| | | | |  | | By Joseph Gedeon | With help from John Sakellariadis and Maggie Miller
| | — Top cybersecurity officials are gathering at the RSA Conference this week, with major announcements expected on security standards and a new international cyber strategy. And maybe … a new cyber song? HAPPY MONDAY and welcome to MORNING CYBERSECURITY! There are about 1.5 million Greek Orthodox in America who celebrated Easter over the weekend — come to find that two of them also happen to be cybersecurity reporters at POLITICO. John and I were stunned at the odds ourselves, and now we’re taking our leftover lamb and dyed egg shells and heading down to San Fran for RSA. Come say hello, but don’t ask us to share the baklava. Have any tips or secrets to share with MC? Or thoughts on what we should be covering? Find me on X, formerly Twitter, at @JGedeon1 or email me at jgedeon@politico.com. You can also follow @POLITICOPro and @MorningCybersec on X. Full team contact info is below.
| | | | Pro Analysis intel helps you understand the members, committees, and interplay influencing policy debates. Download a complimentary look at Analysis here to help you navigate legislative decision-makers. Already a Pro Analysis subscriber? Visit the Analysis library now. | | | | | Want to receive this newsletter every weekday? Subscribe to POLITICO Pro. You’ll also receive daily policy news and other intelligence you need to act on the day’s biggest stories.
| | Sen. Mark Warner (D-Va.), U.S. Ambassador-at-Large for Cyberspace and Digital Policy Nate Fick, and Secretary of State Antony Blinken will be addressing the cyber community on Day 1 of the RSA Conference in San Francisco. An all day affair. And for your radar: If you’re headed to RSA, POLITICO will be in conversation with state Sen. Scott Wiener on Wednesday, May 8 to discuss efforts to regulate AI in the California legislature. 7:30 p.m. PT
| | | THE BAND IS BACK — The cybersecurity universe is converging on San Francisco this week for one of the biggest confabs of the year — the RSA Conference. It’s a massive draw for everyone from top Cabinet secretaries to vendors and everyone in between. Here’s what we’re watching. — The heavyweights: Major political power players are set to take the main stage, either virtually or from cyberspace, including Secretary of State Antony Blinken and Homeland Security Secretary Alejandro Mayorkas. They’ll be joined by cyber elite including CISA Director Jen Easterly, White House National Cyber Director Harry Coker, the National Security Agency’s new cybersecurity director David Luber, incoming U.S. Cyber Command executive director Morgan Adamski and America’s top cyber diplomat Nate Fick. On the Hill side, Senate Intelligence Committee Chair Mark Warner is slated to speak today on a panel examining the changing intelligence landscape and potential ways for the intel community to better safeguard infrastructure from cyber and national security dangers. And on the sidelines, White House deputy national security adviser for cyber Anne Neuberger is joining Bloomberg’s tech summit on Thursday. — Major announcements: All eyes will be on CISA's anticipated rollout of its new Secure by Design initiative to bake in cybersecurity from the start of technology development. The agency hit the one-year mark on the project in April, and at RSA Easterly will unveil a pledge where companies promise to take things like taking vulnerability reports seriously, enabling multi-factor authentication and putting more secure default settings in place. And if you’re America’s next Masked Singer, Easterly also teased on IST’s ransomware panel in April that the agency will be dropping a new cyber sing-along reminiscent of the classic “Schoolhouse Rock!” sometime during the conference. Finally, the State Department is using RSA to unveil its long-awaited international cyber strategy, and you’ll get more on that from Maggie next.
| | THE NEW STRAT IS HERE — The State Department is rolling out its hotly anticipated new cybersecurity strategy during the RSA conference today — and the U.S. is aiming to step up its efforts at the United Nations to create more global uniformity in cyberspace. The strategy, which will formally be unveiled by Blinken during his keynote Monday afternoon, puts issues including artificial intelligence and setting global norms in cyberspace at the forefront. It also commits to using the State Department’s new $50 million fund for cyber and digital policy issues to help support allies — even if those funds are limited. — More to come: Cyber diplomat Fick told Maggie on Sunday ahead of the strategy’s release that his office will soon release an implementation plan. He stressed that “publication day is maybe the halfway point in the journey, and the words on the page only matter if they're translated into action in the world.” It’s no mistake that Blinken is announcing the new strategy at RSA, the first time a secretary of state has ever spoken at the conference. Fick said that Blinken’s attendance “is a tangible signal of how he and we are elevating these issues in our foreign policy and in our diplomacy.” — Coming soon to D.C.: Fick also teased that the strategy will be integral to U.S. cyber diplomacy at the upcoming NATO summit in Washington this summer. This will be the first time Sweden and Finland will participate in the summit as full NATO members, and in honor of that, Fick helped lead the first U.S.-Sweden joint cyber and digital dialogue in Washington last week. Sweden and Finland are home to major telecommunications companies, a focus of the upcoming summit. “It's going to be important for the alliance to continue affirming and strengthening its commitment and member states’ commitment to trust IT infrastructure across the board,” Fick said. Read the full story on the strategy from Maggie here.
| | | | DON’T MISS POLITICO’S ENERGY SUMMIT: The future of energy faces a crossroads in 2024 as policymakers and industry leaders shape new rules, investments and technologies. Join POLITICO’s Energy Summit on June 5 as we convene top voices to examine the shifting global policy environment in a year of major elections in the U.S. and around the world. POLITICO will examine how governments are writing and rewriting new rules for the energy future and America’s own role as a major exporter. REGISTER HERE. | | | | | | | | FIRST IN MC: CHAINALYSIS ON TAKEDOWNS — Law enforcement-led disruption campaigns are taking a bite out of top ransomware gangs — just not a very lasting one. That’s according to new research from crypto-tracing firm Chainalysis, who dove into the blockchain to suss out the impact of three recent takedown operations launched by Western law enforcement. — The good news: The disruption operations led by the FBI, Department of Justice, and their partners against the Qakbot malware and the LockBit and BlackCat ransomware gangs caused real damage. The extensive, multi-dimensional campaign against LockBit, in particular, left “affiliates scrambling,” Chainalysis writes, while the move against Qakbot slowed ransomware gangs who relied on it. Overall, ransomware attacks that resulted in a payout decreased almost 50 percent in 2023, a trend that also stems from better preparation by businesses, the firm said. — The bad news: The groups or their members remain active in some form, propped up by a diverse and resilient cyber criminal ecosystem. Gangs that formerly used Qakbot quickly pivoted to other malware strains. And ransomware “affiliates” — the one who break into victims on behalf of their syndicate — can simply rotate between groups. Chainalysis has noticed for example that those affiliates are deploying an increasing number of ransomware strains — in an apparent attempt to throw off investigators. — The takeaway: Ransomware gangs are persistent. And the best antidote, Chainalysis argues, is an “innovative disruption strategies involving a whole-of-government approach targeting every part of the cybercriminal ecosystem.”
| | FIRST IN MC: MOBILIZING AGAINST EXPLOITATION — Last week, Raven, an advocacy group dedicated to combating online child exploitation, convened a meeting with several state Internet Crimes Against Children Task Force commanders, the Department of Justice, and leading technology companies, including Meta, OnlyFans, Snap, and TikTok. A Raven statement shared with POLITICO said the gathering aimed to foster “a deeper understanding of the challenges facing law enforcement and Electronic Service Providers in combating online threats.” Privacy advocates, by contrast, worry such initiatives could be used to justify efforts to undercut end-to-end encryption.
| | Morgan Adamski has been appointed as the new executive director of U.S. Cyber Command. Adamski previously served as the head of the NSA’s Cybersecurity Collaboration Center, among other roles at the NSA.
| | We’re happier on this side of the issue.
| 
| | | THE EU IS NOT HAPPY — The Polish government confirmed over the weekend it was among the many recent targets in Europe of Russian government hacking group APT28, which Germany alleged last week had hacked into email accounts of one of the nation’s top political groups. The Czech Republic was also targeted, and the State Department said Friday that the U.S. had helped Germany root out the hackers from smaller routers. BE PREPARED — The Taiwan Space Agency is creating a satellite system to maintain internet access for the island in the case of a future Chinese invasion, according to CNN. It is modeled on SpaceX’s Starlink satellite system, which Taiwan does not use. Chat soon. Stay in touch with the whole team: Joseph Gedeon (jgedeon@politico.com); John Sakellariadis (jsakellariadis@politico.com); Maggie Miller (mmiller@politico.com); and Heidi Vogt (hvogt@politico.com). | | | | Follow us on Twitter | | | | Follow us | | | | |
No comments:
Post a Comment