If President Biden, or whoever makes his critical decisions when he’s suffering from a cold, jet lag, or other disabling conditions, were to determine that America’s security was compromised and warranted the engagement of the nuclear codes, would the missiles fire and accurately hit their targets? That might sound like a facetious question, but I’ve lost faith that the U.S. government can defend America. One must be awfully naïve to believe otherwise in wake of recent events.
At this writing, America and much of the rest of the world is experiencing massive disruptions, with airlines canceling their flights, hospitals brought to a near halt, emergency operations disabled, and banking services severely curtailed. One couldn’t even buy a coffee at some Starbucks stores because their electronic payments systems weren’t working.
The supposed good news, as the public is being told, is that China, Russia, or some kid in his pajamas wasn’t responsible for the latest electronic debacle. Rather, it’s simply the incompetence of some engineers at a nerd-run company called CrowdStrike whose update to a service called Falcon for which some 29,000 companies worldwide pay billions to protect their computer systems from the very sort of havoc they experienced today.
We can all take comfort that CrowdStrike co-founder George Kurtz is “deeply sorry for the inconvenience and disruption” and we have his assurances that his whiz bang team of engineers are working with customers to ensure their systems are restored.
Kurtz’s compensation for the latest fiscal year was $47 million, more than 237 times that of the median compensation of CrowdStrike’s employees. Perhaps if CrowdStrike’s board distributed some of that wealth to the company’s employees it could attract higher caliber engineers capable of flawlessly upgrading its software.
Even before today’s debacle, I had my doubts about the U.S. government’s ability to protect America and ensure continuous operations of businesses and services. The Register, a trade publication focused on online enterprise technology, reported a week ago that a compliance team from the US Cybersecurity and Infrastructure Security Agency (CISA) last year identified a string of security failings at an unidentified federal agency that exposed the organization’s most critical assets.
What’s remarkable is that CISA penetrated the federal agency’s systems, and no one even noticed for five months.
Five months!
CISA identified a vulnerability it said was exploited by an unknown third party that didn’t require Sherlock Holmes to uncover. How? The agency found a password file left from a previous employee on an open administrative IT account, which contained plaintext usernames and passwords for several restricted service accounts, including domain administrator privileges.
A month before the CISA disclosed the breach it discovered, agency director Jen Easterly assured the Register that compliance of government organizations with a mandated requirement to fix known software weaknesses easily exploited by cyber criminals was “very high.”
CISA is responsible for safeguarding America’s business IT systems and preventing widespread outages like the ones legions of businesses and consumers are experiencing at this writing. This shouldn’t come as a surprise, CISA is an arm of the Department of Homeland Security, the folks responsible for securing America’s borders and overseeing the U.S. Secret Service.
As is typical for Biden administration appointees, Easterly’s leadership and competency have come under fire for focusing more on CISA’s public image and the agency’s gender diversity rather than staying razor focused on protecting America’s infrastructure and cybersecurity. Easterly also has promoted government censorship and controlling public information in a manner that does Orwell proud.
As if the latest incidents weren’t alarming enough, sophisticated Chinese government hackers three years ago reportedly compromised dozens of U.S. government agencies, defense contractors, financial institutions and other critical sectors.
“This looks like classic China-based espionage,” IT expert Charles Carmakal told the Washington Post. “There was theft of intellectual property, project data. We suspect there was data theft that occurred that we won’t ever know about (emphasis mine).
Earlier this month, Australia, the U.S. and six other allies warned that a Chinese state-sponsored hacking group with ties to Beijing’s intelligence services poses a threat to networks of western governments.
China is “highly skilled” hiding within an IT network,” warned Rachael Falk, chief executive of the Cyber Security Cooperative Research Centre in Australia. Chinese hackers “look like legitimate traffic or normal users and strike with precision when the time is right, stealing valuable data.”
Chinese hackers in 2021 also compromised more than 30,000 Microsoft Exchange servers in the U.S. and hundreds of thousands more worldwide, mostly small and medium-sized businesses and organizations, including local government agencies, police, hospitals, Covid response, energy, transportation, airports, and prisons.
“China just owned the world—or at least everyone with Outlook Web Access,” a cybersecurity researcher told Wired. “When was the last time someone was so bold as to just hit everyone?”
Microsoft seemingly figures into every major breach. My pea-sized tech brain struggles to understand why companies must pay countless billions to third parties for protection from Microsoft’s flawed operating systems rather than holding Microsoft responsible for its own engineering weaknesses. I’m reminded of my father’s frustration with a technologist his accounting firm relied on.
“Dave (not his real name) is brilliant when it comes to technology,” my father often railed. “But he’s got no common sense.”
Let’s not forget that when Donald Trump was president, Microsoft nearly got a lucrative $10 billion contract to provide cloud-computing services and support for the Defense Department. Trump reportedly steered the contract to Microsoft because of his disdain for Jeff Bezos, whose Amazon was also vying for the business. The Defense Department ultimately opted to divvy up the contract with multiple providers.
A cybersecurity expert told me that China already has the health records of most Americans because the IT systems of U.S. hospitals are run by rank amateurs who often don’t even know their systems have been hacked. In February, attackers gained entry into UnitedHealth Group’s Change Healthcare unit, a ransomware strike that crippled vital parts of the U.S. healthcare system.
China seemingly has the will and capability to hack the IT of the most sensitive businesses, including the media. News Corp was the target of a hack that accessed emails and documents of journalists and other employees, an incursion the company’s cybersecurity consultant said was likely meant to gather intelligence to benefit China’s interests.
The attack, disclosed in January2022, impacted the Wall Street Journal and New York Post and other News Corp publications. The hackers were able to access reporters’ emails and Google Docs, including drafts of articles. The Journal reported that China’s intrusion to its systems began two years earlier.
FBI chief Christopher A. Wray earlier this year said that hacking operations from China were now directed against the United States at “a scale greater than we’d seen before.” And at a recent congressional hearing, Mr. Wray said China’s hacking program was larger than that of “every major nation combined.”
“In fact, if you took every single one of the F.B.I.’s cyber agents and intelligence analysts and focused them exclusively on the China threat, China’s hackers would still outnumber F.B.I. cyber personnel by at least 50 to one,” he said.
Wray also warned that Chinese hackers are focusing on American infrastructure and preparing to “wreak havoc and cause real-world harm to American citizens and communities.” He said the targets could include electrical grids, water treatment plants, gas pipelines and transportation systems.
The U.S. is no doubt hacking into China’s systems, but the country’s communist government isn’t standing idly by. China’s ministry of industry and information technology (MIIT) earlier this year unveiled a plan that aims to improve data security in China’s industrial sector and effectively contain “major risks” by the end of 2026.
Protective measures, including emergency drills simulating ransomware attacks, must be applied to over 45,000 companies in China’s industrial sector by 2026 year-end, covering at least the top 10% in terms of revenue in every Chinese province. The plan also aims to complete 30,000 data security training sessions and cultivate 5,000 data security “talents” within the same timeframe. I doubt that China cares much about the gender diversity of those talents.
It’s been a week since the assassination attempt on Trump, and there are still no credible explanations on how a mysterious 20-year-old whose online footprint appears to have been effectively scrubbed knew where he could position himself on an unguarded roof and have a clear shot at Trump other than possibly sheer incompetence. That Homeland Security Chief Alejandro Mayorkas insists that he has full confidence in Secret Service Director Kimberly Cheatle before even completing a promised review of the Trump near assassination debacle hardly inspires trust or faith in his leadership.
Mayorkas has never struck me as “sharp as a tack” as the media said Joe Biden was until just recently.
Recent events, coupled with China’s security breaches so pervasive that the U.S. government doesn’t even know the extent of the information that was stolen or compromised, are why I wonder if engaging the legendary nuclear codes would trigger the launch of deadly missiles. It wouldn’t surprise me if the attempted engagement sparked a call to China’s leader Xi Jinping, who might demand the immediate surrender of the U.S. as a condition for not permanently disabling America’s entire infrastructure and bringing the country to a standstill.
Author’s Note: Most readers find this blog when I post on LinkedIn, which has censored me multiple times. If you find the blog of interest, I’d welcome if you subscribed, which would help me build readership.
I promise you won’t receive any unsolicited promotional emails or requests for payment.
I welcome constructive feedback from readers and can be reached at eric@starkmanapproved.com