At a glance,
- Rural electric cooperatives receive Department of Energy cybersecurity grant.
- Israel, UAE, conduct joint cyber defense exercises.
- Moscow's infosec peace offensive.
- Britain discusses offensive cyber capabilities.
- Sino-American wrangling over TikTok.
DOE grant to amplify rural electric grids’ cybersecurity
On the heels of the Federal Energy Regulatory Commission’s report on electric utility cybersecurity best practices, the National Rural Electric Cooperative Association (NRECA), which represents over half the area of the US, announced the receipt of a $6 million Department of Energy grant to fund a three-year project. Called Essence 2.0, the project will launch a “revolutionary cyber monitoring tool” to identify threats and communicate security information via machine-to-machine learning. NRECA CEO Jim Matheson says, “As cyber threats and threat actors continue to evolve, so must electric co-ops’ capability to defend against them.”
The enemy of my enemy is my friend in cyberspace
Bonding over a shared (well-known if recently unspoken) fear of Tehran, shortly after signing the Abraham Accords Peace Agreement, Jerusalem and Abu Dhabi revealed a plan to swap cyberintelligence and possibly engage in “joint cyberdefense exercises,” a move that underscores the “increasingly important role that cybersecurity plays in diplomatic relations,” CyberScoop reports. The formidable alliance unites Israel’s billion dollar cybersecurity industry with the United Arab Emirates’ blossoming technology industry and financial clout.
Moscow pitches infosec promise.
But they may have few takers, among governments, anyway. The New York Times says Moscow continues to deny meddling in US elections but would like an armistice on election meddling, as we heard last week. Russian President Putin’s plan, which mirrored his 2018 pitch to US President Trump in Helsinki, proposes no concrete measures beyond ongoing dialogue and mutual guarantees, but may indicate a “conciliatory mood” on the eve of a US presidential election. Authorities have considered simple cyberspace ceasefires impractical because attacks can be perpetrated by hacktivists and children, and governments typically disguise their activities with false flags or fronts, but there may be a place for confidence-building measures.
(The temptation to read present Russo-American competition as a simple continuation of the Cold War is worth resisting, but on the other hand there's some noticeable continuity between that competition and the present, particularly in tactics and influence operations. Compare, for example, the CIA's contemporary observations of the post-Stalin peace offensive to current public statements and assessments, and then substitute "cyber" for "atomic.")
The UK discloses offensive cyber capabilities. Russia takes semi-official notice.
Following reports of an onslaught of Russian cyberattacks targeting UK election integrity and Covid-19 vaccine research that could “slowly, insidiously, corrosively and inevitably” undermine the country, the Express describes London’s development of a “superweapon” that, according to UK Strategic Command Commander General Sir Patrick Sanders, “can degrade, disrupt and even destroy critical capabilities and infrastructure.” Sanders explained that “cyberspace is the most active domain, where adversaries and allies will meet over the next decade."
It's an unusual public avowal, for the United Kingdom, of such capability. In the Guardian's account, General Sanders is quoted as saying he's been directed by Prime Minister Johnson to ensure that the UK be a "leading, full-spectrum cyber power.” The General's public statements may be a foreshadowing of the five-year integrated defense review, which is expected to be complete in November.
The Kremlin took quick notice: Moscow-controlled Sputnik News reacted to Sanders’ “unprecedented” remarks, noting that according to Harvard's Belfer Center's scorecard, London ranks third internationally in cybercapabilities, trailing only Washington and Beijing.
Sino-American wrangling over TikTok.
In what the Wall Street Journal calls a "short-term victory," the US District Court for the District of Columbia yesterday granted a nationwide preliminary injunction that stopped the scheduled US ban on TikTok transactions. The Verge, which has a useful brief history of this particular phase of the dispute, quotes TikTok as arguing that the Government’s ban, which would have taken effect last night at midnight, was “arbitrary and capricious.” Both sides will get together to review the dispute tomorrow.
Fortune notes that the judge left the November deadline for TikTok's sale in place, for now at least. Official Beijing is unhappy with the prospect of a forced spin-off of TikTok Global, the proposed name for the new company, whatever its ownership turns out to be. The Wall Street Journal describes several reasons for this. Chinese government-controlled media have characterized the sale as “dirty and unfair,” which seems the sort of reaction any major power would have when it felt itself strong-armed by a competitor. But the government seems particularly troubled by the aspects of the deal that would permit Oracle to inspect TikTok’s source code, ostensibly because of the troubling precedent that would set for protection of Chinese intellectual property against foreign exposure. Sources tell the Journal that at least some ByteDance executives have been upbraided by the government for failure to undertake proper consultation before negotiating the spin-off.
The US side in the ongoing dispute between the two countries shows little disposition to conciliate Beijing. The Wall Street Journal reports that the US Department of Commerce has imposed restrictions on what may be exported to Chinese semiconductor manufacturer SMIC. Such exports, Commerce explained in a letter, run the risk of being used to enhance China's military technology.