WORLDWIDE THREATS — As the intelligence community prepares to unveil its 2024 Worldwide Threat Assessment to the Senate Intelligence Committee today, the looming threats of Chinese attacks on critical infrastructure and disinformation during an election year are expected to take center stage. While the unclassified threat assessment rarely contains major surprises, it lays the foundation for dialogue between America's top spies and congressional overseers. And this year, a few pressing issues like the rising role of Iranian cyber proxies are expected to gain elevated prominence compared to 2023. — Election threats: A perpetual focus, the specter of foreign election interference from Russia, China, Iran and North Korea will likely warrant renewed — and perhaps weightier — attention with the U.S. presidential election just months away. While the Kremlin's cyber activities have long dominated the election security landscape, all eyes will be on any new intelligence about China's role, which now include its powerhouse capabilities in leveraging AI for disinformation campaigns. “It’s now an effort to influence our policy, to divide us year round, on a regular basis,” Senate Intelligence Vice Chair Marco Rubio (R-Fla.) said in a Sunday interview with “Face the Nation.” “The Chinese want to get into this business. The Iranians and others will join them … It’s a growing risk.” — Critical infrastructure risks: Last year's assessment was the first to publicly warn that China views attacking U.S. critical infrastructure like electricity grids as an option in a potential conflict. Since then, the United States has uncovered a wide-scale effort by Chinese state-sponsored hacking group Volt Typhoon targeting critical networks in Guam, a power grid in Texas and a water utility in Hawaii, and much more recently an attempted infiltration of hundreds of insecure U.S. home routers to gain access to critical infrastructure. “The nature of strategic competition today revolves much more around non-traditional tools and the ability to harness emerging and dual-use technologies,” Senate Intelligence Chair Mark Warner (D-Va.) plans to say in his opening testimony, shared with Morning Cyber. “The nature of conflict increasingly allows adversaries to project power through asymmetrical means,” Warner will say. “Cyberattacks can disable critical infrastructure from thousands of miles away and are increasingly available to a widening array of actors.” — Cyber battlegrounds: After taking a backseat in recent years, Iranian cyber threats (which contained just a single paragraph in last year’s report) are predicted to get elevated concern as violence flares in the Middle East and Tehran-aligned hackers pose growing risks. Remember, at least 18 U.S. water facilities were targeted by Iranian-backed hacktivists late last year for using Israeli-made equipment. — Wildcard moves: From North Korea's cryptocurrency heists to emerging tech's security implications, there's always potential for an out-of-the-box issue to make the cut. Ransomware, supply chain attacks and AI risks are a few possibilities. The highly anticipated report will draw close scrutiny this year given tumultuous global events and the CIA's rising stature in coordinating intelligence priorities under Director William Burns' leadership. Some will also watch for any notable reframing or rebalancing of key intelligence initiatives under Burns' tenure leading the community of 18 intelligence agencies, which over the weekend also dropped its first-ever national Open Source Intelligence Strategy. When adding management of human intelligence and all open source intelligence together, Andrew Borene, the executive director of global security at security firm Flashpoint, assessed that centralized control represents a striking combination — fusing oversight of human sources, open source data exploitation, intelligence collection, analysis and dissemination under the spy chief's purview. "It's obvious the CIA is becoming increasingly central to the entire U.S. intelligence community effort,” said Borene, a former senior official at the Office of the Director of National Intelligence. CHANGE HEALTHCARE HACK — The top official at Health and Human Services is putting the health care industry on blast for what he sees as an inadequate response to the crippling Change Healthcare cyberattack. In a letter, HHS Secretary Xavier Becerra and acting Labor Secretary Julie Su say firms like UnitedHealth, insurance companies and data clearinghouses are not doing enough to deal with the hack’s widespread disruptions to claim payments and care delivery. "We urge the private sector to quickly identify and carry out solutions," Becerra and Su wrote, accusing some entities of not meeting "the moment" presented by the crisis. Among their demands, the officials say:
- UnitedHealth must take "responsibility" for cash flow issues at providers caused by the attack on its subsidiary Change.
- Insurers should make bridge payments and ease administrative requirements.
- Clearinghouses should standardize switching terms amid an expected exodus from Change.
— How we’re seeing it: Becerra and Su make clear that more is needed from deep-pocketed corporations to avert what they call a “cascading breakdown.” But they also cite the agency’s concept paper for its long awaited cybersecurity strategy — which is still in limbo. Our read: The Change hack raises questions about whether the status quo of existing practices is working for the health care sector.
|
No comments:
Post a Comment