Politics The Cybersecurity 202: Investigations into Russian, North Korean hackers are shaping Biden's foreign policy
Hillicon Valley: Krebs is back on Capitol Hill | Cybersecurity as 'preeminent threat' | News on data privacy and voter security
Welcome to Hillicon Valley, The Hill's newsletter detailing all you need to know about the tech and cyber news from Capitol Hill to Silicon Valley. If you don't already, be sure to sign up for our newsletter by clicking HERE. Follow our cyber reporter, Maggie Miller (@magmill95), and tech team, Chris Mills Rodrigo (@chrisismills) and Rebecca Klar (@rebeccaklar_), for more coverage.Cybersecurity was in the spotlight on Capitol Hill today as Christopher Krebs returned to testify to the House Homeland Security Committee on cyber threats. Ahead of the hearing, The Hill spoke with two key committee leaders about their cyber priorities.
with Aaron Schaffer
The Biden administration is plunging ahead in a pair of high-profile cybersecurity investigations into North Korean and Russian hackers, shedding light on how it plans to crack down on foreign hackers after the Trump administration downplayed the issue in the 2016 election and its aftermath.
The Biden administration yesterday elaborated on its into a massive Russian hack of at least nine government agencies and about 100 companies tied to the SolarWinds breach.
The White House is focused on “working to expel the adversary, we are working to build those networks and improve the cybersecurity of federal networks, and we're also carefully thinking through how we respond,” Anne Neuberger, national security adviser for cyber and emerging technology, told reporters in her first White House briefing.
North Korea Fast Facts
Read CNN's North Korea Fast Facts to learn about the history, population and geography of the Democratic People's Republic of Korea (DPRK).Here's some background information about the Democratic People's Republic of Korea (DPRK), also called North Korea. It borders China, Russia and South Korea.
The Russia probe response includes plans for an executive order to address security gaps raised by the investigation, she announced.
“Because of the sophistication it's taking layer by layer, but we're working at the same pace to ensure we lock down networks and really think through how to ensure this doesn't happen again in the future,” Neuberger said.`
The Biden administration has not laid out any specific plans for retaliation against Russia, but Neuberger says the conversations are underway. Biden last month denounced Russian hackers with Russian President Vladimir Putin and has promised to weigh Russian hacking alongside other aggressions in his Russia policy.
The investigation into the massive Russian hack and recovery efforts will take months.
The U.S. government is not ruling out the possibility of additional breaches being uncovered or that hackers may have had motives beyond espionage.
North Korean hackers targeted Pfizer coronavirus vaccine: report
North Korean hackers were recently involved in targeting and attempting to steal information on Pfizer's COVID-19 vaccine, The Washington Post reported Tuesday. The newspaper reported that South Korea's National Intelligence Service informed South Korean lawmakers of the threat during a closed-door briefing earlier this week.According to the Post, Ha Tae-keung, a lawmaker and member of the committee briefed on the issue, said the alleged hackers went after the COVID-19 vaccine and other Pfizer technology developed around the pandemic. He noted that South Korea had seen a 32 percent spike over the past year in cyberattacks from North Korea.
“When there is a compromise of this scope and scale, both across government and across the U.S. technology sector, to lead to follow-on intrusions, it is more than a single incident of espionage,” Neuberger said. “It’s fundamentally of concern for the ability for this to become disruptive.”
Russia also got a rebuke in new charges against North Korean hackers.
The Justice Department is charging two additional hackers and adding more than $1.3 billion in attempted financial crimes to against North Korean hackers for the Sony Pictures hack, .
Officials say the indicted hackers worked at times out of both Russia and China, which are known to harbor cybercriminals from prosecution. North Korean hackers also used Chinese cryptocurrency traders and criminal networks to launder funds.
DOJ charges North Korean hackers with stealing $1.3 billion in cryptocurrency
The Justice Department (DOJ) announced charges Wednesday against three North Korean individuals for allegedly stealing $1.3 billion in cash and cryptocurrency from U.S. groups and conducting a series of cyberattacks, including the 2014 Sony Pictures hack. The indictment charges three North Korean nationals - Jon Chang Hyok, Kim Il and Park Jin Hyok - as engaging in cyberattacks against the U.S. as part of the Reconnaissance General Bureau, North Korea's military intelligence agency. The group, also known as "Lazarus," was sanctioned by the Treasury Department in 2019 for targeting U.S. critical infrastructure.
“The time is beyond ripe for Russia and China, as well as any other country whose entities or nationals play a role in the DPRK revenue generation to take action,” said John C. Demers, assistant attorney general for national security.
North Korea's cyberattacks will shape the president's policy toward North Korea.
The country's history of hacking the United States and its allies is something the State Department is “carefully evaluating,” spokesperson Ned Price told reporters yesterday.
“We know from previous cases … that North Korea poses a significant cyber threat to financial institutions. It remains a cyber espionage threat. It retains the ability to conduct disruptive cyberattacks, and several of those cases in the past are quite high-profile and prominent,” Price said.
Indicting hackers is a first step toward setting international hacking red lines for adversaries.
While it's unlikely that the Justice Department will be able to actually bring the North Korean hackers to trial, law enforcement says the indictments are important to helping international partners with their investigations and attributing activity to North Korea.
'Criminal syndicate with a flag': North Korean intel operatives charged in hacking campaign
Feds say North Korean hackers are part of a 'criminal syndicate with a flag' in unsealed indictment.The U.S. case, targeting members of North Korea's military intelligence unit known as the Reconnaissance General Bureau, represents a broad expansion of an investigation initially made public more than two years ago, involving the 2014 cyberattack against Sony Pictures and AMC Theaters in retaliation for the movie “The Interview,” which depicted a fictional assassination of the North Korean leader.
They're also a warning shot to adversaries.
The investigations are framed “with a view of creating norms for nation state behavior in cyberspace and then encouraging those countries that are breaking those norms to follow them" as well as "warning other countries who may be thinking of engaging in that kind of behavior that we will catch them out and call them out,” Demers said.
The investigation into Russian and the North Korean indictments come amid a push by lawmakers to systemize the State Department'sin making cyber policy through diplomacy.
“The hackers indicted today may not be in custody yet, but our reach is long, time is on our side and their world just got a whole lot smaller,” said Rep. Jim Langevin (D-R.I.), chairman of the House Armed Services Committee’s subcommittee on cyber, innovative technologies, and information systems and a member of the Cyberspace Solarium Commission.
“I look forward to working with the Biden administration to ratchet up the pressure on Kim Jong Un and his enablers in China and Russia to stop these campaigns,” he said, adding a push for Congress to pass legislation to codify the role of the State Department in cyberspace diplomacy.
A top senator is pressing federal authorities for answers on a Florida water treatment plant hack.
Senate Intelligence Committee Chairman Mark R. Warner (D-Va.) the FBI and Environmental Protection Agency (EPA) for answers about a cyberattack on a Florida water treatment plant.
Joe Biden North Korea Review Will Consider 'Malicious' Cyber Activity As Hackers Charged
Three North Korean hackers were charged Wednesday over a plot to steal $1.3 billion in crypto and traditional currencies from banks and individuals.Price said North Korean cyber activities pose a significant threat to the U.S. and its allies, and said the administration was "carefully evaluating and looking at" the problem.
Warner wants the EPA to review whether the Oldsmar plant was compliant with federal water security plans — and whether that plan, which was updated in 2015, should be updated. He also wants confirmation that the U.S. government is sharing information on threats to water and critical infrastructure providers.
The hack received congressional attention after a Florida sheriff that the hacker tried to poison the water supply by increasing the supply of lye. At the time, Sen. Marco Rubio (R-Fla.) that it “should be treated as a matter of national security,” while Rep. Jim Langevin (D-R.I.) the hack is “the type of activity that keeps me up at night.”
Civil rights groups want Biden to oppose facial recognition technology.
They want the Biden administration to freeze federal use of the technology and block funds from being used by local governments to buy or access AI tools, Drew Harwell .
The push by the nearly 50 groups, including Amnesty International, the Electronic Frontier Foundation and Freedom House, is an attempt to persuade Washington’s Democratic-controlled government, which could be more receptive to their arguments than the previous administration.
“Even if the technology worked perfectly, it would facilitate the mass tracking of each person’s movements in public space — something intolerable in a free and open society,” the letter states. “We cannot allow its normalization.” The White House did not respond to requests for comment.
Detained Americans Fast Facts
Read CNN's Fast Facts about recent cases of foreign governments detaining US citizens. For information about missing Americans, see Robert Levinson Fast Facts or POW/MIA in Iraq and Afghanistan Fast Facts. © CNN Kenneth Bae spoke to CNN's Will Ripley on September 1, 2014. Currently Detained AmericansChina Kai Li September 2016 - Kai Li, a naturalised US citizen born in China, is detained while visiting relatives in Shanghai.July 2018 - He is sentenced to ten years in prison for espionage following a secret trial held in August 2017.
Research has shown that facial recognition is less effective on people with darker skin and has led to false arrests. Law enforcement officials, who say the tool is useful for fighting crime, have pushed back against local and federal proposals to ban the technology.
A faulty coronavirus tracking app exposed the sensitive documents of travelers to Jamaica.
The app, which was designed so that travelers could submit negative coronavirus test results before traveling to the island nation, stored the files on the Internet without a password, TechCrunch’s Zack Whittaker . The breach includes more than 425,000 immigration documents and more than 440,000 images of traveler signatures. Americans were among the victims.
The data is now secure. It is not clear when the documents were first uploaded to the exposed Amazon Web Services server, but documents dating back to June 2020, when the country tourists, were found on it.
- David Mussington, a cyber policy professor at the University of Maryland, has been appointed as a senior adviser at the Cybersecurity and Infrastructure Security Agency, he on LinkedIn.
- New Biden administration include Melanie Hart, a former Center for American Progress senior fellow tasked with examining some Huawei policies at the State Department; and Elizabeth Rosenberg, a former senior fellow at the Center for a New American Security who has called for strengthening supply chain measures.
- Van Scoyoc Associates has registered to lobby for the Bank Policy Institute, which represents the country's biggest banks. Albert Kammler and Norma Krayem on cybersecurity, intelligence and national security issues.
- Brandon Wales, the acting director of the Cybersecurity and Infrastructure Security Agency, at an event hosted by the Business Council for International Understanding today at 10 a.m.
- Georgia secretary of state Brad Raffensperger at a webinar on the future of secure and transparent elections today at 10 a.m. The event is hosted by MITRE’s Center for Data-Driven Policy and the Center for Securing the Homeland.
- Cybersecurity executives at a virtual conference hosted by Cobalt today at 11 a.m.
- NextGov a supply chain security event today at 1 p.m.
- AFCEA a webinar on Defense Industrial Base cybersecurity standards on Friday at noon.
- National Cyber Security Alliance executive director Kelvin Coleman at an event hosted by the Institute for Gulf Affairs that will focus on Gulf countries’ social media and technological repression. The event begins at 10 a.m. on Feb. 22.
- Microsoft President Brad Smith and former Google CEO Eric Schmidt at a Senate Armed Services Committee hearing on emerging technology on Feb. 23 at 9:30 a.m.
- Former DARPA director Victoria Coleman, former acting deputy defense secretary Christine Fox and American Enterprise Institute resident fellow Klon Kitchen testify at a House Armed Services Committee cyber panel on Feb. 23 at 11 a.m.
Cybersecurity reporter Patrick Howell O'Neill and researcher Kevin Beaumont had this thought-provoking exchange on cybersecurity in response to a comment made by an official during the press call on the North Korean indictments:
Secure log off
Fact check: Breaking down Joe Biden's first month of claims .
President Joe Biden was more consistently factual in his first month in office than his predecessor ever was in office. But Biden was not perfect.President Joe Biden was more consistently factual in his first month in office than his predecessor ever was in office. But Biden was not perfect himself.