Our picksThe Critical in Critical Infrastructure | What If the Threat Comes from Within? | Reporting Foreign Cyberattacks, and more

Published 15 June 2021

·  Protecting the Critical of Critical: What Is Systemically Important Critical Infrastructure?

·  US Intel Report Warns of More Violence by QAnon Followers

·  New Pentagon Watchdog Facing ‘Significant Challenges’ in Internal Anti-Extremism Effort

·  Trump, Allies Pressured DOJ to Back Election Claims, Documents Show

·  Police Issue Warning over Terrorist Use of 3D-Printed Guns as UK Neo-Nazi Jailed

·  Congress Has Already Authorized the President to Require Reporting of Foreign Cyberattacks

·  A Pandemic Isn’t the Only Kind of “Catastrophic Risk.” It’s Time to Prepare More Seriously for the Next.

·  Recent Cyberattacks Reveal US Utilities’ Extreme Vulnerability

·  What If the Threat Comes from Within? Federal Agencies Must Address the Risk

Protecting the Critical of Critical: What Is Systemically Important Critical Infrastructure?  (Tasha Jhangiani and Graham Kennis, Lawfare)
The Colonial Pipeline attack was the most recent reminder of a steadily encroaching wave of cyber threats affecting the nation’s critical infrastructure. Although the ransomware attack was considered to be “relatively unsophisticated” in nature, it was powerful enough to shut down America’s largest refined products pipeline for several days. It took Colonial six days to get the Cybersecurity and Infrastructure Security Agency (CISA) any notifications that could then be disseminated to other at-risk industry entities—and even then, acting CISA Director Brandon Wales remarked that he did not think Colonial would have reached out to CISA had the FBI not facilitated the interaction. Much of the discussion around the Colonial Pipeline ransomware attack has obscured a key point: The U.S. government does not have a reliable method to identify, support and secure the most “critical of critical” infrastructure.  
The U.S. government is not completely aware of what is critical—as in which companies’ disruption could have devastating or cascading consequences for the economy, national security, or public health and safety. Since its inception, the term “critical infrastructure” has grown so large that it has lost any meaningful specificity…. Underlying this dilution is the fact that no sufficiently granular and legally enforceable designation for “critical infrastructure” exists—consequently, there is no bound that keeps the concept from expanding into obscurity. Previous bills that have attempted to confer benefits or burdens on “critical infrastructure” have been vague and have not provided any clarity on what qualifies as such. 

US Intel Report Warns of More Violence by QAnon Followers  (Associated Press / VOA News)
A new federal intelligence report warns that adherents of QAnon, the conspiracy theory embraced by some in the mob that stormed the U.S. Capitol, could target Democrats and other political opponents for more violence as the movement’s false prophecies don’t come true. (Cont.)