Cyber Week in Review: March 3, 2023

Biden administration releases National Cybersecurity Strategy 

The Biden administration released its National Cybersecurity Strategy [PDF] on Thursday morning. The strategy lays out five pillars which seek to build and enhance collaboration on cybersecurity: defend critical infrastructure, disrupt and dismantle threat actors, shape market forces to drive security and resilience, invest in a resilient future, and forge international partnerships to pursue shared goals. Most important, the strategy calls for a “rebalance” of the responsibility to defend cyberspace away from individuals, small businesses, and local government to the “most capable and better positioned actors”, the “owners and operators of the systems that hold our data and make our society function.” In pursuit of this goal, the strategy says it will work with Congress and the private sector to develop legislation establishing liability for software producers and providers. While the Biden administration echoes many of the calls for public-private sector collaboration and intelligence sharing found in past strategies, it more forcefully calls for the disruption of adversaries’ cyber operations through diplomatic, information, military, financial, intelligence, and law enforcement capabilities.    

Chinese government issues “Digital China Construction Plan” 

In the ramp up to the “two sessions”—the National People’s Congress and Chinese People’s Political Consultative Conference—to be held this weekend, the Chinese government has released a guideline for building a “Digital China.” Much like the Made in China 2025 initiative, the Digital China plan calls for major advances in digital infrastructure, the digital economy, and breakthroughs in technological innovation by 2025. The document sets 2035 as a target for China to reach “the global forefront of digital development,” as part of a larger push towards technological self-reliance. Analysts have speculated that the government may be on the cusp of overhauling the organization of its core policies around science and technology, although the scale of the anticipated reorganization is unclear.  

Ransomware attack hits U.S. Marshals Service 

The U.S. Marshals Service (USMS) suffered a ransomware attack that compromised sensitive information, senior U.S. law enforcement officials said on Monday. The incident was discovered on Feb. 17, and the hackers planted ransomware on a stand-alone USMS system and stole data. The agency has since disconnected the affected system from the network, and the Justice Department has begun an investigation. Information exposed in the breach includes “returns from legal process, administrative information, and personally identifiable information pertaining to subjects of USMS investigations, third parties, and certain USMS employees," according to Drew Wade, Marshals Service spokesperson. A CNBC source maintains that the breach did not affect the Witness Protection Program’s database. The breach comes two weeks after the FBI began investigating a security incident on its own network.  

“Fab 4” chip alliance holds first meeting of senior officials  

The "Fab 4" semiconductor alliance of Taiwan, the United States, Japan, and South Korea held its first video meeting of senior officials last week. Discussion focused on semiconductor supply chain resilience and the possibility of future cooperation among all parties, according to Taiwan's Foreign Ministry. The United States first convened the working group last September to address the need to strengthen the semiconductor supply chain, following a global chip crunch caused by the COVID-19 pandemic. Washington has been attempting to shore up its semiconductor alliances, and last month gained critical support from Tokyo and The Hague on tighter export controls for advanced chip manufacturing equipment, but South Korean chip manufacturers recently expressed concerns that participation in CHIPS Act subsidies will prevent them from expanding production in China.  

Australia to establish new cyber laws following Optus, Medibank hacks  

Following the massive data breaches of Optus and Medibank last year, which resulted in the exposure of the highly personal data of over 40 percent of Australia’s population, the government will establish a national cyber office tasked with rewriting its cyber laws. The government has criticized the implementation of the AUS$ 1.7 billion cybersecurity plan enacted in 2020 under Prime Minister Scott Morrison, with Home Affairs Minister Clare O’Neil calling the law “bloody useless” in the case of the Optus and Medibank breaches. The national cyber office will be headed by a new coordinator for cyber security who will lead development of an emergency response plan and act as a central figure in responding to and managing the aftermath of cyberattacks and data breaches. The government hopes to appoint a cyber coordinator within the next month. The government also released a discussion paper on its cybersecurity strategy, and called for feedback from outside experts and industry groups.