Government’s finally getting its own cybersecurity in order
posted on
May 20, 2022 12:00PM
Record total revenue of $15.8 million in Q1 2023
Below: All eyes are on the trial of a cybersecurity lawyer in a key case for former president Donald Trump’s claims the FBI unfairly targeted him, and another service was sharing data that might identify women who’ve had abortions.
The federal government’s top cyber agency is finally getting the tools it needs to spot and thwart hacking threats in real time.
During the past year, the Cybersecurity and Infrastructure Security Agency (CISA) has deployed or updated a suite of monitoring tools that — essentially for the first time ever — give the agency broad visibility into hacking threats across most of the civilian government.
CISA says it has also expanded its authority to force agencies to fix digital vulnerabilities before hackers from Russia and elsewhere can exploit them.
“This really is the first time that CISA and federal agencies have had this level of visibility and we’re really excited for how we can use it both operationally and … in understanding and measuring federal cybersecurity risk,” Eric Goldstein, CISA’s executive assistant director for cybersecurity told lawmakers during a hearing yesterday.
The hearing of the House Homeland Security Committee’s cyber panel was tied to the first anniversary of an executive order from President Biden that jump-started a lot of the advances.
The upgrades mark a significant turning point for the federal government, which has always struggled with cybersecurity even as it’s a prime target for some of the world’s most sophisticated hackers backed by Moscow and Beijing.
The developments have been in the works — in some form or other — for years. But they got a major kick in the pants about 18 months ago when the government was caught flat-footed by the massive Russian espionage hack dubbed SolarWinds, which compromised reams of data from numerous federal agencies.
Here are the details:
That’s a huge advance from about half a decade ago when CISA’s predecessor agency had limited insight into the most dangerous bugs targeting government agencies and lacked the authority to force them to protect against bugs it knew about.
But there’s anxiety the fixes might not keep pace with the mounting cyberthreat — or that government agencies will grow less focused on cyber protections if the threats are out of the news for a while.
The government has made previous sprints to improve its cybersecurity but still remained behind the curve — most notably after discovering a mammoth 2015 breach at the Office of Personnel Management that compromised the personal information of more than 20 million current and former federal employees.
“We must ensure that we don’t lose focus and momentum this time,” Rep. Yvette D. Clarke (D-N.Y.), chair of the Homeland Security Committee’s cyber panel said during yesterday’s hearing.
There are also big cyber challenges that are unique to government.
The case is a major test for a Trump-era investigation focused on whether the FBI unfairly investigated Trump’s 2016 campaign over alleged Russian connections. It’s the first case brought by special counsel John Durham as part of that investigation that's gone to trial.
Details: Prosecutors say cybersecurity lawyer Michael Sussmann told the FBI that he wasn’t working for a particular client when he brought agents computer data showing potential communications between Trump’s company and a Russian bank. The FBI decided that the data wasn’t suspicious, but prosecutors have accused Sussmann of lying by not telling them he was working for Hillary Clinton’s presidential campaign and tech executive Rodney Joffe, Devlin Barrett reports.
“Sussmann has denied the charge,” Devlin writes. “His lawyers insist he never meant to mislead the FBI. And they say a lie about who his clients were would be irrelevant because the FBI already knew he worked for Democrats.”
Lawyers gave opening statements in the case yesterday. The trial is scheduled to last two weeks.
Another vendor is selling data that’s raising alarms about tracking women who have abortions
Privacy advocates fear that such data could be used to track or identify people seeking abortions. (Montinique Monroe/Getty Images)
The data marketplace Narrative sells lists that could identify mobile devices that have installed popular apps for tracking periods, Motherboard’s Joseph Cox reports. That data – though it's anonymized – could be combined with other data to help law enforcement agencies identify the apps’ users if abortion becomes illegal in some circumstances.
Context: Apps and services that cull such data are raising alarms in the wake of reports that the Supreme Court could be prepared to strike down Roe v. Wade, clearing the way for some states to make abortions illegal.
“Narrative isn’t the company that harvests this data from mobile phones,” Cox writes. “Narrative instead acts as a middleman and makes buying access to data much easier and relies on ‘providers’ that source the information.”
Narrative took down data from the Planned Parenthood Direct app, which lets people order birth control, and period tracking apps after Motherboard contacted it.
“No menstruation or pregnancy tracking app install data has ever been purchased through Narrative’s platform before,” the company told Motherboard. “However, in light of potential forthcoming changes to laws regarding women’s reproductive rights, we have updated our policy to remove those data sets from the Marketplace to prevent any potential misuse of the data.”
The company's terms of service prohibit its clients from using its data for surveillance, investigations or tracking the subjects of its data, Marketplace told Motherboard.
The House could vote on two cybersecurity bills as soon as today, the Record’s Martin Matishak reports.
Another seeks to get the federal government to distribute grant money to schools for cybersecurity education.
It’s already been a busy week for cybersecurity legislation on Capitol Hill.