Cyber Briefing ~ 05/21/2024
McCrary Institute for Cyber & Critical Infrastructure Security
Working to protect and advance U.S. interests in the areas of cyber and critical infrastructure security.
National Cyber Director Harry Coker will discuss the White House's updated implementation plan for the national cyber strategy at a think tank event. Meanwhile, the National Institute of Standards and Technology Director Laurie Locascio will testify on the agency's priorities for 2025 in front of the House Science Committee.
US experts say two large cyberespionage groups in China, dubbed Elderwood Gang and Comment Crew, account for 90% of the theft of US companies' intellectual property. Attacks since 2010 show their operations could be massive, hitting 20 tech firms, defense contractors, and natural gas pipelines. The scope suggests state support, with hundreds of employees stealing broad industry intelligence, not just targeting individual firms.
The head of Canada's intelligence agency, David Vigneault, has warned Canadians, including teenagers, against using TikTok, citing the potential for the Chinese government to acquire personal information. Vigneault stated that data from TikTok is available to the government of China, which poses a threat to individuals' privacy and national security. TikTok has denied these allegations and maintains that its servers are outside of China and comply with Canadian data protection and privacy laws.
U.S. officials warn that Chinese state-owned cable repair company SBSS poses a threat to undersea fiber optic cables, including some partially owned by Google and Meta. SBSS ships often turn off their location transponders while at sea near cables carrying sensitive data. This lack of transparency fuels concerns that they could tap or disable key lines. Still, constant oversight makes tampering hard. Securing cables from potential adversaries is an increasing focus amid U.S.-China tensions.
Former NSA Director Adm. Michael Rogers, who serves on the McCrary Institute's Advisory Board, discusses the complex threat landscape CISOs face, from new regulations to geopolitical risks and relentless cyber attacks targeting critical infrastructure. He emphasizes the need for solid security practices and effective communication with leadership to navigate these challenges. Rogers stresses that while the current environment poses significant risks, it also presents opportunities for CISOs to strengthen their organization's cybersecurity posture. He provides insights into the evolving tactics of state-sponsored actors, such as China's Volt Typhoon APT, which has been accused of embedding destructive malware in critical infrastructure networks, marking a shift in the risk calculus for CISOs responsible for protecting these vital systems.
The Environmental Protection Agency (EPA) has issued an enforcement alert warning that cyberattacks against water utilities in the US are becoming more frequent and severe. About 70% of utilities inspected violated standards to prevent cyber threats, with even small water systems urged to improve protections. Recent attacks, some state-sponsored, have targeted utilities' operations, impacting the supply of safe water. The alert emphasizes the seriousness of cyber threats and warns of potential civil or criminal penalties for non-compliance. The EPA is working to train water utilities and has called for increased cybersecurity measures industry-wide.
The US government plans to launch a program to protect the private healthcare sector from cyberattacks by creating tools to defend internet-connected hospital equipment. The program will deploy over $50 million to organizations that develop tools to ensure the safety and functionality of medical devices. The initiative aims to strengthen protections for critical healthcare equipment and help hospitals detect vulnerabilities and deploy fixes quickly after an attack. The move comes in response to recent high-profile cyberattacks on healthcare organizations, and the US government believes it has a unique responsibility to support the sector in improving its cybersecurity defenses.
Advancements in quantum computing are allowing researchers to explore practical applications, such as optimizing airline gate assignments and improving AI algorithms. While quantum computers are still small and error-prone, they have shown promise in outperforming conventional computers in certain calculations. The race is on to uncover more practical uses for this emerging technology.
Iranian President Ebrahim Raisi and Foreign Minister Amir-Abdollahian were killed in a helicopter crash. Supreme Leader Ayatollah Ali Khamenei announced replacements as condolences and jubilation poured in.
European governments are facing challenges in attributing covert attacks to Russia due to inconclusive evidence. Suspected incidents include damage to undersea gas pipelines, cuts in internet connections, and disruptions to rail networks. The difficulty lies in identifying culprits, often commercial or fishing vessels near the targeted infrastructure, that lack direct connections to Russian authorities. European governments are cautious about accusing Russia directly, fearing escalation and lacking clear proof. Russia has increasingly used civilian vessels to survey and potentially attack critical infrastructure, making detection more challenging.
The number of US students majoring in computer science has jumped 40% in five years, but tech giants are now hiring fewer entry-level coders. Postings for software jobs are down 30% from before the pandemic. While top graduates can still find work, they are broadening searches beyond Facebook and Google. With supply up and hiring down, salaries are only rising 2.7%, the lowest bump for 8 majors. Students once focused on big tech are now looking at banks, retailers, healthcare, and other sectors hiring for tech roles.
The recent U.S. Cyber Safety Review Board (CSRB) report emphasizes the risks of government overreliance on a single technology vendor, citing significant security failures and weaknesses. Google recommends adopting a new approach to security, including secure-by-design procurement, involving security in the procurement process, and mitigating monoculture. Google also announces a new Google Workspace offering for U.S. public sector organizations.
Some cities banned facial recognition technology, citing concerns about accuracy and racial bias. So police officers in Austin and San Francisco sought help from other law enforcement agencies to run searches, violating the bans. Officers got some hits, but questions remain about enforcing the bans when police don't disclose tech use.
领英推荐
Members of the House Armed Services Committee are preparing to propose a bipartisan amendment that would require the Pentagon to study the establishment of a military cyber service. The amendment, expected to be offered during the panel's markup of the fiscal 2025 defense authorization bill, would require an independent evaluation by the National Academy of Sciences. The proposed Cyber Force aims to address the growing cyber threats and risks and the existing digital warfighting branches being "siloed" to their respective services. Pentagon leaders have previously rejected the idea, citing the organization's maturity and potential downgrading of existing branches.
A sophisticated cyberattack targeted the city hall of Modi'in Ilit in Israel, leading to a month-long shutdown of the city government's computer network. The attack was concealed from the public, with employees initially being told it was a malfunction. The incident is part of a broader targeted campaign against Israeli cities, with over 100 attacks on local government entities since October 7. The lack of legislation and regulation leaves municipalities exposed to cyber threats, highlighting the need for stronger cyber defense measures.
Germany is nearing a decision to remove Chinese critical components from its 5G core network by 2026, with three of the four relevant ministries supporting the measure. The interior, foreign, and economy ministries back the proposal, citing national security reasons. The digital ministry is resisting the decision due to industry opposition. The plan envisions a two-step phase-out, requiring telecommunications providers to eliminate Huawei and ZTE critical components from core networks by 2026 and reduce dependency on Chinese components in access and transport networks by 2029.
Jan Leike, a top safety leader at OpenAI, resigned after disagreements with the company's prioritization of "shiny products" over safety. OpenAI has been focusing on developing powerful AI models, but concerns were raised about the lack of attention given to safety and societal impact. The departure of key safety-focused leaders has disbanded the superalignment team, which aimed to ensure the safe development of OpenAI's technology. The company's CEO, Sam Altman, expressed sadness at the departures and acknowledged the need for further action on safety.
This opinion article discusses Russia's push for a UN cybercrime convention, which it argues is an effort to legitimize authoritarian control over the internet. It states the convention's broad definition of cybercrime and requires domestic laws could enable censorship and undermine human rights. The article contrasts this with the existing Council of Europe's Budapest Convention, which Russia rejects. It sees Russia's UN convention bid as strategic competition on internet governance, together with its other efforts. The article concludes that digital solidarity against this effort will test the US' new cyberspace strategy grounded in rights and law.
A Chinese-speaking hacking group is targeting individuals associated with a leading U.S.-based artificial intelligence organization through a phishing attack. This highlights the increasing threat of insider attacks and the race for AI dominance between the U.S. and China. AI companies must remain vigilant against cyber threats and insider risks.
A cybersecurity official reveals multiple incidents of unauthorized attempts to steal location data, monitor communications, deliver spyware, and influence American voters via text messages. The vulnerabilities in global telecommunications pose serious security risks.
Former Tory leader Iain Duncan Smith warns that China's vast army of hackers is waging a cyber war on the West to pave the way for a new world order, stating, "This is a war and we are losing it." Former Tory leader warns that China is "trying to break down the West" through constant cyber attacks to undermine and gather intelligence, allowing it to counter Western actions. He states that the UK hesitates on China due to business interests there. The deputy director for the Global China Hub at the Atlantic Council also warns "we are already at war" through China's use of cyber attacks against Taiwan to sway public opinion and demoralize in preparation for a potential future invasion.
China has expanded operations at a naval base in Cambodia, renovating facilities over two years after the U.S.-built structures were demolished. With Chinese ships now visiting for exercises and room for aircraft carriers, experts warn that Ream Naval Base could become Beijing's first permanent foreign military outpost like Djibouti. Despite U.S. warnings, the base gives China a naval presence against Southeast Asia. Though banned by Cambodia's constitution, a rotational presence could exploit a loophole.
Experts assessed President Biden's National Security Memorandum 22 on critical infrastructure, noting its focus on risk management and identifying key sectors like space and cloud that were left out. While agencies like DHS and CISA have expanded their cyber resources, challenges remain in data sharing and hiring. Compared to past policies, NSM-22 improves intel sharing with the private sector. Its effectiveness depends on transparency, communication, and addressing reporting failures.
Two Democratic candidates, Ashwin Ramaswami in Georgia and Madison Horn in Oklahoma, are running on their cybersecurity backgrounds, hoping to leverage voter concerns about AI, hacking threats, and election fraud claims. While facing tough battles in red-leaning districts, they aim to become the first candidates to win elections based on cybersecurity expertise.
Subscribe to our LinkedIn Cyber Briefing .
Subscribe to the daily Cyber Briefing email .
Subscribe to our Cyber Focus podcast .
Copyright ? 2024 Auburn University's McCrary Institute. All Rights Reserved.