Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Automated Threat Monitoring. Show all posts

Pentagon's Secret Service: Monitoring Social Media for Criticism of Generals

 

According to reports from The Intercept, the Army's surveillance unit has been scanning social media platforms for posts that criticize or demean generals and other military leaders. The unit is said to be specifically targeting tweets and comments that contain derogatory language or threats. While the intention behind this surveillance is to protect military personnel, it also highlights the increasing scrutiny of online speech by government agencies.

The justification for such monitoring lies in the potential risks posed by online threats and the need to ensure the safety of military personnel. Social media platforms have become hotbeds for hate speech, harassment, and even radicalization. It is only natural for authorities to be vigilant in their efforts to identify and mitigate any potential dangers.

However, concerns arise when the surveillance extends to monitoring and policing online criticism or dissent. Freedom of speech is a fundamental pillar of any democratic society, and citizens should be able to express their opinions, even if they are critical of those in power. This practice by the Pentagon's secret service raises questions about the erosion of civil liberties and the chilling effect it may have on public discourse.

Critics argue that such surveillance can stifle dissent and discourage individuals from voicing legitimate concerns. It also raises concerns about the potential misuse of personal data and the infringement of privacy rights. There is a fine line between monitoring for security purposes and encroaching upon individuals' rights to free speech and privacy.

As technology advances, it is essential to strike a balance between security measures and the preservation of civil liberties. Clear guidelines and oversight mechanisms should be in place to prevent overreach and abuse of power. Transparency is key, and the public should be informed about the extent of these surveillance practices, as well as the criteria used to identify and target social media posts.

Moreover, it is important to invest in comprehensive strategies to address the root causes of online extremism and harassment. Focusing solely on monitoring and surveillance without addressing the underlying issues is a short-term solution at best.

The revelation that the Pentagon's secret service is actively trawling social media for mean tweets about generals brings into focus the delicate balance between national security and individual freedoms. While ensuring the safety of military personnel is paramount, it is crucial to safeguard citizens' rights to free speech and privacy. Striking the right balance between security measures and civil liberties is vital for maintaining a healthy and democratic society. The public's trust in these surveillance practices can only be earned through transparency, accountability, and a commitment to protecting individual rights in the digital age.

New Generation Reeja Vajra Cloud for Automated Threat Monitoring

Cyber Security and Privacy Foundation Pte Ltd.(CSPF), Singapore (http://cysecurity.co/), has released the latest version of Reeja Vajra Cloud. Reeja Vajra provides Automated Threat Monitoring via the Cloud. Reeja Vajra has been successfully deployed at several clients in the banking/financial services sectors in India and overseas.

The proprietary Reeja Vajra technology now incorporates machine learning, advanced algorithms, recognition and comparison engines and an advanced shell detector. The essential deliverables of latest version of Reeja Vajra includes Daily Network Vulnerability Identification, Application Vulnerability Identification, Webserver & Frame work level vulnerabilities, Random APT attack vector identification, Defacement monitoring and Reputation service (Including Similar domain Monitoring for phishing). Reeja Vajra Cloud incorporates four modules : APMS – Anti Phishing, Malware, Spamming Module (Anti Fraud Service), WRSS – Web Reputation and Security Scan Module and AVA – Automated Vulnerability Assessment for IP Address and DF 24 – a defacement monitor.

As J Prasanna, founder and CEO of CSPF, says, “despite Organisations & governments around the world deploying latest Web application firewalls, other firewalls, intrusion prevention systems, SIEM and being certified under ISO270001, they continue to get hacked almost at will. Are these technologies really working?”

CSPF in earlier days analysed the main reason for hacks actually taking place as:
    - Lack of security researchers in organisations with intuitive understanding of hacking
    - Insecure Web applications and Mobile apps forming the attack surface area
    - Absence of co-ordination between application and network teams
    - Application teams lack knowledge to fix vulnerabilities identified by VAPT teams
    - VAPT teams from external vendors/consultants who run script tools and don’t actually find vulnerabilities.
- Risk management teams not having a say in IT teams

Reeja Vajra, as a Dedicated SaaS platform, was born of these findings to assist CISOs who want “real safety”, going beyond standard technology deployments.
The benefits of Reeja Vajra include -

    - APMS, non intrusive scan to identify compromises in corporate IT infrastructure
    - AVA IP/AVA WRSS which identifies vulnerabilities on Web/OS/network level
    - DF24 to identify when a website/service is down, or a defacement by hackers
    - AP24/AP24CTL which can identify phishing site/brand abuse very quickly using neural network/machine learning with computer visioning
    - Manual APT testing once a month to enable white hat hackers to identify vulnerabilities missed by automated scans
    - All vulnerabilities found by automated/manual tests are moved to a bug track list for SOC of organisation to fix
    - Daily report and weekly report generation
    - CISO dashboard shows the current Cyber Threat Index and different graphical views of the vulnerabilities of the organisation.
    - CSPF team works with the application team/vendors to train them on application security aspects of programming
    - The entire focus is find vulnerabilities, prioritise them and work with Application team/network team to fix them. This helps to bring down overall vulnerabilities which can be exploited by hackers to zero and maintain this on a consistent basis


Background on CSPF
CSPF is a highly specialised cyber defense boutique that utilises proprietary technology and products to provide strategic consulting, services and protection against potential attacks on critical front end and back end IT infrastructure from organised criminal, mafia, hacker or state backed groups. CSPF provides services in Vulnerability Assessment and Advanced Persistent Threats (APTs) Assessment. CSPF's core focus includes banking & financial services, critical infrastructure and governments.
CSPF is an evolution of a journey in information security that started in 1992. It is part of an eco-system that includes an information security news portal (E-Hacker) and a foundation dedicated to developing cyber security awareness and defense skills. CSPF choose to incorporate in Singapore in order to internationalise the organisation and to optimally harness software talent in India as well as other parts of the world. Cyber threat is global and the counter response also has to be global in nature.