In the first segment of an interview with Chris Inglis, former deputy director of NSA, the Irari Report talks with him about his perceptions of Edward Snowden’s motivations and intentions in committing his acts of espionage. In the video segment, Inglis discusses his impressions of Snowden, and theorizes as to why Snowden left for China, and to where he intended to defect.

Edward Snowden's defection occurred during Inglis' tenure as Deputy Director of NSA, and as such, Inglis was extremely involved in overseeing the investigation incident and mitigation of the resulting damage. Inglis states that Snowden was indiscriminate in his release of information, and is full of rage. When asked to comment on why Snowden has not released any documents about Russian or Chinese domestic surveillance efforts, which are plentiful throughout NSA, and would have been readily available to Snowden while he was at NSA, Inglis stated that Snowden lacks any courage to speak up about any concerns while he might be held accountable.

To read this article in full, please click here

I started to review the recently published Black Hat Attendee Survey. This study primarily focused on the concerns of practitioners, including how they actually spent their times and the losses that they incurred.

In another article, I will try to compare those concerns with the actual conference content. For now though, the most notable statistic is the prominence of awareness related concerns, as a pain point for security professionals.

Clearly, the news media and study after study indicate that attackers target poor awareness on the part of end users and administrators. It has been reported that spearphishing was behind the Sony and TV5Monde attacks. The Sony results are well known. The TV5Monde attack was originally credited to ISIS sympathizers and the fact that TV5Monde actually televised many of their passwords while broadcasting an interview from their studios. Passwords were written on a white board in the background. Whether the attack was the result of televised passwords or spearphishing, it is still a result of user actions.

To read this article in full, please click here