At a glance.
- Canada's ban on Huawei and ZTE.
- Ransomware task forces.
- NSF advocates threat intelligence sharing.
More on Canada’s ban on Huawei and ZTE.
As we noted last week, Canada on Friday became the last of the Five Eyes to officially ban the use of Huawei telecommunications equipment by its wireless carriers, and Bleeping Computer adds that products produced by partially government-owned ZTE Corporation are included in the ban. "The Government of Canada has serious concerns about suppliers such as Huawei and ZTE who could be compelled to comply with extrajudicial directions from foreign governments in ways that would conflict with Canadian laws or would be detrimental to Canadian interests," the nation announced on Friday.
But some experts worry that the move is too little, too late. As the National Post notes, some feel that because all equipment, regardless of its source, has vulnerabilities that can be exploited by malicious actors, prohibiting Huawei and ZTE equipment is unlikely to prevent China-backed espionage operations. Stephanie Carvin, Carleton University associate professor of international relations, states, “China doesn’t need Huawei to spy on us.” Margaret McCuaig-Johnston, a senior fellow with the Graduate School of Public and International Affairs at the University of Ottawa, said she’d hoped the government would enact a full ban of all of the company’s products, including cellphones, as the US has done. Furthermore, others feel Canada waited too long to ban Huawei and ZTE, and should have followed its Five Eyes partners in acting sooner. According to former Steveston-Richmond MP Kenny Chui, Canadian Conservatives began pushing for a ban over three years ago. Chiu told the Richmond News, “The decision has come too late. (Not banning Huawei) has hurt Canada’s reputation already.”
Looking back at the first year of the US Institute for Security and Technology’s Ransomware Task Force.
On Friday the Institute for Security and Technology celebrated the first anniversary of its Ransomware Task Force (RTF), a public-private initiative combining the efforts of experts from law enforcement agencies, cybersecurity firms, and civil society organizations. At the event, the Record by Recorded Future reports, two US government agencies announced plans for new cybersecurity efforts. The US Cybersecurity and Infrastructure Security Agency (CISA) announced the launch of its Joint Ransomware Task Force led by Eric Goldstein, CISA’s executive assistant director for cybersecurity, and Bryan Vorndran, assistant director of the FBI’s Cyber Division. The task force was called for in the Cyber Incident Reporting for Critical Infrastructure Act of 2022, which became law in March. “Given what’s in that legislation and what the Task Force is envisioned to do — there’s a lot of disruption of ransomware actors [including] infrastructure, finances — I thought it was really important that the FBI co-chairs.” CISA director Jen Easterly stated. Meanwhile, the Department of Justice announced it’s launching two international initiatives: an virtual currency effort tracking illegal cryptocurrency transactions in order to confiscate the funds of top ransomware actors, and the creation of a new cyber operations international liaison position to work with US prosecutors and European law enforcement officials on fighting top tier cyber actors.
Cyberscoop adds that, at this one-year milestone, the RTF released a paper on the efforts made so far. In April 2021 the group made forty-eight recommendations for combating ransomware, and the paper acknowledges that twelve of those recommendations have seen substantial progress so far, with initial steps taken on twenty-nine others. The US has made the most progress, with the Department of Homeland Security’s hiring “sprint” and the creation of the Justice Department’s own ransomware task force last year, as well as joining a global Counter Ransomware Initiative launched last October with thirty other countries. Still, RTF co-chair Megan Stifel said, additional progress needs to be made. “I think one of the challenges going forward is going to be expanding the scope of countries that are focused on this issue and wanting to both improve their hygiene but also support investigative efforts to try and reduce this ongoing scourge,” Stifel stated. Deputy Assistant Secretary of Defense for Cyber Policy Mieke Eoyang suggests the US needs to focus not only on international threats from state-backed attackers, but also from cybercriminals with purely financial motivations. The US Department of Defense notes that at Friday’s TruCon2022, the Truman Center for National Policy's annual conference, Eoyang stated, “I think we've seen over time with the development of the non-state actor — the criminal cyber market — is that capabilities that were once reserved for state actors are available on the dark web for purchase."
US National Science Foundation official advocates for threat intelligence sharing.
At MeriTalk’s Cyber Central event last week, Chezian Sivagnanam, chief enterprise architect for the National Science Foundation (NSF) explained that the increased use of cyber threat intelligence and information sharing by US federal agencies is helping the government to make better decisions when it comes to combating malicious threat actors. “Its purpose is to give organizations an in-depth understanding of possible risks to their infrastructure, and it helps them figure out the actions that need to be taken to protect their enterprise,” Sivagnanam said. Julie Starnes, vice president for Public Sector at Recorded Future, agreed, stating, “Today we have public figures speaking out about the importance of sharing that information. I think it’s important for not just Federal agencies, but that everyday Americans understand cybersecurity and the best practices they need to adopt to secure their personal or business networks.”