[TheRecord] Around the world with the NSA’s cyber chief

The head of the National Security Agency’s cyber branch on Wednesday warned that the number of digital threats has proliferated. 

“Almost every nation in the world now has a cyber exploitation program,” Rob Joyce, director of the NSA’s Cybersecurity Directorate, said during the Aspen Cyber Summit in Colorado.

“The vast majority of those are used for espionage and intelligence purposes, but… there is interest in dabbling in offensive cyber and outcomes. The difference between the top of the list and the bottom of the list, usually, is scale,” added Joyce, who has served in a number of roles at the nation’s top electronic spy agency and was a special assistant to the president and cybersecurity coordinator in the National Security Council in 2018.

There are some “high-end, sophisticated small actors, but they’re confined to whatever that national interest is that they’re aimed at so we see less of them.”

Joyce also delivered his latest assessments on the so-called “Big Four,” foreign nations that have traditionally acted as America’s digital adversaries—Russia, China, Iran and North Korea—and their latest online activities.

Russia. “They are the disruptive force. They’re often trying to not increase their activity but tear down others… They’re very active in the intelligence-gathering activities, still, both against governments [and] critical infrastructure. And then, the concern is that that effort that we’ve seen them actively use disruptive effects around the globe. We’ve seen evidence of pre-positioning against U.S. critical infrastructure. All things that can’t be tolerated and we need to work against.”

China. “Scope and scale, China’s off the charts. The amount of Chinese cyber actors dwarfs the rest of the globe, combined… The difference [from] four or five years ago to today, the difference I see, is we respected them less. It was always broad, loud and noisy, and what we’re finding, when you have a resource base that large, the elite in that group really are elite.

“The high end of the Chinese sophistication is really good. We’ve got to continue to understand, disrupt and then find ways across the whole of that technology to kind of push back… Yes, defense is really important, but you also have to work to disrupt so that’s the continuous engagement strategy out of the [Defense Department] and the idea that we got to put sand and friction in their operations, so they don’t get just free shots on goal.”

Iran. “Iran’s still active. They were certainly first and foremost, back when everybody was talking about the bank [distributed denial of service attacks, and the Shamoon Wiper virus. Still actively engaged in offensive cyber. But what we’re seeing is they’re often very focused on regional things right now. They haven’t been as focused on broader impact. But they’re capable and most importantly they’re dangerous because they’re less judicious in what they decide is a reasonable action. I think at times Iran doesn’t understand just how much they’ve gone up to, and even over, the line to the point where they’ve drawn the ire and concern of the greater greater community.”

North Korea. “North Korea is still very, very focused on creating wealth for the regime because there’s not many more sanctions that the world can put on North Korea. So they’ve got to find ways to generate currency, to make exchanges, and they found that stealing Bitcoin is often easier than stealing from the Bank of Bangladesh. They haven’t been hitting the biggest banks quite as aggressively, because they’re making their money in the crypto space … The commercial firms were dealing with a lot of North Korean issues back when the [Covid-19] vaccine was an issue; they were going after the intellectual property of vaccine makers. So, still active, still a threat, very capable but mostly focused on crypto exchanges and creating money.”

The post Around the world with the NSA’s cyber chief appeared first on The Record by Recorded Future.

Source: Read More (The Record by Recorded Future)

You might be interested in …

[TheRecord] Neiman Marcus discloses data breach impacting 4.6 million customers

Luxury department store chain Neiman Marcus has disclosed a data breach on Thursday that has exposed the personal information of more than 4.6 million of its customers. The Dallas-based company, which owns three fashion brands and operates 37 stores across major US cities, disclosed the incident in a message posted on its corporate website. According to the […]

Read More

[TheRecord] SEC Chair Gensler: Cryptocurrency market is ‘Wild West’ in need of more oversight

The nation’s top financial regulator on Tuesday highlighted the role Bitcoin and other cryptocurrencies play in the ransomware epidemic, and called on Congress to grant additional power to oversee the market for such digital assets. In his first extensive remarks on the subject since he assumed office in April, U.S. Securities and Exchange Commission Chair […]

Read More

Daily NCSC-FI news followup 2021-08-21

Urgent: Protect Against Active Exploitation of ProxyShell Vulnerabilities us-cert.cisa.gov/ncas/current-activity/2021/08/21/urgent-protect-against-active-exploitation-proxyshell Malicious cyber actors are actively exploiting the following ProxyShell vulnerabilities: CVE-2021-34473, CVE-2021-34523, and CVE-2021-31207. An attacker exploiting these vulnerabilities could execute arbitrary code on a vulnerable machine. CISA strongly urges organizations to identify vulnerable systems on their networks and immediately apply Microsoft’s Security Update from May […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.