At a glance.
- Report: 2018 Presidential finding authorized CIA offensive cyber operations.
- SEC issues ransomware warning to registrants.
- Chinese state media outline Beijing's line toward the UK's exclusion of Huawei from 5G infrastructure.
- Cyberspace Solarium recommendations find their way into US 2021 NDAA.
Report: 2018 Presidential finding authorized CIA offensive cyber operations.
A 2018 Presidential finding authorized the US Central Intelligence Agency to conduct offensive cyber operations against a range of foreign targets, according to a story running exclusively in Yahoo. Iran, Russia, China, and North Korea figured prominently on the target list, unnamed former Government officials said. The activities authorized extended beyond intelligence collection to include actively disruptive measures and influence operations. The finding was sufficiently broad to encompass organizations credibly believed to be acting on behalf of or in cooperation with hostile intelligence services.
The active measures the CIA was authorized to take included actions against financial institutions, kinetic effects against infrastructure, and “hack and dump” operations in which documents are taken and posted when and where they could be expected to influence opinion. The people speaking on background for the story told the reporters that Langley had been to some extent divided on the advisability of offensive cyber operations, but that the CIA had sought such authority for years, going back at least two Administrations. They had expected both Presidents Bush and Obama to sign a relevant finding, but neither did. They had not expected such a finding from President Trump and were pleased when it was signed. Or more than pleased: “People were doing backflips in the hallways,” one of the unnamed former officials told Yahoo’s reporters.
Former CIA general counsel Robert Eatinger, who did speak on the record, had no knowledge of the 2018 finding, but he did confirm that there had for some time been two camps at Langley: those who saw restraint in cyberspace as prudent and valuable, and others who sought authority for more offensive cyber operations.
Yahoo says that neither the CIA nor the National Security Council responded to their questions.
SEC warns registrants of the growing ransomware threat.
The US Securities and Exchange Commission has issued a ransomware warning to its registrants, which include broker-dealers, investment advisers, and investment companies. The SEC’s Office of Compliance Inspections and Examinations refers the registrants to applicable CISA alerts--the Dridex strain is particularly called out--and suggests that they pay particular attention to:
- Incident response and resiliency policies, procedures and plans.
- Awareness and training programs.
- Vulnerability scanning and patch management.
- Access management, and
- Perimeter security.
Chinese state media respond to Britain's decision against admitting Huawei to its 5G infrastructure.
CNBC, which has been watching Chinese state-controlled media closely, says that Beijing is advising itself through those media to retaliate in a “public and painful” way for Britain's "ill-founded" decision to boot Huawei from the UK's 5G infrastructure. The state-run Global Times put it this way, waving both carrot and stick:
“It’s necessary for China to retaliate against UK, otherwise wouldn’t we be too easy to bully? Such retaliation should be public and painful for the UK,” the paper wrote. Thus the stick. And here’s the carrot: “But it’s unnecessary to turn it into a China-UK confrontation. The UK is not the US, nor Australia, nor Canada. It is a relative ‘weak link’ in the Five Eyes. In the long run, the UK has no reason to turn against China, with the Hong Kong issue fading out.”
More Cyberspace Solarium recommendations find their way into the US National Defense Authorization Act.
FCW reports that recommendations from the Cyberspace Solarium are increasingly finding their way into the US 2021 National Defense Authorization Act, and that they generally enjoy at least some measure of bipartisan support. Representative Jim Langevin (Democrat of Rhode Island) is optimistic that President Trump will see the need for a national director of cybersecurity. Indeed, that recommendation seems to be the one that's attracted a great deal of Congressional interest, and Representative Langevin is introducing an amendment to the bill that would establish such a position. Michael Daniel, former Cybersecurity Coordinator on President Obama's National Security Council, has an op-ed in CyberScoop making a case for a cyber czar.
The Hill reports that Representative John Katko (Republican of New York) has introduced bills that would enhance the position of the Director of the Cybersecurity and Infrastructure Security (CISA) in ways that Representative Katko says comport with the Solarium's intent.