Traditional nation-state actors, cyber criminals and disinformation campaigns are the three "primary lines of attack" in the nation's threat landscape that the Cybersecurity and Infrastructure Security Agency (CISA) is currently observing and responding to, agency chief Christopher Krebs said on Tuesday.
On the cyber security front, nation-state actors are doing what they've always done, such as trying to understand the status of development for a COVID-19 vaccine, the economic health of the U.S., and what policies are "shifting," Krebs said at the annual Billington Cyber Security Summit that is being held virtually this year. Basically, he said, "Spies are being spies."
Both the Chinese intelligence services and the Russians have been "very, very active," Krebs said.
The second line of activity is cyber-crime, which is typically aimed at citizens, and has focused mainly on COVID through phishing attacks, he said.
Initially, when the pandemic was mounting, the phishing lures leveraged demand for COVID testing and now it's "sign up here for a vaccine or early trial vaccines, things like that," Krebs said. "And so, they really are preying on the fact that people are concerned about COVID."
The third line of threats is around disinformation coming from nation-states like China, Iran and Russia or "unattributed" groups, which are pushing it out through social media, traditional media and text messaging, he said.
Messaging has been around instituting martial law and that fifth-generation wireless towers are spreading COVID, which Krebs said is his "favorite," noting this is "complete garbage." The problem is these that as these disinformation campaigns circulate, they can take "root in the real world," pointing to recent vandalism of 5G towers in the United Kingdom.
"As soon as these narratives, these conspiracy theories turn into physical manifestations of violence, then we've got a much larger problem on our hands," he said.
Countering disinformation goes beyond what the federal government can do to include social media and traditional media platforms as well as U.S. citizens being "more critical" about what is being "presented to them," Krebs said.
In the area of election security, Krebs touted the progress that has been made in the more than three years he has been with the Department of Homeland Security, noting that the "entire federal government," including the intelligence community, National Security Agency, the FBI and Defense Department along with other stakeholders such as the Election Assistance Commission and the National Institute of Standards and Technology have created a "vibrant election security community and practice."
CISA is now working regularly with all 50 states to share information, provide necessary resources and secure systems around election security, Krebs said. He also expects the November elections to be the "most secure election in history, in modern history."
Krebs said voters will need to be patient as election outcomes may take longer due to the need to count a larger number of absentee ballots than usual.