Friday Brief for 10 December 2021
What I saw in CA; Stuff I hope we're doing; & Google and Microsoft get offensive
Cryptomining — the process of validating a cryptocurrency transaction.
What I saw in California
What’s New: I spent the last four days in Los Angeles and San Francisco, CA meeting with engineers, founders/executives, and venture capitalists to get their perspectives on all things tech and foreign policy.
Why This Matters: I’m encouraged by the growing consensus concerning China, national defense, and the need for deliberate efforts to ensure American prosperity and security.
Pre-COVID, I would visit “The Valley” about once a quarter. It provides a way for me to stay current on what’s happening in the tech and start-up world and to tend relationships.
This is my first trip back in almost two years and it didn’t take long for me to realize why these trips are so valuable.
What I’m Thinking:
There are two camps on China and one is much bigger than the other. Long-gone are the days when techies view China as a bottomless money bag or consequence-free source of human capital. Virtually everyone I met with understands that tensions between Washington and Beijing are deep and persistent. While a few were exasperated by what they see as Americans’ pollyannish persnicketiness on things like human rights and the rule-of-law, the vast majority expressed support for resisting Chinese aggression and coercive economics. Even those inclined to be more accommodating of Beijing, recognized that it’s actually the Chinese Communist Party who is provoking most of the challenges for business in China and that there’s little reason to believe better days are ahead in the near-term.
There are a LOT of smart, capable people working these issues. Perhaps more than any previous visit, the last few days illustrated just how powerful the American system really is. Meeting after meeting I sat with people who are leaders in their respective fields and who have the time and means to do pretty much whatever they want. And you know what they’re thinking about? The same stuff I am and they are bringing some real horsepower to the challenge. Because China policy is inseparable from broader economic, social, and political realities, there are titans within each of these spheres who are gathering resources, shaping events, and moving the needle in very real ways. It’s another example of how powerful the U.S. private sector is and why it is such a key partner in the defense of democracy.
The new defense industrial base is taking shape. Companies like Anduril, Rebellion Defense, Skydio, and others are winning contracts and building amazing capabilities. Secretary of Defense Lloyd Austin recently explained the Pentagon’s plans to out-innovate the nation’s rivals — including more government/industry R&D partnerships, expanded Small Business Innovation Research (SBIR), and the development of regional “tech hubs” around the nation — and certainly there is a growing ecosystem of lean, agile, and creative companies to work with. I’m pumped.
Three things I hope we’re doing now
What’s New: A number of ongoing projects are causing me to think more concretely about a possible conflict over Taiwan.
Why This Matters: There are three specific things I hope we’re already doing as we plan for this contingency. And if we’re not, I hope some of the readers of this newsletter will take these ideas and implement them.
What I’m Thinking:
We should be threat-hunting on Taiwanese networks. At the point where China is prepared to take action against Taiwan, you can be assured that it will have spent considerable effort in penetrating Taipei’s critical infrastructure, military nodes, and other networks and in laying the groundwork to disable or otherwise compromise these same assets. Even before the start of hostile actions, Beijing is likely already engaged in intelligence gathering, preparation of the battlefield, and pre-positioning other cyber capabilities. If we have not already, the U.S. should work out an agreement with Taiwan whereby we assist them now in discovering, removing, and mitigating malign Chinese cyber actors and activities on Taiwanese networks. This would likely require unprecedented formal access to these networks; however, it will be too late for such threat-hunting once the shooting starts.
We should be identifying and securing TSMC’s “brain trust.” It takes more than money and equipment to design and manufacture cutting-edge integrated chips. You must also have the intellectual capital and practical experience that comes with being the world’s most important semiconductor company. In the event of a Chinese invasion or other hostile action against Taiwan, it will not be enough for the U.S. to have alternative factories in the United States and elsewhere. The world will also need the “brain trust” that is currently the beating heart of the Taiwan Semiconductor Manufacturing Company. The United States should be working with Taipei to identify these critical personnel and to develop scenarios for ensuring their safety if/when things go sideways.
We should be securing the full integrated chip (IC) chain. Securing the design and manufacturing of advanced integrated circuits consists of thousands of individual steps. Each of them needs to be freed from Chinese influence if we are to have real security. Even more, as new fabrication facilities (“fabs”) in the United States and elsewhere are constructed, robust counterintelligence and industrial espionage measures must be taken. In the same way that the Russians famously bugged the U.S. embassy during the Cold War, it should be assumed that Beijing will take any measure it can to compromise new semiconductor facilities. This will require using similar procedures and approaches as those used in the construction of the nation’s most sensitive sites — like military bases, intelligence agency facilities, and nuclear weapons depots. It will do us no good to build these new fabs only to discover they’ve been compromised and must be razed to the ground.
Google & Microsoft get offensive
What’s New: Google and Microsoft announced this week that they had taken separate actions against two groups of hackers.
Why This Matters: Private companies are assuming a larger role in cybersecurity and will feature more prominently going forward.
On Tuesday, Google said it had disrupted a group who hijacked more than 1 million devices, using them to steal private data and to mine cryptocurrency.
“Today, we took action to disrupt Glupteba, a sophisticated botnet which targets Windows machines and protects itself using blockchain technology … After a thorough investigation, we determined that the Glupteba botnet currently involves approximately one million compromised Windows devices worldwide, and at times, grows at a rate of thousands of new devices per day. Glupteba is notorious for stealing users’ credentials and data, mining cryptocurrencies on infected hosts, and setting up proxies to funnel other people’s internet traffic through infected machines and routers.”
Just one day prior, Microsoft said it disrupted a Chinese syndicate dubbed “Nickel,” who it said was targeting human rights groups, think tanks, and government agencies in the United States and more than 28 other nations.
“The Microsoft Threat Intelligence Center (MSTIC) has been tracking Nickel since 2016 and analyzing this specific activity since 2019 … There is often a correlation between Nickel’s targets and China’s geopolitical interests.”
What I’m Thinking:
These two companies have serious cybersecurity firepower. Google’s Threat Analysis Group (TAG) is reportedly tracking more than 270 government-backed bad guys that are operating in more than 50 countries. In just the last year, TAG has issued more than 50K warnings, a 33% increase from 2020. Microsoft’s Digital Crimes Unit (DCU) is another powerhouse, consisting of an international team of business, legal, and technical experts tasked with “meaningfully disrupting the operational infrastructure used by cybercriminals, through civil legal actions or technical measures.”
Even more capabilities are on the way. In August, these same two companies committed to spending more than $30 billion on cybersecurity. The folks in Redmond are putting $20 billion into “advanced security solutions” over the next five years and the search giant will cough up $10 billion for “expanding zero-trust programs, helping secure the software supply chain and enhancing open-source security.”
Cybersecurity is a team sport (and we’ve got a strong team). Most of the public dialogue about “big tech” is overwhelmingly characterized by perceived slights and political grievances. This means that really important developments like those in this story are often missed. But it’s worth noting that one of the reasons that our nation enjoys any level of cybersecurity is due to the actions of these same companies. They obviously have self-interested reasons for these actions, but so do we and I’m thankful that we have such capable, well-resourced teams working to secure our data, our networks, and our nation.
Let’s Get Visual
That’s it for this Friday Brief. Thanks for reading, and if you think someone else would like this newsletter, please share it with your friends and followers. Have a great weekend!