Trump upgrades Cyber Command, may sideline NSA in future

New status puts cyber-ops on same plane as regional commands and global special ops efforts


United States president Donald Trump upgraded the U.S. Cyber Command to the status of a “Unified Combatant Command”.

Unified commands combine personnel from at least two branches of the US military and are given ongoing missions. Before the elevation of the Cyber Command to this status, the nine unified combatant commands covered six regions of the world, special operations, the US Strategic Command and logistics-focussed Transportation Command.

President Trump positioned the elevation as a strengthening of the nation's information warfare capabilities, saying “will also help streamline command and control of time-sensitive cyberspace operations by consolidating them under a single commander with authorities commensurate with the importance of such operations.”

The change also means that the head of Cyber Command will report directly to the secretary of defense, ensuring that leader is a peer to the heads of the other Unified Commands.

Among the goals for the new command is ensuring interoperability among the different branches of the US Military.

Defense Secretary Jim Mattis was the driver of the change and is a former General of the US Marine Corps. Trump appears more inclined to respect advice from senior military figures than counsel from other sources, so his sign-off on this plan aligns with both his personal proclivities and his policy to quickly re-enforce the United States' online defense capabilities. The Trump administration has already delivered Executive Order 13800, a policy that makes cyber-security the responsibility of agency heads and which security industry types tell El Reg is just the sort of thing they'd like to see adopted in corporate board rooms.

Also under consideration in the wake of this change is “the possibility of separating United States Cyber Command from the National Security Agency.” A final opinion on that change is due later this year. ®


Other stories you might like

  • Cisco warns of security holes in its security appliances
    Bugs potentially useful for rogue insiders, admin account hijackers

    Cisco has alerted customers to another four vulnerabilities in its products, including a high-severity flaw in its email and web security appliances. 

    The networking giant has issued a patch for that bug, tracked as CVE-2022-20664. The flaw is present in the web management interface of Cisco's Secure Email and Web Manager and Email Security Appliance in both the virtual and hardware appliances. Some earlier versions of both products, we note, have reached end of life, and so the manufacturer won't release fixes; it instead told customers to migrate to a newer version and dump the old.

    This bug received a 7.7 out of 10 CVSS severity score, and Cisco noted that its security team is not aware of any in-the-wild exploitation, so far. That said, given the speed of reverse engineering, that day is likely to come. 

    Continue reading
  • Google battles bots, puts Workspace admins on alert
    No security alert fatigue here

    Google has added API security tools and Workspace (formerly G-Suite) admin alerts about potentially risky configuration changes such as super admin passwords resets.

    The API capabilities – aptly named "Advanced API Security" – are built on top of Apigee, the API management platform that the web giant bought for $625 million six years ago.

    As API data makes up an increasing amount of internet traffic – Cloudflare says more than 50 percent of all of the traffic it processes is API based, and it's growing twice as fast as traditional web traffic – API security becomes more important to enterprises. Malicious actors can use API calls to bypass network security measures and connect directly to backend systems or launch DDoS attacks.

    Continue reading
  • CISA and friends raise alarm on critical flaws in industrial equipment, infrastructure
    Nearly 60 holes found affecting 'more than 30,000' machines worldwide

    Updated Fifty-six vulnerabilities – some deemed critical – have been found in industrial operational technology (OT) systems from ten global manufacturers including Honeywell, Ericsson, Motorola, and Siemens, putting more than 30,000 devices worldwide at risk, according to private security researchers. 

    Some of these vulnerabilities received CVSS severity scores as high as 9.8 out of 10. That is particularly bad, considering these devices are used in critical infrastructure across the oil and gas, chemical, nuclear, power generation and distribution, manufacturing, water treatment and distribution, mining and building and automation industries. 

    The most serious security flaws include remote code execution (RCE) and firmware vulnerabilities. If exploited, these holes could potentially allow miscreants to shut down electrical and water systems, disrupt the food supply, change the ratio of ingredients to result in toxic mixtures, and … OK, you get the idea.

    Continue reading

Biting the hand that feeds IT © 1998–2022