Brad D. Williams covers cyber, networks, and emerging tech. He has worked as a journalist and tech writer for 20 years, much of that time focusing on cybersecurity. He began his career on the night desk at a daily newspaper and then spent a decade as a senior tech writer in security operations centers, on cyber red teams, and embedded with engineers building tech for the public and private sectors. In 2015, Brad started a business specializing in cybersecurity content strategy and development. He joined Fifth Domain: Cyber at the publication’s launch in 2017 and developed an enterprise beat covering cybersecurity strategy, policy, operations, and emerging tech. Brad holds a master's degree in English and technical cybersecurity certification. Outside of work, Brad is a member of the United States Chess Federation and writes literature.
bwilliams@breakingmedia.com
The Midshipmen edged out other competitors in this year’s virtual cyber competition to bring home the prestigious trophy. “I think the structure and dynamic of our team is what makes us so effective: We are completely student run, trained, and managed,” Gallagher said.
The White House Executive Order comes on the same day that CISA and CNMF issue SolarWinds-related malware analysis and NSA-CISA-FBI issue a joint advisory warning of ongoing SVR exploitation of known vulnerabilities in common products.
“That was a list of about as many awful things in 10 minutes as I may have heard in recent time,” Sen. Mark Warner said of the DNI’s threat assessment. Top of mind: China, cyber, and emerging tech.
This operation — which involved the FBI removing malware from privately owned and operated victim servers without advance notice — could be unprecedented, at least at this scale.
“Imagine you work at a chemical research part of a base. Its location is secret. But you have a smart car. Through other espionage activities, I found out you work there. I hack your phone or your car’s online account,” Keatron Evans said. “I track your location as you go to work every day. Now I know the specific GPS location of your work facility. It goes downhill quickly from there.”
The administration is set to nominate two NSA veterans, one for the newly created national cybersecurity director position and one to head CISA. The new leaders, once confirmed by Congress, will have their hands full.
Middle Eastern sources say Sunday’s cyberattack caused a blackout at the Natanz facility and damaged centrifuges. It occurred on the same day Defense Secretary Lloyd Austin landed in Israel for talks, a day after Iran announced new centrifuges at Natanz, and within a week of the US restarting talks to revive the JCPOA.
The guidance will “outline threats and risks to 5G infrastructure,” NSA Executive Director Noble said. It’s one way NSA is “focusing our expertise in cryptography and cybersecurity to help industry and government to integrate security into all aspects of the 5G ecosystem.”
The RFP includes a guide to help startups, small businesses, and non-traditional defense contractors participate. AI ethics and security are focal points.
“Some do not believe this is an appropriate role for the government…” Republican Sen. Young said in an interview. “…[B]ut, simply, the private sector and venture capital community is not up to shouldering this task on its own.”
SolarWinds threat actor reportedly accessed DHS emails and DoE schedules. Cyberespionage campaigns are “the types of things we should expect [Russia] to do,” one cybersecurity expert observed. “I’m not arguing we shouldn’t have a response. We should respond. …My only argument is that we should not overact.”
“We should understand what our adversaries are doing,” Gen. Nakasone told Congress. “They are no longer launching attacks from different parts in the world. They understand that they can come into the US, use our infrastructure, and there’s a blind spot for us not being able to see them.”
