Prior to the weekend’s new developments regarding the possible implosion in Russia amid the Ukraine War, the media cycle had been dominated by developments regarding the classified docs indictment of former President Trump and Joe Biden’s son, Hunter’s, plea deal with federal prosecutors over tax evasion and falsifying information in the process of purchasing a handgun.
As a result of most media outlets giving the majority of the top headlines to these stories, some very important news regarding the overall security of the United States has flown largely under the radar.
Security seems to be far from the top priority for the Biden Administration, as evidenced by the disaster at the southern border, where according to a document titled “Biden’s border crisis is the worst in American History,” prepared by the Senate Republican Conference, “In Fiscal Year 2021 alone, U.S. Customs and Border Protection experienced 1.7 million encounters with aliens at the southern border, the highest number ever recorded in a single year.”
A majority of Americans that reside outside of border states are well aware of this issue however, as according to a May 2023 Reuters/Ipsos poll, only 26 percent say they approve of Biden’s immigration policy.
That’s probably because the media has been concentrating on the physical border crisis, and not the issues plaguing our digital borders, which have reached zero hour. The average citizen is not aware that there are literally 560,000 thousand new pieces of malware created daily. This includes viruses, trojans, keyloggers, and crypto miners, which are all programmed to steal data, currency, execute spying operations, or disrupt critical infrastructure.
Biden has largely failed in the first half of 2023 to address these matters, as new reports indicate that several U.S. government agencies and several hundred private and public sector entities were recently victimized as part of new Russian-based hacks.
The attacks were enabled due to recently discovered vulnerabilities in MOVEit software. According to executive assistant director for cybersecurity for the Cybersecurity and Infrastructure Security Agency (CISA), Eric Goldstein, CISA “is providing support to several federal agencies that have experienced intrusions affecting their MOVEit applications,” while adding, “we (CISA) are working urgently to understand impacts and ensure timely remediation.”
The Department of Energy was among the victims of these new attacks. According to a spokesperson with the agency, “The Department [of Energy] has notified Congress and is working with law enforcement, CISA, and the affected entities to investigate the incident and mitigate impacts from the breach.”
The Russian cyber gang known as CLOP claimed responsibility for the attacks. The hackers gave victims a deadline of about 10 days ago to contact them regarding making ransom payments. They then listed some of their alleged victims on their dark web extortion site. Among the alleged victims are Oak Ridge Associated Universities, Georgia’s state university system, British Airways, Shell Oil Company, and state governments in Minnesota and Illinois.
The software maker behind MOVEit applications, Progress Software, has also discovered a second vulnerability in their code which they’re actively working to fix. “We have communicated with customers on the steps they need to take to further secure their environments and we have also taken MOVEit Cloud offline as we urgently work to patch the issue,” the company said in a statement.
Much like the situation with the SolarWinds hack, it will most likely be months or maybe even years before we know the full extent of this current wave of Russian hacks, but this is just the latest example of the Biden Administration’s failure to rise to the evolving challenges regarding America’s cyber defenses.
Earlier this year, America was victimized by espionage operations carried out by a Vietnamese hacking group, a North Korean hacking group that targeted American cybersecurity research firms, as well as Chinese state-sponsored hackers that attacked “critical” cyber infrastructure in several industries, including government organizations.
The United States has to lead the world on the cyber issue. Especially as ransomware groups and hackers seem to attack any entity or individual they can. Big Tech must do its part as well, especially as this year has seen a sharp rise in “Malvertising” via advertising giant Google Ads. One thing the average citizen should do to stay safe online is to exercise simple security measures like using an ad-blocker to avoid malware-laced advertising.
Internationally, ongoing cyber-warfare necessitates an increase in cooperation. One promising recent development is the Abraham Accords Cybersecurity Cooperation Act. Born out of Donald Trump’s groundbreaking diplomatic achievement, the bill is a major step towards enhanced international communication to mitigate damage from large-scale cyber-attacks.
Our cyber-defenses are yet another matter where the Biden Administration has failed. Luckily for us, for now, America is merely bent and not completely broken in the cybersphere. Whether we can hold the fort through what is expected to be a volatile next year and a half of a Joe Biden presidency remains to be seen.