@LaJoieSecurity Threat Blog

Is American Cyber Policy at Crossroads? - Salt Typhoon, Policy and the Call for Consequences

 

 

 

This week’s Washington Wednesday zeroes in on the seismic shifts in U.S. cybersecurity policy, driven by two key forces: the recent revelations of the Salt Typhoon hacking campaign and the impending transition of presidential power. As the U.S. grapples with the fallout from Chinese-backed cyber espionage and prepares for potential changes in cybersecurity strategy, policymakers are advocating for stronger measures to defend the nation’s infrastructure and impose consequences on foreign attackers.

 

Let’s break down the current landscape, the challenges ahead, and what these changes mean for the future of U.S. cybersecurity.

 

The Salt Typhoon Breach: A Wake-Up Call 

The discovery of the Salt Typhoon hacking campaign — where Chinese state-sponsored actors infiltrated U.S. telecommunications networks — has sent shockwaves through Washington. These breaches allowed the attackers to intercept communications and harvest metadata from senior officials, including President-elect Donald Trump and Vice President-elect JD Vance.

 

In response, U.S. senators are calling for immediate action to bolster the security of critical infrastructure. Proposed measures include:

  • Annual cybersecurity certifications for telecommunications firms to ensure compliance with best practices.
  • Enhanced defensive and offensive cyber capabilities to protect national interests and deter future attacks.
  • This breach highlights the urgency of securing communication networks against sophisticated state-sponsored adversaries.

 

Policy Uncertainty: CISA Prepares for Change

As the new administration prepares to take office in January 2025, the Cybersecurity and Infrastructure Security Agency (CISA) is bracing for potential shifts in policy. Under the current administration, CISA has led efforts to promote secure-by-design principles and enforce cybersecurity regulations for critical sectors.

 

However, concerns are mounting that the incoming administration might reduce CISA’s regulatory powers, impacting initiatives designed to protect infrastructure from cyber threats. These potential changes come at a critical moment as the agency works to mitigate the risks revealed by Salt Typhoon and other state-sponsored attacks.

A rollback of regulatory authority could hinder the nation’s ability to respond effectively to escalating cyber threats, leaving critical infrastructure more vulnerable.

 

Calls for Consequences: Deterring Cyber Aggression

The Salt Typhoon hack and other recent cyber espionage campaigns have reignited calls for the U.S. to impose harsher penalties on foreign cyber attackers. Policymakers and advisors argue that without stronger consequences, adversaries like China, Russia, and Iran will continue to exploit weaknesses in U.S. systems with impunity.

 

Suggestions for deterrence include:

  • Economic sanctions targeting individuals and entities responsible for cyberattacks.
  • Offensive cyber operations to retaliate against persistent threats.
  • Increasing the cost of cyber aggression to discourage malicious activities by both state-sponsored and private actors.
  • The consensus among cybersecurity experts is clear: deterrence must become a cornerstone of U.S. cyber policy if the nation hopes to reduce the frequency and severity of attacks.

 

A Nation in Transition

These developments — the Salt Typhoon breach, potential CISA policy changes, and calls for stronger deterrence — underscore a pivotal moment in U.S. cybersecurity. The nation stands at a crossroads, with decisions made in the coming months likely to shape the future of national defense in cyberspace.

 

Key Themes to Watch:

  • Strengthening Critical Infrastructure:  Ensuring telecom providers and other critical sectors are held to the highest cybersecurity standards.
  • Preserving CISA’s Mission:  Maintaining strong regulatory frameworks and supporting initiatives like secure-by-design to protect against evolving threats.
  • Imposing Consequences:  Developing a robust strategy for deterring foreign cyber aggression through economic, diplomatic, and offensive measures.

 

The next administration’s approach to these challenges will determine whether the U.S. can maintain resilience in the face of growing cyber threats or if vulnerabilities will continue to be exploited by adversaries.

 

Leadership Takeaways

  1. Adapt to Policy Shifts: Organizations must stay informed about changes in federal cybersecurity policy and adapt their strategies accordingly.

  2. Invest in Infrastructure Security: Prioritize cybersecurity measures for critical systems, especially in sectors vulnerable to state-sponsored attacks.

  3. Advocate for Deterrence: Support policies that impose consequences on cyber attackers, reinforcing national security and resilience.

  4. Engage with CISA:  Collaborate with CISA to stay updated on best practices, threat intelligence, and potential regulatory changes.

 

Read More

  • Reuters. (2024, December 11). Senators Say U.S. Must Boost Security After Chinese Salt Typhoon Telecom Hacking. Retrieved from reuters.com
  • Wired. (2024, December 10). CISA Prepares for Potential Cuts Under New Administration. Retrieved from wired.com
  • Reuters. (2024, December 15). U.S. Needs to Do More to Make Cyber Attackers Pay, Trump Adviser Says. Retrieved from reuters.com