Our friends from German media is reporting that the new US administration has dismissed all members of various advisory bodies not appointed by the government, bringing an investigation into the devastating cyber-attack on US providers to an abrupt halt. This was reported by the news agency Reuters. According to trusted sources, the investigation into the attack by the Cyber Safety Review Board has been “killed,” as reported by Reuters. US Senator Ron Wyden-D speaks of a “massive gift to the Chinese spies who also targeted Donald Trump and JD Vance.”[1]
Help from the private sector - The Cyber Safety Review Board (CSRB) has been existing since 2022 and is staffed by the cybersecurity agency CISA. Government institutions such as the NSA intelligence agency and the US Department of Justice were represented on the board, as well as private sector players such as Google and cybersecurity companies. The assembled expertise is intended to investigate particularly serious cybersecurity incidents. There were reports on the Log4Shell vulnerability and the attack on Microsoft Exchange in the summer of 2023, for example. Most recently, the committee dealt with the attack on US providers that was allegedly carried out from China.
In October of last year, it became apparent that attackers suspected of being in the service of the Chinese government had succeeded in compromising the networks of US carriers AT&T, Verizon, T-Mobile and other providers. The group called “Salt Typhoon”, “GhostEmperor” or “FamousSparrow” was apparently involved in gathering information. It was the “largest telecommunications hack in US history, by far”, the chairman of the Senate committee responsible for intelligence services said back in November. According to Reuters, the CSRB's analysis was less than half finished. The dismissal was justified on the grounds of “misuse of resources”.
As explained, the CSRB is just one of several advisory bodies assigned to the US Department of Homeland Security (DHS). They provide support in areas such as civil protection, AI, and technology. With the dismissal of all delegates who are not from a government agency, the CSRB and the others do not necessarily have to cease their work. But their ability to function is significantly restricted. According to the DHS, those dismissed can reapply, but that may be too late for the ongoing work. The CSRB's investigation into the “Salt Typhoon” cyberattack is effectively over, Reuters writes.
This article is shared at no charge for educational and informational purposes only.
Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization. We provide indicators of compromise information via a notification service (RedXray) or an analysis service (CTAC). For questions, comments or assistance, please contact the office directly at 1-844-492-7225, or feedback@redskyalliance.com
Weekly Cyber Intelligence Briefings:
- Reporting: https://www.redskyalliance.org/
- Website: https://www.redskyalliance.com/
- LinkedIn: https://www.linkedin.com/company/64265941
Weekly Cyber Intelligence Briefings:
REDSHORTS - Weekly Cyber Intelligence Briefings
https://register.gotowebinar.com/register/5207428251321676122
[1] https://www.heise.de/en/news/Gift-to-China-investigation-into-massive-cyber-attack-in-the-USA-halted-10254097.html
Comments