Mondo News
    What's Hot
    All

    ‘Game-changing’ discovery of world’s oldest DNA could hold key to combating climate change

    All

    Astonishing images on the birth of the universe released by NASA

    All

    Here comes El Nino: It’s early, likely to be big, sloppy and add even more heat to a warming world

    • About Us
    • Contact us
    • Privacy Policy
    • Terms & Conditions
    Facebook X (Twitter) Instagram
    Facebook X (Twitter) Instagram
    Mondo News
    • Home
    • Technology

      NASA’s Grand Retirement Plan: Seeking Deorbit Craft for Space Station’s Safe Descent

      September 23, 2023

      First ever AI-written poetry anthology is bleak and alarming: ‘I have the power to end your world’

      September 23, 2023

      Andrew Yang on why we should be scared about the 2024 election: ‘Really destructive’

      September 23, 2023

      The evidence grows that ultra-processed foods play a role in depression

      September 23, 2023

      TV Networks’ Last Best Hope: Boomers

      September 23, 2023
    • Science

      Hypertelescopes on the Moon Can Have Better than 1 Microarcsecond Resolution

      September 23, 2023

      In Hospitals, Viruses Are Everywhere. Masks Are Not.

      September 23, 2023

      Richard Branson has an urgent message for climate change deniers

      September 23, 2023

      Richard Branson talks new climate change coalition and his plans to return to space

      September 23, 2023

      Australian authors back US lawsuit accusing OpenAI of ‘outright theft’ of their work

      September 23, 2023
    • Blockchain

      SBF’s mom told him to ‘avoid’ disclosing millions in FTX donations to her pro-Dem PAC: suit

      September 22, 2023

      The Lawyers Sam Bankman-Fried Once Trusted Are Drawing Criticism

      September 21, 2023

      Imaging Surface of Exoplanets With 25 Kilometer Moon Crater Hypertelescopes

      September 21, 2023

      The Animals Are Talking. What Does It Mean?

      September 20, 2023

      Sponsor an ocean? Tiny island nation of Niue has a novel plan to protect its slice of the Pacific

      September 20, 2023
    • All

      Hypertelescopes on the Moon Can Have Better than 1 Microarcsecond Resolution

      September 23, 2023

      NASA’s Grand Retirement Plan: Seeking Deorbit Craft for Space Station’s Safe Descent

      September 23, 2023

      First ever AI-written poetry anthology is bleak and alarming: ‘I have the power to end your world’

      September 23, 2023

      In Hospitals, Viruses Are Everywhere. Masks Are Not.

      September 23, 2023

      Andrew Yang on why we should be scared about the 2024 election: ‘Really destructive’

      September 23, 2023
    Mondo News
    You are at:Home»All»White House Weighs New Cybersecurity Approach After Failure to Detect Hacks
    All March 14, 2021

    White House Weighs New Cybersecurity Approach After Failure to Detect Hacks

    Share
    Facebook Twitter LinkedIn Pinterest Email

    The intelligence agencies missed massive intrusions by Russia and China, forcing the administration and Congress to look for solutions, including closer partnership with private industry.

    WASHINGTON — The sophisticated hacks pulled off by Russia and China against a broad array of government and industrial targets in the United States — and the failure of the intelligence agencies to detect them — are driving the Biden administration and Congress to rethink how the nation should protect itself from growing cyberthreats.

    Both hacks exploited the same gaping vulnerability in the existing system: They were launched from inside the United States — on servers run by Amazon, GoDaddy and smaller domestic providers — putting them out of reach of the early warning system run by the National Security Agency.

    The agency, like the C.I.A. and other American intelligence agencies, is prohibited by law from conducting surveillance inside the United States, to protect the privacy of American citizens.

    But the F.B.I. and Department of Homeland Security — the two agencies that can legally operate inside the United States — were also blind to what happened, raising additional concerns about the nation’s capacity to defend itself from both rival governments and nonstate attackers like criminal and terrorist groups.

    In the end, the hacks were detected long after they had begun not by any government agency but by private computer security firms.

    The full extent of the damage to American interests from the hacks is not yet clear, but the latest, attributed by Microsoft to China, is now revealing a second vulnerability. As Microsoft releases new “patches” to close the holes in its system, that code is being reverse-engineered by criminal groups and exploited to launch rapid ransomware attacks on corporations, industry executives said. So a race is on — between Microsoft’s efforts to seal up systems, and criminal efforts to get inside those networks before the patches are applied.

    “When not one but two cyberhacks have gone undetected by the federal government in such a short period of time, it’s hard to say that we don’t have a problem,” said Representative Mike Gallagher, Republican of Wisconsin and a co-chairman of a congressionally mandated cyberspace commission. “The system is blinking red.”

    The failures have prompted the White House to begin assessing options for overhauling the nation’s cyberdefenses even as the government investigates the hacks. Some former officials believe the hacks show Congress needs to give the government additional powers.

    But briefing reporters on Friday about the progress of the investigations, senior administration officials said the White House had no plans to urge Congress to rewrite the laws that prevent American intelligence agencies from operating inside America’s borders.

    One senior adviser to President Biden said, however, that a new structure was needed, one that combined traditional intelligence collection with the talents of private-sector firms.

    But even as officials try to assemble the lessons of those attacks, the one on Microsoft’s systems, used by companies and government agencies, has grown more complex. On Friday, Microsoft warned that cybercriminals are using the back doors Chinese hackers left behind to deploy ransomware, which is used to lock up computer systems until payment is made.

    The first efforts to freeze up American systems began Thursday night, Microsoft said, and American officials warned Friday that its customers had limited time, “measured in hours, not days” to patch their systems to avoid a costly nightmare.

    Mr. Biden was briefed last week on the effort to seal up the holes in federal defenses, a senior administration official told reporters on Friday, adding that the federal government was in the third week of a monthlong effort to plug holes made obvious by the SolarWinds hack. A presidential order on longer-range fixes is coming.

    But the first problem is detecting attacks — and there the United States has enormous work to do.

    America’s foremost hacking teams and digital defenders reside in Fort Meade, Md., home to the National Security Agency and its military counterpart, United States Cyber Command. Over more than a decade, with billions of dollars in new technology, they have littered foreign networks with various forms of “beacons” that give them access to detect attacks as they are coming together or begin.

    But, like missile defense, that is hardly an impermeable shield. And foreign actors have begun to identify America’s blind spot: If hackers can assemble an attack from inside America’s borders, the U.S. government’s best hunt-teams can be blindsided.

    “The N.S.A. cannot operate in the domestic infrastructure,” retired Adm. Michael S. Rogers, the former director of the agency, said on Friday at the Kellogg School of Management at Northwestern University. “You can’t defend something you can’t see.”

    But there is no political appetite to reverse decades of limits on intelligence agencies to monitor and defend network traffic inside the United States.

    Instead, Biden administration officials said they would seek a deeper partnership with the private sector, tapping the knowledge of emerging hacking threats gathered by technology companies and cybersecurity firms.

    The hope, current and former officials say, is to set up a real-time threat sharing arrangement, whereby private companies would send threat data to a central repository where the government could pair it with intelligence from the National Security Agency, the C.I.A. and other spy shops, to provide a far earlier warning than is possible today.

    “You could stop attacks dead in their tracks,” said Glenn S. Gerstell, a former general counsel for the National Security Agency. “We need a way to get threat intelligence into a one-stop shopping center.”

    After revelations in 2013 by the former intelligence contractor Edward J. Snowden that set off a debate about government surveillance, American technology companies are wary of the appearance of sharing data with American intelligence agencies, even if that data is just warnings about malware. Google was stung by the revelation in the Snowden documents that the National Security Agency was intercepting data transmitted between its servers overseas. Several years later, under pressure from its employees, it ended its participation in Project Maven, a Pentagon effort to use artificial intelligence to make its drones more accurate.

    Amazon, in contrast, has no such compunctions about sensitive government work: It runs the cloud server operations for the C.I.A. But when the Senate Intelligence Committee asked company officials to testify last month — alongside executives of FireEye, Microsoft and SolarWinds — about how the Russians exploited systems on American soil to launch their attacks, they declined to attend.

    Companies say that before they share reporting on vulnerabilities, they would need strong legal liability protections.

    The most politically palatable headquarters for such a clearinghouse — avoiding the legal and civil liberties concerns of using the National Security Agency — would be the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency. Mr. Gerstell described the idea as “automated computer sensors and artificial intelligence acting on information as it comes in and instantaneously spitting it back out.”

    The department’s existing “Einstein” system, which is supposed to monitor intrusions and potential attacks on federal agencies, never saw the Russian attack underway — even though it hit nine federal departments and agencies. The F.B.I., lawmakers say, does not have broad monitoring capabilities, and its focus is divided across other forms of crime, counterterrorism and now domestic extremism threats.

    “I don’t want the intelligence agencies spying on Americans, but that leaves the F.B.I. as the de facto domestic intelligence agency to deal with these kinds of attacks,” said Senator Angus King, a Maine independent, member of the Senate Intelligence Committee and co-chairman of the cyberspace commission. “I’m just not sure they’re set up for this.”

    There are other hurdles. The process of getting a search warrant is too cumbersome for tracking nation-state cyberattacks, Mr. Gerstell said. “Someone’s got to be able to take that information from the N.S.A. and instantly go take a look at that computer,” he said. “But the F.B.I. needs a warrant to do that, and that takes time by which point the adversary has escaped.”

    Another obstacle is the slowness of identifying attackers. While the director of national intelligence concluded that the SolarWinds attack, carried out last year, was “likely” Russian in origin, a definitive assessment is not expected until this week or next. Only then can the United States respond with sanctions or cyberoperations — nearly a year after the attack began.

    “The thing that worries me in both of these cases, too, is just how slowly we tend to attribute, and respond,” Mr. Gallagher said.

    On Friday, Jake Sullivan, the president’s national security adviser, told reporters that an investigation was underway to identify who was behind using the hack of the Microsoft systems to spy on law firms, infectious disease research, universities, military contractors, think tanks and other targets. Microsoft has already said the hackers were a Chinese, state-backed group.

    Last month, in the days before Microsoft released an emergency patch for vulnerable Exchange Servers, multiple state-backed Chinese groups were apparently tipped off that the company was testing a patch. They began gorging on vulnerable systems with a speed and aggression that some security experts said they had never seen before.

    It is unclear how exactly these Chinese groups learned of Microsoft’s patch, but the timing suggests they caught wind of the moves when Microsoft rolled out a test version of its patch to its security partners at cybersecurity firms in late February.

    Eighty companies participate in a longstanding partnership with Microsoft, known as the Microsoft Active Protections Program, including 10 Chinese firms. Microsoft confidentially alerts these companies to emerging cyberthreats and vulnerabilities ahead of its official patch cycle. The company is investigating whether one of its partners may have leaked to Chinese hackers or was itself hacked.

    Microsoft said that if it determined a leak was responsible for the spike in attacks, the responsible partners would “face consequences.”

    The attacks forced Microsoft to release its patch one week early, on March 2. Within a week, the number of vulnerable Exchange servers dropped from 400,000 to 100,000, according to RiskIQ, an internet security company.

    Now, however, 82,000 servers are still awaiting updates. Among those still vulnerable are more than 400 state, local and federal government entities in the United States — including more than a dozen servers run by federal agencies — according to an analysis by BitSight, a cybersecurity risk ratings company. The Biden administration has said nothing about the scope of federal vulnerability.

    If the government is able to attribute the Microsoft attack to the Chinese, Mr. Gallagher said, there are “a variety of things we could do to inflict pain” on the government in Beijing.

    Category: Technology

    Source: New York Times

    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
    Previous ArticleFauci Cautions Against Dropping Restrictions
    Next Article A New Study Suggests Students Can Be Just 3 Feet Apart Safely

    Related Posts

    All

    Hypertelescopes on the Moon Can Have Better than 1 Microarcsecond Resolution

    All

    NASA’s Grand Retirement Plan: Seeking Deorbit Craft for Space Station’s Safe Descent

    All

    First ever AI-written poetry anthology is bleak and alarming: ‘I have the power to end your world’

    All

    In Hospitals, Viruses Are Everywhere. Masks Are Not.

    All

    Andrew Yang on why we should be scared about the 2024 election: ‘Really destructive’

    All

    Richard Branson has an urgent message for climate change deniers

    All

    Richard Branson talks new climate change coalition and his plans to return to space

    All

    Australian authors back US lawsuit accusing OpenAI of ‘outright theft’ of their work

    Leave A Reply Cancel Reply

    Stay In Touch
    • Facebook
    • Twitter
    • Instagram
    • Pinterest
    Quote of the day

    A man marries to have a home, but also because he doesn't want to be bothered with sex and all that sort of thing.

    W. Somerset Maugham


    Exchange Rate

    Exchange Rate EUR: Sat, 23 Sep.

    Top Insights
    All

    Instacart Was All About Grocery Delivery. No Longer.

    All

    Supreme Court Takes Up Challenge to Social Media Platforms’ Shield

    All

    Nobel Prize in Physics Is Awarded to 3 Scientists for Work in Quantum Technology

    about after amazon apple bezos biden billion bitcoin california change china climate coronavirus could covid earth facebook fight first flight google launch million online other pandemic people plans research rover scientists social space spacex study tesla their these tiktok twitter vaccine vaccines workers world years

    September 2023
    M T W T F S S
     123
    45678910
    11121314151617
    18192021222324
    252627282930  
    « Aug    
    Categories
    • All (18,505)
    • Blockchain (808)
    • Science (7,255)
    • Technology (10,470)
    Tags
    about after amazon apple bezos biden billion bitcoin california change china climate coronavirus could covid earth facebook fight first flight google launch million online other pandemic people plans research rover scientists social space spacex study tesla their these tiktok twitter vaccine vaccines workers world years
    Top Posts

    Amazon Prevails Over Reliance in India’s Supreme Court

    August 6, 2021

    Done with Facebook? Here’s how to deactivate or permanently delete your Facebook account

    September 24, 2021

    Climate change in India: Teen inventor’s solar-powered ironing cart

    October 14, 2021

    Mondo News is a Professional Technology & Science Blog. Here we will provide you with only exciting content that you will enjoy and find useful. We’re working to turn our passion into a successful website. We hope you enjoy our Content as much as we enjoy offering them to you.

    Facebook X (Twitter) Instagram Pinterest
    Categories
    • All (18,505)
    • Blockchain (808)
    • Science (7,255)
    • Technology (10,470)
    Most Popular
    All

    Explorers excited at sight of cute snailfish

    All

    Crash landing for dream of ‘guilt-free flying’?

    © 2023 Mondo News.
    • Home
    • About Us
    • Contact us
    • Privacy Policy
    • Terms & Conditions

    Type above and press Enter to search. Press Esc to cancel.

    We are using cookies to give you the best experience on our website.

    You can find out more about which cookies we are using or switch them off in .

    Ad Blocker Enabled!
    Ad Blocker Enabled!
    Our website is made possible by displaying online advertisements to our visitors. Please support us by disabling your Ad Blocker.
    Powered by  GDPR Cookie Compliance
    Privacy Overview

    This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.

    Strictly Necessary Cookies

    Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.

    If you disable this cookie, we will not be able to save your preferences. This means that every time you visit this website you will need to enable or disable cookies again.