Cybersecurity and Cyberwarfare

The Secure 5G and Beyond Act of 2019 (S. 893) would require the President, acting through the National Telecommunications and Information Administration (NTIA) and other federal agencies, to develop and submit to the Congress a strategy to ensure the security of 5G and future generations wireless communications systems and infrastructure owned by the US and its allies. Among various other requirements, the NTIA would have to assess potential security threats to American 5G systems and infrastructure and analyze how competitive American 5G manufacturers and suppliers are globally.

5G will be a physical overhaul of our essential networks that will have decades-long impact. Because 5G is the conversion to a mostly all-software network, future upgrades will be software updates much like the current upgrades to your smartphone. Because of the cyber vulnerabilities of software, the tougher part of the real 5G “race” is to retool how we secure the most important network of the 21st century and the ecosystem of devices and applications that sprout from that network.

Democratic officials moved to block plans to allow caucusgoers to vote by phone in Iowa and Nevada in 2020 because of concerns the technology could be hacked. An advisory from Tom Perez, the chair of the Democratic National Committee, and the co-chairs of the Rules and Bylaws Committee recommended against the virtual caucus or tele-caucus in the two early-voting states. Internal security and technology analysts, working with a panel of outside experts, found that there was no teleconference system that met security standards, apparently. 

President Donald Trump’s former chief strategist Steve Bannon has produced a new film called “Claws of the Red Dragon” attacking Huawei, the Chinese telecommunications company President Trump has forbidden US companies from doing business with over concerns about its ties to the Chinese government. Bannon’s goal is to steel Trump’s resolve to confront China — a resolve that seemed to weaken when markets plunged in early Aug and the administration granted Huawei a 90-day reprieve.

The Bureau of Industry and Security (BIS) of the US Department of Commerce identified 46 additional Huawei affiliates that require inclusion on the Entity List, as part of a routine review of all Entity Listings. Since May, the Dept has added over one hundred persons or organizations to the Entity List in connection to Huawei. The new restrictions on these affiliates are effective Aug 19th.

Senator Ron Wyden (D-OR) sent a letter to major US telecommunications companies AT&T, T-Mobile, Sprint, and Verizon urging them to lower the amount of sensitive data they store on customers. Those large pools of data present a significant hacking risk, Sen Wyden argued. "Your companies collectively hold deeply-sensitive information about hundreds of millions of Americans. It should come as no surprise that this data is a juicy target for foreign spies," he said.

We are at an impasse. Legislative and corporate policies are designed to solve a specific problem for a particular stakeholder at a set time and place. In contrast, the online hate ecosystem is volatile, unpredictable, constantly changing, and deliberately confusing.

Attorney General William Barr delivered a blistering critique of encrypted messaging programs, saying they are preventing law enforcement from stopping killings, drug dealing and terrorism, and warned that time may be running out for the tech industry to make changes on its own.

By this Public Notice, the Federal Communications Commission announces the topics and chairs of the six working groups that will assist the Communications Security, Reliability, and Interoperability Council (CSRIC) VII.