Category Archives: U.S. Cyber Command

NSA’s Joyce outlines how U.S. can disrupt and deter foreign hacking

Posted on by

The United States will do more to disrupt the malicious cyber-activity that foreign adversaries are aggressively using to advance their interests, a National Security Agency official said Thursday. “We have to impose costs in a visible way to start deterrence,” said Rob Joyce, senior cybersecurity adviser at NSA. “We have to go out and try to make those operations less successful and harder to do.” Speaking to an industry association in Hanover, Maryland, Joyce cited the 2017 WannaCry and NotPetya malware outbreaks — and Russia’s use of information operations in the 2016 U.S. election — as examples of nation-states moving from “exploitation to disruption” to impose their will in cyberspace. Washington has blamed North Korea and Russia, respectively, for the devastating WannaCry and NotPetya attacks, which cost billions of dollars in economic damage. Some foreign governments have less legal constraints on their activities in cyberspace than the U.S., Joyce told a local […]

The post NSA’s Joyce outlines how U.S. can disrupt and deter foreign hacking appeared first on CyberScoop.

Continue reading NSA’s Joyce outlines how U.S. can disrupt and deter foreign hacking

Senators ask Trump administration how badly shutdown hurt federal cybersecurity

Posted on by

After former U.S. officials raised concerns that the longest government shutdown in history had weakened federal cybersecurity, lawmakers are asking the Trump administration how bad the damage is. “We are concerned that these circumstances have left our government and citizens vulnerable to cyberattacks,” five Democratic senators wrote in a letter Tuesday to Homeland Security Secretary Kirstjen Nielsen and Gen. Paul Nakasone, head of the National Security Agency and U.S. Cyber Command. The senators – Minnesota’s Amy Klobuchar, Massachusetts’ Ed Markey, New Mexico’s Tom Udall, Nevada’s Catherine Cortez Masto, and New Jersey’s Cory Booker – want to know how agencies are preparing to harden their networks for a future shutdown, citing past experience as a cautionary tale. During the 2013 government shutdown, the senators wrote, Chinese hackers compromised the Federal Election Commission’s computer network, crashing sensitive computer systems that disclose billions of dollars in spending each election cycle. “Shutdowns have severe […]

The post Senators ask Trump administration how badly shutdown hurt federal cybersecurity appeared first on CyberScoop.

Continue reading Senators ask Trump administration how badly shutdown hurt federal cybersecurity

Ex-NSA chief welcomes more U.S. offensive operations in cyberspace

Posted on by

Former National Security Agency director Michael Rogers has welcomed the Trump administration’s willingness to use cyber-operations to deter foreign adversaries, adding that the United States’ previous reluctance to do so was counterproductive. “My argument when I was [in government was]: “We want to keep the full range of options and capabilities available,” Rogers said Tuesday at the Center for Strategic and International Studies. “One of the things that frustrated me at times was: Why are we taking one element just straight off the table?” said Rogers, who left the administration in May for the private sector. “I just thought, boy, if you’re in Moscow or Beijing, you are loving this approach to life because it doesn’t really change your risk calculus,” Rogers added. While NSA director from 2014 to 2018, he also led U.S. Cyber Command. Presidential Policy Directive 20, which then-President Barack Obama signed in 2012, had installed an intricate inter-agency legal […]

The post Ex-NSA chief welcomes more U.S. offensive operations in cyberspace appeared first on Cyberscoop.

Continue reading Ex-NSA chief welcomes more U.S. offensive operations in cyberspace

Bolton confirms offensive cyber-operations conducted to protect midterms

Posted on by

Days before the midterm elections, the United States is undertaking offensive cyber-operations to protect against foreign interference, White House national security adviser John Bolton said Wednesday. “We are right now undertaking offensive cyber-operations in connection with defending the integrity of our electoral process,” Bolton said at an event hosted by the Alexander Hamilton Society. Bolton said it was “too soon to tell,” whether the offensive was affecting adversary behavior, but added that he expects attackers to realize a distinct uptick from how the previous administration conducted cyber-operations. The operations were first made public and described by a New York Times story last month. According to the story, U.S. Cyber Command operators have sent direct messages to those who are conducting influence campaigns aimed at sowing discord in American society for the midterm elections. The Department of Justice last month charged a Russian national for her alleged role in a Russian conspiracy […]

The post Bolton confirms offensive cyber-operations conducted to protect midterms appeared first on Cyberscoop.

Continue reading Bolton confirms offensive cyber-operations conducted to protect midterms

PPD-20 elimination opens arguments over how U.S. should conduct offensive hacking operations

Posted on by

President Donald Trump has rescinded a key policy directive that governs the approval process for cyberattacks conducted by the U.S. government, potentially opening the door to more offensive operations, an administration official familiar with the matter confirmed to CyberScoop. Presidential Policy Directive 20, which then-President Barack Obama signed in 2012, had installed an intricate inter-agency legal and policy process for green-lighting cyberattacks. Critics of the process said it unnecessarily delayed offensive operations, while advocates called it an important mechanism for accounting for all of the potential repercussions of a cyberattack. Trump’s reversal of the memorandum is in keeping with his administration’s efforts to enable military commanders to more freely conduct cyber operations against adversaries such as nation-states and terrorists. While critics warn of the pitfalls of loosening restrictions on hacking operations, the policy shift answers a call from lawmakers for the government to be more willing to go on the […]

The post PPD-20 elimination opens arguments over how U.S. should conduct offensive hacking operations appeared first on Cyberscoop.

Continue reading PPD-20 elimination opens arguments over how U.S. should conduct offensive hacking operations

NSA chief confirms he set up task force to counter Russian hackers

Posted on by

The head of the National Security Agency and U.S. Cyber Command confirmed over the weekend that he has set up a task force to counter Russian cyberthreats to the United States. Describing Russia as a “near-peer threat” in cyberspace that has “great capabilities,”Gen. Paul Nakasone said the task force is “in line with what the intelligence community has really been doing since post-2016/2017.” Speaking at a conference in Aspen, Colo., Nakasone didn’t elaborate on the activities or composition of the so-called “Russia Small Group,” but he did allude to the challenges of responding proportionally to foreign cyber operations that do not amount to acts of war. U.S. intelligence agencies concluded in a report in January 2017 that hackers linked with the Russian government meddled in the 2016 U.S. presidential election by breaching multiple political organizations. “What we’ve seen our adversaries do over a period of years is the fact that they operate […]

The post NSA chief confirms he set up task force to counter Russian hackers appeared first on Cyberscoop.

Continue reading NSA chief confirms he set up task force to counter Russian hackers

As the military’s cyber units change guard, a battle over control rages on

Posted on by

During a time of rapid change for the U.S. military’s top cyberwarfare teams, the current version of the 2019 defense bill is challenging the president’s ability to exert his authority with regards to those units. The White House is protesting a series of measures in the newly Senate-approved 2019 National Defense Authorization Act that seek to legislate how and when President Donald Trump can direct generals to launch cyberattacks. That effort comes while the U.S. Air Force, Navy, Army and Marines welcome new leaders to take charge of their respective cyber forces. Hanging in the balance is how the U.S. operates in cyberspace, which most developed countries now define the fifth domain of warfare, adding to land, air, sea and space. Amendments introduced in the NDAA would require the executive branch to develop and adhere to a cyberwarfare strategy document that draws lines around what types of malicious foreign activity should result in […]

The post As the military’s cyber units change guard, a battle over control rages on appeared first on Cyberscoop.

Continue reading As the military’s cyber units change guard, a battle over control rages on

Private sector warms to U.S. Cyber Command carrying out ‘hack backs’

Posted on by

The U.S. government should decide how to retaliate against the worst attacks on the country’s private sector, and when appropriate, the military’s hacking unit should hit back, three experts said Monday. The controversial idea entails taking the fight to nefarious actors by attacking their computer network in-kind, probing for exfiltrated data and employing measures to retrieve or destroy stolen information. The three individuals, with experience in the private sector, intelligence community and military, spoke at a panel organized by APCO. They concurred that if companies feel compelled to hack back, they should delegate any potential response to the government. If retaliation is warranted, U.S. Cyber Command should carry it out. “I think if it’s going to happen, it’s best in the hands of the government,” said Sean Weppner, chief strategy officer at NISOS Group and a former DOD cyber officer. No company has the intelligence, offensive tools and contextual understanding of the […]

The post Private sector warms to U.S. Cyber Command carrying out ‘hack backs’ appeared first on Cyberscoop.

Continue reading Private sector warms to U.S. Cyber Command carrying out ‘hack backs’

US Lawmakers Propose ‘Hack Back’ Law to Allow Cyber Retaliation Without Permission of Third-Party Country

Posted on by

US legislators are proposing new legislation that would empower US cyber defenses to hack back at cyber aggressors, even if they’re using a third-party country’s infrastructure, without the explicit consent of the respective country. The Na… Continue reading US Lawmakers Propose ‘Hack Back’ Law to Allow Cyber Retaliation Without Permission of Third-Party Country

NDAA pushes U.S. Cyber Command to be more aggressive

Posted on by

By the Senate Armed Service Committee’s estimation, the United States has held back in cyberspace. The committee is angling to change that with the latest National Defense Authorization Act, proposing to free up the military on the front lines of cyber conflict, create a new strategic cyber entity and respond to Russian aggressions in-kind. The bill’s authors wrote that lawmakers have long-standing concerns about the lack of an effective U.S. strategy to deter and counter cyber threats. To counter foreign state actors bent on stealing, striking, spying or disrupting in cyberspace, the bill suggests boosting resilience, increasing attribution capabilities, emphasizing defense and enhancing the country’s ability to respond to attacks. “We’re letting episodes define strategy. It should be the other way around, where we clearly articulate our cyber deterrence strategy and rules of engagement,” said Frank Cilluffo, director of George Washington University’s Center for Cyber and Homeland Security. By offering […]

The post NDAA pushes U.S. Cyber Command to be more aggressive appeared first on Cyberscoop.

Continue reading NDAA pushes U.S. Cyber Command to be more aggressive