Cyber Briefing ~ 04/12/2024
McCrary Institute for Cyber & Critical Infrastructure Security
Working to protect and advance U.S. interests in the areas of cyber and critical infrastructure security.
Dear Readers,
This week's edition of Cyber Focus featured RADM (Ret.) Mark Montgomery, a senior fellow at both the Foundation for Defense of Democracies and the McCrary Institute. With years of leadership experience, Montgomery shared insights from his time as staff director at the Cyberspace Solarium Commission, where we saw around 70% of our recommendations incorporated into law or policy. He also touched on the evolving cyber threat landscape while highlighting vulnerabilities and lack of investment across critical sectors like water and healthcare. Additionally, Montgomery advocated for establishing an independent cyber force to enhance military cyber capabilities.
Along those lines, Germany announced plans to create a dedicated Cyber and Information Domain Service (CIR) as its fourth independent armed forces branch to bolster cyber defenses against Russian threats. According to Defense Minister Boris Pistorius, the CIR will handle military cyber operations and combat hybrid threats like disinformation, working alongside the existing army, air force, and navy branches under a new centralized command.
A new Microsoft report discusses China's growing use of AI-generated content like fake audio clips, video news anchors, and social media posts to conduct covert online influence operations in the U.S.? While still trailing Russian disinformation capabilities, China's rising investment allows experimentation with sophisticated AI tools to manipulate discourse on issues like Hong Kong and Taiwan.
In its latest semiannual report, the International Monetary Fund (IMF) highlighted the growing cybersecurity threats facing the financial industry, citing the potential for severe consequences from cyberattacks on banks and financial firms. The IMF mentions that a lack of comprehensive data on cyber incidents hinders analysis of potential systemic risks. However, their research found that companies with stronger cybersecurity expertise at the board level tend to be better equipped to prevent successful cyberattacks.?
In a significant boost to U.S. semiconductor production, Taiwan Semiconductor Manufacturing Co. (TSMC) is set to receive $6.6 billion in grants and up to $5 billion in loans from the U.S. government to construct a third cutting-edge fabrication facility in Arizona. This deal, one of the largest under the CHIPS Act, is part of the reshoring of chip manufacturing amid intensifying strategic competition.
Finally, Forescout research reveals a 40% surge in Chinese-manufactured devices on U.S. networks in 2024, including critical infrastructure sectors. Despite bans, thousands of high-risk devices like Hikvision cameras persist, enabling potential remote access by China for espionage or cyber-attacks against critical systems and data.
War Eagle,
Frank Cilluffo
Chinese People's Liberation Army (PLA) researchers, in a series published by Study Times, emphasized the importance of AI-driven naval warfare and aerospace combat capabilities in winning future battles. The articles highlighted the role of artificial intelligence in transforming military command and decision-making, with AI-powered systems becoming a key variable in changing the rules of war. The researchers also discussed the use of massive drone networks, cloud computing, and advanced algorithms in sea battles, as well as the significance of gaining control over electromagnetic space, cyberspace, and aerospace in military competition.
The U.S. Cyber Command's elite Cyber National Mission Force conducted 22 deployments to over a dozen countries last year, working to fortify networks and expose hacker tools. These "hunt-forward" missions, often undisclosed, are part of the command's persistent engagement strategy to proactively address cyber threats worldwide.
The Biden administration is preparing to issue an order that would prohibit U.S. companies and citizens from using software made by the Russian cybersecurity firm Kaspersky Lab, citing national security concerns. The move would utilize new Commerce Department authorities to restrict the use of Kaspersky products, marking an unprecedented step to prevent private entities from using software deemed a risk by U.S. officials.
The French government has stepped in to provide a €50 million loan to the troubled IT company Atos, which is the main cybersecurity provider for the 2024 Olympics in Paris. Atos, burdened with nearly €5 billion in debt, is a strategic asset for France, active in critical sectors like cloud services and nuclear simulation. The government aims to protect Atos' assets and ensure the company's stability ahead of the high-profile Olympic event.
China cultivated TikTok influencers in Taiwan and elsewhere to spread disinformation, even using government-related accounts and generative AI to push fake videos. They leveraged third-party data to micro-target messages and influence campaigns, providing a glimpse into tactics they could use globally to undermine support for the U.S. government and military. Researchers warn that these techniques could be used to target U.S. elections next.
Amid growing cybersecurity risks, the federal agency responsible for hydroelectric dam security has only four employees, raising serious concerns about the sector's ability to defend against cyber threats. Experts warned that U.S. dams, which provide over 50% of private electricity generation, have not undergone mandatory cybersecurity audits by the Federal Energy Regulatory Commission (FERC). Additionally, FERC's cybersecurity requirements have not been updated since 2016, leaving the industry vulnerable to evolving threats. Lawmakers pressed for urgent action, including vulnerability assessments, updated guidance, and increased resources to secure the nation's critical dam infrastructure against potential cyber-physical attacks.
U.S. Cyber Command deployed its elite digital warfighting corps on 22 "hunt forward" missions to 17 countries in 2023, collecting over 90 malware samples to bolster defenses against foreign cyber threats, including potential interference in the 2024 U.S. presidential election.
The National Reconnaissance Office (NRO) is set to begin launching the first phase of its operational proliferated constellation of spy satellites in early May. The mission, named NROL 146, will increase timeliness of access, diversity of communication paths, and enhance resilience. The NRO plans to launch six satellites in 2024 and aims to quadruple the number of satellites it has in orbit. The proliferated architecture will include a mix of government and commercial systems, and advancements in technology and reduced launch costs have enabled the NRO to pursue this approach.
The Pentagon's Replicator initiative, aimed at countering China's military buildup, has included counter-drone assets in its first tranche of systems. The Replicator 1.1 selection also includes different-sized unmanned surface vessels and loitering munitions. The Switchblade 600 kamikaze drones made by AeroVironment and Anduril's Wide-Area Infrared System for Persistent Surveillance (WISP) technology were among the systems chosen for accelerated production. The Replicator initiative aims to field thousands of "autonomous" systems across multiple warfighting domains by August 2025, with a total spending of approximately $1 billion in the fiscal 2024-2025 timeframe.
President Biden stated he is considering a request from Australia to drop the U.S. prosecution of WikiLeaks founder Julian Assange, who faces charges related to publishing classified documents. Australia has argued there is a disconnect between the U.S. treatment of Assange and Chelsea Manning, whose sentence was commuted. Assange's supporters say he exposed military wrongdoing and should be protected as a journalist.
Taiwan Semiconductor Manufacturing Co.'s quarterly revenue grew at its fastest pace in over a year, as a global boom in AI development fueled strong demand for its high-end chips and servers. The chipmaker's March-quarter sales rose 16% to about $18.5 billion, beating expectations, and it expects revenue to grow at least 20% this year.
President Biden and Japanese Prime Minister Kishida have partnered with tech giants Amazon and Nvidia to fund new joint artificial intelligence research programs between universities in the U.S. and Japan. The $110 million initiative aims to advance AI collaboration between the two nations as the Biden administration weighs new regulations to address AI risks. The leaders also confirmed cooperation on semiconductors, with Japan being a top foreign investor in the U.S.
House Republicans blocked Speaker Mike Johnson's third attempt to reauthorize the controversial Section 702 of the Foreign Intelligence Surveillance Act, marking a fresh defeat for the beleaguered speaker. The setback came after former President Trump urged lawmakers to "kill" the law, and as conservatives chafed at Johnson's opposition to a plan requiring warrants for certain wiretapping queries. With no clear path forward, Congress now faces the prospect of the surveillance program expiring on April 19 without an extension.
Right-wing House Republicans blocked a move by Speaker Mike Johnson to extend a key foreign intelligence surveillance tool, Section 702 of the Foreign Intelligence Surveillance Act, after former President Donald Trump urged lawmakers to "kill" the law. The setback came as intelligence officials warned that allowing the law to expire would harm national security and the fight against terrorism.
Demand for information warfare capabilities is growing, and the U.S. Navy plans to embed more information warfare specialists aboard submarines to aid underwater operations. The trials have proven fruitful, but staffing and resources need consideration before any sweeping changes. The Navy is also introducing information warfare systems into its live, virtual, and constructive environments.
Months of Russian GPS spoofing in the Baltic Sea is making regional shipping and air travel more dangerous, hurting the economy. Sweden's naval chief calls for NATO to address the situation by increasing its presence in the Baltic Sea to provide security and support for merchant vessels.
Proposed legislation would establish a quantum advisor and a new center of excellence to accelerate the Defense Department's use of quantum information science, from sensing and navigation to more ambitious goals of quantum computing for advanced AI applications. The bill aims to help the U.S. outpace China's significant investments in quantum technology and maintain a leadership position in this critical field for national defense and economic security.
The Cyber Safety Review Board's report on the 2023 Microsoft Exchange Online intrusion slammed the company's security practices but also delivered a wealth of recommendations crucial for cloud service providers, including adopting standards, improving audit logging, and enhancing transparency and communication around security incidents.
AT&T has begun notifying over 51 million customers that their personal data, including social security numbers, was publicly shared on the dark web in March. The leaked information dates back to June 2019 or earlier and includes details like names, addresses, phone numbers, and account details. While the passcodes were encrypted, the encryption was easily broken. This massive data breach affects both current and former AT&T customers.
AT&T has confirmed that millions of customer records posted online last month were authentic, and has begun notifying U.S. state authorities and regulators of the security incident. The telecom giant said the breached data included customers' personal information such as full names, email addresses, mailing addresses, dates of birth, phone numbers, and Social Security numbers. The leaked data, which dated back to mid-2019 and earlier, affected over 7.9 million current AT&T customers and around 65 million former customers. AT&T is offering identity theft and credit monitoring services to the affected individuals, but has not yet identified the source of the data leak.
Researchers at Colorado State University discovered critical security flaws in electronic logging devices (ELDs) used to manage commercial truck fleets, allowing hackers to remotely disable vehicles. The vulnerabilities, including weak default passwords and exposed wireless connectivity, could enable attacks like disabling accelerator pedals or spreading malware across truck-to-truck networks. Experts warn the trucking industry must prioritize patching these OT security gaps to safeguard this critical infrastructure.
Subscribe to our LinkedIn Cyber Briefing.
Subscribe to the daily Cyber Briefing email.
Subscribe to our Cyber Focus podcast.
Copyright ? 2024 Auburn University's McCrary Institute. All Rights Reserved.
Adapting to cyber risks is like surfing—anticipate, adapt, and ride the wave of change. As Plato wisely suggested, necessity is the mother of invention ???? #cybersecurity #innovation