Tag: security

EENews: Tensions at home and abroad pose growing threat to US grid

EENews reports on the increase in physical threats to the US power grid in the past couple of years in Tensions at home and abroad pose growing threat to US grid

Rising incidents of domestic terrorism and a surge in state-sponsored cyber attacks on critical infrastructure are posing a heightened risk to the U.S. power system, the nation’s grid reliability authority warned last week.

The geopolitical turmoil from the Israeli-Hamas conflict and the ongoing Russian-Ukrainian war is driving a dramatic increase in malicious cyber activity, according to the North American Electric Reliability Corp., a nonprofit body in charge of setting reliability standards for the wholesale power system. Those international tensions are adding to the steady increase in domestic physical threats against the power infrastructure that are likely to climb as the U.S. election season ramps up.

“The current geopolitical situation has significant ramifications for the North American grid,” Manny Cancel, senior vice president at NERC, told reporters Thursday, and that’s contributed to “a dramatic increase in malicious cyber activity.”

Cancel, who is also CEO of NERC’s Electricity Information Sharing and Analysis Center, which gathers and analyzes data from power companies, said at the same time, U.S.-based threats could include a wide range of activities aimed at shutting off the power for large swaths of people to sow unrest.

“We know activists continue to use this as a vehicle to get their ideology and other political thoughts across,” said Cancel. “So nonetheless, we’re going to be very vigilant during this current election cycle.”

Physical threats against the grid have seen a sharp uptick in recent years, according to a POLITICO analysis of DOE data. The nation’s power providers reported 185 instances of mostly physical attacks or threats against critical grid infrastructure in 2023, beating the previous record number of reports from 2022 and doubling the number of incidents in 2021.

Security experts say that rise correlates to the growth in domestic extremism and terrorism, fueled by public messaging boards and rampant information sharing that offers a guide for people to target weak spots in the power system.

“There is ample publicly available information for bad actors to identify vulnerable assets and choke points that, if taken offline, could have significant sustained consequences for this system,” Victor Atkins, a former associate deputy director for operations under the Department of Energy’s Office of Intelligence and Counterintelligence.

Utilities reported more than 2,800 physical security threats to the center in 2023, according to Cancel, a jump of more than 1,000 from the previous year.

NERC spokesperson Rachel Sherrard said the increase “can be largely attributed to enhancements in members’ information sharing.” She added the increased number of incidents “is not necessarily indicative of an increase in risk.”

Cancel said the vast majority of physical threats and attacks don’t result in power outages — only about three percent have any impact on the grid.

None of the recent incidents have led to the kind of cascading outages or widespread failures on the scale of the notorious Northeast blackout of 2003, which shut down the power system from Michigan to Massachusetts and as far as Northern Ontario.

But localized impacts from these incidents can still be devastating.

shooting attack in 2022 against two North Carolina substations left 45,000 people without power for four days. The state’s medical examiner has blamed the attack for the death of an 87-year-old woman whose oxygen machine failed.

California utilities avoided a crisis last week after an unknown suspect attempted to destroy a local substation by shooting at a transformer and shutting off circuit breakers. The FBI is offering a $25,000 reward for information on the suspected shooter. An FBI official told a local news station that if the attack had succeeded, it could have led to catastrophic consequences for people relying on electricity for medical purposes.

Brian Leventhal, a spokesperson for the impacted utility Southern California Edison, said SCE “uses a multilayered, defense in-depth strategy at our facilities to deter and respond to security threats.”

Cyber threats have also been on the rise, but are more difficult to directly quantify, according to Cancel.

DOE’s data include only a handful of suspected cyber attacks. But the NERC center has recorded a rise in the number of security weaknesses in the power system. From 2023 to 2022, the National Institute of Science and Technology recorded a jump of about 2,000 system vulnerabilities — a pace of about 60 additional threats per day, Cancel said.

What’s clear to U.S. officials is that hackers linked to U.S. adversaries are plenty capable of wreaking havoc on the power system.

“The major nation state actors — China, North Korea, Iran and Russia — absolutely possess the capability to disrupt critical infrastructure here in North America,” said Cancel.

“When they’ll decide to use this is obviously a very complicated decision. But nonetheless, we accept the fact that they have the capability,” he added.

Several high profile cyber breaches have proved those nations’ capabilities.

Last year, the Department of Energy was among federal and state agencies impacted by a mass cyberattack through vulnerable software. And a vulnerability revealed late last year — now dubbed “CitrixBleed” — launched warnings from federal security agencies who found state-backed hackers were exploiting the vulnerability to access major U.S. companies.

POLITICO investigation from last year found reporting gaps between federal and state officials, as well as grid and security authorities, related to ongoing threats against the grid.

Atkins, who is now a consultant focused on reducing risks to critical infrastructure, warned the U.S. power grid vulnerabilities were due to the “patchwork” of federal and local, public and private entities involved in maintaining security of the grid. He described it as a “paradigm of diffused responsibility.”

“It seems to me that it is only a matter of time before the sophistication and coordination of these attack scenarios reach a point to cause much more catastrophic consequences,” he said.

Radio Free Redoubt: When Ham Radio is Banned and Non-Permissive Comms Environments Part-3

The following recording is from Radio Free Redoubt Episode 22-40 When Ham Radio is Banned and Non-Permissive Comms Environments Part-3.

  • Assessing Communications goals
  • HF Renaissance in the US Army (Review)
  • Introduction to NVIS for HF
  • Antennas and Learning Your Footprint  (are you meeting your goals?) 
    • WSPRNet
    • PSKReporter
    • VOACAP
  • ATAK/CIVTAK battle tracking/incident tracking
  • Polarization of antennas on VHF (vertical vs horizontal)

Assessing your communications goals.  What are you hoping to accomplish?:

In a WROL (Without Rule of Law) environment, what types of communications do you see yourself conducting, out of necessity?

Local:

  • Voice only, for quick coordination with others?  Digital/data mode capabilities for more in-depth intelligence and reports sharing?

Regional (up to 400 miles)

  • To an individual (family member or friends) just to stay in touch and check on their welfare, or supporting regional operations?
  • Welfare vs. Operational vs. Strategic communications
  • Voice vs. Digital modes

Continental (Intermediate to long range / 400 miles and  beyond):

  • To an individual (family member or friends) just to stay in touch and check on their welfare, or supporting regional operations?
  • Welfare vs. Operational vs. Strategic communications
  • Voice vs. Digital modes

Why will you be communicating? 

  • You and a family member (you and your brother), or multiple groups of family members or friends?
  • Mutual support, coordination and sharing of intel and coordination between multiple organizations?
  • Strategic communications supporting command and control for leadership to coordinate supplies.

Ask yourself, and answer these questions: 
– Who is it that I intent to communicate with?
– What is the purpose for our communicaitons?
– Why is this a permissive operating environment?

– Who is establishing the rule that I cannot communicate?
– Enforcement.  Who can stop me and what are their capabilities?  What type of threat do they impose?

  • Is it a local criminal or revolutionary element that’s forcing hams to work for them, or attempting to locate hams to take their equipment for their own use?
  • Is it low-intensity conflict, with skirmishes between rival factions with no RDF (radio direction finding) or jamming capabilities?
  • Is this a civil war, or an invasion, with portions of your country under enemy control?
  • Are you caught in hostile/occupied territory?
  • If you are in friendly territory, does your side have air superiority or air defenses?  Are you within, or outside of, artillery range (close to a border or forward edge of a battle line) ?
  • Is the threat/enemy force technologically advanced with RDF, jamming, or guided weapons capabilities?

All these things have to be factored in to your decision making and risk assessment processes.

S2 Underground: One Time Pads/Encipherment

If you taken the Groundrod course from Combat Studies Group, then you’ve learned about one-time pads, but maybe you need a refresher. Maybe you’re completely unfamiliar with this method of encryption which is considered unbreakable unless your pad is compromised, either through being stolen or if it was not randomly generated. Get an introduction or refresher from S2 Underground in this video.

American Partisan: Signal App Compromised? Not So Fast…

NC Scout at American Partisan talks about the supposed compromise of the secure messaging app Signal in Signal App Compromised? Not So Fast… Remember that encryption works, and because encryption works the people who want your data will do anything they can to convince you to just not take the effort to use it.

Much has been written about the supposed compromise of Signal as a so-called ‘secure messaging app’, with some sources being a bit better than others on the matter. I’ve had a ton of questions about it over the past couple of days, and almost all of it doesn’t revolve around the issues with an app itself, but rather, the tradecraft errors behind using it.

First things first, almost everyone I come into contact with in the Liberty community, absent those with serious .mil backgrounds requiring at least a primer in tradecraft, have no idea what they’re actually doing. That statement is not meant to deride, far from it; its simply the truth. When it comes to communications, most are looking for a replacement: a methadone for a heroin addiction, if you will- to their incessant need for a phone. This is especially true when it comes to the instant gratification of messaging. I’m reminded of Russell Crowe’s line from a movie long since memory-holed, Body of Lies, saying “we just need al Saleem on the phone. Langley’ll do the rest.”

And they did.

Signal, as a software, does what it claims to do. On top of that, the source code for the app is open source and subject to anyone’s audit or modifications, should your skillset include the expertise in that area. And should you have that level of ability, you can even modify it to suit your needs running a code off the beaten path while still utilizing Signal’s network. It is end-to-end encrypted, after all. And what exactly does that mean? It means that the administrators can see that someone is accessing the network, but not what is being passed along it, much the same way that TOR actually works. Even with audio calls, the system does what it claims to do.

So let’s discuss the actual vulnerability in question.

According to documents filed by the Department of Justice and first obtained by Forbes, Signal’s encrypted messages can be intercepted from iPhone devices when those Apple devices are in a mode called  “partial AFU,” which means “after first unlock.”

When phones are in partial AFU mode, Signal messages can be seized by federal authorities and other potentially hostile interests. GrayKey and Cellebrite are the tools typically used by the FBI to gain this sensitive information, an expert has explained.

It uses some very advanced approach using hardware vulnerabilities,” said Vladimir Katalov, who founded the Russian forensics company ElcomSoft, believing that GrayKey was used by federal authorities to crack Signal.

So its not the app after all, but rather the hardware’s setting. A vulnerability which, since its a hardware exploit, likely applies to every messaging app. So tradecraft, or the lack thereof, is the heart. As per the usual. And the hardware in question is the hipster device of choice, an Apple iPhone. Shocker. But I thought Apple prided itself on user security?

Maybe at one point. But clearly no longer. Must be all that CCP money. And the real kick in the groin is that (shocker, again!) the FBI (or any other domestic security agency) can get into your phone without your handy little thumbprint. And just because they didn’t mention Android, don’t think its not every bit as vulnerable. It is.

So let’s talk about how to mitigate it.

First, understand the levels of data collected from cellular devices. I’ve discussed this ad nausem in the past. Your phone is constantly tracking you, no matter what you do absent putting it in an EMP bag, and if you cannot fully comprehend this reality then you’re really, really far behind the power curve. The lone answer is moving to using wi-fi only mobile devices for communications using open source apps. Wifi is common enough even in rural areas and if the technology is beyond you, so is your usefulness in a direct action cell.

Second, understand how to properly message people. The magic blanket of encryption may conceal our message but it neither conceals our presence nor our patterns of life- and in particular, who’s being messaged. This requires first discipline, and second, a pre-arranged (and trained on) code. One Time Pads work quite well, but a pre-configured Trigram or Brevity matrix works as well. On top of that, messages should be set to delete after a short period of time. Signal enables this, and if the message is important (it should be if you’re using Signal to send it), write it down. Clandestine messages are usually one-way as it is, requiring no overt response. Or if a response is necessary, respond through another backchannel (the same way I teach communicating on two different frequencies simultaneously in the RTO Course). Further, group messages of any more than two individuals is an instant non-starter. This violates even the most basic rules of clandestine cell organization and why Liberty groups feel the need to broadcast everything to everyone, I’ll never understand. Maybe you’ll learn one day. Domestic Black Sites are real.

Last, what you’re using as a so-called daily driver, ie your surface phone, is absolutely not used for this role. One of my own personal objections to Signal is and has always been the requirement of a phone number for registration. My Sudo allows us to bypass this by generating another phone number, but alternative apps such as Wire and Threema register via an email account…far, far better. And on that note you did install it on your own, absent Google play, correct?

So with that said, what do I think of this so-called ‘compromise’? It think its a smoke screen for CCP / Apple to keep their own compromise hidden in the details, as well as a smoke screen for disgruntled feminist intersectionalist IT workers behind the scenes at Signal unhappy that anyone other than AntiFa degenerates and washed up Agency Spooks would be using their app. For me, Signal is the C in my PACE plan- the ability to contact those using cell phones from my own wifi device, should the need arise. I don’t hang my hat on its ability outside my control. Neither should you. And the fact that a lot of people in this community do underscores just how behind the curve some of the louder voices really are. No matter what you’re doing, the correct answer is always using open source systems, have a PACE plan, follow the Moscow Rules and if there’s any doubt, there is no doubt.

IntelTechniques Chart of Digital Communication Security

A section on Email application security from IntelTechniques

IntelTechniques has a chart they put out last month covering the security of voice, email, messaging, and video applications. Click here to view the page. Some explanations of the terminology used:

E2EE – end to end encryption. E2EE is good to have. If something is encrypted, but not end to end, then at some point in the data’s journey between two end points it is “in the clear” for anyone to view.

Country of ownership is there to indicate the likely laws governing privacy or to investigate how easily a company submits to subpoenas for access to their servers.

14-eyes association is another name for SIGINT Seniors Europe or SSEUR – an association of fourteen countries around the world who all share surveillance data with each other. For example, the US may have a law that makes it illegal to collect surveillance data on a US citizen without a warrant, but they can ask an ally from SSEUR to share that same data with them because it wasn’t collected by the US agency.

Open Source is the name for software where the program source code is available to the public to check (and even modify under conditions of the various open source licenses) for accuracy, security, or other reasons.

Third-party metadata – does the application allow metadata access (such as To, From, Subject, source IP, etc) to any third parties?

Third-party analystics – does the application allow any third party to analyze traffic that passes through the application system?

Ephemeral messages – An ephemeral message is one that can or will disappear from both the sender and receiver devices after some amount of time.

Third-party audit indicated whether the application source code has been audited by a neutral third party for security problems.

I believe that most of the other terms are more easily understood.

Brushbeater: No Encryption, No Problem – Analog Radio Operations For Guerrilla Units

NC Scout at Brushbeater blog writes about communications security in No Encryption, No Problem: Analog Radio Operations For Guerrilla Units

Since I started the Brushbeater blog project back in late 2015, a constant question I’ve got in emails has been about communications security and very often how to use encryption over the radio. Back when I got into the civilian side of operational communications and I no longer had uncle sugar providing my equipment, I had all those same questions and none of the answers. Encryption and communications security is generally verboten among the old-time Ham crowd. Asking about it immediately can gain a novice the cold shoulder- it’s just one of those things that’s best left unasked, figured out on one’s own, or asked once you’ve got in the good graces of the locals (community building, anyone?). For me it was and is a creative outlet, allowing all the fun stuff I did in the Army to be a useful skill and one I teach others.

Since communications in general, like patrolling, like TC3, and like basic survival are all topics woefully misunderstood by civilians, an area as complicated as securing analog transmissions can go way over people’s heads in a hurry. It’s a different skillset than what you’re either used to seeing or doing. It requires a little understanding about radio theory, a little understanding about the planning process, along with some other skills like how to use a compass and basic awareness of your operating environment. Above all, it takes experience; you can’t just talk about it, you gotta do it. That said, we also have to recognize that the equipment we have is the equipment you’re going to be working with when things go sideways. No magic gear fairy is going to drop you a bundle of PRC-152s, much less the working knowledge to use them. So learning to use what you have in hand to its maximum capability is a heck of a lot more important than hanging out in fantasy land with stuff pushed by hobbyists.

Communications Security Begins With You, or, Encryption Won’t Save You

In a recent conversation with a friend and fellow well-seasoned vet, we brought up some of the obstacles facing would-be partisans that many preppers don’t take into account. Logistics being a HUGE one (if I burn through 500 rounds doing “supporting fire” aka just making noise, who resupplies my ammo?) but also the enablers a lot of the contemporary veteran crowd are used to having but cannot expect in the near future. NSA Type 3 AES encryption comes to mind here. We took a lot of resources for granted, especially in the commo department. We had/have an enemy who generally lacked any real electronic warfare (EW) capability, with the result being incredibly sloppy communications practices. The reliance on electronic security left a lot of the old common practices in the dust, many of which are once more very relevant today. Since about 80-90% of the prepping crowd’s electronic signal devices are limited to VHF/UHF dual band analog handhelds, you have to stop thinking in terms of simply press n’ talk if you want to even begin to be secure. The presence of a pattern of signals, even if encrypted, digital, analog or whatever, will give you away if you lack basic discipline. The saying everything that’s old is new again comes to mind, because a lot of the old hand practices developed in Vietnam for rural patrolling are the first place to begin. What was high tech for them is dirt cheap today. And the training value in their blood soaked lessons shouldn’t be lost on you.

But first, why do you need a radio? A lot of folks buy gear just for the sake of buying something. The first thing you should be asking yourself is exactly what your goal is and then work towards that instead of buying a whole bunch of something, because someone told you to, only for it not to be used. If that goal is talking with others in your group on the back forty, that’s one thing. If it’s rural patrolling, that’s another. Electronic communications, of any type, are the least secure method of communication. Messengers are the most secure. When getting started you’ve gotta figure out what it is you need to do. You might find you don’t need as much as you think; keeping it simple goes a long way. And for those of you only concerned with a homestead right now, COMSEC (communications security) is a very real issue for you whether you know it or not. A common surveillance mission for us was called “patterns of life”, where we watched a place for several days. Surveillance means everything, including the signals coming from the target, which in turn can provide a high amount of intelligence value due to shoddy practices. If you’re lazy, someone who learns a few signals intelligence techniques can not only find you very easily but listen to all your voices, get your names, know your timelines, and finally, disrupt you to the point of shutting you down, usually once they’re ready to attack. I know, I’ve done it in real life. So all of you only relying on those walmart FRS radios are very easy prey.

Contras on patrol hunting commies. Notice the handheld radio (HT) on the RPK gunner’s chest. Inter-team radios should be placed among the leaders of maneuver elements, including force multipliers such as your machine gunner / Automatic Rifleman / Support By Fire and Designated Marksman (DM).

It’s important to point out the difference between tactical communications and clandestine communications. Tactical communications require immediate action and either give short orders or brief reports and are local in nature. For preppers, these are for retreat security and short duration patrols; snoop n’ poop around the woodline to make sure nobody is waiting on us to go to sleep. The RTO Basic course focuses almost entirely on tactical communications. Clandestine communications are long term, far more in depth messages that usually use multiple layers of encoding- this is where the One Time Pads come in– and are sent to cells working over a region. These are referred to as cables in the intelligence field. Numbers stations come to mind, and that’s a whole other conversation entirely…(continues)

Crimethinc: Tools and Tactics in the Portland Protests

Ready or not—the war is on.

This article at Crimethinc brings together a lot of other articles and social media thread to show the many tactics used by rioters in Portland, from using shields and umbrellas to lasers, fires, and digital security – Tools and Tactics in the Portland Protests.

Across over two months of protests, demonstrators in Portland have experimented with a variety of tactics and strategies. The clashes in Portland drew international attention starting in mid-June, when footage spread of federal agents in unmarked cars snatching demonstrators off the sidewalks and Donald Trump announced that federal agents would be using this model to intervene in other cities around the United States. After Trump’s announcement, the demonstrations in Portland grew exponentially, drawing thousands each night, until the governor of Oregon declared that federal agents would be withdrawn from the streets. In the following overview, participants in the Portland demonstrations describe some of the tools and tactics they have seen employed there.

Many of these tools work best in combination with each other. As usual, diversity of tactics is key—not just tolerance for different approaches, but thinking about how to combine all of them into a symbiotic whole. Soon, we aim to follow up this cursory review with a more thorough accounting of the full range of street tactics and equipment relevant to today’s demonstrators.

The Portland protests have also produced some new terminology, such as the expression “swoop,” which describes what happens when a reformist with a megaphone makes a power play to hijack a gathering organized by people who want to see the police abolished. As demonstrators expand their notions of what tactics are appropriate in this swiftly polarizing society, we hope they will also expand their visions of what is worth fighting for, adopting horizontal models of organization and learning how to identify and resist power plays.

Table of Contents

Digital Security
Masking and Proper Attire
Riot Ribs, Food Carts, Infrastructure
Leaf Blowers
Umbrellas
Shields
Sports Equipment
Balloons and Bubbles
Lasers
Graffiti
Paint Bombs
Fireworks
Fire
Fence Toppling
De-Arresting
Crowd Movement
Disabling Cameras, Breaking Windows
Legal Support, Jail Support

Digital Security

This thread spells out how to protect your privacy via proper phone safety at demonstrations—before, during, and after the protest. You can find a lot of important information about general security in protest situations here.

Masking and Proper Attire

Wearing a mask is responsible from a medical perspective—in the era of the pandemic—but also for security reasons, to protect your privacy. Nowadays you don’t just have to worry about the police filming and arresting you, but also about far-right internet trolls trying to identify you from video footage.

If demonstrators are dressed appropriately in black bloc fashion, it should be difficult to make out identifying particulars.

Pay attention to detail. Cover your tattoos and other unique traits. Cover your whole face, not just your mouth. There should be no visible logos on your clothes, shoes, or backpack. Read this for more details.

Riot Ribs, Food Carts, Infrastructure

It is really good for morale to have a group of people providing food and other needed resources. Portland protesters have been deeply thankful that Riot Ribs have come out to feed everyone free food. This enables people to stay longer and helps them to feel that it is worth the effort and risk to support the movement that nourishes them.

You can read about Riot Ribs here.

Feds and cops know how important these mutual aid efforts are and intentionally target them in hopes of breaking the will of the demonstrators:

Here you can “before” and “after” shots of the infrastructure one night that federal mercenaries attacked it:

Unfortunately, uniformed officers are not the only danger threatening community infrastructure. In late July, Riot Ribs experienced a coup involving physical violence and intimidation. Wherever money is involved in activism, there is great risk of infighting unless the goals, structures, and expectations have been set very precisely in advance. The original Riot Ribs folks have left town, apparently taking the concept of Riot Ribs on the road to other cities as Revolution Ribs. Someone should write in detail about the rise, fall, and rebirth of Riot Ribs…(continues)

Click here to read the entire story at Crimethinc.

Front Sight Info on Church Shootings

The information below was going to be presented at tonight’s general assembly (which has been cancelled) as part of the presentation on church shootings and security.

From Front Sight:

The first video below is Front Sight’s professional review and sensitive critique of the actions of those involved in the gunfight, as captured on video, at the West Freeway Church of Christ in White Settlement, Texas. Watch this SPECIAL Reality Check and ask yourself, “What can YOU do in 1.5 seconds?”

The second video, the Special Supplement to the first video, shows you how the entire situation could have been avoided entirely, or at the least, forced the armed confrontation to occur OUTSIDE the church rather than inside, where innocent people were placed in danger…

Front Sight Video

Special Supplement video…

Front Sight Video

 

 

American Partisan: Using Encryption with Veracrypt

This practical article from American Partisan discusses the use of the program Veracrypt to encrypt data in files and hard drives. While the lead of the title is “Clandestine Communications,” there are many reasons that you might want to use Veracrypt encryption in your day to day life. I have used it in a legal setting in order to encrypt an attorney’s sensitive trial files to take them between the office and the court room. You can use it to safely store a password file. At home, you can use it to securely store photocopies of your credit cards, social security cards, firearm serial numbers, birth certificates, passports, banking information, or any other information that you want to have available, but not just sitting where it can be stolen or hacked. For preppers, you can take that same encrypted file of your important information and put it on a USB drive and toss it in your bug out bag or a vehicle Go-bag so that if you have to leave home because of a fire you’ve got all of that vital information gathered already.

Clandestine Communications Part Four: File and Hard Drive Encryption with Veracrypt is a pretty simple overview of getting started with using Veracrypt software. Veracrypt is a free (free as in no cost), open-source (free as in liberty) software program. Because it is open source, the source programming code is freely available for viewing so that the software can be audited for security holes and backdoors. You can use Veracrypt to encrypt an entire drive, or you can create a volume which looks like a file to your computer which you can then mount as its own drive. There are also other more advanced features.

Today’s article is going to talk a little bit about how to use Veracrypt in order to encrypt both a file volume and a flash drive. Veracrypt can be downloaded from here.

Once you install the program, let’s take a look at what it looks like.

I recommend you spend some time in the Help menu – particularly in the ‘User’s guide” and “Beginner’s Tutorial”.

Veracrypt can encrypt your files in a few different ways. The first way is creating a volume. The volume is almost like a file itself – it can be copied, pasted, etc. It acts, in a way, like a super secure .zip file (without the file compression). The second way you can encrypt your files is by encrypting an entire hard drive or flash drive. This method in particular could be useful if you were using a dead drop system to pass a One Time Pad as you could buy a lot of inexpensive flash drives, encrypt them, and then use them in your drops.

Veracrypt also has a really cool future that I may touch on in a later article called Hidden Volumes. Basically, this creates a volume within a volume, and each volume has a separate password. This could be useful if you are forced to open the volume at gun point. The idea is that in the outer volume you have some sensitive looking documents but not the actual files you want to encrypt. If you were forced at gunpoint to open the volume, your actual files would be safe (since they use a different password). This may be something that many of you are interested in.

Volumes

To create a Volume, click on the “Create Volume” button in the lower left of Veracrypt. Here, a menu gives you some options. For now, we are going to stick with the default option of “Create an encrypted file container”. The second option is used for encrypting flash drives or external hard drives, and the third option is for encrypting the hard drive that runs your Operating System. Click Next.

Here, we have the option of creating a Standard Volume or a Hidden Volume. Since we are just starting out, make sure Standard Veracrypt volume is checked and hit Next. Now it is time to decide where we want the Volume to be. Click “Select File”. To make it easy, navigate to your desktop. In the “File Name” line, name your file. Click Save and then Next.

The next screen is where you can chose what type of encryption you want to use. I will leave it up to all of you to figure out which one is best (to be honest, I don’t really understand the differences so I am not going to give you a recommendation – if you do, throw it in the comments). Once you do, click Next.

The next screen is where you get to decide how big you want the file to be. For this example, I am going to go with 1 GB but you can choose whatever you want (think about what you are wanting to store in it and use that as a guide). Once you decide, click Next.

This screen is where you create your password. I have two rules for you to follow: 1) use numbers, letters, and symbols, and 2) use capital letters and, if you want, spaces. A great way to get a strong password is to use a password manager like KeePassXC. I actually don’t have one set up yet, so I will be doing a future article on how to do that as well. You can also use keyfiles, which is like selecting a few different files you already have to use them as the password. It is not my favorite way of doing it, but YMMV. Once you have your password entered, click Next.

The next screen is very important. You are choosing both the filesystem you want and generating the random pool to make your encryption stronger. I generally tend to use an NTFS system because FAT filesystems don’t like files over 4 GB, but again do your research and choose the filesystem you want. Then, move your mouse as random as possible inside the window. You will see tons and tons of characters in the “Random Pool area. Do this for at least 60 seconds, but the longer the better. Once you are done, click Format.

Once the formatting is done, it is time to mount your file. Go back to the first window that appeared when you started Veracrypt. Now, click on Select File on the bottom right. Navigate to your file and select it, and then select Mount. Enter your password, and select OK. Once the file mounts, you can go into Windows Explorer. You will notice in your hard drive list under “Computer” on the left hand side, there will be a new hard drive. In my case, it is Local Disk (J:) as we can see the size is 0.99GB. You can now click on that and copy your files in! In order to dismount the volume, just select it again on the main screen of Veracrypt and click “Dismount”.

Flash Drive / External HDDs

To encrypt a flash drive, begin once again by clicking “Create Volume”. This time, select the middle option of “Encrypt a non-system partition/drive”. Click Next, and you see that once more we have the option of creating a Hidden or Standard volume. For this, I am creating a Standard Veracrypt Volume. Click Next.

Now, instead of creating a file, you are selecting the flash drive or hard drive you want to encrypt. Once you select your drive, click OK. You are given two options for the Volume Creation Mode. The first one is for when you have no files on the drive and want to encrypt it more quickly. If you choose this option AND you have files on the drive, they WILL be overwritten and lost. If you have files on the drive and you cannot or do not want to take them off, chose the second option, “Encrypt partition in place”. I have never used that second option because I am terrified something will go wrong and I will lose my files, but YMMV. Make your selection and click Next.

Just like creating the volume, select your encryption algorithm and click Next. Verify that the size on the screen is really close to the size of the drive you want to encrypt (in this case, my flash drive is 4 GB in theory and in the above picture we see it is 3.7 GB, which matches closely below which says 3.65 GB). If it is really off, go back and make sure you selected the right drive to encrypt – this is really important. Once you verify it is correct, click Next.

Once again, create your password (DIFFERENT FROM YOUR FIRST ONE – NEVER REPEAT) and click Next. The same rules from the Volume section apply to the password. Now choose your file type and click next (again, I personally use NTFS). Move your mouse around in the box again to random the Heading Pool and, once you are done with that, click Format.

In order to Mount the drive, you can select what letter drive you want to mount the volume in and either 1) Click “Auto-Mount Devices”, type in the password, and click OK, or 2) Click “Select Device” and choose the device on the screen. Then, access the drive just like the volume and copy your files in!

References

https://securityinabox.org/en/guide/veracrypt/windows/

https://www.veracrypt.fr/en/Beginner%27s%20Tutorial.html

https://www.veracrypt.fr/en/Plausible%20Deniability.html

Doom and Bloom: Safety Plans for Places of Worship

Safety Plans for Places of Worship comes from the Altons at Doom and Bloom Medical. In our area, Jon Ladines of Force Dynamics is well known for training security teams for places of worship.

News outlets are reporting another attack on a place of worship, this time at a church in White Settlement, Texas, near Fort Worth. In this instance, two congregants were killed before the threat was abolished by armed volunteer members of the church’s security team.

As time goes on, more heinous acts of violence are occurring in what should be sanctuaries for the faithful. There is no place where crowds gather that is immune to the bad intentions of a disgruntled, deranged, or politically-motivated individual.

In the case of the shooting at White Settlement, Texas, a security detail of volunteers was able to end the incident quickly. This was because the folks in the Texas town of 17,000 realized the importance of instilling a culture of situational awareness in our citizenry.

(Aside: Originally put forth by a fighter pilot as a strategy in aerial dogfights, situational awareness has real practical significance in staying safe in uncertain times)

Situational awareness is a state of calm, relaxed observation of factors that might indicate a threat or a need to act. These are called “anomalies”; learning to recognize them can identify suspicious individuals and save lives. It certainly did in the recent incident.

(Learn more about situational awareness in this article)

Unlike the church in Texas, not all congregations prioritize church safety at the level needed in this toxic climate. The premise that a ministry is based on peace fails to take into account that there are those who consider places of worship to be “soft”targets. In this era of active shooters and anti-Christian feeling (or anti-religious feeling in general), pastors must make sure their flock is safe, just like any shepherd. In the New Normal, it’s has become part of the job description.

In my role as medical preparedness writer, it’s my mission to help the average citizen promote the well-being of loved ones in disasters. I’ve written about hurricanes and earthquakes, but shooter events like the one in White Settlement are also instances where mass casualties can occur. As in the recent shooting, these casualties could be minimized with a plan of action.

Small churches should establish a "safety ministry"
Small churches should establish a “safety ministry”

Large churches may choose to hire security professionals and install video surveillance technology. Smaller and less affluent churches, however, might benefit by establishing what I call a “safety ministry“. This group should be comprised of parishioners who have some security experience, such as active and former law enforcement, military veterans, and carefully selected others. Members should evaluate the layout of the church and grounds for weak spots and organize a plan of action for calling 911 and other measures when needed…

Click here to continue reading at Doom and Bloom Medical.

City Journal: The Knife Went In

City Journal recently reprinted an article from 1994 in their Spring 2019 issue, The Knife Went In by Theodore Dalrymple.

It is a mistake to suppose that all men, or at least all Englishmen, want to be free. On the contrary, if freedom entails responsibility, many of them want none of it. They would happily exchange their liberty for a modest (if illusory) security. Even those who claim to cherish their freedom are rather less enthusiastic about taking the consequences of their actions. The aim of untold millions is to be free to do exactly as they choose and for someone else to pay when things go wrong.

In the past few decades, a peculiar and distinctive psychology has emerged in England. Gone are the civility, sturdy independence, and admirable stoicism that carried the English through the war years. It has been replaced by a constant whine of excuses, complaint, and special pleading. The collapse of the British character has been as swift and complete as the collapse of British power.

Listening as I do every day to the accounts people give of their lives, I am struck by the very small part in them which they ascribe to their own efforts, choices, and actions. Implicitly, they disagree with Bacon’s famous dictum that “chiefly the mould of a man’s fortune is in his own hands.” Instead, they experience themselves as putty in the hands of fate.

It is instructive to listen to the language they use to describe their lives. The language of prisoners in particular teaches much about the dishonest fatalism with which people seek to explain themselves to others, especially when those others are in a position to help them in some way. As a doctor who sees patients in a prison once or twice a week, I am fascinated by prisoners’ use of the passive mood and other modes of speech that are supposed to indicate their helplessness. They describe themselves as the marionettes of happenstance…

Click here to read the entire article at City Journal.

President Declares Intent to Sign a National Emergency Over Border

From Reuters

“I’m going to be signing a national emergency,” Trump said from the Rose Garden of the White House.

“We have an invasion of drugs, invasion of gangs, invasion of people, and it’s unacceptable,” he said.

The president said he would sign the authorizing paperwork later in the day in the Oval Office…

Nancy Pelosi, the Democratic Speaker of the House of Representatives, and Chuck Schumer, the Senate’s top Democrat, swiftly responded to Trump’s declaration.

“The president’s actions clearly violate the Congress’s exclusive power of the purse, which our Founders enshrined in the Constitution,” they said in a statement. “The Congress will defend our constitutional authorities in the Congress, in the courts, and in the public, using every remedy available.”

The president acknowledged that his order would face a lengthy legal challenge. “We’ll win in the Supreme Court,” Trump said…

Speaker Pelosi had previously threatened that the next Democrat President could declare gun violence a national emergency while Rep. Cleaver of Missouri said that such a President could declare climate change or income inequality as national emergencies.

“A Democratic president can declare emergencies, as well,” Pelosi told reporters in the Capitol. “So the precedent that the president is setting here is something that should be met with great unease and dismay by the Republicans.”

…”Let’s talk about today: The one-year anniversary of another manifestation of the epidemic of gun violence in America,” Pelosi said. “That’s a national emergency. Why don’t you declare that emergency, Mr. President? I wish you would.

“But a Democratic president can do that.”

 

Largest List of Hacked Email Addresses and Passwords Exposed – Jan. 2019

I’m reposting this here to make sure people see it. You can see if your email is on the list by going to http://haveibeenpwned.com and putting in your email address. It will tell you if your email is on this list or any others in the past. I went through the emails of a couple dozen friends and family and found a few on the list and let them know, so you probably all interact with someone whose email password may be floating out on the internet. From security researcher Troy Hunt:

Many people will land on this page after learning that their email address has appeared in a data breach I’ve called “Collection #1”. Most of them won’t have a tech background or be familiar with the concept of credential stuffing so I’m going to write this post for the masses and link out to more detailed material for those who want to go deeper.

Let’s start with the raw numbers because that’s the headline, then I’ll drill down into where it’s from and what it’s composed of. Collection #1 is a set of email addresses and passwords totalling 2,692,818,238 rows. It’s made up of many different individual data breaches from literally thousands of different sources. (And yes, fellow techies, that’s a sizeable amount more than a 32-bit integer can hold.)

In total, there are 1,160,253,228 unique combinations of email addresses and passwords. This is when treating the password as case sensitive but the email address as not case sensitive. This also includes some junk because hackers being hackers, they don’t always neatly format their data dumps into an easily consumable fashion. (I found a combination of different delimiter types including colons, semicolons, spaces and indeed a combination of different file types such as delimited text files, files containing SQL statements and other compressed archives.)

The unique email addresses totalled 772,904,991. This is the headline you’re seeing as this is the volume of data that has now been loaded into Have I Been Pwned (HIBP). It’s after as much clean-up as I could reasonably do and per the previous paragraph, the source data was presented in a variety of different formats and levels of “cleanliness”. This number makes it the single largest breach ever to be loaded into HIBP…

Read the entire article at Troy Hunt.

Forward Observer: Community Security eBook

Sam Culper at Forward Observer has written a short (sixteen pages) ebook on Intelligence and Community Security. It’s a ‘quick start’ guide to understanding intelligence for community security and emergency preparedness.

The writing is on the wall. It couldn’t be more clear.

Our power grids are critically vulnerable.

“As an almost 30-year veteran of the U.S. Air Force with leadership experience in intelligence and cyber warfare, and as a current member of the U.S. House of Representatives Homeland Security Subcommittee on Cybersecurity and Infrastructure Protection, I know we are highly vulnerable to a cyber-attack on our electric grid.

Such an attack could have devastating, long-term consequences for our economy, our national security – for our very way of life.”

Those are the recent words of Don Bacon (R-NE), a retired Air Force Brigadier General who was in charge of the Air Force’s Intelligence, Surveillance, and Reconnaissance (ISR) strategy program.

This “news” about the power grid shouldn’t be news to anyone, but it drives home a very good point…

If you care about your wife, children, family, and neighborhood, you should spend some time preparing for the effects of a cyber attack like the one Rep. Bacon describes.

The emergency preparedness community is so quick to focus on “bullets, beans, and band-aids” that they often overlook the value of local intelligence gathering.

Intelligence is probably the single-most overlooked aspect of preparedness, yet it should be a central part of your preparedness plans.

I’ll state the case:

If you’re concerned about a cyber attack or a grid-down event, you’re not actually preparing for those events. You’re preparing for the effects of those events.

But how do you know what the specific local effects will be, and how can you be sure?

Only intelligence can inform you of the second- and third-order effects of an event of this magnitude.

Only intelligence can inform you of very specific threats you may experience in the area.

Only intelligence can inform you of the likelihood that your neighborhood will suffer from looters, even worse criminals, and further systems disruption.

Bullets, beans, and band-aids will get you through periods of emergency, but they can’t inform your expectations of what will happen in the future.

That’s the value of intelligence…

Sam Culper says to share the ebook far and wide.  Click here to download Forward Observer’s Intelligence & Community Security ebook. It may only be freely available for a limited time.

So here’s what I want you to do…

PRINT IT.

Forward this email to your friends.

Give the book away.

Read it this weekend.

Have your friends read it this weekend.

And then act on it.

For the rest of this weekend, you can access the book here.

FO: Building an Intelligence Section for Community Security

Continuing with our recent intelligence theme, here is an article posted by Sam Culper today at Forward ObserverBuilding an Intelligence Section for Community Security. In it, he discusses why an intelligence team is necessary and how to get an intelligence team setup for your community.

First, we need to stress the importance of Intelligence as it relates to community security. The people in your preparedness group, security team — or just members of the community, for that matter — don’t know what they don’t know, and it’s not likely that they understand the value of Intelligence in the first place. The more our leadership, commander, and/or team members understand about Intelligence, the more likely they will see the extreme value of making it a priority. Illustrating the OODA Loop and how Intelligence plays a critical role in making informed, time-sensitive decisions is probably a very good first step. There are those communities which will implement intelligence and be more prepared, and there will be communities who don’t use intelligence. I believe the difference between the two will be visible.

Intelligence is critical in our ability to stay a step ahead of threats. The principles outlined on this blog are the same principles used by intelligence agencies and the military. Those two organizations happen to have roles in fighting terrorism; a mission of which community security is a microcosm. While we aren’t involved in fighting terrorists, what we may face in a worst-case scenario is a modified form of terrorism in our communities: in other words, violence against society. And we know that “no other single policy effort [other than intelligence] is more important for preventing, preempting, and responding to attacks.”

The second thing we can do is to develop some criteria we can include when scouting out potential ACE members; we need to find those mental giants capable of heavy lifting. There are probably individuals in your community who may not be able to physically contribute to security, but can certainly contribute mentally. These are the people we want…

Click here to read the whole article at Forward Observer.

RELATED:

FO: Four Bases of Intelligence and Community Security

FO: Four Type of Intelligence Collection for Community Security

FO: Why Intelligence Deserves a Role in Survival, Preparedness, and Community Security