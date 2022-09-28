Comment on this story Comment Gift Article Share

Welcome to The Cybersecurity 202! Below: The alleged Optus hacker revokes extortion demands and Meta dismantles China-based network targeting American users. But first:

The White House brought in a big cyber name. Here's what she wants to do. Camille Stewart Gloster is one of the newest, big-deal additions to one of the newest parts of the federal government, officially known as the Office of the National Cyber Director but sometimes called the White House "cyber czar." Two directorates fall under her umbrella: one on technology and one on workforce.

If those sound like two pretty different topics to you, she sees it otherwise.

“Technology is operated by people, created by people, abused by people and used by people,” Stewart Gloster told me in her first interview since her appointment as deputy national cyber director for technology and ecosystem in July. “And understanding the connections there, and how that then connects to your awareness, interest and pursuit of cyber careers or technology careers is really important. So I think there is a big linkage there and an opportunity to really take a fulsome look at the cyber ecosystem.”

Stewart Gloster is a well-known name in the cybersecurity world, and for reasons that match pretty closely to the job she took. She arrives from Google, where she last held the title of global head of product security strategy. She is the co-founder of #ShareTheMicInCyber, a movement to address diversity issues in the cyber profession. And she’s an attorney who served in the Obama administration’s Department of Homeland Security as a senior policy adviser.

Now, she’s heading a team that, she concedes, many cyber and government officials would be hard-pressed to say what it does. Some of that is merely that it’s new, of course.

What she’s working on

Stewart Gloster’s responsibilities fall under two main categories:

The cyber workforce, education and training.

Technology security: emerging technology, research and development, strengthening the hardware and software supply chain.

In that first category, she’s working on developing a cyber workforce and education strategy. It will follow in the heels of the broader national cyber strategy expected this fall that the overall cyber czar’s office is heading up. The workforce and education strategy will seek to “really get in the weeds and focus on implementation” of that broader national strategy, she said.

Her priorities on education and the workforce include focusing on three different groups: the general public and its awareness of cyber; employees whose work at any given organization touches on cybersecurity; and the people who would be considered true cyber pros. That last group, she said, needs to be “highly skilled and diverse.”

The workforce “is only enhanced by having a variety of lived experiences and backgrounds in the seats that are doing work,” she said.

Her approach is centered on the notion that no one entity can address those issues, so she’ll be seeking to hear from experts at every level: federal, state, local and private sector. And she’ll be able to take some lessons from #ShareTheMicInCyber.

“That individual-action-catalyzing-collective-action piece, I think it'll be something that I can carry with me,” Stewart Gloster said. “‘Share the Mic’ was targeted to a discrete problem area. Now I'm getting to do it all. It will be a piece of a very large pie.”

In the second category, on tech security, her team is collaborating with others in the bureaucracy to make sure cybersecurity is highlighted during implementation of the Chips and Science Act, which will dedicate $52 billion in subsidies to the domestic semiconductor industry.

Her team is also promoting open-source software security, and seeking to ensure that developers take security into account every step of the way.

Her biggest challenge right now is in the number of hands available to her, she said. She currently leads a team of four full-time employees, a number set to jump to approximately 16 by the end of the year.

Exiting #ShareTheMicInCyber

Stewart Gloster co-founded #ShareTheMicInCyber, a campaign to raise awareness of women and racial minorities in the cyber arena. Gloster said she’ll have some “FOMO” over leaving the project she co-founded, but she believes it has made a difference.

“I definitely think it opened the dialogue to have a more candid conversation around the diversity issues,” she said. “Also, I think it elevated the experiences that people of color are having in cybersecurity community and cyber job landscape.”

Lauren Zabierek, who co-founded #ShareTheMicInCyber, and Stewart Gloster have spoken of barriers in the cyber industry they’ve personally experienced as women, and in Stewart Gloster’s case, a Black woman. It’s not a field proportionally populated by either women or those who identify as members of a minority group.

(Future plans for #ShareTheMicInCyber are “TBD,” said Zabierek. But she'd like to see it become a full-fledged nonprofit. It’s developing a fellowship at the New America think tank. And a campaign is scheduled for October on the value of “belonging” in cyber and psychological safety.)

But moving into the government was the right call for Stewart Gloster, she said.

“I have no regrets because I think I am doing exactly what we wanted people to be able to do, right?: Step into leadership roles,” she said. “I'm working on parallel efforts. So I get to attack the cyber workforce education and training challenges more broadly. And it's an opportunity to bring those lessons learned into this space.”

The keys

Alleged Optus hacker revokes extortion demands

The hacker who claimed responsibility for last week’s massive Optus data breach abruptly withdrew their extortion demands and apologized to the 10,200 people whose personal information was already leaked, Bleeping Computer’s Bill Toulas reports.

Australia’s second-largest wireless carrier announced last week that data of up to 10 million customers — including their names, dates of birth, physical addresses, driver’s licenses and passport numbers — had been compromised. On Friday, a user going by the alias “optusdata” published a small sample of the stolen data on BreachForums, and threatened to leak the records of 10,000 more Optus customers per day unless the firm paid $1 million in cryptocurrency.

Optus didn’t give into the extortion demands, and instead enlisted the help of law enforcement to investigate the incident. The hacker subsequently posted that the stolen data would no longer be sold or leaked due to increased scrutiny of the data breach, and claimed that the information had been deleted from their device that had held the only copy.

Facebook parent dismantles China-based network targeting American users

Meta announced Tuesday that it had taken down a small China-based network of fake accounts that was seeking to influence U.S. politics ahead of the 2022 midterm elections, The Post’s Naomi Nix reports.

The covert influence operation used profiles on Facebook and Instagram posing as Americans to post opinions on hot-button issues like abortion, gun control and high-profile politicians on both sides of the political spectrum. The campaign, which primarily targeted audiences in the United States and Czech Republic, posted from the fall of 2021 through the summer of 2022.

According to Ben Nimmo, Meta’s global threat intelligence head, while the network didn’t appear to gain much tractor or user engagement, it was unusual because unlike previous China-based influence operations that focused on promoting narratives about America to the rest of the world, this scheme was intended to influence U.S. users about American topics months ahead of November’s elections.

In a separate incident, Facebook’s parent company said it had disrupted the largest Russia-based influence operation it’s taken down since the start of the war in Ukraine. That operation was vast, comprising over 60 websites impersonating legitimate news organizations in Europe with the aim of promoting pro-Kremlin narratives about the conflict. The network targeted users in Germany, France, Italy, Ukraine and the U.K., according to Meta’s report.

Fast Company was hacked last night

“Hackers breached internal systems at Fast Company magazine Tuesday evening, defacing the company’s main news site and sending racist push notifications through Apple News to iPhone users,” our colleague Joseph Menn reports. "The two-sentence push notifications were attributed to Fast Company and contained the n-word and graphic language, prompting shocked users to post screenshots on Twitter.

The breach was one of the biggest violations of Apple’s “walled garden” in memory, Joe writes. Yet there was nothing to indicate that user security was compromised beyond the upsetting wording.

“Fast Company’s Apple News account was hacked on Tuesday evening. Two obscene and racist push notifications were sent about a minute apart,” the magazine said by email. “The messages are vile and are not in line with the content of Fast Company. We are investigating the situation and have suspended the feed and shut down FastCompany.com until we are certain the situation has been resolved.”

