The Biden administration bungles cyber-defense
It is no secret that the Biden administration has a serious cyber-security problem. In fact, American vulnerability under the new president has ushered in a period of unprecedented cyber-activity against the U.S., and new attacks have wrought havoc against all sectors of the economy and critical infrastructure.
Headlines from the beginning of the year through deep into the summer have been dominated by attacks against entities including Apple, Colonial Pipeline, beef supplier JBS, and Kaseya, and these hacks all have happened in the aftermath of the wide-ranging SolarWinds attack, which affected tens of thousands of public and private organizations.
In response, the various agencies operating under the Biden administration have rolled out, on what seems to be a monthly basis, initiative after initiative all in an effort to stay ahead of the next major attack. Some of these initiatives include the Department of Homeland Security (DHS)'s "Reduce the Risk of Ransomware Campaign" and a Federal Emergency Management Agency (FEMA) program that is providing grants to state and local government agencies to spend toward improving cyber-security.
Grant spending is actually one of the lesser discussed aspects of the new Senate-approved $1.2-trillion infrastructure bill, as the bill includes a whopping $1 billion in additional spending for the FEMA grant program. If the bill is eventually signed into law as it is currently written, there would be $200 million in new grant spending available in 2022, $400 million for 2023, $300 million for 2024, and $100 million for 2025. The actual beneficiaries of the grant program will be chosen by officials at the Cybersecurity and Infrastructure Security Agency (CISA), a sub-division within DHS.
And CISA, the agency that is perhaps the most directly responsible for overseeing the security of America's critical infrastructure, just recently announced a new Joint Cyberdefense Collaborative at the Black Hat cyber-security conference on August 5. In remarks made by newly minted CISA director Jen Easterly, she described the new initiative as an effort to harness the expertise of the public sector — namely, the companies that many refer to as the "Big Tech" giants that dominate the Silicon Valley scene. With their help, CISA hopes to better defend America against cyber-attacks against critical infrastructure and other valuable targets.
Easterly, who was confirmed to her post in July months after being nominated, takes over as the first non-interim appointee to the post since Chris Krebs was fired by former President Trump in late 2020 after making controversial statements with regard to the security of the 2020 presidential election.
Although the main companies being enlisted into this effort, Amazon, Google, and Microsoft, are easy to criticize by many on the right for their liberal bias and pronounced efforts over the past few years at encouraging online censorship, particularly Google, they are among the most advanced companies in the cyber-security space.
Microsoft, for one, which is the company responsible for perhaps the most commonly used anti-virus suite in the world, Microsoft Defender Antivirus (formally Windows Defender), has also created the Microsoft Detection and Response Team (DART). DART works with several outside security organizations around the world and provides investigative services to both public and private entities, including those in the financial sector.
Additionally, Amazon Web Services (AWS) and Google Cloud Services also provide a security net to their millions of customers globally against the inescapable online threats that proliferate daily.
The experience and know-how of these companies is the exact kind of expertise needed to improve CISA's current strategy, especially as the U.S. continues to play catch-up in the cyber-sphere.
With the rise of international state-sponsored Advanced Persistent Threats (APTs) and Ransomware, as well as the growing global cyber-war happening internationally, it seems that Easterly's initial vision for CISA's new direction is appropriate, albeit occurring later than it should have been for the agency.
Julio Rivera is a business and political strategist, the editorial director for Reactionary Times, and a political commentator and columnist. His writing, which is focused on cyber-security and politics, has been published by websites including Newsmax, Townhall, American Thinker and BizPacReview.
To comment, you can find the MeWe post for this article here.