WASHINGTON (AP) – The Biden administration is not going to tighten government control over the US Internet, even as state-sponsored foreign hackers and cybercriminals use it more and more to avoid detection, a senior administration official said on Friday.
The official said the administration was not currently seeking additional powers to oversee networks operating in the United States, given the privacy and civil liberties that might arise. Instead, the administration will focus on closer partnerships and improving information sharing with private-sector companies that already have widespread visibility on the Internet, the official told reporters, speaking on condition of anonymity.
The comment was a confirmation of a noisy political debate over the control of the internal government. Almost eight years after the scandalous documents leaked to the scandal by former National Security Agency contractor Edward Snowden, the recognition of the challenges of balancing the growing imperative of cyber defense. which come with enhanced monitoring.
Foreign government hackers are increasingly using virtual private networks or VPNs in the United States to avoid detection by US intelligence agencies that are legally constrained by controlling internal infrastructure.
For example, in the crucial second phase of the SolarWinds hacking campaign, for example, Russian intelligence agents used US-based VPNs to remove data through the backbone of victims’ networks, creating an account that looked like they were in the United States.
The hack, discovered in December, damaged at least nine federal agencies and revealed “significant gaps in modernization and cyber security technology throughout the federal government,” the official said. Dozens of private sector companies were also affected, mostly in the telecommunications and software sectors.
The United States is also referring to a separate, much more widespread, indiscriminate hacker attack blamed by cybercriminals on China, which became a global crisis last week.
It has invaded tens of thousands of servers running Microsoft Exchange e-mail. Although Microsoft prepared the vulnerability, the owners of the affected servers had only a “short window” to fix the vulnerable servers, the official said. The administration says criminal, state-sponsored hackers who want to exploit the underlying flaw could wreak havoc.
The official said President Biden had been informed of the incident and that private-sector cybersecurity spending had been brought in to consult with White House officials.
When it came to new oversight or the pursuit of oversight bodies, he described the administration’s stance as “not yet, not now.” The official said that the administration is currently committed to improving the flow of information with cloud companies, private companies that have good visibility to US networks but are not bound by the same government restrictions.
The cyber security community’s predictions proved to be correct, however, as risky software attacks damaging compromised servers would be inevitable given the extent of the breach.
Microsoft says it has discovered a new ransomware family called DearCry, exploiting compromises. Brett Callowe, an Ransomware expert at Emsisoft Cybersecurity, says ID Ransomware has so far received six malware applications from victims in the United States, Australia, Austria, Canada and Denmark.
Microsoft said in a tweet that it was blocking the ransom program, but Kallo said “it will not be necessary to stop the attacks.” Antivirus products detect and block many popular ransomware, but hackers often turn them off before installing those products, he said.
The aftermath of the global rescue, first and foremost the work of Russian-speaking North Korean cybercriminals, has cost businesses, local governments, health care providers, and even K-12 school districts over the past few years.
Bajak reports from Boston.