‘Dirty Dozen’ Of Cyber Threats Targeting US Officials Is Now A Dirty Dozen, Government Says
It has been a year since the Trump administration announced the US Cyber Command, a unit that would be tasked with investigating, prosecuting and punishing cyberattacks on US government agencies.
In May, the US House of Representatives approved legislation that would allow the Cyber Command to become fully operational and provide a new “cyber space” for the US military, the Senate also passed legislation that will provide the Cybercommand with an expanded role in cyberspace, including the ability to investigate and prosecute cybercrimes and cyberthreats.
The US military is currently the only entity that can conduct military cyber operations in the United States.
But a growing number of cyberattacks targeting US government officials have been carried out by Chinese hackers and Russian state actors.
“This is a dirty dozen, and it’s a growing list,” said Peter Eckersley, a cybersecurity researcher at the security firm FireEye.
One of the most alarming recent examples of cyberthreat that US officials have faced was the December 2016 cyberattack on the US Office of Personnel Management.
That attack led to the resignation of OPM’s chief information officer, who was forced to resign in January 2017 after he admitted to leaking classified information to the press about the operation.
A month later, the Russian military hacked the Gmail accounts of more than a dozen US officials, including former Secretary of State John Kerry and former FBI Director James Comey, according to a report by NBC News.
According to a US official, a group calling itself Fancy Bear used a sophisticated phishing campaign to infiltrate OPM and compromise information about its internal systems.
FBI Director James B. Comey was among the officials who were targeted by the Russian group.
US lawmakers are pushing for a new law to expand the scope of the CyberCommand to include cyberattacks against US officials and to give the Cyberforce the authority to investigate cybercrases, as well as prosecute them.
However, there is a big hurdle to overcome.
The Cybercommand is already in the process of creating a Cyber Space, which would give it new capabilities to fight cybercrime and cyberattacks, including a new cybercrime unit that could be created in the Cyber Space.