Good morning and welcome to The Cybersecurity 202! Read to the bottom for an important cybersecurity warning from The Post's own TikTok Guy.

Below: Hackers went after companies using Microsoft Office 365 software and the U.K. is getting serious about ransomware groups.

The United States will vie with Russia to lead the U.N.'s telecommunications agency

One year from now, the Biden administration will face off with Russia over who gets to lead what some have termed “the most important agency you’ve never heard of.”

That agency — the International Telecommunication Union — is the telecommunications arm of the United Nations. The international body has a massive reach, affecting everything from the way your iPhone works to the future of the Internet itself. 

In October 2022, top officials from more than 100 countries will meet in Bucharest, Romania, where they’ll choose between U.S. candidate Doreen Bogdan-Martin and Russian candidate Rashid Ismailov to be the next secretary general of the ITU for the next four years. Bogdan-Martin is an ITU veteran of nearly three decades, while Ismailov is a former Russian deputy telecommunications minister and former Huawei executive. 

Agency role

The stakes for the election are high despite the ITU’s low profile.

The agency works on a vast array of worldwide telecommunications standards, making recommendations like telephone country codes, and also holds simulations of cyberattacks to boost the security of its member states. Its recommendations are nonbinding but are “generally complied with” because of their quality and implications for interconnectivity of networks worldwide, according to the organization.

It’s “the most important agency you’ve never heard of, setting rules for global tech like 5G,” Samantha Power, administrator of the U.S. Agency for International Development, recently wrote

The winner of next year’s election will take the reins from China’s Zhao Hulin, who has led the agency since 2015. But he has come under fire for his support of Chinese telecom giant Huawei and a global Chinese infrastructure program, the Belt and Road Initiative. Critics say Huawei technology is insecure, a claim the company denies, while the Belt and Road Initiative is a signature piece of Chinese President Xi Jinping’s foreign policy.

Critics also point to a Huawei proposal to radically reshape the Internet through an idea of a new Internet protocol with a top-down design.

Competing visions

Bogdan-Martin wants the agency to focus on issues like broadband access.

She plans to promote a vision of universal digital connectivity, collaboration and good management, according to a promotional website that the State Department posted last month.

Ismailov’s platform also includes a goal of universal broadband access. But he also wants to refocus the ITU, including by having it create international rules and ethics guidelines for autonomous systems like robots and drones that use artificial intelligence.

Moscow has also asked the ITU to discuss the rules underpinning cyberspace, to no avail. Russia has long called for a more expansive Internet mandate for the ITU, which would displace the Internet Corporation for Assigned Names and Numbers (ICANN), a nonprofit organization that plays a key role in the infrastructure that defines the way the Internet operates.

Russian officials argue that ICANN, which the U.S. government oversaw until 2016, gives too much power to the United States. 

  • Since 2016, ICANN has had the sole authority to organize and assign names and addresses in the Internet’s address book.
  • “At this time the U.S. fully controls the Domain Name System used to resolve IP addresses,” former Russian president Dmitry Medvedev reportedly said in August 2020. “That’s how it happened historically, but simply and bluntly put, it shouldn’t be this way.”
  • When they met the following month, top Chinese and Russian diplomats said their talks had helped “underscore common positions on Internet governance, including the importance of ensuring equal rights of states to govern the global network, and emphasize the need to enhance the role of the International Telecommunication Union.”
The race

To defeat Russia and Ismailov, the Biden administration will have to hit the ground running. For the next year, diplomats and U.S. government officials will be lobbying countries across the world to get their votes, former U.S. officials say. Of the ITU's 193 member countries, representatives of members in good standing will vote in a secret ballot in Bucharest.

Much of the diplomacy happens in embassies around the world and at international meetings where delegates convene, said Rob Strayer, a former State Department official who is now executive vice president of policy at the Information Technology Industry Council.

And top Biden administration officials like National Cyber Director Chris Inglis and Secretary of State Antony Blinken have spoken in support of Bogdan-Martin in recent months.

“You have to work for every vote. You have to engage for every vote,” said Fiona Alexander, a former associate administrator for international affairs at the Commerce Department’s National Telecommunications and Information Administration. “You can't make any assumptions. It's just like any other election.”

The keys

Iran-linked hackers targeted companies that use Microsoft Office 365 software

They were able to successfully compromise fewer than 20 of 250 targeted organizations which use Microsoft Office 365 software, Microsoft said

The hacking group focused on U.S. and Israeli defense companies, Gulf ports and maritime companies that work in the Middle East, Microsoft said. It also targeted companies making “military-grade radars, drone technology, satellite systems and emergency response communication systems” for partners in the United States, European Union and Israel, the company said.

Microsoft found the hacking activity when it was responding to a hack of a U.S. financial firm this summer, Microsoft Threat Intelligence Center head John Lambert told CNN’s Sean Lyngaas.

The U.K. will proactively go after ransomware groups, cybersecurity chief says

The United Kingdom will try to “deliver a more sustained, proactive and integrated campaign for disrupting and imposing costs on malicious actors” like ransomware groups, National Cyber Security Centre CEO Lindy Cameron said. Cameron pointed to the U.K.’s military capabilities and its National Cyber Force, which conducts cyber operations, as examples of tools to be deployed.

Russia and its neighbors “are responsible for most of the devastating ransomware attacks against U.K. targets,” Cameron said. She also discussed NSO Group’s Pegasus spyware and argued that “we need to avoid a marketplace for vulnerabilities and exploits developing that makes us all less safe.”

The White House told government agencies to let CISA see their cybersecurity defenses

The Office of Management and Budget’s memo gives CISA a 90-day deadline to access the systems that federal agencies use to protect devices like computers, CyberScoop’s Tim Starks reports. It comes in the wake of the SolarWinds cyberattack and congressional hearings, which highlighted gaps in detecting hackers.

Agencies have four months to analyze their defenses. CISA has six months to come up with a “playbook of best practices” that can be applied across the federal government,” according to the memo. 

Industry report

Google announces a security advisory team

The company’s new Cybersecurity Action Team will provide strategic advisory services, as well as security compliance, engineering, and threat and incident response services. The initiative will begin with Google Cloud and will “evolve to bring Google security to more organizations as it progresses,” the company said.

The announcement was praised by CISA Director Jen Easterly. “It’s great to see a large company like Google Cloud orient itself to support the cybersecurity of all organizations large and small through its Cybersecurity Action Team,” Easterly said. “As part of the [Joint Cyber Defense Collaborative] and other initiatives, we look forward to partnering with them and other tech companies in this vital effort.”

Global cyberspace

Cyber insecurity

Privacy patch

Daybook

  • Former MI6 Chief Alex Younger, cybersecurity executives and experts speak at Recorded Future’s three-day Predict 21 conference, which begins today.
  • Cybersecurity executives and officials speak at the three-day Pearson Global Forum, which begins today.
  • National Cyber Director Chris Inglis, CISA Director Jen Easterly, U.K. National Cyber Security Centre CEO Lindy Cameron and others participate in CISA's annual four-week cybersecurity summit on Wednesday.
  • CISA Deputy Director Nitin Natarajan and Rep. Jim Langevin (D-R.I.) speak at the Blackberry Security Summit on Wednesday.
  • Palo Alto Networks Chair and CEO Nikesh Arora and Suzanne Spaulding, a senior adviser at the Center for Strategic and International Studies and former DHS official, speak at a Washington Post Live event on Thursday at 4 p.m.
  • Natarajan speaks at the Oregon Cyber Resilience Summit on Thursday at 5:30 p.m.

Secure log off

Thanks for reading. See you tomorrow.