The FBI is warning of cyber threats to a sometimes overlooked sector of transportation infrastructure: inland waterways. Those include the rivers, canals, dams, locks, and intermodal facilities that serve water traffic in the US.
NSA alumnus Rob Joyce gave an account of nation-state hacking at DefCon last week. The rogue's gallery was populated by a familiar four: Russia, China, North Korea, and Iran.
President Trump is reported to have loosened, in various unspecified ways, the constraints on US retaliatory cyber operations that have been in place since President Obama's promulgation of Presidential Policy Directive 20. PPD 20 is secret but in outline generally familiar, thanks to illicit leaks and licit hinting. Relaxation of certain restrictions seems consistent with public comments from US Cyber Command.
Foreign Policy is reporting on the immediate human consequences of inadequate communications security. According to the journal, a CIA communications system that had worked well enough in the (relatively) benign Middle Eastern environments where the Agency had used it earlier failed when it was deployed for running agents in China. Chinese security services were able to penetrate it between 2010 and 2012, roll up the CIA's agents, and execute about thirty of them. Some estimates give a higher toll. China's alleged recruitment of former CIA officer Jerry Chun Shing Lee appears to have contributed to the intelligence failure. Lee was indicted earlier this year for his alleged role in the matter.
Australia's new cybersecurity laws seem to function more by penalizing non-cooperation than by mandating backdoors.