CYBER EXPERTS STEP BACK — A wave of discontent is washing over a key government cybersecurity initiative, as leading experts are quietly retreating from the program in frustration. A pillar of the Joint Cyber Defense Collaborative, launched in 2021 to enlist private-sector muscle to fight against cybercrime, is facing a pullback of participants who say it’s hampered by mismanagement. And they say they are increasingly fearful of being caught in growing conservative blowback against the agency and its partners. The idea was to have elite hackers from companies like Microsoft and Google quickly share threats with CISA and IT teams defending key sectors. But five participants told John they are no longer contributing or have pared back their involvement in recent months. The JCDC “has been dead for a while now,” SentinelOne’s senior cybersecurity analyst Juan Andres Guerrero-Saade told John. — Networks in peril: Most U.S. networks are privately owned, so CISA relies on outside help for its core job of protecting government and critical infrastructure. And threats are rising, with Chinese hackers aggressively targeting American systems, a star-studded panel of U.S. cyber officials warned Congress last week. And the JCDC itself was even brought up as a successful layer of defense against hard-hitting Chinese intrusions. — CISA has something to say: CISA's assistant executive director Eric Goldstein disputed claims of any drop-off in private sector participation, and said the JCDC continues to play an important role in addressing cutting-edge hacking threats, such as an ongoing campaign by Chinese state-backed hackers to hold critical U.S. infrastructure at risk. He also argued JCDC remains an important vehicle for planning longer-term cyber defense planning with industry, a separate major thrust of its work. However, CISA did acknowledge the challenges and expressed a willingness to work with partners to improve the JCDC. — Management woes: There are concerns that CISA has not staffed JCDC with enough technical experts to analyze the threat data coming in. Multiple participants said CISA is slow to act on tips and mainly has lawyers and policy people working in JCDC, not seasoned cybersecurity operators. — The straw that broke the camel’s back: But a big part of the problem stems from the conservative backlash against CISA over its separate work combating disinformation. Even though JCDC isn’t involved in that work — and CISA vehemently denies the charges against it — conservative activists recently targeted members of a nonprofit cyber defense group, the CTI League, that predated the JCDC but helped the agency protect hospitals from cyberattacks during the pandemic. CISA did not reach out to offer the researchers any support, CTI League members say, angering some JCDC participants and leaving others worried that conservative scrutiny is now expanding into even apolitical cybersecurity work. “You want us to go to battle on a dangerous battlefield, and we don’t know if you’re actually going to show up alongside us,” said Marc Rogers, the founder of the CTI League, who worked with the agency before the formation of the JCDC. Get all the details in John’s latest story. PENTAGON LENDS A HAND — The Department of Defense is accelerating its efforts to assist Taiwan and other nations in resisting cyberattacks, part of a larger effort by the Pentagon to zoom in on raising international awareness about threats from China. As Maggie reports, a senior defense official, speaking anonymously in order to discuss details not made public, said that U.S. aid to Taiwan against Chinese cyber threats "has been ongoing for quite some time." “The conversation with Taiwan has really matured, and we [and the broader U.S. Government] continue to do a lot of work together to support their defensive cybersecurity capabilities,” the official said. — Congressional direction: The 2024 National Defense Authorization Act gave a boost to military cyber cooperation with Taiwan, especially U.S. Indo-Pacific Command efforts. This has drawn notice as China-linked attacks on the island have surged, including after Nancy Pelosi's 2022 visit and around Taiwan's recent presidential election. The official said it’s an ongoing, high-focus area for the Pentagon, with the U.S. helping to ensure Taiwan “better understands the threat,” including through “regular exchanges about threat information.” — Expanding the tent: Taiwan isn't the only recipient of U.S. cyber aid, and the Pentagon has been "stepping up cyber partner capacity building," per the official. Reviewing this process will be a major effort this year, and there will be a “very large line” for the Department going forward. Threats from China, including to U.S. critical infrastructure, are a top concern for the broader Biden administration. Recently resigned NSA and Cyber Command leader Gen. Paul Nakasone called cyberthreats from China the "generational challenge of our time." — Spread the word: It's an issue the whole Pentagon is zeroed in on and working to get allies more engaged with. The senior defense official said NATO's Cyber Defense Committee was briefed last month on the Pentagon's new cyber strategy, an unclassified summary of which was released in September, which focuses on countering Chinese malicious cyber efforts and other adversarial nations.
|
No comments:
Post a Comment