“Recent cyber incidents … demand that Congress carefully consider proposals that will ensure more strategic collaboration between the federal government and the private sector on cybersecurity matters from the state and local governments to the health-care sector to water treatment facilities,” she said.
States have begged for additional resources amid a massive uptick in cyberattacks locking up the computer systems of critical services for a fee, a tactic known as ransomware. The compromise of thousands of local governments and organizations by a massive Microsoft breach and a recent hack of a Florida public water facility has also added urgency to getting resources to states.
Clarke also pushed to include cybersecurity funding in Biden’s $2.2 trillion dollar infrastructure package.
The package does not currently make any specific mentions of cybersecurity. The absence has attracted criticism from both lawmakers and industry groups.
“I believe the administration’s infrastructure package, the American Jobs Plan, is an opportunity to ensure that security is integrated or baked into critical infrastructure projects at the beginning and not tacked on at the end or patched up along the way,” she said.
Current and former officials see the infrastructure package as the perfect vehicle for getting resources to states and local governments who often rely on out-of-date technology more susceptible to cyberattacks.
Former Cybersecurity and Infrastructure Security Agency director Chris Krebs at a separate event at the Center for Strategic and International Studies also pushed for cybersecurity investments in infrastructure.
“I really think that that it is well past time for a 21st century Digital Infrastructure Investment Act, where we provide the equivalent of a block grants state and local [governments] where they can modernize their IT infrastructure,” he said. “And yes, it will help stop ransomware.”
The Biden administration is working on a plan for cybersecurity in critical infrastructure it hopes to roll out “relatively soon,” Jeff Greene, acting senior director for cybersecurity at the National Security Council, said at the Cybersecurity Coalition event.
CISA oversight will also be a high priority for House lawmakers.
Clarke says the SolarWinds attack in which Russian hackers infiltrated government systems unnoticed by CISA called into question the security value of its diagnostic and mitigation programs. She will call on the agency to more frequently assess the programs; support CISA in modernizing the systems; and embrace hiring people to prevent future attacks.
Leaders of the Senate and House Homeland Security committees have expressed support for increasing CISA funding. DHS Secretary Alejandro Mayorkas announced last week the agency is working on a proposal for funding to ramp up CISA’s state and local efforts.
The keys
Chinese hackers may have used stolen personal information to hack Microsoft.
The hypothesis that hackers used previously stolen data to discover who within the tech giant to target is a leading theory among investigators working to explain the complex hack, the Wall Street Journal’s Dustin Volz and Robert McMillan report. Such a strategy would heighten concerns about previous hacks by China, which targeted the U.S. government in addition to private corporations with scores of data on Americans, such as credit reporting agency Equifax.
“We face sophisticated adversaries who, we know, have collected large amounts of passwords and personal information in their successful hacks,” said Anne Neuberger, the deputy national security adviser for cyber and emerging technology. “Their potential ability to operationalize that information at scale is a significant concern.”
American technology is being used to develop advanced Chinese weapons.
Phytium, a Chinese firm, portrays itself as an aspiring chip giant like Intel but does not publicize its connections to the research arms of the People’s Liberation Army, Ellen Nakashima and Gerry Shih report. Officials and analysts say its chips, which use American software and were built in a Taiwan factory filled with American machinery, are used to develop hypersonic weapons that could one day be aimed at Taiwan or a U.S. aircraft carrier.
The Trump administration was set to blacklist Phytium last year but ran out of time, former U.S. officials said. Its partnership with the China Aerodynamics Research and Development Center — a research institute run by a Chinese major general — offers an example of how China is using civilian technology for military purposes, often with the help of U.S. technology.
“Phytium acts like an independent commercial company,” said Eric Lee, a research associate at the Project 2049 Institute, a Northern Virginia think tank focused on strategic Indo-Pacific issues. “Its executives wear civilian clothes, but they are mostly former military officers” from the National University of Defense Technology, a military research institution, he said.
Atlantic Media is telling current and former employees that their personal information may have been stolen.
The company, which previously owned outlets such as the Atlantic and Government Executive, said tax documents with current and previous employees’ and independent contractors’ Social Security numbers were “potentially briefly accessible to the unauthorized actors.” The company says there’s no indication of fraudulent use or public disclosure of the information.
Top Biden administration officials, including national security adviser Jake Sullivan and CIA director William J. Burns, wrote for the Atlantic during the time period covered by the accessed documents. The National Security Council and CIA did not respond to questions about whether the two men were notified of the breach.
Atlantic Media spokeswoman Anna Bross said the company is “in the process of notifying all impacted individuals” but did not answer a question about whether any government officials who wrote for its publications were among the victims.
Volz, a cybersecurity reporter who previously worked for Atlantic Media, told his former colleagues about the hack via Twitter:
Houston Chronicle reporter Sarah Smith:
Rosie Gray, a reporter at BuzzFeed News, put it succinctly:
Government scan
Industry report
Facebook doesn’t plan to notify 530 million users whose data was leaked.
A spokesman for the social media giant said the company doesn’t know which users would need to be notified, Reuters’s Elizabeth Culliford reports. Irish regulators are looking into the breach, which took place before 2019 and was recently leaked in full. Top European officials, including Justice Commissioner Didier Reynders and Luxembourg Prime Minister Xavier Bettel, were caught up in the leak, Politico’s Laurens Cerulus and Vincent Manancourt reported.
Global cyberspace
Mentions
Cybersecurity firm Fortinet registered to lobby in-house effective March 1. Hugh Carroll is the sole registered lobbyist on the account.
Chat room
What will they come after next? CyberScoop’s Tim Starks serves up a caper of vino-inspired cybercrime:
Cybersecurity Twitter responded accordingly:
Daybook
- Former president Donald Trump’s acting homeland security secretary, Chad Wolf, discusses the SolarWinds cyberattack at a Heritage Foundation event on April 12 at 1 p.m.
- Cybersecurity officials and researchers speak at a three-day symposium hosted by the National Security Agency that begins on April 13 at 9 a.m.
- U.S. intelligence chiefs testify before the Senate Intelligence Committee on April 14 at 10 a.m.
