Translate

Search This Blog

Search Tool




Apr 30, 2019

Analysis | The Cybersecurity 202 | Here are the 55 things the U.S. government most needs to protect against cyberattacks

By Joseph Marks



PowerPost Analysis
Analysis Interpretation of the news based on evidence, including data, as well as anticipating how events might unfold based on past events

THE KEY

Christopher Krebs, director of the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency. (Evan Vucci/AP)
The Department of Homeland Security is releasing today a list of 55 things the government most needs to protect from digital attacks.
The government believes that a cyberattack on any of these government or private sector services or functions could have a “debilitating effect” on national security, the U.S. economy or public health.
On the list, provided first to The Cybersecurity 202, are some obvious things -- such as supplying water or generating electricity. But the list also delves into some broader categories, including preserving Constitutional rights, protecting sensitive information, and enforcing the law. The list includes everything from providing internet access to supporting community health and conducting elections. You can read the full list here.
The U.S. has long relied on a system that prioritized protecting industry sectors --  such as transportation, financial services and energy -- as part of its critical infrastructure. But these broad categories are proving far too imprecise in an age when, say, North Korea launched a destructive attack on a film studio and Russia orchestrated a sweeping election inferference campaign.
The plan is part of a broader DHS effort to shift to a “risk-based” approach to cybersecurity — in other words, devoting more time and money to threats that could do the most damage.
"If everything’s a priority, then nothing’s a priority,” Director of DHS’s Cybersecurity and Infrastructure Security Agency Chris Krebs told me. “This allows us to really drill down into those things we need to care about.”
A main benefit of the new system is that it will allow government and industry to map out how a single digital threat — say an attack on the Global Positioning System or Internet routing services — might ricochet across numerous industries, Krebs said.
DHS’s previous system for categorizing digital threats focused on 16 critical infrastructure sectors but didn’t deal with the complex web of interdependence between them. And it didn't distinguish between truly vital systems, like those that deliver electricity, versus less vital ones, such as that electric utility's public-facing website.
“[Now] we can focus on … the gaps and overlays between [industry] sectors,” Krebs said. “We want to back out from these artificial economic sectors into something more focused on what [industries] actually deliver at the end of the day.”
Instead of listing the healthcare sector, for example, the new critical functions list includes systems that “maintain access to medical records” and that “support community health.” And instead of transportation, it lists transporting cargo and passengers by air, rail, road, mass transit and vessels -- and materials by pipeline.
The department also plans to work with industry to identify which functions are the most critical of the critical. The department will use that prioritized list — which it may or may not make public — to frame conversations with industry about cybersecurity tactics and to guide DHS’s budget requests to Congress, Krebs said.
“Not all [55] functions are created equal in terms of priority, so you can start triaging, putting the most critical ones at the top, figuring out where do we want to put our scarce resources,” he said.
You are reading The Cybersecurity 202, our must-read newsletter on cybersecurity policy news.
Not a regular subscriber?

PINGED, PATCHED, PWNED

President Trump speaks during a Make America Great Again rally. (William Glasheen/Post-Crescent/AP)
PINGED: President Trump’s lack of interest in election security and his unwillingness to condemn Russian hackers “has made it tougher for government officials to implement a more comprehensive approach to preserving the integrity of the electoral process,” my colleagues Josh Dawsey, Ellen Nakashima and Shane Harris report.
“For more than two years…Trump has recoiled when aides broached Russia’s 2016 theft and dissemination of Democratic emails and its ma­nipu­la­tion of social media in an effort to sway the election,” my colleagues report.
During one 2017 meeting with advisers, Trump called the hacking operation – which the intelligence community attributed to Russia – “a goddamn hoax,” my colleagues reported.
The president also regularly conflates discussions about Russia’s interference in the election with attacks on the legitimacy of his election, current and former officials said.
 “In one meeting in late summer 2018 in the Situation Room, aides told Trump that they wanted to talk publicly to raise voters’ awareness of the interference ahead of the midterm,” my colleagues reported. “According to an official familiar with the meeting, Trump placed a condition on any public statements: The aides must also make clear that Russia didn’t influence his win.”

Huawei CEO Richard Yu stands during the presentation of the new Huawei P30 smartphone, in Paris. (Thibault Camus/AP)
PATCHED: Washington doesn’t believe there’s any safe way to allow Huawei inside next-generation 5G wireless networks without enabling Chinese spying, the State Department’s top cybersecurity diplomat Robert Strayer told reporters in Brussels on Monday, the Wall Street Journal’s Parmy Olson reported.
The statement comes less than a week after the United Kingdom decided to let Huawei construct noncore portions of its 5G networks.
Strayer didn’t directly address the U.K. decision, the Journal reported. “But asked about whether the U.S. and the U.K. were aligned on what constitutes vulnerable parts of a network, he said: ‘no part of a 5G network should have parts or software coming from a vendor that could be under the control of an authoritarian government,’” the Journal reported.
The United States has lobbied numerous allies to ban Huawei from their 5G networks but with limited success. Only Australia has fully barred the Chinese telecom so far. The Trump administration has also not yet released its own order barring Huawei from U.S. 5G networks.

A workman dusts the floor at the Central Intelligence Agency headquarters in Langley, Va. (AP Photo/J. Scott Applewhite, File)
PWNED: A jailed former CIA computer engineer who’s accused of leaking a massive trove of hacking tools made a series of claims in a legal filing asking to be released from federal detention that many on Twitter noted were outlandish. 
Joshua Schulte, who’s accused of passing the documents known as Vault 7 to WikiLeaks, claimed he’s lost $50 billion during his incarceration, according to independent journalist Marcy Wheeler.
Here's the logic behind Schulte's claim of $50B in lost income: Basically, his incarceration is preventing him from becoming the next Bill Gates. pic.twitter.com/FbIsfI8kOS
— emptywheel (@emptywheel) April 26, 2019
Schulte also “lost time mentoring and teaching my youngest brother programming as he attends college and most likely learns the wrong way to align braces and indent,” according to the filing quoted by Cyberscoop’s Jeff Stone.
He’s “also a huge movie buff and I’ve already missed major blockbuster releases that I would have reserved in advance at Alamo Drafthouse and enjoyed with family and friends,” the filing states.
Schulte was first charged with storing child pornography in 2017. He was later charged with the Vault 7 leak under the Espionage Act.
Here's more on that from Wheeler:
Along with Espionage for leaking live hacking tool, Schulte is accused of possessing child porn and (in VA state charges) sexual assault.
He says he is accused of a victimless crime. pic.twitter.com/GTM3Wqr6WX
— emptywheel (@emptywheel) April 26, 2019
PUBLIC KEY
Cybersecurity news from the public sector:

Secretary of State Mike Pompeo said Monday he expects Russia will try to interfere in U.S. elections for decades to come, describing Moscow as having long presented a threat to American elections — not just in 2016.  
The Hill

The “Russia Small Group” — whose existence NSA Director Paul Nakasone announced in July of last year — will thwart Russian influence and cyberattacks.
Cyberscoop
PRIVATE KEY
Cybersecurity news from the private sector:

The ‘hidden backdoors” reportedly could have been used to spy on Vodafone’s infrastructure. Huawei says otherwise.
ZDNet

Facebook is kicking off its annual conference for developers on Tuesday with a keynote from CEO Mark Zuckerberg expected to share more details about his new, “privacy-focused” vision for the social network.
Barbara Ortutay | AP

The future of wireless technology holds the promise of total connectivity. But it will also be especially susceptible to cyberattacks and surveillance.
The New Yorker

Earlier this month, Motherboard revealed that Microsoft's email services were compromised. Multiple victims now say that hackers stole their cryptocurrency.
Motherboard

U.S. officials are reviving concerns about the security of a vital component of the electric grid: the large transformers that power cities and regions. Are those security concerns valid or overhyped? 

No comments:

Post a Comment