What Are the NSA's Top Security Concerns?
Cybersecurity is important to business and industry, but it’s even more critical to our government, according to Rob Joyce, Director of the NSA’s cybersecurity wing, who gave RSA Conference attendees a rundown of the top threats and trends the agency has identified in the last year.
Joyce began with what he says is "usually at the top of everybody’s mind when we start to talk about threats"—Ukraine and Russia.
He offered some sobering statistics. In 2022, there were more than 2,000 cyberattacks from Russia, more than 300 of those against defense and security sectors, more than 400 against infrastructure such as energy and finance, and more then 500 against non-defense government entities. “That’s more than 10 cyberattacks a day going against a broad swathe of infrastructure,” noted Joyce. “In 2023, Ukraine is reporting more and more integrated cyber and kinetic attacks.”
Joyce laid out three main aims of these cyberattacks. First, intelligence collection helps with prosecuting the kinetic shooting war. Second, disruptive attacks can break down civil society. Third, there’s hactivist activity on both sides.
“Who’s in the fight? The GRU, the military intelligence agency of Russia, really is from the start of the war the predominant actor,” said Joyce. He noted that Ukraine has long been a target, citing (among other attacks) the NotPetya campaign of 2017 and Whispergate in 2022, which defaced Ukrainian sites on the eve of the war with the message, “Be afraid and expect the worst.”
Joyce noted that the SVR, Russia’s external intelligence agency, is "responsible for collecting intelligence and launching covert ops," he said. "We didn’t realize they had a hacking organization.” The third actor is the FSB, or the internal
Read more on pcmag.com
