Search This Blog

Search Tool

Apr 8, 2019

Analysis | The Cybersecurity 202 | Nielsen departure could deal a blow to Trump administration's cybersecurity efforts

By Joseph Marks

Want more cybersecurity news and analysis in your inbox? Sign up for The Cybersecurity 202 newsletter. 

Homeland Security Secretary Kirstjen Nielsen speaks at George Washington University. (AP Photo/Carolyn Kaster, File)
Kirstjen Nielsen’s resignation as secretary of homeland security could deal a blow to the Trump administration's cybersecurity efforts -- as she was one of the last civilians in its top ranks with extensive cybersecurity expertise.
That’s a dangerous position, experts say, as the nation barrels toward a 2020 election that will likely be targeted by Russian hackers and the Homeland Security Department launches a major campaign to get government and industry to stop buying technology from China's Huawei and other companies deemed national security threats.
“Hopefully whoever runs DHS will prioritize its vital cybersecurity mission, but it makes a difference if the person at the top has a background in cyber and knows from experience how important it is rather than just being told,” former State Department cyber coordinator Chris Painter told me. “DHS is spread thin among multiple priorities as it is, and without a clear mandate from department leadership that cybersecurity is a prime mission, their efforts risk being sidelined.”
Nielsen – who The Post reported was forced to step down because Trump was dissatisfied with her handling of the border -- had, by far, the longest cybersecurity resume of any DHS secretary in history. She advised President George W. Bush on cybersecurity and homeland security issues, founded a consulting group called Sunesis Consluting focused on cybersecurity and critical infrastructure, and served as a senior fellow at George Washington University’s Center for Cyber and Homeland Security.
Her acting successor, U.S. Customs and Border Protection Commissioner Kevin K. McAleenan, by contrast, has no substantial background in the field.
Her resignation also comes after the high-profile departure last year of Tom Bossert, a cybersecurity savvy Homeland Security Adviser, and Rob Joyce, the White House cybersecurity coordinator, whose job was eliminated when he returned to work at the National Security Agency.
That leaves Chris Krebs, director of DHS’s cybersecurity division, as the highest-ranking official who regularly speaks publicly about major civilian cybersecurity initiatives.
“Bossert, Joyce, and now Nielsen,” Paul Rosenzweig, a former top DHS policy official, told me. “I am sure the professional staff will continue to do their level best and there is no reason to think that McAleenan is not willing to engage. But at the same time the lack of high-level commitment to the issue is evident.”
Nielsen made cybersecurity a priority at DHS, frequently describing cyberattacks as a greater danger to the nation than terrorism. She lobbied industry to help government fight digital attacks from China and Russia.
During her tenure, Congress approved a plan to elevate and rename DHS’s clunkily-titled cybersecurity division – previously called the National Protection and Programs Directorate – to the Cybersecurity and Infrastructure Security Agency, or CISA.
That change – which DHS officials had sought since the Obama administration -- “should give cybersecurity some insulation from changes in DHS headquarters,” said another former top DHS cybersecurity official, Phil Reitinger.
Nielsen also helped smooth tensions with states over election security that flared up in the wake of Russian efforts to interfere in the 2016 election -- and her efforts seem to have paid off.
At the low point of that relationship, in February 2017, the National Association of Secretaries of State unanimously approved a resolution opposing former DHS Sec. Jeh Johnson’s decision to designate election systems as critical infrastructure – a move they saw as a power grab aimed at imposing federal authority over state-run elections.
By the time the 2018 midterms rolled around, however, all 50 states were consulting with DHS about hacking threats and many of them had invited the agency to test the cybersecurity of their election systems.
And there was no evidence that Russia or any other nations successfully undermined the 2018 elections, according to intelligence officials – a fact Nielsen made sure to tout in her resignation letter she posted to Twitter.
Even though she oversaw controversial changes to border policy, and the government’s response to numerous hurricanes and other natural disasters, Nielsen devoted more ink to cybersecurity in that letter than to any other single topic.
“We have prevented the disruption of U.S. elections and guarded against foreign interference in our democracy,” she wrote. “We have replaced complacency with consequences in cyberspace, we are holding digital intruders accountable, and we are stepping up our protection of American networks.”
Its been an honor of a lifetime to serve with the brave men and women of @DHSgov. I could not be prouder of and more humbled by their service, dedication, and commitment to keep our country safe from all threats and hazards.
— Sec. Kirstjen Nielsen (@SecNielsen) April 7, 2019
You are reading The Cybersecurity 202, our must-read newsletter on cybersecurity policy news.
Not a regular subscriber?


PINGED: A former Democratic congressional staffer pleaded guilty Friday to publishing the personal information of four Republican senators on Wikipedia — in hackers’ parlance, “doxing” them — out of anger over his own firing and Republican actions during the confirmation hearings of Supreme Court Justice Brett M. Kavanagh.
Jackson A. Cosko, 27, who had been fired before the incident by Sen. Maggie Hassan (D-N.H.), also threatened another staffer who caught him on a computer after hours in Hassan’s office, my colleague Spencer S. Hsu reported.
The GOP senators he doxed were Senate Judiciary Committee members Lindsey O. Graham (S.C.); Mike Lee and Orrin G. Hatch of Utah; and Sen. Rand Paul and Senate Majority Leader Mitch McConnell of Kentucky.
Cosko “pleaded guilty to two counts of making public restricted personal information and one count each of computer fraud, witness tampering and obstruction of justice,” Spencer reported.
Cosko’s lawyer Brian W. Stolarz said in a statement: “Mr. Cosko takes full responsibility for his actions and is sincerely remorseful. Sadly, Mr. Cosko’s ongoing struggle with drugs contributed to a regrettable course of conduct. He is committed to rehabilitating his life, his reputation, and addressing his addiction.”

WikiLeaks founder Julian Assange greets supporters outside the Ecuadoran Embassy in London. (Frank Augstein/AP)
PATCHED: WikiLeaks founder Julian Assange is not being expelled from the Ecuadoran Embassy in London where he has spent the past seven years, Ecuadoran officials said late Friday, according to a Reuters report.
According to Reuters: “Assange was ‘prepared’ for expulsion from the building, a British friend of his said on Tuesday, after Ecuador’s President Lenín Moreno said he had ‘repeatedly violated’ the terms of his asylum. Moreno accused Assange of harming Ecuador’s relations with other countries by intervening in their politics and said he did not have the right to ‘hack private accounts or phones.’ WikiLeaks said Moreno’s remarks were in retribution for WikiLeaks having reported on corruption accusations against Moreno, who denies wrongdoing.”
Ecuador’s Foreign Ministry denied those claims, however, saying the nation “categorically rejects the fake news that have circulated recently on social networks, many spread by an organization linked to Mr. Julian Assange, about an imminent termination of the diplomatic asylum granted to him since 2012.”
The ministry added that it reserved the right to terminate Assange’s asylum when it considered it justified, Reuters reported.

Sen. Ron Wyden (D-Ore.) speaks during a news conference. (J. Scott Applewhite/AP)
PWNED: A federal commission that helps states combat hacking and digital interference in their elections is hampered by a lack of security clearances, Politico’s Eric Geller reports.
Just half the members of the Election Assistance Commission have security clearances, Eric reported, and none were cleared during the 2018 election cycle or the  2016 cycle — which was undermined by Russian hacking efforts.
“The delay in issuing security clearances for commission members is part of a massive backlog of application approvals throughout the entire federal government. But it’s a particularly acute problem for the EAC, one of the key agencies offering guidance to state and local officials about how to protect themselves from security risks,” Eric reported.
Sen. Ron Wyden (D-Ore.), who has sponsored election security bills, compared asking EAC members to help protect elections without a clearance to “making a baseball player hit without a bat,” according to the story.
“Vermont Secretary of State Jim Condos, who previously led a national group of secretaries that works closely with the EAC, called it ‘imperative’ that the commissioners receive their clearances ‘so that we can all be rowing in the same direction to defend our democracy against our foreign adversaries,’ ” Eric reported.
Cybersecurity news from the public sector:

Amid intensifying warnings about foreign spies and criminals infiltrating new 5G networks and the military supply chain, the Pentagon has been considering publicly releasing a “black list” of companies it believes could pose risks to its weapons based on using risky suppliers.
Yahoo News

A congressional push to examine the threat of so-called deepfake videos was derailed last year after a key House lawmaker blocked a measure that would have provided government funding to study the insidious technology.
The Hill

The willingness of authoritarian governments to leverage native tech companies to achieve their national goals has forced U.S. officials to adapt in how they view risk from those companies, according to a senior Department of Homeland Security official.

Almost half a million dollars was diverted out of the Tallahassee’s employee payroll Wednesday after a suspected foreign cyber-attack.
USA Today

Four federal agencies are asking the industry they regulate whether a cybersecurity assessment is worth the work of collecting and submitting the necessary data.
What percentage of critical infrastructure is owned by the private sector versus the government? Well, it's certainly a lot, but the oft-cited figure of 85 percent has no real basis in research as four former government cybersecurity officials noted in a Twitter exchange this weekend. It started with former DHS official Phil Reitinger:
My favorite is how the Internet turns wild conjecture into fact, like 85% of critical infrastructure is privately owned. Circular reporting and cross referencing create unassailable fact.
— Phil Reitinger, Principle Engineer (@CarpeDiemCyber) April 6, 2019
Then former State Department Cyber Coordinator Chris Painter joined in:
How much is owned by the private sector? A bunch. Most. A lot. 85 percent?— pure conjecture reinforced by constant repetition (hmm, sounds like something we’ve been experiencing elsewhere of late).
— Chris Painter (@C_Painter) April 6, 2019
Followed by former White House Cyber Coordinator Michael Daniel:
As one OMB examiner famously put it in a Director's Review: we made these numbers up several years ago and we've been tracking them ever since.
— J. Michael Daniel (@CyAlliancePrez) April 7, 2019
And here's former DHS cybersecurity official Paul Rosenzweig who did some research on the figure but still couldn't find a definitive origin.
@CarpeDiemCyber I actually traced the origin once. Farthest back I could go was an early estimate by Sen. Feinstein that was later repeated by Mishel Kwon. See Fn5 of this paper:
— Paul Rosenzweig (@RosenzweigP) April 6, 2019
Cybersecurity news from the private sector:

You might have a certain idea of where cybercriminals congregate. Maybe you imagine a black hoodie operator working at night on the dark net or something out of Mr. Robot. In fact, these things are often much more simple and mundane than they seem.

SKDKnickerbocker is running communications for NSO Group, an Israeli company known for selling surveillance technology to authoritarian governments.
The Intercept
Production at Norwegian aluminum maker Norsk Hydro was back to near normal after...
How did a private Chinese firm come to dominate the world’s most important emerging technology?
Keith Johnson, Elias Groll

Source: The Washington Post

No comments:

Post a Comment