At a glance.
- What CISOs need to know about post-quantum encryption standards.
- US signs cyber collaboration agreements with Israel and Saudi Arabia.
- FBI investigation reveals possible threat from Huawei to US nuclear systems.
What CISOs need to know about post-quantum encryption standards.
The US National Institute of Standards and Technology (NIST) has been working since 2016 on creating a list of cryptographic algorithms that could stand up to the threats of quantum computing, and earlier this month they released their findings. It will take up to two years for the long-awaited algorithms to be standardized in Federal Information Processing Standards publications, and Nextgov says federal CISOs would be wise to use that time to better understand these algorithms in order to adhere to the White House’s mandates regarding migration to quantum-resistant cryptography. NIST’s chief of the Computer Security Division, Matt Scholl advises, “…don’t wait for the standard to be done. Start inventorying your most important information. Ask yourself what is that data that an adversary is going to want to break into first.” CISOs are urged to determine where quantum-vulnerable algorithms are currently being used in order to prioritize migration. Other recommendations include testing the algorithms now to see how they impact current systems, and speaking with vendors about their plans for adopting quantum-resistant cryptography.
US signs cyber collaboration agreements with Israel and Saudi Arabia.
During a trip to the Middle East last week, US President Joe Biden spoke with Israeli and Saudi Arabian leaders about improving cyber cooperation with the US. President Biden signed bilateral agreements with Saudi Arabia to strengthen their partnership and commitment to sharing cybersecurity intel, and Israel and the US pledged to deepen their collaboration in fighting cybercrime. Experts say the moves are an effort to increase the US’s defenses against the increasing threat of aggression from shared enemy Iran. Jason Blessing, a research fellow at the American Enterprise Institute, stated, “In both cases, we have to acknowledge that Iran is the primary driver of a lot of what happened during Biden’s trip, and this extends to cyber space as well…I would say the number one geostrategic priority [for the U.S.] is getting both countries on the same page when it comes to Iran.” The Hill recounts Iran’s history of cyberaggression over the past few years, including last summer’s attempted attack on Boston Children’s Hospital.
FBI investigation reveals possible threat from Huawei to US nuclear systems.
The US government’s concerns about use of equipment made by Chinese tech manufacturer Huawei on American soil are well known, but the latest news has officials worried Huawei could be collecting sensitive military intel regarding the readiness of US forces. CNN reports that the Federal Bureau of Investigation is looking into concerns that Huawei equipment on cell towers near US military bases in the rural Midwest could be collecting data from military bases and missile silos and transmitting it back to the company. According to several anonymous sources, including current and former national security officials, the Commerce Department opened the previously unreported investigation shortly after President Biden’s inauguration last year, Reuters reports. It’s unclear whether the probe revealed that any data was actually sent to Beijing from these towers, though sources say Huawei’s equipment is capable of intercepting and transmitting the data. One former FBI official stated, “This gets into some of the most sensitive things we do. It would impact our ability for essentially command and control with the nuclear triad.” The Print notes that this is just the latest in a wave of global concerns regarding the potential security threats linked to Huawei.
However, the Global Times reports Huawei has denied their equipment has the capacity to disrupt US military transmissions, and Chinese experts are calling the allegation an “ignorant assumption.” Chinese military expert Song Zhongping explains that if Huawei were to install any interception tools, local operators would easily detect them, especially given that America’s military communication system has strong anti-interference capacity. Xiang Ligang, director-general of the Beijing-based Information Consumption Alliance, added, “If the assumption stands, it means all similar equipment would have the same capacity. So can we say that iPhones, Microsoft systems and Intel chips used in China are all sending data they collect in China back to the US government?”