunity?

/7 Comments/in /by

According to Medium, Crackas With Attitude just hacked James Clapper and his wife.

One of the group’s hackers, who’s known as “Cracka,” contacted me on Monday, claiming to have broken into a series of accounts connected to Clapper, including his home telephone and internet, his personal email, and his wife’s Yahoo email. While in control of Clapper’s Verizon FiOS account, Cracka claimed to have changed the settings so that every call to his house number would get forwarded to the Free Palestine Movement.

[snip]

The hacker also sent me a list of call logs to Clapper’s home number. In the log, there was a number listed as belonging to Vonna Heaton, an executive at Ball Aerospace and a former senior executive at the National Geospatial-Intelligence Agency. When I called that number, the woman who picked up identified as Vonna Heaton. When I told her who I was, she declined to answer any questions.

Viscerally, I’m laughing my ass off that Verizon (among others) has shared Clapper’s metadata without his authority. “Not wittingly,” they might say if he asks them about that. But I recognize that it’s actually not a good thing for someone in such a sensitive position to have his metadata exposed (I mean, to the extent that it wasn’t already exposed in the OPM hack).

I would also find some amusement if Clapper ends up being the first public victim of OmniCISA’s regulatory immunity for corporations.

Yahoo and Verizon can self-report this cyber intrusion to DHS, and if they do then the government can’t initiate regulatory action against them for giving inadequate protection from hacking for the Director of National Intelligence’s data.

And whether or not Clapper is the first victim of OmniCISA’s regulatory immunity, he is among the first Americans that the passage of OmniCISA failed to protect from hacking.

 

Share this entry

Tuesday Morning: The Week’s Peak Crey

/28 Comments/in , , /by

I cannot with the unexpected engagement picture in my Twitter timeline of news oligarch Rupert Murdoch and model Jerry Hall, on the heels of losing David Bowie and in the wake of El Chapo-Penn. Tell me this is the craziest it will get this week.

D-Day for Microsoft’s earlier Internet Explorer versions
In case you didn’t already know this, Microsoft is slowly killing off its Internet Explorer browser brand, beginning with the end of technical support for all but IE 11.

Beginning January 12, 2016, only the most current version of Internet Explorer available for a supported operating system will receive technical supports and security updates. Internet Explorer 11 is the last version of Internet Explorer, and will continue to receive security updates, compatibility fixes, and technical support on Windows 7, Windows 8.1, and Windows 10.

Some organizations are still relying on older IE versions — a dicey proposition if other non-Microsoft browsers aren’t compatible with their systems. Get a move on, people.

OMG! Terrorists may use drones!
Hoocoudanode cheap and readily available drones might be repurposed by terrorists for flying IEDs. The breathlessness. Really. But wait, they can be stopped!

“The best defence against the hostile use of drones is to employ a hierarchy of countermeasures encompassing regulatory countermeasures, passive countermeasures and active countermeasures.”

I don’t know about you, but I picture the sky soon dark with counterterror drones, swarming like the air over a northern Michigan road in mayfly season.

Processor troubles
Intel’s Skylake processors run into problems with complex computing, freezing PCs. A BIOS update is being distributed as a fix. But this isn’t the only bug out there. Read this, especially this bit: “…CPUs are now complex enough that they’ve become too complicated to test effectively.”

Hmm. In other words, future shock has moved beyond consumers.

NPR interviewed VW CEO Matthias Mueller
I’m sure Porsche has been wondering what the hell they were thinking, tieing up with Volkswagen. Porsche’s top guy is now tasked with clean up after VW, and he’s struggling. Witness NPR handing Mueller a shovel, and watching as he just keeps digging.

NPR: You said this was a technical problem, but the American people feel this is not a technical problem, this is an ethical problem that’s deep inside the company. How do you change that perception in the U.S.?

Matthias Mueller: Frankly spoken, it was a technical problem. We made a default, we had a … not the right interpretation of the American law. And we had some targets for our technical engineers, and they solved this problem and reached targets with some software solutions which haven’t been compatible to the American law. That is the thing. And the other question you mentioned — it was an ethical problem? I cannot understand why you say that.

NPR: Because Volkswagen, in the U.S., intentionally lied to EPA regulators when they asked them about the problem before it came to light.

Mueller: We didn’t lie. We didn’t understand the question first. And then we worked since 2014 to solve the problem. And we did it together and it was a default of VW that it needed such a long time.

Somebody needs to explain the Law of Holes to Mueller.

Also worth revisiting the definition of crazy today. Carry on.

Share this entry

Ukraine’s Power System Hacking: Coordinated in More than One Way?

/12 Comments/in , /by

[original graphic: outsidethebeltway.com]

[original graphic: outsidethebeltway.com]

Analysis by industrial control team SANS determined hacking of Ukrainian electrical power utilities reported on 23-DEC-2015 was a coordinated attack. It required multiple phases to achieve a sustained loss of electricity to roughly 80,000 customers. SANS reported they “are confident” the following events occurred:

  • The adversary initiated an intrusion into production SCADA systems
  • Infected workstations and servers
  • Acted to “blind” the dispatchers
  • Acted to damage the SCADA system hosts (servers and workstations)
  • Action would have delayed restoration and introduce risk, especially if the SCADA system was essential to coordinate actions
  • Action can also make forensics more difficult
  • Flooded the call centers to deny customers calling to report power out

An investigation is still underway, and the following are still subject to confirmation:

  • The adversaries infected workstations and moved through the environment
  • Acted to open breakers and cause the outage (assessed through technical analysis of the Ukrainian SCADA system in comparison to the impact)
  • Initiated a possible DDoS on the company websites

The part that piques my attention is the defeat of SCADA systems by way of a multiphased attack — not unlike Stuxnet. Hmm…

Another interesting feature of this cyber attack is its location. It’s not near sites of militarized hostilities along the border with Russia. where many are of Russian ethnicity, but in the western portion of Ukraine.

More specifically, the affected power company served the Ivano-Frankivsk region, through which a large amount of natural gas is piped toward the EU. Note the map included above, showing the location and direction of pipelines as well as their output volume. Were the pipelines one of the targets of the cyber attack, along with the electricity generation capacity in the region through which the pipes run? Was this hack planned and coordinated not only to take out power and slow response to the outage but to reduce the pipeline output through Ukraine to the EU?

Share this entry

Monday Morning: So — We Meet Again

/55 Comments/in , , /by

[image (modified): Leo Suarez via Flickr]

[image (modified): Leo Suarez via Flickr]

Monday: the bad penny we never escape, turning up once again beneath our cart’s wheels just as we set in motion. Just give a hard shove, push on, and don’t look back.

Volkswagen’s bad news, good news as Detroit’s auto show opens
Bad news first: In news dump zone on Friday afternoon, we heard Volkswagen wasn’t going to release documents pertaining to the emissions control defeat scandal to several U.S. states’ attorneys. VW said it couldn’t due to privacy laws, which sounds dicey; why do corporations have privacy rights? You’d think only U.S. businesses would attempt such excuses.

The good news was held until VW’s CEO Matthias Mueller arrived in U.S. for the soft opening of the North American International Auto Show in Detroit. VW is working on a catalytic converter it believes will resolved the emissions problem for roughly 2/3 of the affected vehicles. I’m guessing this is fix is intended for the oldest vehicles, and that the newest ones are likely to be swapped with a new vehicle, or a sizeable discount on a replacement will be offered. Color me skeptical about the effectiveness of this fix; if this was such an obvious and easy solution, it would already appear on VW’s diesel-powered passenger vehicles. Fuel economy will likely diminish due to increased back pressure — but that’s why I think this fix is for the oldest cars. It would encourage VW loyalists to buy a new one.

Juniper Network shuts the (a?) backdoor
The network equipment company says it’s “dropping” NSA-developed code after the revelation of a backdoor into their network device software. Does anyone believe all covert access by NSA has now been eliminated, though, if Juniper’s source code isn’t open?

Apple’s devices monitoring your emotions soon?
Ridiculously cash-rich Apple snapped up artificial intelligence company Emotient, which makes an application to interpret users’ emotions based on their facial expressions — sentiment analysis, they call it. I call it creepy as hell, especially since smartphone users can’t be absolutely certain their cameras aren’t in use unless they physically cover the apertures.

And yes, I do cover apertures on my devices with low-tack adhesive tape. It’s the first thing I do after opening the box on any new camera-enabled device, even before charging the battery.

That’s enough to get your cart moving. I hope to have a post up later, on the recent power outage in Ukraine.

Share this entry

In Response to Continued Resonance of Awlaki Videos, US Relaunched Social Media Propaganda Campaign

/10 Comments/in , /by

As far as we know, the perpetrators of the November attack on Paris were radicalized by each other, in specific neighborhoods in Europe.

According to the complaint filed against his Enrique Marquez, the friend who got him guns, Syed Rizwan Farook, adopted radical beliefs after consuming the lectures, videos, and magazine of Anwar al-Awlaki. In fact, Farook and Marquez moved towards planning an attack in 2011, in the immediate wake of the drone killing of Awlaki and his son. As to Tashfeen Malik, Farook’s wife, while she did some searches on ISIS just before Farook started an attack on his workplace, public reporting suggests that like the French terrorists, she adopted extreme beliefs through relationships formed in brick and mortar life.

Nevertheless, in response to the anxiety produced by these attacks, the Obama Administration is rolling out yet another propaganda campaign against ISIS. As part of it, it shifts the approach to funding NGOs to do the propaganda work, something I argued any such efforts should be doing in a piece for Vice this week. Though as I noted, any such effort needs to stop countering ISIS propaganda and offering a positive vision that will be meaningful to those with grievances. That was one of the things included in a briefing to Silicon Valley today.

There is also a need for more credible positive messaging and content that provides alternatives to young people concerned about many of the grievances ISIL highlights

The other part of the campaign is a bit sillier. The Administration asked for tech companies to do things like measuring resonance of ISIL messages.

Some have suggested that a measurement of level of radicalization could provide insights to measure levels of radicalization to violence. While it is unclear whether radicalization is measureable or could be measured, such a measurement would be extremely useful to help shape and target counter-messaging and efforts focused on countering violent extremism. This type of approach requires consideration of First Amendment protections and privacy and civil liberties concerns, additional front-end research on specific drivers of radicalization and themes among violent extremist populations, careful design of intervention tools, dedicated technical expertise, and the ability to iteratively improve the tools based on experience in deploying them. Industry certainly has a lot of expertise in measuring resonance in order to see how effective and broad a messaging campaign reaches an audience. A partnership to determine if resonance can be measured for both ISIL and counter-ISIL content in order to guide and improve and more effectively counter the ISIL narrative could be beneficial.

This seems to be a problematic approach both because this should be the intelligence community’s job and because they’re supposed to be pretending this isn’t about focusing on Muslims. Plus, as I noted, the recent big attacks weren’t primarily about social media. More importantly, Jim Comey has testified that the social media companies already are helpful.

Comey, apparently, only went along to demand encryption — and it showed up in the briefing document shared at the meeting.

In addition to using technology to recruit and radicalize, terrorists are using technology to mobilize supporters to attack and to plan, move money for, coordinate, and execute attacks. The roles played by terrorist leaders and attack plotters in this activity vary, ranging from providing general direction to small groups to undertake attacks of their own design wherever they are located to offering repeated and specific guidance on how to execute attacks. To avoid law enforcement and the intelligence community detecting their activities, terrorists are using encrypted forms of communications at various stages of attack plotting and execution. We expect terrorists will continue to use technology to mobilize, facilitate, and operationalize attacks, including using encrypted communications where law enforcement cannot obtain the content of the communication even with court authorization. We would be happy to provide classified briefings in which we could share additional information.

While Apple was at this meeting, some of the other key players the government would have to address about encryption were not, making this appeal rather silly.

And note the seduction here: the government wants to tell the tech companies how extremists (they really mean only ISIS) are using encryption, but they’re only willing to do so in a classified setting. That would make it harder to counter the bogus claims the government has repeatedly been caught making.

Ultimately, the Administration seems to have no awareness of another of the key problems. They recognize that ISIS’ propaganda is splashy. But they accord no responsibility for mainstream media for magnifying it.

[T]here is a shortage of compelling credible alternative content; and this content is often not as effectively produced or distributed as pro-ISIL content and lacks the sensational quality that can capture the media’s attention.

If the government is going to ask the private sector to do their part, why aren’t they on a plane demanding that CNN stop fear-mongering all the time, both magnifying the effect of ISIS’ propaganda and increasing the polarization between Muslims and right wingers? If CNN can’t be asked to adjust its business model to stop empowering terrorists, why is Silicon Valley being asked to, when the latter are more central to baselines security?

 

Update: Here’s a list of participants.

Denis McDonough,White House Chief of Staff,

Lisa Monaco, Assistant to the President for Homeland Security & Counter Terrorism

Todd Park, White House Advisor for Technology

Megan Smith, White House Chief Technology Officer

Loretta Lynch, Attorney General

James Clapper, Director, National Intelligence

James Comey, Director, FBI

Tony Blinken, Deputy Secretary, Department of State

Mike Rogers, Director of the National Security Agency

Jeh Johnson, Secretary of Homeland Security

Share this entry