Houston, we have a problem (with our satellites)

Delivered every Monday by 10 a.m., Weekly Cybersecurity examines the latest news in cybersecurity policy and politics.
Mar 25, 2024 View in browser
 
POLITICO's Weekly Cybersecurity newsletter logo

By Joseph Gedeon

— With help from Maggie Miller and John Sakellariadis 

Driving the day

Cyberattacks on satellites could cripple critical infrastructure, from navigation to finance, and lawmakers are racing to build defenses before it's too late.

HAPPY MONDAY, and welcome to MORNING CYBERSECURITY! March Madness is in full swing, and I’m not talking about Caitlin Clark being socked in the face.

Have any tips or secrets to share with MC? Or thoughts on what we should be covering? Find me on X at @JGedeon1 or email me at jgedeon@politico.com. You can also follow @POLITICOPro and @MorningCybersec on X. Full team contact info is below.

Rep. Mike Gallagher (R-Wis.), Columbia University assistant professor Erica Lonergan and the Foundation for Defense for Democracies senior director for cyber and tech innovation Mark Montgomery are gearing up to discuss the need to establish a U.S. Cyber Force. 11:30 a.m.

Cato Institute’s tech policy research fellow Jennifer Huddleston is joining the Federalist Society at Georgetown University for a chat on the future of AI regulations. 7 p.m.

Critical Infrastructure

BEAM ME UP, SCOTTY — While Russia's reported push to put an anti-satellite nuclear weapon in orbit is rattling U.S. lawmakers, there's a more immediate threat to satellites that could wreak havoc with far less effort: cyberattacks.

As Maggie writes this morning, that concern is increasingly mobilizing the White House and Capitol Hill to take action to counter the digital threats in space, particularly as satellites play a growing role in the conflict in Ukraine.

Sen. Mike Rounds (R-S.D.), top Republican on the Senate Armed Services cyber subcommittee, says for those tracking national cybersecurity risks, "space is at the top of the list" of danger zones. And he's not alone in his cosmic concerns.

With satellites playing an increasingly crucial role (just look at their importance in the Ukraine war), intentional disruptions could ripple through navigation systems, communications, commerce transactions and even screw up our clocks, warns Frank Cilluffo, chief of Auburn University's cyber and infrastructure institute.

— Not waiting around: Federal agencies and lawmakers are racing to get ahead of the emerging extraterrestrial cyber threat. CISA plans this year to study whether new security requirements are needed for space assets and bolster its incident response capabilities, according to an agency spokesperson.

It also plans to strengthen its ability to support U.S. critical infrastructure organizations that rely on space-based capabilities if such a cyberattack were to occur.

“Space infrastructure plays a vital role in the reliable and efficient operations of much of our nation’s critical infrastructure,” CISA Executive Director Brandon Wales said in a statement.

On Capitol Hill, Senate Homeland Security Committee Chair Gary Peters (D-Mich.) and Sen. John Cornyn (R-Texas) last year introduced legislation to increase the cybersecurity of satellites. The legislation would require CISA to develop online cybersecurity resources for companies that rely on satellites, and require the White House to roll out a federal strategy to counter cyber threats to satellite systems.

The cosmos-conscious bill cleared committee last May but hasn't received a floor vote yet. A Peters aide said the chair is "exploring all potential paths forward for the bill" to get the measure over the celestial finish line.

Read more from Maggie here.

Want to receive this newsletter every weekday? Subscribe to POLITICO Pro. You’ll also receive daily policy news and other intelligence you need to act on the day’s biggest stories.

On the Hill

MC EXCLUSIVE — The massive Change Healthcare ransomware attack that disrupted medical claims processing for millions of Americans has prompted Peters to demand federal agencies dramatically strengthen cybersecurity measures for the health care industry.

In a Saturday night letter to Health and Human Services Secretary Xavier Becerra and CISA Director Jen Easterly, obtained by Morning Cyber, Peters calls for expanded cybersecurity guidance, aggressive public outreach efforts and enforceable standards to compel health care providers to rapidly improve their cyber defenses.

"Not only is this cyberattack impacting Americans domestically, but it has also disrupted access to health care on American military bases worldwide," Peters wrote, adding, “It is absolutely critical that HHS prioritize measuring the implementation of its goals and publish minimum cybersecurity requirements.”

— Putting the pressure: Peters wants to see HHS publish enforceable minimum cyber standards for health care, potentially tied to Centers for Medicare & Medicaid Services requirements, to support facilities most at risk of attack. He's also pushing for a coordinated public outreach campaign from HHS and CISA on cyber threats like ransomware.

This comes days after Sens. Bill Cassidy (R-La.) and Tommy Tuberville (R-Ala.) wrote a letter to Becerra urging the department to provide more information to Congress about its response to the hack by April 3 — and criticize it for not being more forthcoming already.

— Crystal ball: Peters already raised similar concerns about health sector cyber risks at a HSGAC hearing last March and sponsored legislation requiring critical groups like hospitals to report major hacks and ransom payments.

— What’s next: Peters is seeking details from the agencies on several fronts, including:

  1. HHS' prevention plans after the Change Healthcare incident
  2. How HHS is measuring adoption of its sector cyber goals
  3. Assistance offered to impacted entities
  4. Threat info sharing between CISA and HHS
  5. CISA's outreach to health care groups on the attack

But that’s not all ...
FIRST IN MC — The top Republican on the Senate Health, Education, Labor, and Pensions committee is ripping HHS after hackers are said to have stolen $7.5 million from the agency's grant system — and he says HHS failed to notify Congress about the breach.

In a letter to Becerra, Cassidy questioned the agency's cybersecurity readiness and knocked its "lack of transparency" around the incident, which wasn't publicly disclosed and affected programs serving vulnerable populations.

Cassidy wants details on when HHS learned of the breach, what security protocols failed, how many grantees were impacted and why the legally required notification to Congress never came.

The Louisiana senator argues the cyberattack, coupled with HHS' muddled response to other recent hacking threats disrupting health care access, "undermines the public trust" in the government's ability to protect patient data and taxpayer funds.

Cassidy is giving HHS until April 5 to respond.

At the Agencies

IT’S A SHRUG FROM CHINA — There has been no major decrease in efforts by prolific Chinese government group Volt Typhoon to target and hack into U.S. critical infrastructure groups despite extensive efforts by the Biden administration to call them out, according to one of the nation’s top cyber officials.

“We have not seen significant changes to activity after the announcements that have been made,” CISA Director Jen Easterly told Maggie during a recent interview for an episode of the POLITICO Tech podcast released today. “We are still seeing potential evidence of this activity, or actual evidence of this activity out there, which just says to me that these actors are very aggressive, they are very intent.”

Easterly’s comments came weeks after she appeared before the House Select Committee on China alongside other administration leaders to warn of threats from Volt Typhoon, which she said was poised for a “cyber invasion” of U.S. networks. A later advisory from CISA and a plethora of other domestic and foreign agencies warned that Volt Typhoon has been present in some U.S. networks for “at least” the last five years.

— Standing at attention: The good news? Easterly said the U.S. private sector has massively stepped up in working with CISA to root out these intrusions.

“It's been pretty extraordinary to see the engagement and not just from the big companies, but working with some of these smaller entities that are still critical infrastructure,” Easterly said. “The water facilities, the hospitals, the schools, the local election offices, working with them to help them do some very basic things.”

Listen to the full interview between Easterly and Maggie on the Politico Tech podcast here.

The International Scene

ARE YOU WATCHING YOUR COMMENTS? — An Israeli watchdog's report uncovering a pro-Israel online influence campaign that flooded U.S. lawmakers with coordinated comments is sparking concerns about foreign disinformation efforts – and revealing how some politicians were seemingly unaware they were being targeted.

— Background: The Fake Reporter group's investigation, first reported last week by Haaretz (and published in English on Sunday), uncovered a network of hundreds of fake social media profiles leaving reams of comments on the posts of more than 40 members of Congress.

At its peak, the operation used around 600 profiles and unleashed more than 1,000 coordinated comments per week in support of Israel while slamming Palestinian rights groups and dismissing claims of Israeli human rights abuses. Fake Reporter said it's unclear who organized the campaign.

— Lawmakers missed it: Morning Cyber reached out to more than a dozen of the lawmakers targeted by the campaign. The office of staunchly pro-Israel lawmaker Rep. Ritchie Torres (D-N.Y.), who was comment-bombed the most over the last few months at 187 instances, said it didn’t notice the targeting.

“Our office was not previously aware, and we have no control over the comment sections of our official government account’s posts,” said Torres’ communication director, Benny Stanislawski.

Rep. Cori Bush’s (D-Mo.) office was also flagged with 103 hits and tells MC it was similarly “not aware.”

Fake Reporter said this raises questions about whether lawmakers truly understand the threats of campaigns for online manipulation.

"I’m sorry to say but politicians that don’t check their response to public opinion is … weird,” Achiya Schatz, FakeReporter's executive director, told us. “But it’s the ecosystem around them that is really important to whoever is trying to influence the discourse,” referring to those who are reading the comments.

— Not at all going away: The report underscores escalating concerns about online influence operations muddying political discourse worldwide, including around major elections.

Just last week, the U.S. imposed sanctions on two Russian operatives accused of bankrolling websites pushing Kremlin disinformation about the war in Ukraine.

And one of the largest disinformation networks ever was uncovered this year by the German foreign ministry, which found Russia had been deploying 50,000 bots on X that questioned Berlin’s support for Ukraine — a campaign the ministry says was notably more sophisticated than past operations.

Industry Intel

ELEVATION STATION — In order for the Pentagon to better prioritize cybersecurity and defend the nation against rising threats, it must establish a Cyber Force as a new armed service at the level of the Army or Navy, a report released Monday by the Foundation for Defense of Democracies argues.

The report, based on interviews with more than 75 U.S. military officers with cyber expertise, finds there is an “inefficient division of labor between the Army, Navy, Air Force, and Marine Corps,” which in turn hinders the ability to train cyber forces for each of these components. In addition, recruitment for Defense Department cyber positions is hurt by a lack of prioritization for cyber operations.

In order to combat these and other issues, the Pentagon should establish a Cyber Force of around 10,000 personnel that could grow over time.

“America’s cyber force generation system is clearly broken,” the report reads. “Fixing it demands nothing less than the establishment of an independent cyber service.”

— Thoughts, concerns: The idea of creating a Cyber Force is not new, and has been hotly debated on Capitol Hill in recent years. A clause to require an independent assessment of whether the Pentagon should stand up this new armed service was cut from the 2024 National Defense Authorization Act prior to final passage.

The report will be discussed during an event this morning hosted by FDD featuring comments from Rep. Mike Gallagher (R-Wis.). Gallagher — who currently chairs both the House Select Committee on China and the House Armed Services Committee’s cyber subcommittee — announced late last week that he intends to retire early from Congress on April 19, leaving a hole in congressional cyber leadership.

Tweet of the Weekend

It looks like Washington’s meme game isn’t going anywhere

Source:https://x.com/cybercom_dirnsa/status/1771261129341161599?s=46&t=7qgObawVR3sD59eITHivyA

Quick Bytes

UK POLITICIANS HIT — A group of British politicians who are members of the Inter-Parliamentary Alliance on China have been targeted by Chinese cyberattacks and will tell Parliament about it today, according to Caroline Wheeler, Harry Yorke and Dipesh Gadher for the Sunday Times. Some of these politicians, including Iain Duncan Smith and Tim Loughton, were previously sanctioned by Beijing in 2021 after IPAC highlighted China's human rights violations.

DISCOUNT DISASTER — Giant Tiger, a Canadian discount store chain, experienced a data breach through a third-party vendor and is investigating what customer information was leaked, writes Jesse Huot for CTV News.

ICYMI — UnitedHealth will begin processing a backlog of medical claims exceeding $14 billion after a cyberattack disrupted services last month. (Reuters)

Chat soon. 

Stay in touch with the whole team: Joseph Gedeon (jgedeon@politico.com); John Sakellariadis (jsakellariadis@politico.com); Maggie Miller (mmiller@politico.com); and Heidi Vogt (hvogt@politico.com).

 

Follow us on Twitter

Heidi Vogt @HeidiVogt

Maggie Miller @magmill95

John Sakellariadis @johnnysaks130

Joseph Gedeon @JGedeon1

 

Follow us

Follow us on Facebook Follow us on Twitter Follow us on Instagram Listen on Apple Podcast
 

To change your alert settings, please log in at https://login.politico.com/?redirect=https%3A%2F%2Fwww.politico.com/settings

This email was sent to salenamartine360.news1@blogger.com by: POLITICO, LLC 1000 Wilson Blvd. Arlington, VA, 22209, USA

Unsubscribe | Privacy Policy | Terms of Service

Post a Comment

Previous Post Next Post