With the news cycle dominated by the latest developments regarding the classified documents indictment of former President Donald Trump and President Joe Biden’s son, Hunter, reaching a plea deal with federal prosecutors over his failure to pay roughly $1 million in taxes and falsifying information in the process of purchasing a handgun, some very important news regarding the overall security of America has consistently flown under the radar so far this year.
Security has seemingly been far from top of mind for the administration, as evidenced by the utter disregard for the security of the southern border, where according to a document titled “Biden’s border crisis is the worst in American History,” prepared by the Senate Republican Conference, “In Fiscal Year 2021 alone, U.S. Customs and Border Protection experienced 1.7 million encounters with aliens at the southern border, the highest number ever recorded in a single year.”
Most Americans living outside of border states are well aware of this issue however, as according to a May 2023 Reuters/Ipsos poll, only 26% said they approved of Biden’s handling of immigration.
That’s mainly because the news is consistently reporting on the physical border crisis, unlike the issues facing our digital borders, which has reached zero hour. Unfortunately, the average citizen is blissfully ignorant to the fact that there are literally 560,000 thousand new pieces of malware are created daily. This includes viruses, adware, Trojans, keyloggers, and crypto miners, which are all developed to steal data, currency, conduct spying operations, or disrupt critical infrastructure.
The Biden administration has largely failed in the first half of 2023 in properly addressing these threats, as recent reports indicate that multiple US government departments and several hundred private and public entities have recently be victimized as part of a slew of new Russian-based hacks.
The attacks were enabled in part, due to vulnerabilities in MOVEit software. According to the executive assistant director for cybersecurity for the Cybersecurity and Infrastructure Security Agency (CISA), Eric Goldstein, CISA “is providing support to several federal agencies that have experienced intrusions affecting their MOVEit applications,” while noting, “we (CISA) are working urgently to understand impacts and ensure timely remediation.”
The Department of Energy was among the more high-profile victims of the attacks. According to a spokesperson for the agency, “The Department (of Energy) has notified Congress and is working with law enforcement, CISA, and the affected entities to investigate the incident and mitigate impacts from the breach.”
The Russian ransomware gang known as CLOP has claimed responsibility for the attacks. The hackers gave their victims until last Wednesday to contact them regarding ransom payments. They then began listing alleged victims on their dark web site. Among the alleged victims are Oak Ridge Associated Universities, Georgia’s state-wide university system, British Airways, the Shell Oil Company, and State governments in Minnesota and Illinois.
The software maker behind the exploited MOVEit applications, Progress Software, recently discovered a second vulnerability in their software which they’re actively working to fix. “We have communicated with customers on the steps they need to take to further secure their environments and we have also taken MOVEit Cloud offline as we urgently work to patch the issue,” the company said in a statement.
Much like the SolarWinds attack, it will likely be months or even years before we know the full extent of this wave of Russian cyber-attacks, but this is only the latest example of the Biden administration failing rise to the challenge regarding America’s cyber defenses.
Among the attacks against the US this year were espionage operations carried out by a Vietnamese hacking group, a North Korean cybergang targeting American cybersecurity research firms, and Chinese state-sponsored hackers attacking “critical” cyber infrastructure in several industries, including government and communications organizations.
The US government must lead the world on the cyber issue. Especially as hackers seem to be indiscriminately attacking anyone they can. Big-Tech must do its part as well, especially as 2023 has seen a rise in “Malvertising” via Google Ads. One thing the average American can do to protect themselves online is exercising basic safety measures like using an ad-blocker to avoid malware laced advertising.
But on the international level, the ongoing cyberwars necessitate increased cooperation. One of the most promising recent developments is the bi-partisan Abraham Accords Cybersecurity Cooperation Act. Born out of groundbreaking Trump administration diplomacy, the act is a major step towards enhanced international communication in real time to mitigate damages from largescale cyber-attacks.
Cybersecurity is just another matter where Joe Biden has failed. Luckily for America, for the time being America has merely bent and not broken in the cybersphere. Whether or not we can hold the fort through the next year and a half of Biden remains to be seen.
++++
Julio Rivera is a business and political strategist, Editorial Director for Reactionary Times, and a political commentator and columnist. His writing, which is focused on cybersecurity and politics, has been published by many of the most heavily trafficked websites in the world.