Nathaniel GleicherVerified account

@ngleicher

Head of security policy at Meta. Countering adversarial threats. Previously Illumio, NSC, DOJ. He/him. Dreaming of fall in the green mountain state.

Palo Alto, CA
Joined November 2008

Tweets

You blocked @ngleicher

Are you sure you want to view these Tweets? Viewing Tweets won't unblock @ngleicher

  1. Undo
  2. Retweeted
    13 hours ago

    Software supply chain security in a single tweet.

    Undo
  3. Retweeted
    Apr 10

    Railway map of Antarctica

    Undo
  4. Retweeted
    Apr 8

    It’s critical that consumers, enterprises protect themselves with MFA. But we don’t know if they do. Online services should publish monthly stats showing MFA usage broken down by: - Consumer users - Enterprise users - Enterprise users with elevated privileges/sysadmins Thoughts?

    Show this thread
    Undo
  5. Retweeted
    Apr 7

    Meta's 1st Quarter 2022 Adversarial Threat Report is a remarkable document

    Show this thread
    Undo
  6. Retweeted
    Apr 7

    I should probably write a long tweet thread about this. Maybe I will, but also you should just read the threat report. Our teams have been working very hard to stop and disrupt all kinds of bad guys. Read all about it.

    Undo
  7. Apr 7

    12/ 3️⃣ Two of the ops we tackled— Ghostwriter & the op from Azerbaijan — blended hacking & CIB to attempt to manipulate public debate. Threat actors will keep blurring these lines, making collaboration between teams and between companies and government increasingly important.

    Show this thread
    Undo
  8. Apr 7

    12/ Example: We removed an op linked to an older effort that had almost 6M followers when we enforced back in 2020. They tried to come back & only had ~500 followers this time. Exactly the trend that defenders want to see. The previous op:

    Show this thread
    Undo
  9. Apr 7

    11/ 2️⃣ Several of our enforcements in Ukraine were ops run by threat actors we had previously removed who attempted to come back but were quickly caught. Determined adversaries will keep trying, but defenders working together forces them to work harder for less and less return.

    Show this thread
    Undo
  10. Apr 7

    10/ To counter these domestic threats, it’s essential that open societies/gov'ts help disincentivize other gov’ts from using these ops and set clear, thoughtful rules around inauthenticity in their own public debate. We look forward to working on these issues in the months ahead.

    Show this thread
    Undo
  11. Apr 7

    9/ Three key insights from across this report: 1️⃣ As in 2021, more than half of the ops we enforced against here were domestic.

    Show this thread
    Undo
  12. Apr 7

    8/We also removed two cyber-espionage ops from Iran, a blended CIB/hacking campaign from Azerbaijan, and CIB operation in Brazil, and another CIB in Costa Rica/El Salvador. More from :

    Show this thread
    Undo
  13. Apr 7

    7/ We enforced against them under our policy against coordinated violating networks, under which our previous enforcements include a Querdenken-linked network and another one in Italy and France.

    Show this thread
    Undo
  14. Apr 7

    6/ We also outline a series of actions in the Philippines ahead of their upcoming election, which include an enforcement against a coordinated network that claimed to facilitate DDOS attacks and other cybersecurity threats.

    Show this thread
    Undo
  15. Apr 7
    Show this thread
    Undo
  16. Apr 7

    4/ Today, we detail ongoing enforcements in Ukraine, including of Russia- and Belarus-linked ops focusing on the invasion. These actors attempted to target public debate but we caught them before they could build audiences.

    Show this thread
    Undo
  17. Apr 7

    3/ We welcome ideas from the security community on how to make these reports more informative, and we’re continuing to assess what additional types of adversarial enforcements we might include in future reports.

    Show this thread
    Undo
  18. Apr 7

    2/ We’ve been reporting our CIB enforcements since 2017 and now our regular reports cover more than IO. Today’s report includes IO, cyber espionage, IB (spam/scams), mass reporting, and other emerging threats.

    Show this thread
    Undo
  19. Apr 7

    1/ Today we released our first quarterly threat report. It provides a window into the threats we see and our security enforcements, including investigations in Ukraine, Russia, the Philippines, Brazil,Costa Rica/El Salvador, Azerbaijan and Iran.

    Show this thread
    Undo
  20. Apr 6

    Overall, the continued use of strategic disclosure as deterrence-by-denial and deterrence-by-preparation is especially worth watching.

    Show this thread
    Undo

Loading seems to be taking a while.

Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.

    You may also like

    ·