At a glance.
- Top US cyber official expresses worries about China and AI.
- Australia names new cyber security coordinator.
- Will the Cybersecurity for Rural Water Systems Act be enough?
- US lawmakers call for warrant requirement in Section 702.
Senior US cyber diplomat expresses worries about China and AI.
Earlier this week Nathaniel C. Fick, the US State Department’s ambassador-at-large for cyberspace and digital policy, spoke at an event hosted by think tank the Hudson Institute, and during his remarks, he warned that China is implementing a plan to achieve technological dominance. He said Beijing has "executed a deliberate strategy of IP theft and government subsidies." For example, he noted Chinese-based tech giants Huawei and ZTE ‘s dominance in wireless equipment, stating, "They stole the core intellectual property to begin building next generation wireless networks and then subsidized Huawei and ZTE around the world to do deals at less than competitive terms." The Register notes that Fick’s recommended solution is for the US and other like-minded nations to form "the biggest coalition possible," working together to develop technology and support each other’s markets.
Fick also discussed recent developments in artificial intelligence. While he sees the benefits of AI tech, especially when it comes to writing software, he expressed concerns about the potential risks of smarter, faster machine learning systems. In particular, he fears AI could interfere with upcoming US elections. "The near-term risk that I am most animated by is disinformation and misinformation," he said, "particularly in a political context."
Australia names new cyber security coordinator.
ABC reports that Australia has appointed Air Marshal Darren Goldie as its first cyber security coordinator. In announcing the appointment, Home Affairs Minister Clare O'Neil stated, "Air Marshal Goldie will drive the work across government in cyber security ... that is needed to meet what is a very substantial and serious growing challenge for our nation." Back in February after the massive cyberattacks on Australian household names Optus and Medibank, O’Neil saw the country was in need of a cyber security coordinator and said someone would be assigned to the role within a month. That deadline has long passed, but Goldie’s appointment couldn’t be more necessary, as Australia is currently dealing with another far-reaching cyberattack, this one targeting commercial law firm HWL Ebsworth. "I would place it in the realm of the most significant cyber incidents that we have experienced as a country over the last year, along with Latitude, Optus and Medibank," O’Neil stated.
While shadow cyber security minister James Paterson said he was pleased with Goldie’s appointment, he expressed concerns that it was long overdue. “Today’s announcement follows questions from the Opposition in the Senate this week to explain the delay when Cyber Security Minister Clare O’Neil promised to have a cyber security coordinator in action in March this year,” Paterson said. “The delay means the coordinator commences duties in the height of a cyber crisis.” Cyber Security Connect adds that Paterson also noted that the government’s lack of clarity about the breach will make Goldie’s job even harder. “Given the Albanese government’s failure to be transparent about the nature, extent and impact of the attack,” Paterson said, “it falls to the new coordinator to conduct Australia’s cyber response in an open and transparent manner.”
Will the Cybersecurity for Rural Water Systems Act be enough?
Earlier this month a group of bipartisan US lawmakers introduced a bill aimed at bolstering cybersecurity funding for rural water systems. The Cybersecurity for Rural Water Systems Act of 2023 proposes this critical infrastructure receive an additional $7.5 million dollars per year from 2024 through 2028 in order to “provide cyber security technical assistance.” Representative Zachary Nunn of Iowa, one of the bill’s proposers, stated, “The reality is that Iowa’s water supply could be devastated by a single cyberattack right now, so improving the cybersecurity of our water systems must be a top priority. Unfortunately, the changes that are needed to keep our water supply safe are often cost prohibitive for smaller rural communities. This bipartisan bill will provide critical resources and funding to prevent cyberattacks so that all Iowans can rest easy at night knowing our water supply is safe.”
2021’s attack on the water plant in Oldsmar, Florida illustrated just how much can go wrong when rural water systems are not adequately protected (though recent reports allege it was not the work of a hacker but rather the result of employee error). However, some experts question whether the bill can actually make a difference. Ron Fabela, CTO at Xona Systems, told SecurityWeek, “This bill focuses on very specific and small water utilities that serve less than 10,000 customers… (Oldsmar wouldn’t necessarily meet the requirements for this funding avenue.)” Mike Hamilton, CISO at Critical Insight says the funding is “not remotely enough. If this is the size of the purse, they’re going to have to do some risk-based prioritization as to who gets funds.” Although there is no water grid that can cause cascading problems over large portions of the country, disruption would still be problematic.
US lawmakers call for warrant requirement in Section 702.
US lawmakers continue to debate whether Section 702 of the Foreign Intelligence Surveillance Act (FISA), which allows the warrantless search of foreign communications, should be reinstated when it expires at the end of the year. The Biden administration says the measure is an invaluable surveillance tool that has aided in a number of intelligence operations, but privacy advocates say it violates Americans’ rights and should not be renewed without critical changes. The Wall Street Journal reports that several lawmakers are calling for a warrant requirement to be added to 702. Senator Mike Lee, a Republican out of Utah, said during last week’s hearing that he was in support of a warrant requirement in virtually all domestic searches. Senator Jon Ossoff, a Democrat representing Georgia, said he supported a warrant only in certain circumstances unrelated to national security. Still, some lawmakers say the need for a warrant would slow intelligence officials’ ability to access vital information. Deputy attorney general Lisa Monaco last week recalled a past incident where Section 702 helped her learn she could be targeted by hackers. “A few years ago, before I came back to government in my current role, the FBI was able to look at its information that was collected under this authority, this 702 authority, and they saw information in there indicating that a hostile nation-state was trying to hack the personal emails of former government officials,” Monaco said. “It turns out one of those former government officials was me.”