National Security Council – Page 2

US racing to address Microsoft vulnerabilities, especially for small businesses

Posted on March 22, 2021 by Shannon Vavra

The number of entities in the U.S. that remain vulnerable to the recently announced Microsoft Exchange Server software flaws is dropping, according to a National Security Council spokesperson. Overall, the number of vulnerable systems systems fell 45% last week, the National Security Council (NSC) spokesperson said in a statement, and there are now fewer than 10,000 vulnerable systems in the U.S., compared to the more than 120,000 entities that were vulnerable when the software bugs were first uncovered. The key to that apparent decrease is the fact that entities are taking advantage of a new tool Microsoft released to the public last week in an attempt to protect protect smaller organizations against hackers seeking to exploit the Exchange Server flaws, according to the NSC spokesperson. Microsoft developed the tool, the Exchange On-Premises Mitigation tool — which works in an automated way, scanning for compromises and remediating issues — in coordination with […]

The post US racing to address Microsoft vulnerabilities, especially for small businesses appeared first on CyberScoop.

Continue reading US racing to address Microsoft vulnerabilities, especially for small businesses→

Amid widespread Exchange Server attacks, Microsoft issues patch for older versions

Posted on March 9, 2021 by Shannon Vavra

Microsoft issued a patch late Monday evening for older, unsupported versions of Microsoft Exchange servers in an attempt to lessen the blow of hackers exploiting recently uncovered software flaws. Microsoft released a security update earlier this month to address the four zero-day flaws in Exchange Server email software, which suspected Chinese hackers are actively exploiting as part of an espionage operation aimed at stealing the contents of targets’ emails. But those updates only addressed Exchange Server versions 2013 to 2019. “This is intended only as a temporary measure to help you protect vulnerable machines right now,” the Exchange Team at Microsoft warned in a blog post. The best course of action would be to update to the latest version and apply the patch, the company said. System administrators should be advised that the updates for unsupported Exchange Servers only address the four zero-day flaws revealed early this month, Microsoft said. […]

The post Amid widespread Exchange Server attacks, Microsoft issues patch for older versions appeared first on CyberScoop.

Continue reading Amid widespread Exchange Server attacks, Microsoft issues patch for older versions→

Michael Sulmeyer, who held cyber posts under Trump and Obama, gets Biden White House gig

Posted on January 19, 2021 by Tim Starks

Michael Sulmeyer, a senior adviser to National Security Agency and U.S. Cyber Command leader Gen. Paul Nakasone, will take the position of senior director for cyber in the Biden White House. Sulmeyer’s selection came with no formal announcement. Instead, the transition website posted his position Monday evening. Sulmeyer is a cybersecurity veteran with broad experience, one of many to join the Biden administration. He’s also one of several whose tenures have included roles in the Trump administration. Beyond serving under Nakasone, he also served in the Obama administration at the Defense Department, where he was director for plans and operations for cyber policy. Between roles in the Trump and Obama administrations, he was director of the Belfer Center’s Cyber Security Project at the Harvard Kennedy School. He also wrote extensively for Lawfare on subjects like election security, federal cybersecurity strategy and DOD-related cybersecurity issues. In the past, the National Security […]

The post Michael Sulmeyer, who held cyber posts under Trump and Obama, gets Biden White House gig appeared first on CyberScoop.

Continue reading Michael Sulmeyer, who held cyber posts under Trump and Obama, gets Biden White House gig→

Rob Joyce named new NSA cybersecurity director

Posted on January 15, 2021 by Shannon Vavra

Rob Joyce, the National Security Agency’s special U.S. liaison officer at the U.S. Embassy in London, will replace Anne Neuberger as director in the agency’s Cybersecurity Directorate, the NSA announced Friday. The Biden transition team announced Wednesday that Neuberger will soon be joining the Biden administration as deputy national security adviser for cyber and emerging technology on the National Security Council (NSC). It was not immediately clear who would take on Joyce’s role as the NSA’s senior cryptologic representative in the U.K. Joyce has a long track record of working in cybersecurity leadership roles in the U.S. government. He previously served as senior advisor for cybersecurity strategy to the NSA director, and before that served as special assistant to the president and cybersecurity coordinator on the NSC at the White House. At the NSC Joyce was responsible for national and international cybersecurity strategy and policy for the government. His expertise in cyber-operations […]

The post Rob Joyce named new NSA cybersecurity director appeared first on CyberScoop.

Continue reading Rob Joyce named new NSA cybersecurity director→

Biden team taps NSA Cybersecurity Director Anne Neuberger for NSC

Posted on January 13, 2021 by Shannon Vavra

Anne Neuberger, the National Security Agency’s cybersecurity director, will be joining the Biden administration as deputy national security adviser for cyber and emerging technology, the Biden transition team announced Wednesday. Neuberger has been serving in her role as the director of the year-old Cybersecurity Directorate at the Pentagon’s foreign signals intelligence agency for just over a year, but she has a track record of leadership at the NSA. She has previously served as the lead on the NSA’s task force to counter Russian threats to U.S. elections, previously known as the “Russia Small Group,” as well as its chief risk officer. She has also overseen cyber-operations at the NSA during her time serving as assistant deputy director of the Operations Directorate. Neuberger’s selection could be a signal the Biden administration intends to prioritize cybersecurity issues at the NSC. The Biden transition team has already announced a whole slew of other […]

The post Biden team taps NSA Cybersecurity Director Anne Neuberger for NSC appeared first on CyberScoop.

Continue reading Biden team taps NSA Cybersecurity Director Anne Neuberger for NSC→

Biden transition fills some top cybersecurity personnel spots

Posted on January 8, 2021 by Tim Starks

The incoming Biden administration has spent the week heralding some of its cybersecurity-related personnel decisions, even as a couple key jobs remain a question mark. The Biden transition on Friday announced a slew of National Security Council picks. Among them is Caitlin Durkovich to serve as senior director for resilience and response, reflecting a similar role she once held at a Department of Homeland Security division that Congress later renamed and reorganized as the Cybersecurity and Infrastructure Security Agency. Andrea Kendall-Taylor will take the job of senior director for Russia and Central Asia, areas she worked on during a prior government stint in the intelligence community. “This outstanding team of dedicated public servants will be ready to hit the ground running on day one to address the transnational challenges facing the American people — from climate to cyber,” said Vice President-elect Kamala Harris. “They reflect the very best of our […]

The post Biden transition fills some top cybersecurity personnel spots appeared first on CyberScoop.

Continue reading Biden transition fills some top cybersecurity personnel spots→

White House to release maritime cybersecurity update

Posted on January 5, 2021 by Shannon Vavra

The National Security Council is planning to issue a cybersecurity update to the U.S. government’s national maritime security strategy Tuesday, multiple senior administration officials tell CyberScoop. The update, which administration officials first teased last September, will prompt federal agencies to develop more streamlined cybersecurity standards for organizations in the maritime transportation system (MTS), which includes seaports, vessel owners and operators and terminal operators, according to administration strategy documents obtained by CyberScoop. The update from the White House also is aimed at promoting more information-sharing on maritime cyberthreats with the private sector, streamlining the information-sharing process and prompting the U.S. government to establish maritime cybersecurity-focused workforce programs. The NSC is releasing the National Maritime Cybersecurity Plan as part of a recognition that there are gaps in U.S. maritime security, officials said. A chief concern is that disruptions to ports and shipping could send shockwaves through the U.S. economy. More directly for […]

The post White House to release maritime cybersecurity update appeared first on CyberScoop.

Continue reading White House to release maritime cybersecurity update→

White House quietly activates cyber emergency response

Posted on December 16, 2020 by Shannon Vavra

In the wake of the SolarWinds breach, the National Security Council has activated an emergency cybersecurity process that is intended to help the government plan its response and recovery efforts, according to White House officials and other sources. The activation of the process is a sign of just how seriously the Trump administration is taking the foreign espionage operation, former NSC officials told CyberScoop. The process, which is rooted in a presidential directive issued during the Obama administration known as PPD-41, establishes a Cyber Unified Coordination Group (UCG) that is intended to help the U.S. government coordinate multiple agencies’ responses to the significant hacking incident. The UCG is generally led by the Department of Justice — through the FBI and the National Cyber Investigative Joint Task Force — as well as the Office of the Director of National Intelligence and the Department of Homeland Security. “This cyberattack is the exact type […]

The post White House quietly activates cyber emergency response appeared first on CyberScoop.

Continue reading White House quietly activates cyber emergency response→

White House official, former Nunes aide Michael Ellis named NSA general counsel

Posted on November 10, 2020 by Shannon Vavra

The Pentagon’s general counsel has selected Michael Ellis, a White House official and former Republican aide on Capitol Hill who has faced accusations of politicizing intelligence, to be the National Security Agency’s next general counsel, according to a U.S. government official familiar with the matter. In recent months the White House has been repeatedly pressuring the Department of Defense’s general counsel to slate Ellis, who served as Intelligence Committee counsel to Rep. Devin Nunes, R-Calif., as the top attorney at the NSA, a person familiar with the matter told CyberScoop. The appointment of Ellis to a traditionally non-partisan role could raise questions about whether President Donald Trump is seeking to plant political allies throughout the U.S. government before his final 70 days as a “lame duck” president come to a close. The news comes at a turbulent time for the Trump administration. Trump has refused to concede the election, and in recent hours announced he had […]

The post White House official, former Nunes aide Michael Ellis named NSA general counsel appeared first on CyberScoop.

Continue reading White House official, former Nunes aide Michael Ellis named NSA general counsel→

GAO criticizes rollout of two key Trump administration cyber initiatives

Posted on September 23, 2020 by Sean Lyngaas

In September 2018, the White House announced a new federal cybersecurity strategy to make critical infrastructure more resilient to hacking, shore up supply chains and “identify, counter, disrupt, degrade and deter behavior in cyberspace.” The ambitious document, which the White House described as the United States’ “first fully articulated cyber strategy” in 15 years, aimed to reduce the occurrence of damaging cyberattacks on U.S. interests. Two years later, a review of the strategy by the Government Accountability Office, a nonpartisan congressional agency, has found key gaps in the way the White House is trying to execute that plan. In the face of persistent cyber-threats from foreign powers, the Trump administration’s effort to mobilize resources to fix important U.S. security weaknesses risks coming up short without a better plan to execute the strategy, GAO said in a report published Tuesday. The National Security Council’s implementation plan for the strategy does not include […]

The post GAO criticizes rollout of two key Trump administration cyber initiatives appeared first on CyberScoop.

Continue reading GAO criticizes rollout of two key Trump administration cyber initiatives→