Menu

Timesdelhi.com

March 19, 2019
Category archive

Department of Homeland Security

A simple data analysis disproves the argument for building a border wall

in America/Column/contents/Delhi/democratic party/Department of Homeland Security/department of justice/immigration/India/Mexico/Politics/president/texas/Trump/U.S. Customs and Border Protection/United States/White House by

Sometimes the end justifies the means. Other times it clearly doesn’t. But in the new bizarro world that is the modern day U.S. political climate, increasingly the means has become the new end itself.

Currently taking center stage for this phenomenon is the now notorious border wall. President Trump is insisting we need a border wall; Democrats of course insisting we don’t.

The better question here might be a border wall for what end goal exactly? What problem is the wall supposed to solve and would it actually do the job? If you wade through the president’s soundbites and campaign rally chants around illegal immigration, the answer would seem to be we should erect a wall to deal with the growing crime and drug issues flooding into our nation at the hands of malicious illegal immigrants. The bad hombres if you will.

In fact, we’re told by the president that the invasion on our border has become such a dire issue that it’s a crisis worth shutting down the government over, leaving a trail of 800,000 American families as political pawns along the path of this game of chicken. But is there really a historic attack on our borders of would-be criminals looking to raid America?

During a recent trip to Rio Grande, Texas, which sits at the border of Mexico, the president remarked that we have never seen so many Border Patrol apprehensions “ever in our history.” Fortunately, for our dedicated border patrol agents, who incidentally under the shutdown are no longer getting paid, that statement is not at all true.

A look at the actual apprehension data from the Department of Homeland Security tells us just how rudely inaccurate the comment was. Turns out border apprehensions have fallen by a pretty staggering 76% from their peak of 1.67M back in 2000. In fact, the last several years have seen apprehension figures drop so significantly they now match levels not seen in nearly 50 years.

Driving the massive reduction in apprehensions back to early 1970’s levels were a few key changes: (1) A tripling of border patrol agents from around 6,000/7,000 levels in the late 90’s to north of 19,000, (2) investment in a “virtual fence” of mobile and fixed surveillance technologies (radar, drones, sensors, mobile and fixed cameras, night-vision goggles, etc.), which agents have called a “game changer,” and (3) some targeted fencing courtesy of the Secure Fence Act. These investments (along with an improving Mexican economy) seemed to have had the desired effect, driving down border apprehensions dramatically from their chaotic peak.

But, wouldn’t fewer apprehensions mean more illegal immigrants must be getting through the border? Why would lower apprehensions also mean lower “invasions” of illegal immigrants? Well, because intuition and the U.S. Customs and Border Protection (CBP) tells us so. According to the CBP website (which is a division of the Department of Homeland Security): “It may seem counterintuitive, but high apprehension numbers are evidence of a border out of control, where there are few barriers, real or perceived, to entry into the U.S. High apprehensions are seen as evidence of low deterrents to violate U.S. law.”

Further validation of this comes when you examine annual apprehensions per Border Patrol agent, per year. If we had just doubled or tripled agents and they were still being overwhelmed at the same rate they were in the 1990’s or early 2000’s, we might have a true national crisis on our hands. On the contrary, in 1993, Border Patrol agents averaged 313 apprehensions per agent during the year, but in 2017 that figure had plummeted to just 16 border apprehensions per agent. A 95% reduction we’ve likely never taken a moment to either recognize, or tie back to the previous border security investments that were made.

If apprehension data can be taken as a reasonable barometer for illegal immigration activity, and illegal immigration activity has dropped significantly over the last several years, then you might even expect to see a leveling off of the growth of undocumented immigrants already residing within the U.S. The most recent data from Pew Research (generally recognized as the best at tracking this) confirms just that, suggesting that the number of undocumented immigrants in the U.S. not only peaked around 2007, but seems to be in a gradual decline since then, dropping from 12.2M to 10.7M. This makes sense given the apprehension data above.

But even if illegal immigration is in significant decline, and the total number of undocumented immigrants living in the U.S. is also declining, then the goal of the wall must presumably be to keep out the abundance of murderers, rapists, and drug smugglers that the president has frequently reminded us are pouring across the border and committing crimes at alarming rates. The challenge here is that appears to also not be the case. Though the majority of heroin and other opioids abused by Americans do originate in Mexico, the president’s own Department of Justice confirmed in 2018 in a 164-page report that only a small percentage of these drugs are seized outside of legal Ports of Entry (e.g. via illegal immigrants), and that the majority comes into the country through legal Ports of Entry either in privately owned vehicles or on tractor trailers, where it’s typically mixed in with legal goods being trucked into the U.S.

Meanwhile, a 2018 study by the Cato Institute – not particularly known for being a bastion of Democratic party stances – examined criminal activity in the state of Texas based on immigration status. Turns out, not only are illegal immigrant arrest and conviction rates not higher than native-born Americans, they are appreciably lower. The below chart shows that conviction rates for crimes (includes homicides, sex crimes, and larceny) committed by illegal immigrants was about 50% lower than those of native-born Americans (as a % of their respective populations).

Looking at arrests instead of convictions yields a similar outcome, where total arrests of illegal immigrants for those same crimes were 40% lower than those native to the U.S.

In our current meme-driven culture, where many conservatives are quick to remind everyone that all lives matter, the irony should not be lost that that principle seems to step aside here for a disturbing fixation on anecdotal headline crimes from a group that actually looks to be a dramatically safer member of the community.

A couple decades ago we clearly had a border crisis. Illegal immigrants were pouring into the border and border patrol was overwhelmed trying to control the hemorrhaging. But the sustained reduction since then to early 1970’s levels is perhaps the rare example of the public sector actually helping address a problem.

Now if the stated goal was, for example, to get illegal immigration to as close to zero as possible because it otherwise (1) creates an undue economic burden on the country and/or (2) is an unfair jumping the line over those trying to enter legally, those are reasonable assertions that would potentially win over voters beyond the campaign choir. But that’s not the conversation coming out of the White House, probably because it’s difficult to build fiery bite-size campaign slogans and chants around “BUILD THE WALL TO FURTHER REDUCE ANNUAL AGENT APPREHENSIONS FROM 16 TO 0!” No doubt it’s a bit messy, and not nearly as frothy.

So if we don’t have a border invasion crisis…and existing undocumented immigrants seem to be both declining in numbers and a much safer part of the population…is the purpose of building a wall then really just to fulfill a campaign rally promise? It feels like the answer to that is yes.

Consequently, we end up left with a situation where we’ve actually done an encouraging about face on border security from the legitimate crisis of 18+ years ago – yet the repeatedly peddled need is to “build-the-wall.” But building the wall is undoubtedly not a well-reasoned means to some clear end, but rather the end goal itself, perpetually requiring the salesman to navigate the thin ridge between ignorant and dishonest cliffs.

News Source = techcrunch.com

With cybersecurity threats looming, the government shutdown is putting America at risk

in agriculture/America/China/Column/computer security/cybercrime/Cyberwarfare/Delhi/Department of Homeland Security/Federal government/Finance/Food/Government/India/Internal Revenue Service/Iran/national security/North Korea/Politics/presidential election/Russia/Security/United States by

Putting political divisions and affiliations aside, the government partially shutting down for the third time over the last year is extremely worrisome, particularly when considering its impact on the nation’s cybersecurity priorities. Unlike the government, our nation’s enemies don’t ‘shut down.’ When our nation’s cyber centers are not actively monitoring and protecting our most valuable assets and critical infrastructure, threats magnify and vulnerabilities become further exposed.

While Republicans and Democrats continue to butt heads over border security, the vital agencies tasked with properly safeguarding our nation from our adversaries are stuck in operational limbo. Without this protection in full force acting around the clock, serious extraneous threats to government agencies and private businesses can thrive. This shutdown, now into its fourth week, has crippled key U.S. agencies, most notably the Department of Homeland Security, imperiling our nation’s cybersecurity defenses.

Consider the Cybersecurity and Infrastructure Security Agency, which has seen nearly 37 percent of its staff furloughed. This agency leads efforts to protect and defend critical infrastructure, as it pertains to industries as varied as energy, finance, food and agriculture, transportation, and defense.

As defined in the 2001 Patriot Act, critical infrastructure is such that, “the incapacity or destruction of such systems and assets would have a debilitating impact on security, national economic security, national public health or safety, or any combination of those matters.” In the interest of national security, we simply cannot tolerate prolonged vulnerability in these areas.

Employees who are considered “essential” are still on the job, but the loss of supporting staff could prove to be costly, in both the short and long term. More immediately, the shutdown places a greater burden on the employees deemed essential enough to stick around. These employees are tasked with both longer hours and expanded responsibilities, leading to a higher risk of critical oversight and mission failure, as weary agents find themselves increasingly stretched beyond their capabilities.

The long-term effects, however, are quite frankly, far more alarming. There’s a serious possibility our brightest minds in cybersecurity will consider moving to the private sector following a shutdown of this magnitude. Even ignoring that the private sector pays better, furloughed staff are likely to reconsider just how valued they are in their current roles. After the 2013 shutdown, a significant segment of the intelligence community left their posts for the relative stability of corporate America. The current shutdown bears those risks as well. A loss of critical personnel could result in institutional failure far beyond the present shutdown, leading to cascading security deterioration.

This shutdown has farther reaching effects for the federal government to attract talent in the form of recent college grads or those interested in transitioning from the private sector. The stability of government was once viewed as a guarantee compared to the private sector, but work could incentivize workers to take their talents to the private sector.

The IRS in particular is extremely vulnerable, putting America’s private sector and your average taxpayer directly in the crosshairs. The shutdown has come at the worst time of the year, as the holidays and the post-holiday season tend to have the highest rates for cybercrime. In 2018, the IRS reported a 60 percent increase in email scams. Meanwhile, as the IRS furloughed much of its staff as well, cyber criminals are likely to ramp up their activity even more.

Though the agency has stated it will recall a “significant portion” of its personnel to work without pay, it has also indicated there will be a lack of support for much beyond essential service. There’s no doubt cybercriminals will see this as a lucrative opportunity. With tax season on the horizon, the gap in oversight will feed directly into cyber criminals’ playing field, undoubtedly resulting in escalating financial losses due to tax identity theft and refund fraud.

Cyberwarfare is no longer some distant afterthought, practiced and discussed by a niche group of experts in a backroom. Cyberwarfare has taken center stage on the virtual battlefield. Geopolitical adversaries such as North Korea, Russia, Iran, and China rely on cyber as their most agile and dangerous weapon against the United States. These hostile nation-states salivate at the idea of a prolonged government shutdown.

From Russian interference in the 2016 presidential election to Chinese state cybercriminals breaching Marriott Hotels, the necessity  to protect our national cybersecurity has never been more explicit.

If our government doesn’t resolve this dilemma quickly, America’s cybersecurity will undoubtedly suffer serious deterioration, inevitably endangering the lives and safety of citizens across the nation. This issue goes far beyond partisan politics, yet needs both parties to come to a consensus immediately. Time is not on our side.

News Source = techcrunch.com

DHS launches a new cyber hub to coordinate against threats to US infrastructure

in critical infrastructure/cyber/cybersecurity/Delhi/Department of Homeland Security/DHS/Government/India/Policy/Politics/Russia/Russian election interference/Security/TC by

Among the many things the current administration has been criticized for is its lack of a unified strategy to combat cyber threats, especially in light of ongoing election interference and psy ops perpetrated by Russia. The Department of Homeland Security is advancing the ball with the creation of the National Risk Management Center, intended on protecting critical infrastructure from attacks and subversion by online adversaries.

The NRMC was announced today at a cyber summit in New York held by the agency, where DHS Secretary Kirstjen Nielsen explained the purpose and justification for this new entity. Remarkably, she directly contradicted the ongoing soft-pedaling by the Executive of Russian operations targeting the country.

“Let me be clear: Our intelligence community had it right. It was the Russians. It was directed from the highest levels. And we cannot and will not allow it to happen again,” she said.

DHS Secretary Nielsen in 2017.

Thus the creation of the NRMC, which will work directly with various entities and federal agencies to protect infrastructure like banking systems and the power grid (not to mention election systems). These are such obvious targets for foreign intelligence to attack, either for destructive or informative purposes, that they merit special attention from our side as well, and DHS is in fact the one to provide it.

The new center will be online and staffed tomorrow, though it will take some time to spin up completely as DHS allocates space, personnel and resources. Its exact duties, jurisdictions and connections with other units will no doubt be made clear as well.

Vice President Pence spoke at the event too, but naturally chose to lash out at the Obama administration, which he said “often chose silence and paralysis over strength and action.”

This is a strange thing to say when several prominent cybersecurity-related posts and offices have been abandoned and a report by the Office of Management and Budget found agencies around the country are utterly unprepared for even elementary cyberattacks.

One of the major moves to improve cybersecurity, elevating CyberCom to Unified Combatant Command level, was an Obama-era plan, and the president’s overall cyber strategy, announced last year, also cribbed liberally from the previous administration.

That said, the vice president was realistic on other points.

“The fact is Russia meddled in our 2016 elections,” he concurred. “This administration will not tolerate threats from Russia, China, Iran, North Korea or anyone else.”

The other countries on the list, it bears mentioning, have not been found to have interfered with American elections, though admittedly they might if they had the chance.

Pence also acknowledged states’ prerogative in running their elections how they like, but also said the federal government would be providing additional funding and technology for election security. He mentioned the “Albert sensors” being deployed to help monitor online systems, and a “virtual situation room” many states are already using that connects DHS with state authorities.

“I want to urge, with great respect, every state to take renewed action. Take advantage of the assistance offered by our administration,” Pence said.

That seems like a good idea, as Russian operations have already begun ahead of the 2018 midterms. Perhaps that joint Russo-American cybersecurity group proposed by Putin will help.

News Source = techcrunch.com

Russian indictments show that the U.S. needs federal oversight of election security

in America/Column/Congress/cybercrime/defcon/Delhi/democratic party/Department of Homeland Security/Election Assistance Commission/election security/elections/federal election/Federal government/Florida/Government/helsinki/India/national security/operating systems/Politics/president/presidential election/Ron Wyden/Russia/Trump/United States by

President Trump’s Helsinki summit with Vladimir Putin, on the heels of twelve Russian intelligence officials indicted for hacking the 2016 election, made it clear that this administration has zero commitment to protect our elections from future Russian attacks.

These events should remind us of an alarming fact we can no longer afford to ignore: our elections are not secure.

As a nation, we underfund and neglect election security. So, much like our aging infrastructure, our election infrastructure is severely outdated and crumbling before our eyes.

Unfortunately, in today’s hyper-partisan environment, even concerns over election security are divided along party lines. Case in point: after his trip to Russia last week, Republican Senator Ron Johnson declared “It’s very difficult to really meddle in our elections. It just is.”

To effectively safeguard our elections, we need to consider yet another conservative taboo: the federal government should have more power in setting election security standards. Our current decentralized, disjointed state-based system is no longer adequate for protecting our elections against foreign interference in the 21st century.

TechCrunch/Bryce Durbin

Right now, the federal government plays a very limited role in the oversight of election security. The Election Assistance Commission and Department of Homeland Security offer optional resources and issue non-binding guidelines for best practices, and states are free to come up with their own standards as they please. The results, unsurprisingly, are abysmal.

In 2016, for example, over two-thirds of all counties in the U.S. used voting machines that were over a decade old. Many machine used outdated softwares and ran in absurdly old operating systems such as Windows 2000. Thirteen states still use machines that are completely electronic, which makes themprone to glitches, and with no paper trails, the results cannot be audited.

Many experts have pointed out that our current machines could be hacked in a matter of minutes. Recently, a 14 year-old participant at DefCon breached a voting machine in 90 minutes, and was able to change the vote tally in the machine remotely, from anywhere.

Besides the machines, there are other major vulnerabilities in many states’ election security standards that would make hacking our elections a breeze for the Russians. Our voter registration databases are outdated and prone to infiltration. Many states have no post-election auditing requirements at all, and those that do are often insufficient, severely undermining our ability to identify and correct an attack.

While federalizing election security has long been castigated as an infringement of state rights, politicians are beginning to acknowledge its necessity. Senator Ron Wyden, for instance, recently introduced The Protecting American Votes and Elections Act of 2018, whichwould require every state to use election machines with paper ballots and mandate risk-limiting post-election audits (the “gold standard” of election auditing).

As Wyden argues: “Americans don’t expect states, much less county officials, to fight America’s wars. The Russians have attacked our election infrastructure and leaving our defenses to states and local entities, in my view, is not an adequate response. Our country needs baseline, mandatory, federal election security standards.”

TechCrunch/Bryce Durbin

Rather than providing concrete solutions, this Republican Congress continues to pretend that all of our election security problems can be solved by tiny, poorly designed federal grant programs alone. In this year’s omnibus spending bill, a bipartisan compromise provided a meager, but much needed $380 million federal grant to states for strengthening election security ahead of the 2018 election. However, the effectiveness of this grant is questionable, given it was earmarked for broad purposes and allocated by a formula that is not competitive or need-based.

Worse still, since states are not required to spend the federal grant allocated to them, some stateshave not even applied to collect their shares. Several state governments are impeding the use of this grant through a combination of delayed action and inaction. For example, Florida’s Republican-led state legislature has refused to authorize their election officials to use the grant before the 2018 election, even when the state is in desperate need for more election security funding.

While inadequate funding is a serious concern that needs to be addressed — House Democrats estimated that we will need $1.4 billion over the next decade to bring our entire election system in line with best practices — increasing federal grants alone would not be enough to secure elections in every state. The Secure Elections Act, a bill currently with the most broad-based, bipartisan support, will provide much needed federal funding to make up for the current shortfall, but as with this year’s federal grant, there is no guarantee states would use the funding in a timely and effective fashion — or at all — given state participation will remain voluntary under this bill.

Our representative democracy cannot survive if we fail to preserve the fairness and integrity of our elections. While it’s too late to implement binding federal guidelines to secure the 2018 midterm, we should accept nothing less for the 2020 presidential election, as we can be certain the Russians will hack that election in order to help their preferred candidate, yet again.

Too many states have proven they are unwilling to take election security seriously. It’s time for the federal government to step in.

News Source = techcrunch.com

A huge spreadsheet naming ICE employees gets yanked from GitHub and Medium

in activism/Delhi/Department of Homeland Security/Government/immigration/India/Policy/Politics/TC/Trump administration by

A massive database of current U.S. Immigration and Customs Enforcement (ICE) employees scraped from public LinkedIn profiles has been removed from the tech platforms hosting the data. The project was undertaken by Sam Lavigne, self-described artist, programmer and researcher in response to recent revelations around ICE’s detention practices at the southern U.S. border.

Lavigne posted the database to GitHub on Tuesday and by Wednesday the repository had been removed. The database included the name, profile photo, title and city area of every ICE employee who listed the agency as their employer on the professional networking site. A more in-depth version of the data pulled all public LinkedIn data from the pool of users, including previous employment, education history and any other information those users opted to make public. The total database lists this information for 1,595 ICE employees, from the company’s CTO on down to low-level workers.

The project accompanied a Medium post about the project’s aims that has since been removed by the platform:

While I don’t have a precise idea of what should be done with this data set, I leave it here with the hope that researchers, journalists and activists will find it useful…

I find it helpful to remember that as much as internet companies use data to spy on and exploit their users, we can at times reverse the story, and leverage those very same online platforms as a means to investigate or even undermine entrenched power structures. It’s a strange side effect of our reliance on private companies and semi-public platforms to mediate nearly all aspects of our lives.

The data set appears to have violated GitHub and Medium guidelines against doxing. Medium’s anti-harassment policy specifically forbids doxing and defines it broadly, preventing “the aggregation of publicly available information to target, shame, blackmail, harass, intimidate, threaten, or endanger.”

Because it doesn’t include personal identifying information like home addresses, phone numbers or other non-public details, Lavigne’s project isn’t really doxing in the normal sense of the word, though that hasn’t made it less controversial.

GitHub’s own policy leading to the data’s removal is less clear, though the company told The Verge the repository was removed due to “doxxing and harassment.” The platform’s terms of service forbid uses of GitHub that “violate the privacy of any third party, such as by posting another person’s personal information without consent.” This leaves some room for interpretation, and it is not clear that data from a public-facing social media profile is “personal” under this definition. GitHub allows researchers to scrape data from external sites in order to aggregate it “only if any publications resulting from that research are open access.”

While Lavigne’s aggregation efforts were deemed off-limits by some tech platforms, they do raise compelling questions. What kinds of public data, in aggregate, run afoul of anti-harassment rules? Why can this kind of data be scraped for the purposes of targeted advertising or surveillance by law enforcement but not be collected in a user-facing way? The ICE database raised these questions and plenty more, but for some tech companies the question of hosting the data proved too provocative from the start.

News Source = techcrunch.com

Go to Top