Monday Brief for 7 June 2021 (w/Audio)

Tech Terms

Malware (mal·ware) — software that is specifically designed to disrupt, damage, or gain unauthorized access to a computer system.

An Incremental Improvement on Ransomware

What’s New: The Department of Justice (DOJ) is organizing ransomware investigations like terrorism cases, according to an internal memo reviewed by Reuters.

Why This Matters: The use of terrorism protocols suggests the federal government is prioritizing ransomware attacks and is preparing a more coordinated and comprehensive response in the wake of the attacks on the Colonial oil pipeline and JBS SA’s beef plants.

Key Points:

• According to Reuters, the memo states:

“To ensure we can make necessary connections across national and global cases and investigations, and to allow us to develop a comprehensive picture of the national and economic security threats we face, we must enhance and centralize our internal tracking.”

• The guidance tracks with statements last week by FBI Director Christopher Wray, who likened cyber threats to 9/11 and said the Bureau is investigating nearly 100 types of ransomware — many of which are linked to attackers in Russia.

“Time and time again, a huge portion of those traced back to actors in Russia. And so, if the Russian government wants to show that it’s serious about this issue, there’s a lot of room for them to demonstrate some real progress that we’re not seeing right now,” going on to warn, “The scale of this problem is one that I think the country has to come to terms with.”

• The White House is signaling that President Biden will confront Russian President Vladimir Putin about ransomware attacks when the two leaders meet in Geneva later this month, and spokeswoman Jen Psaki suggested U.S. reprisals are also under consideration, saying the President “[is] not taking any options off the table.”

• In the meantime, Deputy National Security Advisor for Cyber and Emerging Technology, Anne Neuberger, issued an open letter to industry urging companies to bolster their ransomware defenses:

“The number and size of ransomware incidents have increased significantly,” she said. “The U.S. government is working with countries around the world to hold ransomware actors and the countries who harbor them accountable, but we cannot fight the threat posed by ransomware alone. The private sector has a distinct and key responsibility.”

What I’m Thinking:

• This is a good move by the DOJ. While a bureaucratic response, it’s not one without impact. By orienting ransomware investigations around the processes and procedures used in terrorism investigations, the department is (1) illustrating the prioritization of the ransomware threat, (2) aligning internal resources with this prioritization, and (3) approaching the multitude of ransomware investigations as a more comprehensive and strategic challenge — which it is.

• But, we haven’t quite “taken the gloves off.” When the DOJ memo was first reported, I hoped it meant that the U.S. government was actually designating ransomware attacks as a type of cyber terrorism. Such a designation would turn on key authorities for the Department of Defense (Title 10) and the CIA (Title 50) that would allow a more proactive and aggressive posture. I’m inclined to believe such a designation is warranted.

  • Even if you accept the line from some attackers that they’re only in it for the money, many of them are still actively or tacitly allowed to operate by governments (i.e., Russia) who view these operations — and the instability they provoke — as politically advantageous.

  • Targets like hospitals, oil pipelines, food supply chains, etc. are targets of “mass terror.” Terror is about more than body counts, it’s about the impact it has on a population and on a society’s way of life. Just because we haven’t had a society-changing ransomware attack doesn’t mean that there can’t be one. In fact, I would argue that treating these ransomware operations as terrorism is both justified and the best way to deter such an attack.

  • Finally, as alluded to earlier, a terrorism designation would invoke authorities that would free our military and intelligence enterprises to deconstruct these hacking syndicates (which would also help to dismantle many of our challengers’ non-attributable cyber capabilities). As I told Fox News last week:

“We need to change the political calculus of foreign governments who allow ransomware attackers to operate with impunity within their borders. It’s time for the United States to start putting heads on spikes when it comes to confronting and dismantling ransomware groups.”

The Innovation Race Has Officially Started

What’s New: China’s President Xi Jinping told the nation’s science and technology leaders they must be prepared for “unprecedented” technological competition with the United States and that this will be “the main battleground” between the two powers, according to the South China Morning Post.

Why This Matters: Xi is correct.

Key Points:

• Xi made his comments while addressing a joint gathering of the Chinese Academy of Sciences, the Chinese Academy of Engineering, and the 10th National Congress of the China Association for Science and Technology.

• Promising to boost funding and to cut bureaucracy, he said China must significantly advance the nations capabilities in technologies like semiconductors, artificial intelligence (AI), life sciences, and quantum computing.

• Xi also reportedly emphasized making China technologically self-sufficient in service of the nation’s economic and national security interests.

• Separate, but relatedly, China’s military is also looking to weaponize bio-technologies — sponsoring research into human performance enhancement and gene editing.

• These developments come as the U.S. Congress prepares to vote this week on the U.S. Innovation and Competition Act (formerly the Endless Frontiers Act); this legislation is specifically aimed at improving American technological advantage over an ascendant China.

What I’m Thinking:

• I think we’re all finally on the same page. It’s taken longer than it should have, but decision-makers in Washington and Beijing finally agree: “The period that was broadly described as engagement [with China] has come to an end.” It is now clear to everyone that — because of choices China is making — our two nations are moving into a period of open confrontation. While that does not necessarily mean war, war is possible, and leaders on both sides of the Pacific are now trying to set the conditions for their respective technological advantage.

• To put a finer point on it, maybe we’re finally waking up to the world as it has always been. In their book, The Lessons of Tragedy: Statecraft and World Order, Hal Brands and Charles Edel poignantly observe the following:

“Americans are serial amnesiacs. And today, after nearly seventy-five years of great-power peace and thirty years of post-Cold War primacy, Americans are losing their sense of tragedy. The U.S.-led international order has been so successful, for so long, that Americans have come to take it for granted. They have forgotten what that order is meant to prevent in the first place: the sort of descent into violence and great-power war that has been all too common throughout human history … Revisionist states are probing aggressively for weakness; democracy is in retreat as authoritarianism again advances; instability and upheaval have reached alarming levels; the global balance of power and resolve is gradually shifting in ominous ways. The United States and the world it created are once again courting tragedy, not least because Americans are losing their ability to imagine what tragedy really is. [emphasis added]”

• Speaking of war. My colleague Oriana Skylar Mastro (@osmastro) has written an excellent explainer on how and why China might take military action against Taiwan — perhaps the most likely precursor to a direct military conflict between the U.S. and China. Relevant to our discussion is her point that “China’s ballistic and cruise missiles … are the most advanced in the world.” The same could potentially be said regarding quantum science and other emerging technologies. I raise this to illustrate that American political and military leaders have presumed our technological dominance for a very long time and are only now truly questioning this presupposition. We are not impotent. But we also are not invulnerable.

Microsoft Advances Vote Tracking Software

What’s New: Microsoft’s ElectionGuard software will soon be piloted in Hart InterCivic voting machines — one the U.S.’s three major voting machine vendors, according to Wired Magazine.

Why This Matters: Trust in national elections is eroding on both sides of the political aisle.

Key Points:

• While election officials declared the 2020 election to be one of the most secure in the country’s history, 40% of Trump voters believe he “definitely” won the 2020 presidential election with another 36% saying this was “probably” true, according to Pew Research. Similarly, after the 2016 election, one-third of Clinton supporters said they did not accept the election of Donald Trump.

• ElectionGuard was launched in 2019 and offers “end-to-end verifiability,” which means all vote data is encrypted while still allowing, according to Microsoft, full transparency regarding how votes are tallied and winners determined.

• According to the article, “The system will always produce paper backups, is encrypted in a special way to allow counting while preserving full voter security and privacy, and expands the ability to do post-election audits.”

“Election officials are eager for any kind of tool that enhances auditability, verifiability, and transparency, which in turn enhance voter confidence,” says Julie Mathis, CEO and president of Hart InterCivic. “It’s important that this product is designed to meet the needs of real-world elections.”

What I’m Thinking: Legitimate elections are critical for our national security. The ongoing erosion of trust in our national institutions is as dangerous as any terrorist group or cyber actor because our institutions are built on perceptions of legitimacy. Once legitimacy is gone, everything founded on it collapses under the weight of factions and those willing to do anything to win. While many will inherently distrust innovations like ElectionGuard, trials like this are the surest way to restore and secure long-term trust in our electoral processes.

Let’s Get Visual

Nerd Humor

Quick Clicks

• WhatsApp sues Indian government to stop new internet rules

• Russia raises heat on Twitter, Google, and Facebook

• U.S. has almost 500K infosec job openings

• AI could soon write code based on ordinary language

• New AI can gauge unconsciousness under general anesthesia

That’s it for this Monday Brief. Thanks for reading, and if you think someone else would like this newsletter, please share it with your friends and followers. Have a great week!