At a glance.
- Key US House subcommittee passes Defense Authorization Act, including some Cyberspace Solarium recommendations.
- US Army to field capability for classified remote work.
- US Department of Homeland Security expands its insider threat program.
- India remains on alert for Chinese cyber operations.
- Update on tensions between Australia and China.
- Dispute over an Ethiopian dam on the Nile occasions hacktivism.
- US designates four Chinese media outlets as "foreign missions."
Key US House subcommittee passes Defense Authorization Act, including some Cyberspace Solarium recommendations.
The House Armed Services’ Subcommittee on Intelligence and Emerging Threats and Capabilities passed a version of H.R. 6395—FY21 National Defense Authorization Bill. Nextgov observes that it doesn't mention establishing the position of national cybersecurity coordinator, regarded by many as the most important recommendation of the Cyberspace Solarium Commission. It does address other recommendations, including "an assessment on the promise of partnerships with critical infrastructure owners and operators, a review of alternative Reserve Component models for support to cyber operations; and a mandate to the Department of Defense to clarify cybersecurity capabilities and authorities with respect to the National Guard."
The US Army will field a technical capability for remote work up to "Secret" levels of classification.
Major General Maria Barrett, commanding general of the Army's Network Enterprise Technology Command, told C4ISRNET that new remote-work systems, driven by the COVID-19 emergency, will allow users to access not only non-classified but sensitive information, but information classified up to the "Secret" level from remote locations. Those locations include their homes. The intention is to onboard the first 500 remote users over the next 30 days. Users in the continental United States (CONUS) will come first, followed, on a trial basis, by outside-of-CONUS users.
US Department of Homeland Security expands its Insider Threat Program.
Formerly concentrating on cleared personnel, the DHS Insider Threat Program will now be expanded to include all personnel who access or accessed Department of Homeland Security information. Nextgov reports that the expansion, first mooted in a 2016 memorandum from the previous Administration's Secretary of Homeland Security Jeh Johnson, signed in January of that year, is now in effect.
India remains on alert for Chinese cyber operations.
India, which has seen minor but lethal skirmishes with China along their disputed border, continues to warn its businesses, organizations, and government agencies to be alert for continued Chinese cyberattacks. It's a whole-of-nation sort of threat. The Outlook reports that New Delhi's security agencies are distributing an alert from CERT-IN that many such attacks can be expected to take the form of COVID-19-themed phishing. Inc42 says that researchers at Cyfirma have been monitoring dark web chatter that appears to confirm such warnings.
India is also hardening its position on Chinese tech companies, increasingly viewed as a security threat. ET CIO reports that the government is moving to restrict Chinese corporations' activities in Indian markets and infrastructure.
Update on tensions between Australia and China.
Zscaler has taken a look at last week's warning from the Australian Cyber Security Centre about "Copy-paste compromises" used against Australian networks. None of the reported exploits involve zero-days; all take advantage of known and patchable vulnerabilities. These and several other recent campaigns against Australian targets have been widely attributed to China, as the Sydney Morning Herald summarizes. Prime Minister Scott Morrison didn’t name the attacker, beyond calling it a state-backed actor with significant capability, but plenty of other sources, publicly outside the government and privately within it, haven’t been shy in saying that, straight up, it’s China. The US State Department, in voicing support for Australia, hasn’t been coy about naming names, either.
As has been the case for the last few years, Huawei and its market penetration have provided the occasion of and flashpoint for such conflict. Former Prime Minister Malcolm Turnbull said that the recent increase in cyberattacks Australia has seen fully justifies excluding Huawei from the country’s infrastructure. Huawei, the Australian Financial Review reported, has denounced Mr. Turnbull’s remarks as inaccurate and inappropriate.
Dispute over an Ethiopian dam on the Nile occasions hacktivism.
Cases of possible hacktivism (or possibly state-directed hacktivism) have appeared in Ethiopia. Addis-Ababa says, according to Borkena, that unspecified Ethiopian government organizations have been hit by Egyptians working under the noms-de-hack of “Cyber Horus Group,” “AnuBis.Haker” and “Security _By _Passed." Their evident intent is to pressure the Ethiopian government over the Grand Ethiopian Renaissance Dam (known by its acronym GERD) on the Blue Nile, which has prompted an international dispute among Egypt, Ethiopia, and Sudan over water rights.
The dam’s reservoir is scheduled to begin filling next month, the beginning of a process that could take ten to fifteen years. The dam would, in addition to serving as a water storage source, also protect people downstream from flooding, even as it would interfere with traditional flood recession agriculture. Egypt has voiced concerns that GERD could interfere with its own water supply. Sudan’s government has generally been more favorably disposed toward the project, seeing it as a regional water reserve that could redress shortages during times of drought.
The US Treasury Department, with the technical assistance of the World Bank, has sought to broker an agreement on regional control of the dam, but with mixed results, in part because GERD has become something of a patriotic issue in Ethiopia: see online expressions of such sentiment under hashtag its-my-dam.
US designates four Chinese media outlets as "foreign missions."
The US State Department has designated China Central Television, China News Service, the People’s Daily, and the Global Times as "foreign missions," that is, Chinese government propaganda outlets. The Wall Street Journal quotes David Stilwell, assistant secretary of state for East Asia and the Pacific to the effect that “These aren’t journalists. These are members of the propaganda apparatus.” Beijing says it’s a lot of arbitrary nonsense, that the news outlets are firmly grounded in “objectivity, impartiality, truthfulness and accuracy.” The Chinese government added, “This is totally unjustified and unacceptable, and once again exposes its double standards and hypocrisy of the so-called freedom of press.” The State Department’s designation won’t shut down the four services’ operations in the US, but it will prove to be at the very least an irritant. Designation under the Foreign Missions Act will require the news operations to report all their personnel to the State Department, and to register any property they hold, whether they own it or lease it.