A joint center stood up last summer to operationalize collaboration between the public and private sectors for the most significant cyber threats facing the U.S. has been focused on cybersecurity activities related to Russia’s war in Ukraine, leading to improved cyber defenses, the nation’s top homeland security cyber official said on Tuesday.
“And because of this work, earlier this month we were able to identify nearly 140 additional vulnerabilities to add to our previously exploited vulnerabilities catalog,” Jen Easterly, the director of the Cybersecurity and Infrastructure Security Agency, told attendees at the Hack the Port conference.
The analysis is being done by the Joint Cyber Defense Collaborative, or JCDC, which consists of federal agency partners such as CISA, the FBI, National Security Agency, U.S. Cyber Command, Secret Service, the Departments of Defense and Justice, the Office of the Director of National Intelligence and private sector organizations.
CISA last fall released a catalog of known exploited network vulnerabilities and requires federal agencies to remediate all of these. The catalog, which is routinely updated as new known exploited vulnerabilities are found, also serves as a resource for private sector entities to use to patch vulnerabilities on their networks.
“And these vulnerabilities we know have been used by Russian cyber threat actors so we are very focused on the potential for Russian malicious cyber activity as the president talked about in his statement yesterday,” Easterly said. “And being able to update our known exploited vulnerabilities with that information was possible in large measure because of our deep, trusted and ongoing collaborative efforts with our industry and our JCDC partners to identify and provide information to be able to give to network defenders so that they can strengthen the security and resilience of their networks.”
The statement by President Biden that Easterly referred to was a warning based on “evolving intelligence” that Russia is reviewing its options for possible cyber-attacks. The president, speaking to business executives on Monday, went even further than the prepared statement released by the White House, saying “as I’ve said, the magnitude of Russia’s cyber capacity is fairly consequential and it’s coming.”
Easterly also said that the JCDC has “had great success” mitigating vulnerabilities that were disclosed last December in the widely used log4j software library.
Easterly said that “JCDC Alliance” now has 25 industry partners, up from the original nine, and includes internet and cloud service providers, cybersecurity vendors and backbone infrastructure companies.
Given the digitized world, she said, “it’s really those technology companies that are very likely to see malicious activity first, and so by coming together with those companies we’ve been able to share insights, share information, and then enrich our own government products which we then share more broadly with the community. And it’s so important for us to be able to come together to see those dots, to connect the dots, and then to allow us to drive down risk to the nation at scale.”