Cyberwarfare / Nation-State Attacks
,
Fraud Management & Cybercrime
,
Government
US National Security Agency Says It Has More Than 1,000 New Cybersecurity Alliances
The U.S. National Security Agency has developed partnerships with more than 1,000 public and private sector organizations to combat emerging cybersecurity threats – particularly from China – as officials warned Wednesday that Beijing is increasingly using artificial intelligence to spread global discord.
See Also: New OnDemand | People-Centric Security for the Public Sector
The NSA established the Cybersecurity Collaboration Center in 2020 to build public-private sector partnerships with the goal of improving information sharing, threat detection and incident response management, said Jami Wise, deputy chief of the agency’s China Strategy Center. Wise said the NSA has since used the program to mitigate major threats from China while working with partners in classified forums “to make sure that we can share the threat and articulate the challenges and risks that we see in cyberspace that the [People’s Republic of China] is creating.”
“NSA is not doing it alone,” Wise told the Billington CyberSecurity Summit in Washington, D.C., describing the collaboration center as “a mechanism for us to be able to work with our partners and try to be able to deliver cybersecurity outcomes at scale.”
Earlier this year, the NSA used the collaboration center to address a threat targeting a vulnerability in an ICS vendor’s system. Wise did not specifically indicate whether the threat was from a Chinese-based threat actor. The program enabled the NSA to work with the vendor to mitigate the threat while also collaborating with foreign partners to deploy protective measures at scale.
The NSA has also been working with international counterparts in recent months to increasingly alert network operators about the threat that China poses. In July, the NSA and global partners such as the Australian Signals Directorate released case studies revealing Beijing’s cyber tactics. The report details how the Chinese hacking group variously known as APT40, Kryptonite Panda and Gingham Typhoon evolved its methods to exploit newly discovered vulnerabilities in widely used software and target government networks.
The report says the hacking group uses compromised devices such as small office and home office routers as operational infrastructure – a growing trend among threat actors, according to the NSA.
The NSA established an AI Security Center in September 2023 within the cybersecurity collaboration program to aid in the widespread development and adoption of secure AI technologies. Both centers have since formed alliances with leading private sector technology firms, as well as foreign partners, the Pentagon, the intelligence community and academia, Wise said.
“The real intent is to make sure that we are helping secure the development of AI and establishing standards in an appropriate way,” she said about the AI Security Center, adding that the NSA believes China used AI as part of its influence operations during the Taiwan elections in 2023.
A report published by the Thomson Foundation says China was behind AI-generated disinformation campaigns that sought to undermine the Democratic Progressive Party, which won a third term with 40% of the vote.