CyberWire Daily - Biden's budget boost for cybersecurity.
Episode Date: March 12, 2024Biden’s budget earmarks thirteen billion bucks for cybersecurity. DOJ targets AI abuse. A US trade mission to the Philippines includes cyber training. CISA and OMB release a secure software attestat...ion form. CyberArk explores AI worms. Russia arrests a South Korean on cyber espionage charges. French government agencies are hit with DDoS attacks. Jessica Brandt is named director of the Foreign Malign Influence Center. Afternoon Cyber Tea host Ann Johnson speaks with her guest Keren Elazari about the hacker mindset. Google builds itself the Bermuda Triangle of Broadband. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Afternoon Cyber Tea host Ann Johnson talks with her guest Keren Elazari about the hacker mindset. To hear the full conversation, please listen to the episode of Afternoon Cyber Tea. Selected Reading US Federal Budget Proposes $27.5B for Cybersecurity (GovInfo Security) Justice Department Beefs up Focus on Artificial Intelligence Enforcement, Warns of Harsher Sentences (SecurityWeek) Microsoft to train 100,000 Philippine women in AI, cybersecurity (South China Morning Post) US launches secure software development attestation form to enhance federal cybersecurity (Industrial Cyber) The Rise of AI Worms in Cybersecurity (Security Boulevard) South Korean detained earlier this year is accused of espionage in Russia, state news agency says (Associated Press) Massive cyberattacks hit French government agencies (Security Affairs) ODNI appoints new election security leader ahead of presidential race (The Record) Google’s self-designed office swallows Wi-Fi “like the Bermuda Triangle” ( Ars Technica) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
You're listening to the Cyber Wire Network, powered by N2K.
Air Transat presents two friends traveling in Europe for the first time and feeling some pretty big emotions.
This coffee is so good. How do they make it so rich and tasty?
Those paintings we saw today weren't prints. They were the actual paintings.
I have never seen tomatoes like this.
How are they so red?
With flight deals starting at just $589,
it's time for you to see what Europe has to offer.
Don't worry.
You can handle it.
Visit airtransat.com for details.
Conditions apply.
AirTransat.
Travel moves us.
Hey, everybody.
Dave here.
Have you ever wondered where your personal information is lurking online?
Like many of you, I was concerned about my data being sold by data brokers.
So I decided to try Delete.me.
I have to say, Delete.me is a game changer.
Within days of signing up, they started removing my personal information from hundreds of data brokers.
I finally have peace of mind knowing my data privacy is protected.
Delete.me's team does all the work for you with detailed reports so you know exactly what's been done.
Take control of your data and keep your private life private by signing up for Delete.me.
Now at a special discount for our listeners.
private by signing up for Delete Me. Now at a special discount for our listeners,
today get 20% off your Delete Me plan when you go to joindeleteme.com slash n2k and use promo code n2k at checkout. The only way to get 20% off is to go to joindeleteme.com slash n2k and enter code
n2k at checkout. That's joindeleteme.com slash N2K, code N2K.
Biden's budget earmarks $13 billion for cybersecurity.
The DOJ targets AI abuse.
A U.S. trade mission to the Philippines includes cyber training.
CISA and OMB release a secure software attestation form.
CyberArk explores AI worms.
Russia arrests a South Korean on cyber espionage charges.
French government agencies are hit with DDoS attacks.
Jessica Brandt is named director of the Foreign Malign Influence Center.
Our afternoon Cyber Tea host, Anne Johnson, speaks with her guest, Karen Al-Azari, about the hacker mindset.
And Google builds itself the Bermuda Triangle of broadband.
of broadband.
It's Tuesday, March 12th, 2024.
I'm Dave Bittner, and this is for joining us here today.
We are glad to have you with us.
The Biden administration's latest budget proposal,
with a discretionary spending total of $1.67 trillion,
earmarks $13 billion for U.S. federal civilian cybersecurity in the upcoming
fiscal year, a modest increase of about $1 billion from the current year's budget.
Military cybersecurity is set to receive $7.4 billion, contributing to the Department of
Defense's overall $14.5 billion for cyber-related activities, marking a rise from this year's
$13.5 billion request.
The budget also allocates $800 million to assist low-resourced hospitals in enhancing
their cybersecurity, and $500 million for a program promoting advanced cybersecurity
investments.
The Department of Treasury will get a $150 million boost to secure
its systems against sophisticated threats, reflecting the critical role of its IT systems
in managing trillions of dollars. However, the Cybersecurity and Infrastructure Security Agency
might see a slight decrease in its cybersecurity budget to $1.24 billion from the current estimate of $1.3 billion,
despite a total proposed budget of $2.5 billion for the agency. This proposal comes amidst
ongoing appropriations challenges and partisan debates over CISA's role and budget, potentially
affecting its ability to initiate new programs, particularly those aimed at implementing zero-trust architecture in response to a 2021 executive order.
The budget highlights incremental increases in cybersecurity funding
amid broader concerns over federal spending and cybersecurity efficacy.
The Justice Department is increasing its focus on artificial intelligence misuse,
particularly in white-collar crimes such as price-fixing fraud and market manipulation,
with Deputy Attorney General Lisa Monaco emphasizing harsher sentences for deliberate misuse.
Companies will be evaluated on their AI risk management within their compliance programs,
will be evaluated on their AI risk management within their compliance programs, reflecting the department's concern over AI's potential exploitation by both corporate criminals and
foreign adversaries. This stance was highlighted following charges against a former Google engineer
for stealing AI trade secrets, underscoring the dual nature of AI as both a promising and perilous technology.
Monaco's comments aim to alert businesses to their legal responsibilities in mitigating AI risks,
with federal prosecutors poised to seek stiffer sentences for AI-related misconduct.
Microsoft plans to train 100,000 Philippine women in AI and cybersecurity through an online platform,
teaching them to utilize Microsoft's AI tools for workplace skills and threat recognition.
Additionally, Microsoft will introduce an AI-powered reading tool for 27 million Philippine students,
aiming to improve literacy rates, highlighted by a World Bank study showing significant reading struggles among students.
The initiative, announced during a U.S. trade mission led by Commerce Secretary Gina Raimondo,
includes partnerships with the Philippine government and educational institutions
to enhance economic advancement in cybersecurity while addressing disinformation issues in the Philippines.
The Cybersecurity and Infrastructure Security Agency and the Office of Management and Budget
have introduced a Secure Software Development Attestation Form
to ensure software producers comply with secure development practices
before their products are used by federal agencies.
This initiative,
stemming from Executive Order 14-028, aims to fortify the software supply chain's security
as outlined by the NIST Secure Software Development Framework. Software producers
must now self-attest that their software, developed in line with specific practices, is secure. The attestation,
requiring a signature from a company's CEO or an authorized designee, plays a pivotal role in
leveraging secure development techniques. Additionally, third-party assessments by
FedRAMP-certified organizations can substitute for self-attestation. This move, part of the Biden-Harris administration's broader cybersecurity strategy,
seeks to enhance the digital ecosystem's stewardship
and promote software that is inherently secure,
impacting not just federal government security,
but also global software practices.
Research from CyberArk notes how the rapid advancement of generative AI systems
like OpenAI's ChatGPT and Google's Gemini has introduced new cybersecurity risks, notably the
emergence of AI worms, such as WormGPT. These worms can autonomously replicate, steal data, and deploy malware, representing a significant threat to cybersecurity.
Recent research has demonstrated their capabilities through experiments like MORRIS-2, an AI worm designed to exploit vulnerabilities in interconnected AI systems for prompt injection attacks.
prompt injection attacks. To counter these threats, it's crucial for individuals and organizations to remain vigilant and implement proactive cybersecurity measures. CyberArk's
study underscores the need for continuous innovation in cybersecurity defenses and the
importance of secure AI system design, human oversight, and active monitoring to mitigate
risks. This emerging threat landscape necessitates a collaborative effort
to ensure the security of our digital ecosystem in the face of sophisticated AI-driven attacks.
Russia has arrested a South Korean citizen, Baik Won Soon, on cyber espionage charges,
marking the first such detention of a South Korean national
by Russia. Initially detained in Vladivostok, Won Soon has been transferred to Moscow for
further investigation and is currently held at a pretrial detention center. He's accused of
transmitting classified top-secret information to foreign intelligence agencies.
This incident occurs amidst growing geopolitical tensions in the region.
This case also follows the U.S. arrest of a former Google engineer
for allegedly stealing proprietary information and working covertly for China-based companies.
Multiple French government agencies were hit by intense cyberattacks since Sunday night,
according to the Prime Minister's office.
Though the specifics of the attacks were not disclosed,
they are believed to involve distributed denial-of-service attacks
using familiar but notably intense technical methods.
Despite the unprecedented scale of these offenses,
the French government has managed to
mitigate their impact, with most services restored and state websites accessible again.
A crisis cell has been activated to implement countermeasures, including filtering measures
by the information security agency ANSI. While the attacks have not been officially attributed
to any group, pro-Russia group No Name claimed responsibility for targeting French authorities and the state-owned electricity company EDF amid ongoing tensions over France's support to Ukraine.
election, the U.S. intelligence community has enhanced its election security team, appointing Jessica Brandt as the first official director of the Foreign Malign Influence Center. Established
in 2021, this center, within the office of the Director of National Intelligence, focuses on
combating foreign interference in U.S. elections. With Brandt's extensive experience in foreign influence, information
operations, and digital authoritarianism, her appointment aims to bolster federal efforts
against election interference, which has been a significant concern following attempts during
the last two presidential campaigns. Officials have highlighted the persistent threat of foreign
influence campaigns, notably from China and
Russia, and the evolving challenges posed by technological advances like generative AI.
The intelligence community, including Brandt's team, is actively briefing various stakeholders
to prepare for potential interference in the upcoming election, with a focus on monitoring
and quickly attributing influence and interference operations.
Coming up after the break, Afternoon Cyber Tea host Anne Johnson speaks with her guest
Karen Elizari about the hacker mindset. Stay with us.
Do you know the status of your compliance controls right now? Like, right now. We know that real-time visibility is critical for security,
but when it comes to our GRC programs, we rely on point-in-time checks.
But get this.
More than 8,000 companies like Atlassian and Quora
have continuous visibility into their controls with Vanta.
Here's the gist.
Vanta brings automation to evidence collection
across 30 frameworks,
like SOC 2 and ISO 27001.
They also centralize key workflows
like policies, access reviews, and reporting,
and helps you get security questionnaires done
five times faster with AI.
Now that's a new way to GRC.
Get $1,000 off Vanta when you go to vanta.com slash cyber.
That's vanta.com slash cyber for $1,000 off.
And now, a message from Black Cloak.
Did you know the easiest way for cybercriminals to bypass your company's defenses is by targeting your executives and their families at home?
Black Cloak's award-winning digital executive protection platform secures their personal devices, home networks, and connected lives. Because when executives are compromised at home, your company is at risk. In fact,
over one-third of new members discover they've already been breached. Protect your executives
and their families 24-7, 365, with Black Cloak. Learn more at blackcloak.io.
Anne Johnson from Microsoft is host of the Afternoon Cyber Tea podcast right here on the Cyber Wire podcast network. In our most recent episode, she spoke with Karen El-Ezzari about
the hacker mindset. Here's their conversation. Today, I am joined by Karen El-Ezari about the hacker mindset. Here's their conversation.
Today, I am joined by Karen El-Ezari, known online as K3, R3, N3, also known as the friendly hacker.
Karen is an international recognized security analyst, researcher, author, and speaker,
working with leading security firms, government organizations, and Fortune 500 companies.
Corrine is also a famed TED conference speaker.
Her TED Talk about hackers has been viewed by millions,
translated to 30 languages, and is one of the most watched talks on TED.com
on the topic of cybersecurity.
Welcome to Afternoon Cyber Tea, Corrine.
Thank you for having me, Anne. and excited to be on the show.
So I want you to talk a little bit more about this hacker mindset,
why it's important to understand the mindset,
why it's important to understand it from a constructive and positive point of view,
and what way can the hacker mindset help digital offenders protect data and systems?
Absolutely.
So this is a big part of what I believe in.
It's my passion to show the world that we can learn a lot from hackers and the hacker
mindset.
And there are many friendly hackers.
There are ethical hackers.
There are hackers who work for governments and corporates, and they're trying to stop
the bad guys.
And yet the term hacker is so often synonymous with a bad guy, a criminal, a fraudster, someone
who's malicious.
with a bad guy, a criminal, a fraudster, someone who's malicious.
The original hackers, the first hackers, maybe in the 1950s, 60s, and 70s of the previous century,
they were the people who were clever.
They were the people who were hacking around on model train and model rail systems in MIT and other campuses in the United States.
If it wasn't for those people learning and developing
the basic tenets of IP and other internet protocols that we all use, we probably wouldn't
have had an internet that looked like the internet that we have today, that is global,
that is decentralized. So a lot of that hacker mindset, I think, stems or goes back to those
ideals. And for me, it's about curiosity. It's about sharing the
fruits of your knowledge, sharing your skill set. You know, there are more than a million
friendly hackers today on planet Earth that participate in bug bounty programs,
in vulnerability disclosure programs that use their time and their talents to identify bugs and vulnerabilities
and report them. And of course, I know Microsoft was one of the first big enterprise corporate and
software companies that had such a program in place in the first place. But so now, you know,
it's a thing that all the big Silicon Valley companies do, but also maybe airlines and banks
and Starbucks and Starbucks.
And, you know, so many big brands have learned that these friendly hackers out there
can contribute with their knowledge.
Now, and arguably, so many of these big household brands
can and often do hire fantastic security experts.
I know that you do.
And yet the external point of view,
the outsider point of view, the outsider point of view,
finds things that even the best in-house security talent can miss. Maybe it's because of an
organizational blind spot. Maybe it's because of a specific corporate mindset. The results speak
for themselves. Each year, we see that individual, independent, outside hackers can identify problems in applications,
in configurations, in networks,
in all aspects of our technology world
without being on the inside.
So I kind of feel vindicated with that.
You know, I kind of feel like it proves my point
that I try to make with hackers being the immune system.
Be sure to check out the afternoon Cyber Tea podcast
wherever you get your podcast episodes.
Cyber threats are evolving every second, and staying ahead is more than just a challenge.
It's a necessity.
That's why we're thrilled to partner with ThreatLocker, a cybersecurity solution trusted by businesses worldwide.
ThreatLocker is a full suite of solutions designed to give you total control, stopping unauthorized applications,
securing sensitive data, and ensuring your
organization runs smoothly and securely. Visit ThreatLocker.com today to see how a default
deny approach can keep your company safe and compliant.
With TD Direct Investing, new and existing clients could get 1% cash back.
Great! That's 1% closer to being part of the 1%!
Maybe, but definitely 100% closer to getting 1% cash back with TD Direct Investing.
Conditions apply. Offer ends January 31, 2025. Visit td.com slash dioffer to learn more. And finally, Google's newly designed Bayview
Campus, a project aimed at rethinking office space, has encountered
significant Wi-Fi issues since its opening in May of 2022. Described by some as the Bermuda
Triangle of broadband due to its complex tent-like metal and glass structure with a unique gradient
canopy roof, the design inadvertently hampers Wi-Fi signal propagation. Employees have
resorted to using Ethernet cables, phone hotspots, or working outside to circumvent the spotty or
non-existent Wi-Fi coverage within the building. Google has acknowledged the problem and is
actively seeking solutions, aiming to improve the situation in the coming weeks,
especially as the company encourages a return-to-office policy.
It's an interesting dilemma. Our signals intelligence desk reminds us that RF stands
for random failure, and we can't help wondering if architectural firms might find it in their
best interest to have an RF engineer give their plans
a once-over before submitting them to their clients.
And that's The Cyber Wire. For links to all of today's stories, check out our daily briefing
at thecyberwire.com. We'd love to know what you think of this podcast.
You can email us at cyberwire at n2k.com.
N2K Strategic Workforce Intelligence optimizes the value of your biggest investment, your people.
We make you smarter about your team while making your team smarter.
Learn more at n2k.com.
This episode was produced by Liz Stokes.
Our mixer is Trey Hester,
with original music by Elliot Peltzman.
Our executive producers are Jennifer Iben and Brandon Karp.
Our executive editor is Peter Kilby,
and I'm Dave Bittner.
Thanks for listening.
We'll see you back here tomorrow. Thank you.