Skip to content
SPECIAL

THREATS TO CRITICAL INFRASTRUCTURE IN IRAN CONFLICT

READ MORE

Director’s note: NDAA drafts hit cyber, AI, critical infrastructure notes

Marines with Marine Corps Forces Cyberspace Command in the cyber operations center at Fort Meade, Md., on Feb. 5, 2020. (Photo by Staff Sgt. Jacob Osborne/U.S. Marine Corps Forces Cyberspace Command)
By Frank Cilluffo

Dear readers,

Congress is moving quickly on this year’s National Defense Authorization Act, and the emerging proposals offer an early indication of where lawmakers believe the future fight is headed. Cybersecurity, artificial intelligence, autonomous systems and critical infrastructure resilience feature prominently across both chambers’ drafts. The Senate Armed Services Committee has proposed creating a new Undersecretary of Defense for Cyber, Information, and Networks position, Mikayla Easley reported at DefenseScoop, and wants to help some businesses cover the costs of Cybersecurity Maturity Model Certification (CMMC) compliance, Justin Doubleday reported at Federal News Network. The House Armed Services Committee’s version wants to expand limits on autonomous weapons to address mission planning and target selection, Todd South reported at Air and Space Forces Magazine. One House amendment would bar the Defense Department from leasing its land to private companies to build data centers unless they agree not to install or use components manufactured in China, Russia, Iran or North Korea, Anastasia Obis reported at Federal News Network. The particulars may differ, but the larger lesson is clear: cyber, AI, autonomous systems and critical infrastructure can no longer be treated as separate policy lanes. They are increasingly part of the same strategic challenge.

This week on Cyber Focus it was a pleasure to sit down with Assistant Director for the Cyber Division Brett Leatherman to discuss how the FBI is aggressively confronting ransomware actors and hostile nation-states that are now leveraging agentic AI to move across the cyber kill chain at breakneck speeds. Our discussion included the active investigations into China-linked campaigns such as Volt Typhoon that preposition in critical U.S. operational technology ahead of potential conflict, the 10 fundamental cybersecurity controls that successfully force automated threat actors to abandon their targets, navigating firmware vulnerabilities from hostile nation-states and why every organization has been drafted into the national security fight, and how the FBI evicted Russian GRU military intelligence actors from compromised home and small-business routers. “Where they’re not touchable, their infrastructure is touchable, their money is touchable, their tools are touchable,” he said of threat actors operating from jurisdictions where arrest and extradition are unlikely. The conversation reinforced a reality we discuss often at the Institute: We cannot simply firewall our way out of today’s threat environment. Success increasingly depends on imposing costs on adversaries, disrupting their operations and moving faster than they can adapt.

The journey of Anthropic’s frontier models entered more unprecedented territory as the U.S. government invoked export controls to block foreign access to Fable 5 and Mythos 5. Greg Otto reported at CyberScoop that the Commerce Department cited national security concerns tied to a reported method of bypassing the models’ safety restrictions, which Anthropic disputes. As this week drew to a close, Cheyenne Haslett and Sophia Cai reported at POLITICO that the White House and Anthropic are working on a framework that would assess the severity of security flaws in new AI models and guide potential government intervention. And this whiplash unfolded the same week as the G7 summit in France, where Anthropic CEO Dario Amodei and Google DeepMind CEO Demis Hassabis called for a U.S.-led coalition to shape rules and standards around AI in a closed-door meeting with heads of state, Kai Nicol-Schwarz reported at CNBC. Whether one agrees with the specific decisions or not, the episode may prove to be an important marker in the evolving relationship between frontier AI developers and governments. Questions once considered hypothetical, such as when governments should intervene, how model risks should be assessed and who determines acceptable thresholds of risk are rapidly becoming practical policy questions. The pace of AI developments can be difficult to keep up with, even for those who follow the space closely. On next week’s Cyber Focus, I’ll sit down with CyberScoop Editor-in-Chief Greg Otto to help make sense of the extraordinary volume of AI-related news over the past week and what it may mean going forward.

As most efforts related to insider-threat-related models for AI agents will undoubtedly focus on targeting frontier model companies and the like, Melissa Graves asks in a Lawfare analysis whether counterintelligence, adapted to a new kind of subject, is the right way to think about trusted artificial systems inside national-security workflows. The system has trusted access, some delegated discretion and enough influence to shape what the institution sees or believes while its own process remains hard to inspect, she writes, arguing that the AI problem in intelligence is more than simply an accuracy problem. Put differently, future counterintelligence challenges may not simply involve trusted people with privileged access, but trusted machines operating at scale inside sensitive workflows.

Amid warnings about how the newest AI advances could give bad actors supercharged abilities to compromise our critical systems, adversaries are aggressively targeting our sectors with every current tool in their boxes. Google Threat Intelligence Group reported this week on a sophisticated campaign tied to China targeting institutions in the North American academic, medical and military research community seeking sensitive intel including on AI, uncrewed vehicle systems and cyber offense programs. The targeting underscores a broader reality: Strategic competition is no longer confined to government agencies and defense contractors. Universities, research centers, healthcare systems and other institutions that generate or steward valuable intellectual capital increasingly find themselves on the front lines. And Robert McMillan reported at The Wall Street Journal on how residential proxy networks are now a go-to resource for nation-state hackers – made easier by pre-installed backdoor software on millions of low-cost consumer devices shipped into the U.S. as well as mobile apps and illegal copies of videogames.

The vulnerabilities adversaries seek to exploit are not limited to digital networks – they increasingly span the physical systems and infrastructure upon which modern societies depend. Also at The Wall Street Journal, Shelby Holliday reported that “dark fleet” ships using a mishmash of digital tools to control crews and cover their tracks have left their systems exposed to bad actors who could exploit vulnerabilities to cause an explosion or oil spill. From the cyber realm to physical threats, Paul Zgheib writes at Small Wars Journal about another soft spot in the maritime sector: maritime swarm tactics that enable weak actors to transform global energy chokepoints into strategic battlefields. Low-cost “mosquito fleets” can overwhelm conventional naval defenses and target vulnerable commercial tankers and, invariably, global energy supply chains.

And speaking of swarms, Coast Guard Vice Admiral Peter Gautier (ret.) argues at the Atlantic Council that as drones proliferate and autonomous technology makes them harder to track and counter, leaders should aggressively advance counter-drone strategies and capabilities that keep up with the threat landscape. Pentagon CTO Emil Michael indicated that if the department is faced with a budget crunch it will consider how many traditional weapons systems they are “willing to sacrifice” in order to preserve funding for drones, Sydney J. Freedberg, Jr. reported at Breaking Defense.

This week by the numbers:

  • Richard Horne, chief executive of the UK’s National Cyber Security Centre, said his teams had handled more than 200 incidents affecting critical infrastructure and its supporting ecosystem through May, and about 75% of these were believed to be the work of state actors. (The Record)
  • As AI is expanding attack automation, more than 10,000 World Cup-themed domains have been observed popping up since January at a rate of roughly 2,000 new domains per month. (Arctic Wolf)
  • More than 80% of professional sports organizations were targeted by cyberattacks during the past year and over half of them were hit more than once. (Infosecurity Magazine)
  • Japanese energy giant Kyushu Electric Power Co. has apologized after losing a physical storage drive – left in an unlocked cabinet – containing data on up to 10.9 million accounts. (Tech Radar)
  • Chinese hackers took control of a target organization’s authentication stack and maintained persistence for 10 years, with full visibility into the administrative activity. (Bleeping Computer)

Two longer reads for the weekend delve into the evolution of the tech landscape in China and how to confront broader threats posed by the PRC and its ally Russia: Gerard DiPippo, Jonathon Sine and Benjamin Lenain examine in a RAND report how under Xi Jinping China’s techno-industrial policy has shifted from a focus on growth and catch-up toward national security, technological self-reliance and frontier leadership. At CSIS, Seth Jones, Seamus P. Daniels, Riley McCabe and Daniel Byman outline the challenges of finding footing on two fronts, and offer a strategy of flexible engagement built around a two-war planning construct and a rapid shift to a wartime industrial footing to counter the growing threat.

As we observe Juneteenth, we pause to reflect on a significant milestone in our nation’s continuing journey toward liberty and equality.

War Eagle,

Frank Cilluffo

Read More

Click to listen highlighted text!