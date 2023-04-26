Comment on this story Comment Gift Article Share

Welcome to The Cybersecurity 202! I keep asking science to stop making things into cyborgs, but they refuse to listen. Guess I still need to build up my credibility with science. Reading this online? Sign up for The Cybersecurity 202 to get scoops and sharp analysis in your inbox each morning.

Below: House Homeland leaders ask CISA for a critical infrastructure security update, and Chinese cloud-computing firms are under GOP scrutiny. First:

The Biden administration is going on the road to tackle satellite cybersecurity

SAN FRANCISCO — A top Biden administration cyber official is meeting with industry this week in California about securing satellites against cyberattacks, a burgeoning topic that the U.S. government is trying to raise awareness of across agencies and in Congress.

Kemba Walden, the acting national cyber director, told reporters at the RSA Conference she’s visiting Long Beach — nicknamed “Space Beach” to some — for a workshop with California firms to get their views on the policy gaps they see in safeguarding space from hackers.

Advertisement

The urgency and profile of the subject has grown since last year. That’s when Russia, according to the United States and allies, launched a cyberattack on U.S. firm Viasat’s European satellite network just before the invasion of Ukraine last year to hamper communications there.

“We are all aware that the first ‘shot’ in the current Ukraine conflict was a cyberattack against a U.S. space company,” Walden said. “So, there is strong agreement across public and private sectors that this is urgent and requires high-level attention. The White House is deeply committed to driving efforts to enhance space systems cybersecurity, recognizing that the incredibly complex and unique space ecosystem requires a very close public-private partnership, given the pace and scale of private-sector innovation.”

Satellite cybersecurity also has seized more attention as documents leaked on Discord reveal U.S. government concerns about space vulnerabilities, as my colleague Christian Davenport reported Tuesday. The leaks also include information on China reportedly developing cyberweapons to take over enemy satellites during wartime.

The threats and risks

One of the things that makes space cybersecurity is that it’s diffuse, Walden said.

Advertisement

“It’s a multi-domain challenge,” she said. “You have the links from base stations to the satellites themselves.” But also:

Those are some of the issues she’ll be posing to industry this week, she said.

China and Russia are often mentioned as the top threats, but among the two, Walden said, “I don’t see one or the other as a bigger threat.” The big goal is “making sure we have a resilient system that can withstand whatever challenge,” she said. U.S. adversaries in space could be different in five, 10 or 20 years, she said.

Last week, Space Force Gen. Chance Saltzman said that the Pentagon is “seeing an incredibly sophisticated array of threats,” including communications jamming, cyberattacks and “nesting dolls,” when satellites “release others that spread out and track adversaries’ spacecraft,” as Christian reported.

What’s happening, what’s afoot

The Biden administration national cybersecurity strategy says the administration wants to implement a 2020 Trump administration directive on space cybersecurity. Among other things, that directive calls for cybersecurity to be incorporated into every step of space-system development. The administration is going to “work with industry to put those principles into action,” Walden said.

Advertisement

Last month, Walden’s office and other agency leaders with space and security responsibilities gathered with space industry representatives to hold a classified threat briefing and commit to future steps. The Biden administration has held similar briefings for other critical sectors, like aviation and the rail industry.

Besides regional workshops about space cybersecurity that Walden’s office is convening, the Commerce Department is planning a symposium in D.C., and the National Institute of Standards and Technology is preparing to finalize a report on using its popular cybersecurity framework to shore up commercial space cybersecurity.

Earlier this month, the successor organization to the congressionally created Cyberspace Solarium Commission recommended that the federal government should label space systems as critical infrastructure, a designation that could lead to more tailored federal attention. It’s an idea that’s been floating around for a while.

Advertisement

Walden said the White House is working to rewrite a 2013 policy directive on the 16 critical infrastructure sectors, and while her office is involved in those discussions, she couldn’t say whether the space sector would be added.

“I don’t know the answer because the sausage is still being made,” she said. “But what I will say is that designating something as critical infrastructure just is a way to frame how we do policy, and nothing more. It just brings a way of thinking, and nothing more.”

She added: “The benefits of having something designated as critical infrastructure really are being able to organize and have people at the table having policy conversations. We’re doing that anyway, whether space systems are designated or not.”

Meanwhile, Senate Homeland Security and Governmental Affairs Committee Chair Gary Peters (D-Mich.) also plans to reintroduce legislation from last year that would direct the Cybersecurity and Infrastructure Security Agency to compile guidance to protect satellites from cyberattacks. It would also direct the Government Accountability Office to study federal efforts to protect commercial satellites and the degree to which the federal government relies on them.

Advertisement

Derek Johnson of SC Magazine has some other takeaways from Walden’s chat with reporters.

The keys

First in The Cybersecurity 202: House Homeland cybersecurity leaders ask CISA director for updates on ‘systemically important entities’ office

House Homeland Security leaders asked Cybersecurity and Infrastructure Security Agency Director Jen Easterly to provide an update on efforts the agency is making to establish a program office for identifying systemically important entities (SIE) by September, according to a letter shared with The Cybersecurity 202. The goal of designating those entities as especially critical is to give them extra protection because their compromise could have dire ramifications.

Andrew R. Garbarino (R-N.Y.) and Eric Swalwell (D-Calif.) asked Easterly for a description of the goals of the new office, office staff estimations, required resources and how it would integrate with current systemically important designation schemes, among other things.

Advertisement

An early iteration of SIEs was drawn up in an Obama-era executive order that directed regulators to label critical infrastructure targets facing the greatest risks of a cyberattack.

While the United States for years has designated 16 critical infrastructure sectors under earlier DHS directives, the Cyberspace Solarium Commission (CSC) in 2020 pushed to add another category called “systemically important critical infrastructure,” or SICI, in addition to drawing up a list of “benefits” and “burdens” that can help infrastructure owners improve their defenses.

Congress last year came close to passing the CSC recommendations into the National Defense Authorization Act, but industry groups lobbied against them, citing that the SICI directives would be duplicative of preexisting requirements. Sen. Angus King (I-Maine), one of the CSC’s leaders, told Tim at the time that he did not think the issue was dead in Congress.

Former NSA director won lucrative cyber consulting gigs with foreign governments, documents say

Retired Army Gen. Keith Alexander, who led the National Security Agency, closed $2 million in consulting deals with foreign governments including Japan and Saudi Arabia after leaving his post, including a $700,000 contract to advise Saudi Arabia on cyber matters after the killing of journalist Jamal Khashoggi in 2018, our colleagues Craig Whitlock and Nate Jones report, citing newly released records. The records show that Alexander “reported the most foreign compensation of any retired U.S. service member since 2012,” Craig and Nate write.

Advertisement

Alexander’s consulting firm IronNet Cybersecurity also secured a $1.3 million contract with the Japanese government to consult on cybersecurity issues, they reported.

He also “received federal permission to serve as a cyber adviser for the government of Singapore, receiving three separate consulting contracts worth more than $25,000,” they write.

Alexander declined interview requests for the story. “IronNet has said that the firm provided educational and consulting services for the Saudi cyber college until the contract ended in 2020, but that Alexander did not personally perform any of the work or attend board meetings as he originally planned,” Craig and Nate write. “An IronNet spokeswoman declined to say how much revenue the company received. Alexander is the founder, chief executive and chairman of the firm. The Saudi Embassy in Washington did not respond to request for comment.” IronNet spokeswoman Nancy Fazioli declined to comment on the work Alexander or IronNet did for the Japanese government, and said that Japan’s government signed the contract with IronNet and not Alexander in his personal capacity.

The U.S. government withheld most information about the jobs until The Post won a two-year legal battle with some U.S. military branches and the State Department. An investigation last year found that over 500 retired U.S. military personnel had been accepting contract employment from foreign governments, many of which are connected to human rights abuses and political repression.

A congressional panel has scheduled a hearing on the issue Wednesday.

GOP senators urge Biden administration to curb China-linked cloud-computing entities

A group of Republican senators asked the Biden administration Tuesday to “use all available tools” to sanction China-linked cloud-computing entities, Brian Fung reports for CNN. Alibaba and Huawei representatives didn’t immediately respond to CNN’s request for comment.

Advertisement

The letter led by Bill Hagerty (R-Tenn.) asks various U.S. agencies, including the Commerce Department and Treasury, to levy bans, sanctions and restrictions on Alibaba and Huawei. It cites the company’s alleged connections to China’s military and government institutions. They also called for investigations into Baidu, which makes China’s biggest search engine, and Tencent, which is behind popular messaging apps and video games.

“We are deeply concerned about this growing trend of [Chinese]-based cloud computing services engaging with entities that directly impact the national security interests of the United States,” they wrote.

The letter comes amid heightened scrutiny of Chinese technologies in the United States, notably Chinese-owned TikTok. And in 2020, the FCC began a program to help small and rural broadband providers remove and replace telecommunications equipment manufactured by Huawei and ZTE after the agency had designated the companies as security threats. The companies deny the allegations.

Government scan

Industry report

National security watch

Global cyberspace

Cyber insecurity

Encryption wars

Daybook

Michael Jenkins, CISA’s Eric Goldstein, Deputy National Cyber Director Camille Stewart Gloster, the State Department’s Nathaniel Fick and other cyber policymakers speak at The NSA’s, CISA’sDeputy National Cyber Director, the State Department’sand other cyber policymakers speak at RSA Conference events today.

Secure log off

People who turned 18 yesterday shared their birthday with another big event:

On this day in 2005, @Microsoft released Windows XP Professional x64 Edition. pic.twitter.com/rcOnifPJJz — Today in Tech History (@DayTechHistory) April 25, 2023

Thanks for reading. See you tomorrow.

GiftOutline Gift Article