Critical Infrastructure Security , Cyberwarfare / Nation-State Attacks , Fraud Management & Cybercrime

CISA Exec: ‘We’ve Been Lucky in the Cyber Realm’ With Israel

CISA's Brandon Wales Warns of Disruptive Chinese Attacks on Critical Infrastructure
CISA Exec: ‘We’ve Been Lucky in the Cyber Realm’ With Israel
Brandon Wales, executive director, Cybersecurity and Infrastructure Security Agency

A top U.S. cybersecurity official said Israel has avoided significant cyberattacks since Hamas' invasion Saturday but said that wouldn't necessarily be America's experience should armed conflict break out between the United States and China.

See Also: Freeing Public Security and Networking Talent to do more with Automation

U.S. Cybersecurity and Infrastructure Security Agency Executive Director Brandon Wales said U.S. and Israeli officials have to date seen nothing more than low-level denial of service attacks and web defacements - attacks fairly common from less sophisticated actors but not elite nation-state hackers.

Wales, who spoke Thursday during an online event, said CISA is in close contact with Israel's National Cyber Directorate to ensure all information and insights are being shared (see: How the Cybersecurity Industry Is Aiding Israel's War Effort).

"The attacks obviously were horrific," Wales said. "But we have been lucky in the cyber realm. There have not been significant cyberattacks as of right now." The official social media account of Israel's National Cyber Directorate shared the same assessment in an Oct. 7 tweet.

Despite Iran's history of activity in cyberspace and previous attempts to meddle or interfere in U.S. elections, Iran has not stepped up cyber activity in the Middle East, Wales said.

"We are constantly on the lookout for what could be more significant," Wales said. "We are lucky that Israel has a very sophisticated cybersecurity operation both in their government and in their private sector. We have a lot of confidence in their capabilities. But this is going to be extremely challenging time for Israel."

Containing the Chinese Critical Infrastructure Threat

Wales said China's cyber activity over the past decade shifted from being focused primarily on economic and political espionage to becoming something that presents a real strategic challenge. In the event of an outbreak of conflict with Beijing, Wales said China would target U.S. critical infrastructure for disruptive operations to affect decision-making, induce societal panic and harm efforts by the U.S. to project power into Asia.

"If we want to enjoy the freedom of action on the geopolitical stage and we want the ability to ensure that we can defend our friends and allies around the world, we cannot let hostile nations like China into our critical infrastructure and hold it at risk," Wales said.

The U.S. is gaining a better understanding of the motives behind Chinese cyber activity over the past decade, making it apparent that the critical infrastructure compromises occurred not for espionage purposes but rather to pre-position malware, Wales said. Some of the systems targeted by China such as control systems at oil and gas facilities have no intelligence value, Wales said (see: Utility Experts Highlight Chinese Threat to US Electric Grid).

"They would likely do this in the event of or on the eve of conflict," Wales said. "There are very narrow periods when they would actually execute such an attack. But the consequences of them conducting such an operation are so significant that it does require the utmost urgency and attention to address it."

Given that the U.S. is unable to stop or fully defend against every potential Chinese exploit, Wales said the nation needs resilience permitting it to continue operating even in the face of an aggressive actor. Wales said he's spoken with every state's emergency management officers about preparing for disruptions.

"Our infrastructure needs to have operational resilience so that even in the face of degradation, even if their systems are under attack, they can continue to deliver the vital function," Wales said. "The water should continue to flow even if there is a loss of the operational control technology that they utilize."

As far as artificial intelligence is concerned, Wales said CISA is working with companies to ensure security is built in. Wales has worked with industry to ensure the AI technology that comes out is both secure by design, secure by default and secure in deployment.

"Where we start will have a tremendous influence globally on how these systems look and the security that's baked in," Wales said. "We want to work with these companies so that we can extract as much benefit as possible and use these systems to protect against enhanced threats from China or other threat actors."


About the Author

Michael Novinson

Michael Novinson

Managing Editor, Business, ISMG

Novinson is responsible for covering the vendor and technology landscape. Prior to joining ISMG, he spent four and a half years covering all the major cybersecurity vendors at CRN, with a focus on their programs and offerings for IT service providers. He was recognized for his breaking news coverage of the August 2019 coordinated ransomware attack against local governments in Texas as well as for his continued reporting around the SolarWinds hack in late 2020 and early 2021.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.