National Cyber Security Awareness Month (NCSAM) is drawing to a close, but it’s been nice seeing so much coverage of cybersecurity around the Internet and across mainstream news sites. As always, there’s a lot going on in the world around cybersecurity. This past month saw the establishment of a new military cybersecurity task force, a possible cybersecurity deal between Russia and China a National Weather Service employee potentially leaking critical infrastructure data to China, and more.
Here’s a brief roundup of key happenings in cyber:
- Navy stands up cybersecurity task force—According to Millitary.com, the Navy has established a special new unit designed to protect computer networks and improve cyber security across the service. The 100 member Task Force Cyber Awakening, or TFCA, was created in in August to establish protocols, identify vulnerabilities, increase cyber awareness and shore up security and access with the Navy’s computer network. In related news, the FBI also
- Russia, China near cybersecurity deal—The Hill reports that Russian President Vladimir Putin is close to finalizing a cybersecurity cooperation agreement with China. The deal would allow the two countries to conduct joint cybersecurity operations. Sources say that hopes are that the deal will be signed on November 10 when Putin conducts a state visit to China. There are also reports that Vladimir Putin and Xi Jinping will deliver a joint address on cybersecurity while Putin is in China.
- US focus on naming foreign hackers gets criticized—CrowdStrike’s own Dmitri Alperovitch, CTO, participated in a discussion on the current cyber threat environment at the Atlantic Council. Alperovitch joined Tom Corcoran, senior policy adviser of the House Permanent Select Committee on Intelligence and moderator Jason Healey, director of the Cyber Statecraft Initiative, where he expressed frustration with policymakers insisting that attribution is too difficult. He implored Congress to put more of its focus on punishing foreign entities that carry out attacks, even if the government can’t pinpoint exactly who ordered the attack.
- NOAA Considers Whether to Ax Employee Accused of Breaching Army Dam Files— A National Weather Service employee of Chinese descent was arrested on October 20 at her office in Ohio for allegedly breaching an Army database containing sensitive files on U.S. dams. Was the incident just what the former head of the Department of Justice’s Computer Crime Unit calls “a Tuesday” as in, it happens all the time, or something more sinister? Coupled with a compromise of the same database from January through April of 2013 that was tied to the Chinese government, Dmitri Alperovitch thinks it’s much more than a “Tuesday.” “National dams are a critical infrastructure that our enemies would love to get intelligence on that they could leverage in case of a military conflict,” Alperovitch, told NextGov. “While the indictment does not specify her affiliation with a foreign power, “it certainly can’t be ruled out,” he said. “We’ve seen cyber intrusions from China going after similar data.”