TOP OF THE DAY – US Warns of Foreign Interference in Congressional Races Ahead of Election
(Kevin Poireault – Infosecurity Magazine – 8 October 2024) One month away from the US presidential election, the US intelligence community is observing foreign interference campaigns at both a local and national level. In an early October security update, the Office of the Director of National Intelligence’s (ODNI) Foreign Malign Influence Center warned about online influence campaigns coming from Russia, China and Iran. – US Warns of Foreign Interference in Congressional Races – Infosecurity Magazine (infosecurity-magazine.com)
Governance
(Brian Conrad – NextGov – 8 October 2024) Since its inception in 2011, the Federal Risk and Authorization Management Program has been essential in bringing cloud computing infrastructure and security to Federal agencies. Over the past year, the program has undergone a series of governance changes, culminating in the release of FedRAMP modernization guidance from the Office of Management and Budget. These changes aim to ensure that FedRAMP continues to support federal agencies with their cloud service needs amidst emerging technologies, an expanding threat landscape, evolving security policies, and shifts in the commercial cloud marketplace. While all the changes are significant, the FedRAMP agile delivery pilot, updated appointments to the Secure Cloud Advisory Committee and the appointment of the inaugural FedRAMP Board may have the biggest impacts on both federal agencies and cloud service providers. – How FedRAMP is evolving to meet the challenges of the cloud computing market – Nextgov/FCW
Geostrategies
(Mason W. Krusch – Just Security – 8 October 2024) On Sept. 4–5, in a potent demonstration of the efficacy of legal countermeasures founded on actionable cyber threat intelligence, the U.S. Department of Justice (DOJ) and Treasury Department unleashed a whirlwind of seizures, indictments, and sanctions targeting assets of Russia’s malign influence operations. This spate of legal action comes as the Kremlin seeks to not only undermine U.S. support for Ukraine, but also erode Americans’ trust in democratic institutions in the lead-up to the 2024 presidential election. Russia’s efforts to influence U.S. public opinion, which the Office of the Director of National Intelligence (ODNI) has identified as the primary threat to the U.S. elections, threaten the internal stability and national security of the United States by amplifying divisive rhetoric over contentious U.S. domestic issues that exacerbate political polarization. – Shattering Illusions: How Cyber Threat Intelligence Augments Legal Action against Russia’s Influence Operations (justsecurity.org)
(Col (Dr) DCS Mayal – Observer Research Foundation – 8 October 2024) Disruptive communication technologies are helping reshape global dynamics by empowering marginalised populations and prioritising public opinion over traditional military hard power. At the same time, however, these technologies are also creating opportunities for groups to clandestinely and remotely influence public sentiment and monitor, control, and assert their preferred narratives. This brief discusses the case of China, which has been working since the beginning of the 21st century to leverage new and emerging technologies in its quest for global supremacy. – Chinese Global Media Strategies and Their Footprints in South Asia (orfonline.org)
Security
(Ionut Arghire – SecurityWeek – 8 October 2024) The US Department of Health and Human Services (HHS) is raising the alarm on Trinity ransomware attacks targeting healthcare and public health organizations. First seen in May 2024, Trinity is a fairly new ransomware family that adds the ‘.trinitylock’ extension to the encrypted files and which shares similarities with the 2023Lock and Venus ransomware, HHS notes in its alert (PDF). – Healthcare Organizations Warned of Trinity Ransomware Attacks – SecurityWeek
(Beth Maundrill – Infosecurity Magazine – 8 October 2024) Despite the flurry of law enforcement action to take down ransomware gangs, Secureworks has observed a 30% year-on-year rise in active ransomware groups. In the eighth edition of the Secureworks annual State of The Threat Report, the firm identified 31 new groups that had entered the ransomware ecosystem in the last 12 months. The report noted that while the threat landscape had previously been dominated by a few big players, it is now home to a broader set of emerging entities. – 31 New Ransomware Groups Join the Ecosystem in 12 Months – Infosecurity Magazine (infosecurity-magazine.com)
(James Coker – Infosecurity Magazine – 8 October 2024) Cyber-enabled fraud resulted in up to $37bn in losses for victims in East and Southeast Asia in 2023, with governments left unable to contain these threats, a United Nations (UN) report has warned. The analysis by the United Nations Office on Drugs and Crime (UNODC) highlighted that organized crime groups in the region have rapidly integrated new tools and technologies to enhance their operations, including malware, generative AI and deepfakes. – Cyber Fraud Cost up to $37bn in Southeast Asia Last Year – Infosecurity Magazine (infosecurity-magazine.com)
(Phil Muncaster – Infosecurity Magazine – 8 October 2024) US money transfer giant MoneyGram has confirmed to customers that their personal information (PII) may have been stolen in a data breach incident. The firm posted a notice on its website yesterday following several days of speculation as to what had happened. It claimed that it discovered evidence of the breach on September 27, after an “unauthorized third party” was able to access the PII of an unknown number of customers between September 20 and 22. – MoneyGram Reveals Data Breach After Incident Downed Services – Infosecurity Magazine (infosecurity-magazine.com)
(Eduard Kovacs – SecurityWeek – 8 October 2024) Physical security solutions provider ADT has detected unauthorized access to its network for the second time in recent months, and again some data has been stolen by the attackers. ADT, which offers alarm and other physical security systems for homes and small businesses, informed the SEC on Monday that it recently detected a cybersecurity breach. – Physical Security Firm ADT Hacked Again – SecurityWeek
(Shravishtha Ajaykumar – Observer Research Foundation – 7 October 2024) The 2017 cyberattack on a petrochemical plant in Saudi Arabia was a watershed moment in cybersecurity, the perpetrator remains unconfirmed. It marked the first intentional use of malware to cause physical harm—a previously theoretical threat. The malware, known as Triton, could potentially release toxic hydrogen sulphide gas or trigger explosions, risking the lives of those in the vicinity and the entire industry plant. Following this event and the fear that such an attack could also target other countries with critical infrastructure, the United States of America established its Chemical Facility Anti-Terrorism Standards (CFATS) Statutes in January 2019. However, as of July 2023, these statutes have expired and are no longer the baseline for security measures in US Chemical plantations. Despite this step forward, the expiration of these statutes does not indicate a change in trends. India also does not have a single legislation for cybersecurity in chemical security. While India does have a comprehensive list of cybersecurity governance efforts (…) and governance tools for chemical security (…) the lack of overlap in the two areas is glaring. – Securing India’s critical infrastructure: Prioritising cybersecurity in chemical facilities (orfonline.org)
Defense, Intelligence, and War
(Phil Muncaster – Infosecurity Magazine – 8 October 2024) Police investigators from across the globe joined forces last month in a digital operation to identify human trafficking suspects and victims, according to Europol. The latest edition of the policing agency’s EMPACT hackathon featured participation from 27 countries, including 19 EU member states plus Albania, Brazil, Georgia, Kosovo, Moldova, Serbia, Ukraine and the UK. – Global Police Track Human Traffickers in Online Crackdown – Infosecurity Magazine (infosecurity-magazine.com)
(Patrick Tucker – Defense One – 7 October 2024) The prevailing “bigger-is-better” approach to artificial intelligence—ingest more training data, produce larger models, build bigger data centers—might be undermining the kind of research and development the U.S. military actually needs now and in the future. That’s the argument in “Hype, Sustainability, and the Price of the Bigger-is-Better Paradigm in AI,” a new paper that scrutinizes common assumptions driving AI research. Its authors demonstrate that the performance of larger models doesn’t necessarily justify the vastly increased resources needed to build and power them. They also argue that concentrating AI efforts in a relative handful of big tech companies adds geopolitical risks. – Is ‘Big AI’ beating ‘small AI’—and what does it mean for the military? – Defense One
(Paul Lushenko, Keith Carter – Bulletin of the Atomic Scientists – 7 October 2024) Since the emergence of generative artificial intelligence, scholars have speculated about the technology’s implications for the character, if not nature, of war. The promise of AI on battlefields and in war rooms has beguiled scholars. They characterize AI as “game-changing,” “revolutionary,” and “perilous,” especially given the potential of great power war involving the United States and China or Russia. In the context of great power war, where adversaries have parity of military capabilities, scholars claim that AI is the sine qua non, absolutely required for victory. This assessment is predicated on the presumed implications of AI for the “sensor-to-shooter” timeline, which refers to the interval of time between acquiring and prosecuting a target. By adopting AI, or so the argument goes, militaries can reduce the sensor-to-shooter timeline and maintain lethal overmatch against peer adversaries. – A new military-industrial complex: How tech bros are hyping AI’s role in war – Bulletin of the Atomic Scientists (thebulletin.org)
(Courtney Albon – Defense News – 8 October 2024) The Pentagon awarded Anduril Industries a contract worth $250 million to counter drone attacks against U.S. forces with the company’s recoverable Roadrunner interceptor. Under the deal, which Anduril announced on Tuesday, the Defense Department will buy 500 Roadrunner all-up rounds as well as the firm’s portable Pulsar electronic-warfare capability, which can be integrated with aircraft to jam enemy systems. – Anduril lands $250 million Pentagon contract for drone defense system (defensenews.com)
(Elisabeth Gosselin-Malo – Defense News – 8 October 2024) Naval Group subsidiary Sirehna has launched an unmanned surface vessel that incorporates lessons learned from Ukraine’s deployment of robotic boats against Russian targets in the Black Sea, according to company officials. The craft, measuring just under 10 meters in length, is named the Seaquest S and has an endurance of 24 hours. Sirehna plans to offer the vessel optimized for surveillance, electronic-warfare, strike and anti-submarine missions, executives said here during a press trip ahead of the Euronaval naval confab in Paris next month. – Naval Group launches robotic boat featuring lessons from Ukraine (defensenews.com)
(Sydney J. Freedberg Jr. – Breaking Defense – 7 October 2024) Since 2020, when the Pentagon established a technical architecture to connect counter-drone systems, their digital backbone has been the Army’s Forward Area Air Defense Command & Control. FAAD-C2 is built by Northrop Grumman and in widespread use by US forces and, increasingly, foreign allies like the Baltic States. Today, Northrop announced it had developed a new AI-driven upgrade to FAAD-C2, an Advanced Battle Manager to help users handle “complex aerial swarm scenarios.” – Northrop Grumman adds AI to Army’s command system for counter-drone defense – Breaking Defense
(Lee Ferran – Breaking Defense – 7 October 2024) The US State Department today gave their blessing to a trio of Foreign Military Sales that would see Italy bring online $680 million-worth of electronic attack systems, India load up $175 million in torpedoes and Romania light up a $110 million radar system. Specifically Rome appears to be in the market for the Electronic Attack (EA)-37B mission system made by BAE Systems — the radars, encryptors, terminals, etc. that make up the brains of the US Air Force’s EA-37B Compass Call aircraft, which is based on a highly modified Gulfstream G550. Italy reportedly already has a couple Gulfstreams to host the new, high-end equipment. – US greenlights ‘electronic attack’ system for Italy, torpedoes for India and radars for Romania – Breaking Defense