Trump's administration has deliberately alienated a key player in the defence against cyber-warfare. While no one person should ever be irreplaceable, this is just one more example in a long list of the Trump administration's utter disregard of even trying to keep good people in key positions. Moreover, the agency has suffered massive loss of workforce and funding.
quote:
A Cybersecurity and Infrastructure Security Agency program that warns organizations about imminent ransomware attacks has suffered a major setback after its lead staffer left the agency rather than take a forced reassignment.
David Stern, the driving force behind Cybersecurity & Infrastructure Agency's Pre-Ransomware Notification Initiative (PRNI) — through which the agency alerts organizations that ransomware actors are preparing to encrypt or steal their data — resigned on Dec. 19, according to four people familiar with the matter. The Department of Homeland Security had ordered Stern to take a job at the Federal Emergency Management Agency in Boston or quit, and Stern chose the latter, three people familiar with the case said.
Stern’s departure from CISA, first reported by Cybersecurity Dive, could significantly hamper one of the most impactful programs at an agency already strained by a massive workforce purge, cuts to key services and embarrassing leadership struggles.
Since late 2022, CISA has used tips from the intelligence community, cybersecurity firms and internet infrastructure operators to identify ransomware actors’ preparatory activities on U.S. computer networks and warn their owners that the threat actors are preparing to strike. The agency sent more than 1,200 warnings in 2023 and more than 2,100 warnings in 2024, helping to prevent ransomware attacks on water systems, energy utilities, healthcare organizations, schools and other critical infrastructure operators.
“The PRNI work is some of the most impactful work CISA does and has saved U.S. companies billions of dollars by tipping them to ransomware attacks before they happen,” said the second person familiar with the matter. “No other federal agency is doing this work.”
end quote
source:
https://www.cybersecuritydive.com/news/cisa-ransomware-warning-program-key-employee-left/808589/
If one WANTS to leave a country wide open to cyber-warfare, this is a choice way to go about it. Just whose side is Trump on, anyway?
PS for Joe: Trump's 'gift' of 4.x % growth won't mean doodlysquat, if major players' computer systems are locked down with ransomware.
@moonbus said'Tis strange. Hardly anything related to national defense ever gets cut in America. And this area seems particularly important and growing. Just a few years ago, someone hacked a utility grid and caused power outages. That tech is only getting more sophisticated, as we rely more and more on the grid itself for basic functions.
Trump's administration has deliberately alienated a key player in the defence against cyber-warfare. While no one person should ever be irreplaceable, this is just one more example in a long list of the Trump administration's utter disregard of even trying to keep good people in key positions. Moreover, the agency has suffered massive loss of workforce and funding.
quote ...[text shortened]... % growth won't mean doodlysquat, if major players' computer systems are locked down with ransomware.
Imagine the difference in public perception if that attack came by missile instead of through the wires.
Meanwhile we're going back to building obsolete weapons like tanks and battleships that no one asked for, no one needs, and only benefits the contractors who build them.
@wildgrass
The threat is very real and intensifying. Russia is actively engaged in hybrid warfare and sabotage of civilian infrastructure:
https://apnews.com/article/france-cyberattack-postal-service-russia-09bd0156aae99e14e619051756574853
Trump is either an idiot or a Russian agent to hobble the federal cybersecurity agency.
How many entities did those warnings goto? 60 total. How many of the vulnerabilities used against them for cyberattack are known from first being publicized by CISA? So the buck stops when the collaboration does. Private intelligence is still compelled morally to share their research.
Have you heard about the jackpotting Tren de Aragua gang getting indicted for malware lifting millions U.S. from ATMs?
@Oblation-Ants saidI do not know which entities received warnings, but just supposing that 50 of them were state voter registration databases, and that three others were the Dept. of State, Social Security, and the stock exchange, would that seem important to you?
How many entities did those warnings goto? 60 total. How many of the vulnerabilities used against them for cyberattack are known from first being publicized by CISA? So the buck stops when the collaboration does. Private intelligence is still compelled morally to share their research.
Have you heard about the jackpotting Tren de Aragua gang getting indicted for malware lifting millions U.S. from ATMs?
Hobbling federal agencies does not in any way benefit private enterprises' efforts to defeat cyber-warfare. What's yer point?
Who's selling the cybersecurity and who's doing...
they worried about losing talent to the private sector, so they overcompensated. CISA originated as a division inside the Dept. of Homeland security. This other link paints the picture that it's management accepted the blame for misusing the funds.
https://www.cybersecuritydive.com/news/cisa-eliminate-cyber-pay-incentives-ctms/806981/
It's worth noting, though some may not want to hear, an infiltration could mean the ransomware infects a workstation but it only waits for a privilege escalation and cannot execute under the administration access. So the warnings in that prevelant scenario serve a function which are afforded by advanced threat software.