with Aaron Schaffer

The Justice Department will launch a wide-ranging four-month review into its strategy for defending and deterring emerging cyberthreats, Deputy Attorney General Lisa Monaco said in her first comments on the international stage since her confirmation.

The review will take a sweeping view of emerging risks including supply-chain attacks such as Russia's SolarWinds hacking campaign, and the exploitation of artificial intelligence by cybercriminals.

“We need to rethink and really assess, are we using the most effective strategies against this kind of new evolution, this pivot point that I think we're at today in the cyber threat?” Monaco told international cybersecurity leaders Friday. “There is no time to lose on what can we be doing better working with our partners across borders to address these to address these threats.”

The review is just the latest push from the Justice Department to position itself as a key player in the Biden administration’s cyber strategy. The agency also recently launched a task force to address a growing crisis of cyberattacks in which cyber criminals use malicious software to lock up computer systems and hold them for ransom.

“We're talking life and death. When a victim is a critical infrastructure holder, we are talking the main avenues of how we power our grid, how we get our water supply, you name it, said Monaco.

Monaco described the ransomware task force as going after the “entire ecosystem” used by hackers, including online infrastructure and digital currency used by criminals to collect ransoms.

Monaco says that ransomware is just one facet of the cyberthreats the United States and allies face. 

What is the next ransomware that we're going to have to deal with? What is the next exploitation by bad actors of other technologies? Monaco said. The Justice Department has tools that it can use and we are working every day with our partners to disrupt, to deter and to hold accountable malicious cyber actors using these and exploiting these technologies. But we have got to move at the same speed that our adversaries are.

The Justice Department has in recent months pushed a more aggressive strategy to take out online infrastructure used by hackers. 

It earlier this month used a court order to eliminate hackers' access to hundreds of U.S.-based servers that had been exposed by a massive Microsoft Exchange vulnerability. The department's strategy for stripping hackers' access from U.S. servers without first notifying victims has attracted scrutiny from privacy advocates who suggest it could violate federal search-and-seizure laws.

John Demers, the assistant attorney general of the Justice Department’s national security division, said last week the government is using the authority “judiciously” and on a case-by-case basis. He said that the agency is having internally discussions about its policies around directly removing hacking infrastructure in the future.

Monaco noted the importance of collaborating with international partners.

She cited a collaborative effort between the United States and international law enforcement earlier this year to take down infected computer networks used by cybercriminals as one example. 

“We have got to get innovative and aggressive, and we have to work collaboratively and cooperatively with our partners and with the private sector if we are going to keep pace with what the malicious actors are doing, she said.

The keys

Newsmax apologized to a Dominion Voting Systems employee for baselessly claiming he rigged votes.

The conservative news network said in a statement on Friday that it wanted to “clarify” its coverage of Eric Coomer, Dominion’s director of product strategy and security, Amy B Wang reports. In exchange, Coomer dropped Newsmax from a defamation lawsuit, the Associated Press reported.

“There are several facts that our viewers should be aware of,” the statement said. “Newsmax has found no evidence that Dr. Coomer interfered with Dominion voting machines or voting software in any way, nor that Dr. Coomer ever claimed to have done so.” The statement, which also noted that contested states certified their election results and conducted recounts and audits, ended with an apology for any harm caused to Coomer and his family. Representatives for Coomer did not respond to requests for comment, while Newsmax spokesman Brian Peterson said the company “doesn’t comment on litigation matters.”

The number of secret warrants for terrorism and spy cases dropped last year.

The Office of the Director of National Intelligence said in a declassified report that there were just 451 targets of Foreign Intelligence Surveillance Act (FISA) wiretap and search warrants in 2020, the New York Times’s Charlie Savage reports. It’s the lowest number in the intelligence community’s eight years of releasing the reports, which peaked at 1,833 targets in 2018 and dropped to 1,059 in 2019.

Benjamin T. Huebner, the chief civil liberties, privacy, and transparency at the Office of the Director of National Intelligence, attributed the drop to the pandemic sidelining spies and terrorists at home.

“The pandemic was the single event with the biggest impact to human behavior worldwide since the Second World War,” Huebner said. “That means it also had an impact on our foreign intelligence targets.”

Public exposure of U.K. Prime Minister Boris Johnson’s personal phone number raises national security concerns.

The BBC reported that a phone number on a 2006 news release “appears to be the one the PM uses,” Karla Adam writes. Experts say that public knowledge of the phone number could make it vulnerable to cyberattacks and surveillance.

“If his mobile phone number has been that widely available, you can’t rule out that others who you really don’t want to have his number, like hostile states with sophisticated cyber capabilities or criminal gangs, may have it as well,” Peter Ricketts, a former British national security adviser, told the BBC. When a Washington Post reporter called the number on Friday, it appeared to have been disconnected.

A spokeswoman for the prime minister’s office said that “it’s not something we are commenting on.”

Chat room

Vice World News Executive Editor Matthew Champion responded to former chancellor of the exchequer George Osborne’s criticism of Johnson-related media coverage:

Tom Peck, a political sketch writer at the Independent:

Cybersecurity blogger Graham Cluley:

Industry report

The semiconductor shortage is even affecting dog-washing machine manufacturers.

A family-run Illinois dog-washing booth manufacturer, CCSI International, was told that it would have to change its circuit boards to accommodate new chips, raising company costs, Jeanne Whalen reports. The shortage demonstrates the pervasiveness of semiconductors, which are found in most modern electronics and are increasingly showing up in high-tech households.

“This particular problem affects all aspects of manufacturing, from little people to big conglomerates,” said company president Russell Caldwell. “Literally we have cornfields around us There’s not a lot here.”

Global cyberspace

Daybook

  • Rep. Yvette D. Clarke (D-N.Y.), the chair of the House Homeland Security Committee’s cyber panel, and other lawmakers speak at Hack The Capitol 4.0 on Tuesday.
  • Cybersecurity officials speak at a Department of Commerce and Department of Homeland Security symposium on space cybersecurity on Wednesday.
  • Krebs speaks at an event hosted by the U.S. Agency for Global Media and Aspen Digital on disinformation on Wednesday at 9 a.m.
  • Secretary of Homeland Security Alejandro Mayorkas discusses ransomware at a U.S. Chamber of Commerce event on Wednesday at 1:30 p.m.
  • The House Homeland Security Committee’s cyber subcommittee holds a hearing on ransomware on Wednesday at 2:30 p.m.
  • The Intelligence and National Security Alliance holds an event on zero trust implementation on Thursday at 2:30 p.m.
  • Rep. Mike Gallagher (R-Wis.) speaks at a Heritage Foundation event on defense supply chains on May 10 at 1 p.m. 

Secure log off