The Washington PostDemocracy Dies in Darkness
The Cybersecurity 202
The Cybersecurity 202

A newsletter briefing on cybersecurity news and policy.

The White House wants 11 percent more cybersecurity funding

Analysis by
March 29, 2022 at 7:53 a.m. EDT
The Cybersecurity 202

A newsletter briefing on cybersecurity news and policy.

Good morning. A humble reminder: please send me your cybersecurity jokes for our April Fool's edition!

Below: A major Ukrainian telecom company was hit in an apparent cyberattack, and the Biden administration considers sanctioning the Trickbot hacking gang.

Biden requests billions in funding for federal cybersecurity

President Biden is asking Congress to boost cybersecurity across the federal government to record levels as his administration attempts to follow-through on promises to modernize U.S. cyberdefenses.

The topline: Biden’s $5.8 trillion budget plan seeks $10.9 billion in cybersecurity funding across civilian government agencies, according to the administration. That’s an 11 percent increase from his request last year. 

The request symbolizes the Biden administration’s appetite for resourcing cybersecurity at a time when the United States faces a host of cyberthreats like ransomware and potential Russian cyberattacks amid the war in Ukraine.

Some highlights:

  • Biden is proposing legislation to set up a 10-year, $10 billion grant program run out of the Election Assistance Commission, an independent government body that approves voting machine upgrades and does other election-related work. The grants would “enable crucial election-related capital investments,” according to a budget document. The budget also seeks $250 million for “election innovation grants” that state and local governments would compete to acquire.
  • The Cybersecurity and Infrastructure Security Agency (CISA) would get $2.5 billion in funding, a 19 percent increase over Biden’s request last year. But that’s slightly less than the nearly $2.6 billion Congress ended up approving for CISA.
  • The budget also asks Congress to set aside $682 million for Ukraine “to counter Russian malign influence and to meet emerging needs related to security, energy, cybersecurity issues, disinformation, macroeconomic stabilization, and civil society resilience.”
  • Biden also announced that he’s “calling for one of the largest investments in our national security in history” amid Russia’s war in Ukraine, with a requested defense spending increase of around 4 percent compared with last year’s request, Politico reports.

The wishlist also has smaller but still meaningful cyber proposals, like $22 million in funding for National Cyber Director Chris Inglis’s office, a boost in funding for the FBI’s cyber investigations teams and $300 million for the Technology Modernization Fund, which helps federal agencies get new IT infrastructure.

  • “This is a kind of a preliminary picture, but I think it … sends a very strong signal that cybersecurity continues to be a priority for this administration, and it’s something that they’re willing to back up their executive orders and their policy documents with funding in the budget,” Cyber Threat Alliance CEO Michael Daniel, the White House cyber czar during the Obama administration, told me. “And that’s good to see, that level of consistency.”

Lawmakers on Capitol Hill broadly praised the funding, but some said more is needed:

  • Senate Homeland Security Committee Chairman Gary Peters (D-Mich.): He “supports providing appropriate funding for CISA to ensure it can conduct its mission — particularly as cybersecurity threats from the Russian government continue to grow,” an aide said.
  • House Homeland Security Committee’s top Democrats: House Homeland Security Committee Chairman Bennie G. Thompson (Miss.) and Rep. Yvette D. Clarke (N.Y.), praised the proposal, saying they are “committed to working with our colleagues on the Appropriations Committee to build out CISA’s mission support capabilities so it has the capacity to implement the new authorities Congress has provided it.”
  • Rep. Jim Langevin (D-R.I.), a commissioner on the Cyberspace Solarium Commission: He praised the budget and its proposal to fund CISA but said he was “deeply concerned” that the budget didn’t include funding for the new State Department Bureau of Cyberspace and Digital Policy. Langevin said he would “fight to ensure that the State Department has the necessary resources to implement this new Bureau.”
  • Rep. John Katko (N.Y.), the House Homeland Security Committee’s top Republican: “This budget request would have been commendable a year ago, but the current cyber threat landscape has changed drastically and requires significantly more,” Katko said in a statement, calling the request a “setback.” He added that “we have more to do to set CISA on the path to become a $5 billion agency within the next five years,” something he has long called for.

The keys

A major Ukrainian telecom company was hit in a ‘massive cyberattack’

The apparent cyberattack on Ukrainian Internet and phone service provider Ukrtelecom caused one of the most widespread Internet outages in Ukraine since Russia’s invasion last month, the Record’s Andrea Peterson reports. Ukrainian authorities hinted that Russia was behind the cyberattack and said Ukrtelecom was working to get back online.

Despite the disruption of service at Ukrtelecom and a cyberattack on satellite Internet provider Viasat at the beginning of the war, hacks aimed at Ukrainian telecommunications infrastructure have been smaller and less destructive than many experts expected, Gerrit De Vynck, Rachel Lerman and Cat Zakrzewski report. Networks have remained resilient with the help of engineers and backup plans.

The U.S. government is considering sanctions on the Trickbot gang

Sanctions on the group would make it illegal for U.S. organizations to pay it ransoms, the Wall Street Journal’s Robert McMillan, Kevin Poulsen and Dustin Volz report. The hackers and their affiliates have made hundreds of millions of dollars by targeting hospitals, schools and governments across the United States since 2018.

A self-identified Ukrainian researcher said they breached the group’s servers and posted the data online last month. “More than 200,000 messages exchanged by 450 Trickbot managers, staff and business partners since June 2020 reveal a well-organized criminal syndicate with possible connections to Russian intelligence agencies,” they write. “They show an organizational resilience that allowed the group to rapidly recover from counterattacks by international law-enforcement coalitions, and grand ambitions to diversify and develop a cryptocurrency.”

Huawei's chief financial officer reappeared as company said it is evaluating Russia sanctions

Huawei, the world's largest telecommunications equipment vendor by sales, says it's still evaluating its response to Western sanctions on Russia, Eva Dou reports. The presentation of the Chinese tech giant's financial report marked Huawei executive Meng Wanzhou's first public appearance since she was released from Canada in September. 

“Meng’s detention in Canada at the request of U.S. officials in December 2018 sparked a hostage standoff in which China detained two Canadian nationals, Michael Kovrig and Michael Spavor, and charged them with espionage,” Eva writes. “Meng was indicted in the United States on fraud charges related to her representation of Huawei’s relationship with an affiliate company operating in Iran, and she pleaded not guilty.”

The war in Ukraine has brought more uncertainty to Huawei. “Huawei said Monday its revenue fell 28.6 percent in 2021 from the previous year, as it sold off its Honor smartphone business because of the lack of chip supply under U.S. sanctions,” Eva writes. “But the company said its profit jumped 75.9 percent thanks to the sale of part of its business and other factors, including ‘optimization of our product mix.’ ”

The U.S. government has argued that Huawei poses a national security risk and could be used by China’s government to spy on Americans. The company disputes the claims.

Global cyberspace

Hacked WordPress sites force visitors to DDoS Ukrainian targets (Bleeping Computer)

Ukraine dismantles 5 disinformation bot farms, seizes 10,000 SIM cards (Bleeping Computer)

Cyber insecurity

Leaked details of the Lapsus$ hack make Okta’s slow response look more bizarre (Wired)

Microsoft Azure Defender for IoT vulnerabilities could lead to ‘full network compromise’ (VentureBeat)

Industry report

Spyware vendor FinFisher claims insolvency amid investigation (Bloomberg)

Microsoft security chief issues call to arms to protect metaverse (Bloomberg)

Daybook

  • The House Judiciary Committee holds a hearing on oversight of the FBI’s Cyber Division today at 10 a.m.
  • CISA Director Jen Easterly receives the Admiral Grace Hopper Award at a National Defense University event today at 10 a.m.
  • The German Marshall Fund of the United States hosts an event on information manipulation in France’s upcoming presidential election today at 10 a.m.
  • The House Homeland Security Committee holds a hearing on securing critical sectors from Russian cyberattacks on Wednesday at 10 a.m.
  • National Cyber Director Chris Inglis, Rep. Jim Langevin (D-R.I.) and Mark Montgomery, who was executive director of the Cyberspace Solarium Commission, speak at a U.S. Chamber of Commerce event on Wednesday at 12:30 p.m.
  • CISA’s cybersecurity advisory committee meets on Thursday at 2 p.m.
  • The Center for Strategic and International Studies hosts an event on the cybersecurity implications of U.S.-China technology decoupling on Thursday at 2 p.m.
  • Homeland Security Secretary Alejandro Mayorkas and Dilan Yeşilgöz-Zegerius, the Netherlands’s Minister of Justice and Security, speak at an Atlantic Council event on securing marine transportation systems on Friday at 10:30 a.m.

Secure log off

Thanks for reading. See you tomorrow.