Sue Gordon, former principal deputy director for the Office of the Director of National Intelligence, and Matt Olsen, Uber’s chief trust and security officer and former director of the National Counterterrorism Center, during a panel discussion at CNBC ‘s @Work conference in San Francisco, Nov. 4, 2019.
Arun Nevader | CNBC
The U.S. Department of Justice announced Tuesday a new unit within its National Security Division focused on pursuing cyber threats from nation-state and state-backed hackers, formalizing an increasingly significant part of the national security apparatus into the Justice Department’s hierarchy.
In a statement, Assistant Attorney General Matt Olsen said the new unit would allow the DOJ’s national security team “to increase the scale and speed of disruption campaigns and prosecutions of nation-state threat actors, state-sponsored cybercriminals, associated money launderers, and other cyber-enabled threats to national security.”
The DOJ has aggressively pursued state-backed cyber actors, especially those in China or North Korea. National security officials outside the DOJ have also emphasized China as a top cybersecurity concern, including the U.S.’ top cybersecurity official.
The announcement made no mention of Chinese cyber efforts, which CISA Director Jen Easterly described last week as an “epoch-defining threat.” But in a separate event Tuesday at the Hoover Institution at Stanford University, Olsen emphasized the work that the DOJ has been doing to combat Chinese cyber efforts.
“China has compromised telecommunications firms,” Olsen said at the event. “It conducts cyber intrusions targeting journalists and dissidents in order to suppress the free flow of information. And the PRC is capable of launching cyberattacks that could disrupt U.S. critical infrastructure.”
Concerns over corporate and industrial espionage have long been a concern for top government and corporate executives, especially as Chinese concerns seek to leapfrog and develop equivalent technology, allegedly off the backs of U.S. innovation or research.
Last month, the Secretary of the Navy confirmed the Navy had been “impacted” by a China-backed hacking group that was seeking intelligence and data.
The release did emphasize the threat posed by Russian malware and ransomware groups, which researchers and practitioners characterize as potent but less coordinated and less strategic than incursions from China.
While Chinese hacking groups have “lived off the land,” gathering intelligence and data, Russian and North Korean groups often seek to extort their victims for profit, generating revenue for themselves or their governments.
Building cases against those groups can take years, and don’t always result in an arrest, given the far-flung nature of the hacking groups.
“NatSec Cyber will serve as an incubator, able to invest in the time-intensive and complex investigative work for early-stage cases,” Olsen said.