The United States has spent months accusing Russia and other nations of failing to address criminal cyber actors operating in their jurisdictions, and launching state-sanctioned campaigns of cyber malevolence. At the same time, Washington has said little on reports of an Israeli tech firm’s sale of military-grade spyware to state clients.
The US Cybersecurity and Infrastructure Security Agency – the primary federal agency tasked with guarding America against critical cyber infrastructure threats – has tapped major tech giants to help it do so.
In a statement on Thursday, CISA announced the creation of the Joint Cyber Defence Collaborative initiative, describing it as “a new agency effort to lead the development of cyber defence operations plans, and to execute those plans in coordination with partners from the federal interagency, private sector, and state, local, tribal, territorial government stakeholders to drive down risks” of cyberattacks.
Commenting on the new initiative, CISA Director Jen Easterly said the project “presents an exciting and important opportunity” to create “a unique planning capability to be proactive vice reactive in our collective approach to dealing with the most serious cyber threats to our nation.”
Easterly suggested that CISA’s Big Tech partners “share” the agency’s “commitment to defending our country’s national critical functions from cyber intrusions,” as well as the agency’s “imagination to spark new solutions.”
CISA says it expects additional private sector allies to join the programme, and specifies that its government agency partners include the Pentagon, US Cyber Command, the NSA, FBI, Department of Justice, and the Office of the Director of National Intelligence.
Puzzle Pieces Start to Fit
The CISA announcement on Thursday comes after months of allegations by the Biden administration and tech companies, including Microsoft and FireEye, that malign actors based in Russia, China, Iran, and other countries have been waging a private and/or state-sanctioned campaign of cyberattacks on US government agencies and companies.
Russian officials have spent years dismissing allegations of a state cyberwar campaign against the US, and have criticised repeated US actions to turn down Russian proposals for cooperation against cybercrime. The US side has failed to provide evidence of Russia’s alleged malevolent activities, apart from signs of Russian-language text being found in some of the malicious code. However, last year, former NSA cryptographer-turned whistleblower Bill Binny explained to Sputnik that US intelligence agencies have access to a software package known as the “Marble Framework,” which enables agents to “spoof” attacks, making them seem like they’re coming from one country (Russia, China, Iran, North Korea, or the Arab world) while they’re actually being carried out by US government agents. Some experts fear that the existence of software like the Marble Framework may make potential attribution of cyberattacks difficult if not impossible.
At the same time that it has accused Russia and others of malevolence in cyberspace, the Biden administration has been largely silent on the Pegasus spyware scandal – which centres around the sale of powerful Israeli spyware to governments around the world and has enabled the zero-click penetration of the phones of tens of thousands of journalists, politicians, and other public figures. Last month, an in-depth investigation by Israel’s Haaretz newspaper revealed that the Israeli government not only allowed Pegasus’ maker to sell its products abroad, but actively pushed or even pressured it to do so. Israel’s defence ministry insists that it does not have access to information collected by Pegasus’ foreign clients.