At a glance.
- Britain prepares to go on the cyber offensive.
- US to convene 30-country meeting on cybercrime.
- Service cyber updates: USCG and USAF.
- Emergency US pipeline cyber regulations draw mixed reviews.
Britain prepares to go on the cyber offensive.
The UK's National Cyber Force, an agency for conducting offensive cyber operations, will be headquartered in Samlesbury, Lancashire, the BBC reports. Computing notes that the NCF has been operating since April 2020, and was publicly announced last November. Foreign Secretary Liz Truss stated, "The National Cyber Force will help confront aggressive behaviour from malign actors, and demonstrate that Britain is investing in next-generation defence capability to protect our people and help our friends counter cyber threats. It sends a powerful message to our allies and adversaries alike."
US to convene 30-country meeting on cybercrime.
US President Biden will convene a thirty-country meeting later this month to discuss the impact of ransomware on economic and national security. The White House said in a statement, "This month, the United States will bring together 30 countries to accelerate our cooperation in combatting cybercrime, improving law enforcement collaboration, stemming the illicit use of cryptocurrency, and engaging on these issues diplomatically. We are building a coalition of nations to advocate for and invest in trusted 5G technology and to better secure our supply chains. And, we are bringing the full strength of our capabilities to disrupt malicious cyber activity, including managing both the risks and opportunities of emerging technologies like quantum computing and artificial intelligence."
Service cyber updates: USCG and USAF.
The US Coast Guard (USCG) is expanding its offensive cyber capabilities, SIGNAL reports. Rear Admiral Michael Ryan, commander of the Coast Guard’s Cyber Command, stated, "We are going to focus our teams in support of protecting and defending the maritime transportation system. We’re going to really leverage those capabilities to protect that economic interest of the nation. It’s a huge economic engine for our nation, and the 30 million people that are employed in some connection to the maritime transportation system. That gives me a bullseye of focus for what Coast Guard Cyber is committed to." Ryan added, "We are still growing into that offensive capability. Our Cyber Mission Team, we are just starting that journey right now, [with] the people that have reported in."
The US Air Force (USAF) has turned three of its communications squadrons into cyber defense squadrons, C4ISRNET reports.
Emergency US pipeline cyber regulations draw mixed reviews.
The US government's emergency rules for pipeline cybersecurity have been met with mixed reviews from industrial cybersecurity experts, the Washington Post reports. Some experts praised the fact that the rules call for the development and testing of incident response plans. Other experts said the rules were too broad in some areas and too prescriptive in others. Dragos's Robert M. Lee, for example, noted that while the rules recommend patching vulnerabilities, there are sometimes more appropriate mitigations depending on the situation.
"When you’re dealing with an operational technology system, sometimes a patch doesn’t reduce the risk or even fix the vulnerability," Lee said. "And going down to the field in the middle of winter to take down a system to patch it can backfire. We’ve seen more accidental shutdowns from well-intentioned operators patching systems than were caused by attacks from Russia and Iran combined."