News : Top threats to watch in Intel's worldwide forecast

Monday, March 11, 2024

Top threats to watch in Intel's worldwide forecast

Mar 11, 2024

— With help from Maggie Miller, John Sakellariadis and Lee Hudson

Driving the day

— Chinese hackers’ attacks on U.S. infrastructure and their embrace of AI-powered disinformation are expected to take center stage as the intelligence community issues its latest worldwide threat assessment.

HAPPY MONDAY, and welcome to MORNING CYBERSECURITY! I’m still recovering from Daylight Savings Time. Did we fall back or spring forward this time? Because right now, I’m just falling over, to take a nap.

Have any tips or secrets to share with MC? Or thoughts on what we should be covering? Find me on X at @JGedeon1 or email me at jgedeon@politico.com. You can also follow @POLITICOPro and @MorningCybersec on X. Full team contact info is below.

DON’T MISS POLITICO’S HEALTH CARE SUMMIT: The stakes are high as America's health care community strives to meet the evolving needs of patients and practitioners, adopt new technologies and navigate skeptical public attitudes toward science. Join POLITICO’s annual Health Care Summit on March 13 where we will discuss the future of medicine, including the latest in health tech, new drugs and brain treatments, diagnostics, health equity, workforce strains and more. REGISTER HERE.

Want to receive this newsletter every weekday? Subscribe to POLITICO Pro. You’ll also receive daily policy news and other intelligence you need to act on the day’s biggest stories.

Today's Agenda

Defense undersecretary for research and engineering Heidi Shyu is delivering the keynote speech at the TechNet Emergence forum that kicks off today. 9 a.m.

NSA and Cyber Command Director Gen. Tim Haugh, CIA Director William Burns and FBI Director Christopher Wray are headed to the Senate Intelligence Committee hearing on the annual worldwide threats assessment. 2:30 p.m.

At the Agencies

WORLDWIDE THREATS — As the intelligence community prepares to unveil its 2024 Worldwide Threat Assessment to the Senate Intelligence Committee today, the looming threats of Chinese attacks on critical infrastructure and disinformation during an election year are expected to take center stage.

While the unclassified threat assessment rarely contains major surprises, it lays the foundation for dialogue between America's top spies and congressional overseers. And this year, a few pressing issues like the rising role of Iranian cyber proxies are expected to gain elevated prominence compared to 2023.

— Election threats: A perpetual focus, the specter of foreign election interference from Russia, China, Iran and North Korea will likely warrant renewed — and perhaps weightier — attention with the U.S. presidential election just months away.

While the Kremlin's cyber activities have long dominated the election security landscape, all eyes will be on any new intelligence about China's role, which now include its powerhouse capabilities in leveraging AI for disinformation campaigns.

“It’s now an effort to influence our policy, to divide us year round, on a regular basis,” Senate Intelligence Vice Chair Marco Rubio (R-Fla.) said in a Sunday interview with “Face the Nation.” “The Chinese want to get into this business. The Iranians and others will join them … It’s a growing risk.”

— Critical infrastructure risks: Last year's assessment was the first to publicly warn that China views attacking U.S. critical infrastructure like electricity grids as an option in a potential conflict.

Since then, the United States has uncovered a wide-scale effort by Chinese state-sponsored hacking group Volt Typhoon targeting critical networks in Guam, a power grid in Texas and a water utility in Hawaii, and much more recently an attempted infiltration of hundreds of insecure U.S. home routers to gain access to critical infrastructure.

“The nature of strategic competition today revolves much more around non-traditional tools and the ability to harness emerging and dual-use technologies,” Senate Intelligence Chair Mark Warner (D-Va.) plans to say in his opening testimony, shared with Morning Cyber.

“The nature of conflict increasingly allows adversaries to project power through asymmetrical means,” Warner will say. “Cyberattacks can disable critical infrastructure from thousands of miles away and are increasingly available to a widening array of actors.”

— Cyber battlegrounds: After taking a backseat in recent years, Iranian cyber threats (which contained just a single paragraph in last year’s report) are predicted to get elevated concern as violence flares in the Middle East and Tehran-aligned hackers pose growing risks. Remember, at least 18 U.S. water facilities were targeted by Iranian-backed hacktivists late last year for using Israeli-made equipment.

— Wildcard moves: From North Korea's cryptocurrency heists to emerging tech's security implications, there's always potential for an out-of-the-box issue to make the cut. Ransomware, supply chain attacks and AI risks are a few possibilities.

The highly anticipated report will draw close scrutiny this year given tumultuous global events and the CIA's rising stature in coordinating intelligence priorities under Director William Burns' leadership.

Some will also watch for any notable reframing or rebalancing of key intelligence initiatives under Burns' tenure leading the community of 18 intelligence agencies, which over the weekend also dropped its first-ever national Open Source Intelligence Strategy.

When adding management of human intelligence and all open source intelligence together, Andrew Borene, the executive director of global security at security firm Flashpoint, assessed that centralized control represents a striking combination — fusing oversight of human sources, open source data exploitation, intelligence collection, analysis and dissemination under the spy chief's purview.

"It's obvious the CIA is becoming increasingly central to the entire U.S. intelligence community effort,” said Borene, a former senior official at the Office of the Director of National Intelligence.

CHANGE HEALTHCARE HACK — The top official at Health and Human Services is putting the health care industry on blast for what he sees as an inadequate response to the crippling Change Healthcare cyberattack.

In a letter, HHS Secretary Xavier Becerra and acting Labor Secretary Julie Su say firms like UnitedHealth, insurance companies and data clearinghouses are not doing enough to deal with the hack’s widespread disruptions to claim payments and care delivery.

"We urge the private sector to quickly identify and carry out solutions," Becerra and Su wrote, accusing some entities of not meeting "the moment" presented by the crisis.

Among their demands, the officials say:

UnitedHealth must take "responsibility" for cash flow issues at providers caused by the attack on its subsidiary Change.
Insurers should make bridge payments and ease administrative requirements.
Clearinghouses should standardize switching terms amid an expected exodus from Change.

— How we’re seeing it: Becerra and Su make clear that more is needed from deep-pocketed corporations to avert what they call a “cascading breakdown.”

But they also cite the agency’s concept paper for its long awaited cybersecurity strategy — which is still in limbo. Our read: The Change hack raises questions about whether the status quo of existing practices is working for the health care sector.

On the Hill

DUMB IT DOWN — Former House Intelligence Committee Chair Adam Schiff said he hopes U.S. intelligence agencies will withhold sensitive information from Donald Trump and provide only bare-bones briefings if the former president becomes the Republican nominee for the 2024 election.

"I have to hope — and knowing the intelligence community as I do — that they will dumb down the briefing for Donald Trump," Schiff, the front-runner for California’s Senate seat, said in a Sunday interview with “Meet the Press.” "That is, they will give him no more information than absolutely necessary.”

To the former House intel chair, that would include nothing that reveals sources or methods “because we can’t trust he will do the right thing with that information.”

Schiff was reacting to news that John and Erin Banco broke for POLITICO last week that Biden administration officials plan to offer Trump classified briefings if he officially secures the GOP nod, despite the DOJ's criminal probe into his handling of sensitive materials after leaving office.

— History, retold: The briefings have been a tradition for major party candidates since 1952, but this would be the first time such intelligence is shared with a nominee facing prosecution related to mishandling intelligence secrets.

And as you may remember, Biden had previously barred Trump from receiving separate intel briefings that are historically shared with former U.S. presidents. The reason? Trump’s erratic behavior.

THE CONFERENCE CIRCUIT

NEW PARTNERS — The Defense Innovation Unit and the Office of the Director of National Intelligence announced a new collaboration Sunday at SXSW to identify emerging tech that can enhance intel gathering, analysis and operations.

By teaming up, the offices can better coordinate with industry and expedite the delivery of cutting-edge commercial technology.

— Background: DIU has ongoing projects with the intelligence community that are focused on open-source intelligence, supply chain visualization and autonomous maritime intelligence, surveillance and reconnaissance.

Vulnerabilities

PANIC AT THE POLLS — A new survey shows that both Democrat and Republican voters are sweating over AI's potential to wreak havoc on 2024 races.

The poll of 2,000 voters by Yubico and Defending Digital Campaigns found that members of both parties are equally worried (at 42 percent for the Dems and 49 percent for the GOP) that AI could negatively impact the upcoming elections with disinformation.

— The biggest fear?: 85 percent of voters surveyed doubt that political campaigns can effectively leverage cybersecurity tools to lock down their personal data.

Forty-two percent of respondents who had donated to a campaign say they’d be less likely to give again if a campaign got hacked. And for 30 percent, it could even sway their vote.

The random double-opt-in survey of Americans registered to vote was conducted between Feb. 13-18.

Tweet of the Day

A meme that unfortunately doesn’t seem like it’ll ever get old.

Source: https://twitter.com/Secure_ICS_OT/status/1766871853522423968

Quick Bytes

A REAL EMERGENCY HUH — UnitedHealthcare applied for an emergency exemption to fast-track its takeover of a medical practice in Corvallis, Oregon, warning regulators that the practice might close its doors if the merger were not approved immediately. The "emergency" cited was the ongoing outage of UnitedHealth's Change Healthcare clearinghouse and claims processing systems, writes Maureen Tkacik in The American Prospect.

IVANTI PROBLEMS — CISA was forced to take two of its systems offline last month after hackers exploited vulnerabilities in Ivanti products used by the agency. Get the details from The Record’s Jonathan Greig and Suzanne Smalley.

ROYALLY FAKED — A photo released by Kensington Palace to celebrate Mother's Day has been pulled by major photo agencies due to concerns of manipulation around Princess Charlotte's left hand.

“As the Change Healthcare outage drags on, fears grow that patient data could spill online” (TechCrunch)

ICYMI — CISA has an understaffed and often ill-equipped workforce to deal with risks to the nation's key operational technology systems, according to a report from the Government Accountability Office, which found that owners and operators of critical infrastructure face challenges in working with the agency due to a lack of staffers with the necessary skills to combat cyber threats targeting vulnerable OT systems.

Chat soon.

Stay in touch with the whole team: Joseph Gedeon (jgedeon@politico.com); John Sakellariadis (jsakellariadis@politico.com); Maggie Miller (mmiller@politico.com); and Heidi Vogt (hvogt@politico.com).

DON’T MISS AN IMPORTANT TALK ON ACCESS TO AFFORDABLE PRESCRIPTION DRUGS IN CA: Join POLITICO on March 19 to dive into the challenges of affordable prescription drugs accessibility across the state. While Washington continues to debate legislative action, POLITICO will explore the challenges unique to California, along with the potential pitfalls and solutions the CA Legislature must examine to address prescription drug affordability for its constituents. REGISTER HERE.