Cyber Security

A year of hacking and cyber warfare: How Biden is tackling cybersecurity

A year of hacking and cyber warfare: How Biden is tackling cybersecurity
Written by ga_dahmani
A year of hacking and cyber warfare: How Biden is tackling cybersecurity

When Joe Biden took office as president in January 2021, he faced a cybersecurity crisis. According to the US Intelligence Community, the threat environment was “sharp.” Foreign adversaries were using “cyber operations to steal information, influence populations, and harm industry, including critical physical and digital infrastructure.” More than a year later, the situation remains dire. The good news is that the Biden team is on it.

Donald Trump’s behavior contributed to the crisis. After the Cyber ​​Security and Infrastructure Protection Agency (CISA) declared the 2020 US election to be “safest in US history“trump switched on its first director, Chris Krebs, a man he had appointed, for refuting his wild and false claims of hacked voting machines. This followed Trump’s earlier decisions to abolish high-level cyber positions. in the white house Y at the State Department.

The leadership vacuum could not have come at a worse time. In December 2020, cybersecurity company FireEye revealed that its networks had been affected by malware that relied on popular IT management software Orion, a product of SolarWinds. Major companies and government agenciesincluding the Pentagon, the Department of Homeland Security (DHS) and the National Nuclear Security Administration, were affected, along with 18,000 other SolarWinds customers.

Biden began by gathering a strong team in top cyber positions: no small feat in a field where the private sector has a lot to offer. On day one, he restored the National Security Council’s cyber work that Trump had unwisely eliminated and chose NSA veteran Anne Neuberger to fill it. Neuberger was named deputy assistant to the president and deputy national security adviser, giving the position significantly more influence in the White House status hierarchy than she had enjoyed during the Obama years.

At DHS, Biden moved quickly to fill the void left by Trump’s firing of his CISA director by choosing Jen Easterly, a US Army veteran who helped establish Cyber ​​Command during the Obama years. Biden’s widely praised pick would become unanimously confirmed by the Senate. For the new position of national cyber director at the White House, created by Congress in January, Biden chose Chris Inglis, who served as deputy director of the NSA during the George W. Bush and Barack Obama administrations.

Job one was tackling the SolarWinds hack. In April, National Security Advisor Jake Sullivan Announced that a “mixture of tools, visible and invisible” would be used against Russia. Biden tax specific penalties for the “totally inappropriate” SolarWinds hack, as well as news emerged Another major cyber espionage operation is carried out by Chinese hackers who are targeting Microsoft Exchange servers.

In May, Biden issued a executive order establishing new policies and mechanisms to improve information sharing and threat reporting, improve software supply chain security, and establish a cybersecurity review board. More importantly, the order harnesses the government’s purchasing power to spur the adoption of breakthrough cybersecurity technologies, particularly in the emerging area of ​​”zero trust,” a cybersecurity architecture that relies on protecting data within of a network, assuming hackers have already penetrated. that. “Incremental improvements will not give us the security we need,” the order stresses.

Biden faced further trouble in June, when a Ransomware attack on the colonial pipeline led to fuel shortages in the southeastern United States. In July, an even more massive ransomware attack hit Kaseya’s clientsa provider of remote IT services, closing supermarkets in sweden. These were just the highest profile in a series of ransomware attacks, posing dilemmas for law enforcement and businesses on how to respond. The US Department of Justice, Ukrainian police and prosecutors, and other allies worked to identify the Ukrainian man behind the Kaseya attacks. He was arrested in poland in November.

Meanwhile, at CISA, Easterly was moving quickly to transform public-private collaboration from a buzzword with few results to true operational cooperation between technology companies, government, and critical infrastructure. In August, CISA announced JC/CC—the Joint Cyber ​​Defense Collaboration—which brings together Silicon Valley heavyweights, cybersecurity companies, and the NSA, FBI, and Cyber ​​Command. between his achievementsspurred by ongoing attacks that exploited a software vulnerability in code known as “log4j”, has been to shorten the time between the discovery of attack information and the creation of public alerts and mitigations.

Russia’s buildup of forces on the Ukrainian border in late 2021 and early 2022 further raised the stakes for cybersecurity, as experts predicted that a wave of digital attacks would precede any conventional attacks. They were right. Even before Russia’s tanks broke through its neighbors’ borders, cyberattacks came fast and furious, freezing Ukrainian government computers and even briefly. shut down german wind turbines. The Ukrainians demonstrated as much skill and dedication in defending their digital networks as they did on the battlefield.

The Biden team did their part. In the first hours of the Russian invasion of the Ukraine, Neuberger helped make sure information about Russian malware discovered by Microsoft security researchers was quickly shared in time to mitigate its impact.

Congress has also stepped forward. On March 15, Biden legislation signed requiring companies operating critical infrastructure to report significant cyberattacks to CISA, with tight deadlines of twenty-four hours for ransomware payouts and seventy-two hours for other cyber incidents. The law will give the government more visibility into cyberattacks because the FBI estimates that only a quarter of such incidents are reported voluntarily. It also represents a bureaucratic victory for CISA’s Easterly, strengthening his agency’s authority in the face of objections that the law leaves out the FBI. Congress continues to consider broader reforms to federal cybersecurity approved by the Senate.

As the war continues in Ukraine, Vladimir Putin’s Russia will launch more cyberattacks, quite possibly targeting critical infrastructure in the United States. The Biden team has racked up an impressive record of accomplishments during its first fifteen months, but there is much work to be done. One thing is for sure: cyber threats will be “serious” for many years to come.

Timothy H. Edgar is a senior member at the Watson Institute at Brown University, teaches in its master’s program in cybersecurity and it is a lecturer at Harvard Law School. He served on the White House National Security Staff under President Barack Obama and is the author of Beyond Snowden: Privacy, Mass Surveillance, and the Fight to Reform the NSA.

Image: Reuters.

About the author

ga_dahmani

Leave a Comment