Latest news with #CISA
New York Times
3 days ago
- Politics
- New York Times
Live Updates: Trump Pushes Allies on Military Spending at NATO Summit
President Trump has cut funding and specialists from the Cybersecurity and Infrastructure Security Agency, which helps protect the nation's power grids, elections and water utilities. Soon after the United States bombed Iran's critical nuclear facilities, the Trump administration warned that Iran could seek revenge by inspiring violent extremists or launching cyberattacks against U.S. networks. But many of the federal programs or resources that would defend the nation against such attacks have been scaled back significantly in recent months, after Mr. Trump slashed the federal bureaucracy and reoriented much of the national security apparatus to help with his immigration crackdown. Mr. Trump has cut funding and specialists from the Cybersecurity and Infrastructure Security Agency, or CISA, which helps protect the nation's power grids, elections and water utilities. In a sign of the heightened risk of a cyberattack, the F.B.I. directed officials in recent days to assist the cybersecurity agency in protecting critical infrastructure, according to an email obtained by The New York Times. But that directive came after F.B.I. officials tasked with working on cybersecurity or counterintelligence were asked to assist Immigration and Customs Enforcement on routine deportations. The administration has also purged decades of experience at the highest ranks of the F.B.I., heightening concerns that the bureau might be unprepared to deal with myriad crises that the agency faces on a daily basis, let alone the possibility of Iran taking revenge on American soil. Image The F.B.I., led by Kash Patel, has directed officials in recent days to assist the cybersecurity agency in protecting critical infrastructure. Credit... Anna Rose Layden for The New York Times And the administration has proposed breaking up a little-known office tasked with detecting potential chemical, biological and nuclear attacks against the United States. 'We are less safe now than we were on Jan. 20 because of the indiscriminate cuts by DOGE, that shift in priority to focus exclusively on immigration and not on counterterrorism or other national security threats, and the loss of institutional knowledge about those national security threats,' said Mary Ellen Callahan, the former assistant secretary of homeland security for the Countering Weapons of Mass Destruction office, which Mr. Trump has proposed disbanding. 'We are less safe now and the risks are higher now.' Mr. Trump's aides maintain that his policies have restored national security to the United States by tightening its borders and pursuing sweeping deportations of immigrants in the country without legal status. The Department of Homeland Security has been quick to publicize arrests over the weekend of 11 Iranians in the United States illegally, including one who was on a terrorism watch list. And the White House has sought to redirect attention to the Biden administration's border policies, contending that the record number of migrants who crossed into the United States in recent years posed a significant risk to the nation. 'We're doing everything that we can to keep our people safe,' Vice President JD Vance said on Sunday. 'This is one of the reasons why border security is national security: is if you let a bunch of crazy people into your country, those crazy people can eventually take action. We're going to do everything that we can to make sure that doesn't happen and to keep Americans safe.' The approach by the Trump administration, however, ignores some of the more modern ways that Iran or its proxy groups could target the United States, according to national security officials. And even though Iran and Israel have agreed to a cease-fire, national security officials warned that the nation was still exposed to retaliation from Iran or its proxies, particularly one cloaked in sensitive computer systems. Image A rally in support of the Iranian armed forces in Tehran on Tuesday. Credit... Arash Khamooshi for The New York Times 'We are not out of the woods yet in terms of what Iran will try to do as payback,' said Thomas S. Warrick, a former counterterrorism official in the Trump, Obama and Bush administrations. 'But there's a host of D.H.S. programs that were intended to help defend the United States homeland from those attacks, and we're going to find that many of those programs have been adversely affected.' Mr. Trump and his allies have long held animosity for CISA, the agency he signed into law in his first term that would eventually declare the 2020 election was one of the best-run in history — undercutting Mr. Trump's claims. In early March, Mr. Trump slashed more than $10 million in funding to two critical cybersecurity intelligence-sharing programs that helped detect and deter cyberattacks and alerted state and local governments about forthcoming attacks on cybernetworks. CISA has also canceled contracts that affected more than a hundred cybersecurity specialists with a range of specialties. In its 2026 budget request, the administration also proposed cutting more than 1,000 positions from the agency, which is funded to hire more than 3,700 people. 'It takes a huge toll on our readiness to meet the challenges like what we may face if Iran chooses to retaliate in the United States in some way,' said Suzanne Spaulding, a homeland security under secretary for cybersecurity and critical infrastructure in the Obama administration. 'Not only do you have a decimated work force and fewer people — you've lost experts and institutional knowledge, and expertise has walked out the door.' In that budget request, the administration also proposed dismantling the office tasked with countering weapons of mass destruction and absorbing its functions into other parts of the department — an action that Ms. Callahan said would 'dissipate the mission.' At the same time, Mr. Trump is hoping to secure about $175 billion in new spending to enforce his ambitious anti-immigration agenda through his domestic policy legislation, which is still making its way through Congress. The administration has also redirected many federal agents to assist ICE for its deportation campaign, including F.B.I. agents who have been pulled from their usual tasks of cybersecurity, counterintelligence or criminal work. Image ICE agents in New York last month. Thousands of federal agents have been pulled into Mr. Trump's immigration plans. Credit... Dakota Santiago for The New York Times The Times reported in May that the Justice Department decided that about 2,000 of its federal agents — from the Drug Enforcement Administration, the U.S. Marshals Service and the Bureau of Alcohol, Tobacco, Firearms and Explosives — were required to help find and arrest undocumented immigrants for the remainder of the year. But in the days since the attack on Iran, F.B.I. officials are pivoting to address the threats posed by Iran. 'Perhaps, in hindsight, forcing out the most experienced national security senior executives, and having counterterrorism and counter intelligence agents and analysts spend their time assisting on immigration roundups, might not have been the most well-thought-out ideas,' said Michael Feinberg, a former F.B.I. agent who spent years handling national security matters before abruptly leaving the bureau several weeks ago. The F.B.I., in a statement, declined to comment on personnel decisions but said the agency does 'continuously assess and realign our resources to respond to the most pressing threats to our national security and to ensure the safety of the American people.' Mike Sena, the president of an association representing information-gathering 'fusion centers' spread across the country that are partially funded by the Department of Homeland Security, said he noticed that many of the federal officials who worked with state and local law enforcement agencies had left their jobs. Many of his peers in the law enforcement community are also concerned that they may not be able to rely on federal funding. 'How do you sustain and maintain the capabilities from even a year ago when folks aren't there anymore?' Mr. Sena said.
New York Times
4 days ago
- Politics
- New York Times
Trump's Cuts Could Leave the U.S. Exposed Amid a Heightened Threat From Iran
Soon after the United States bombed Iran's critical nuclear facilities, the Trump administration warned that Iran could seek revenge by inspiring violent extremists or launching cyberattacks against U.S. networks. But many of the federal programs or resources that would defend the nation against such attacks have been scaled back significantly in recent months, after Mr. Trump slashed the federal bureaucracy and reoriented much of the national security apparatus to help with his immigration crackdown. Mr. Trump has cut funding and specialists from the Cybersecurity and Infrastructure Security Agency, or CISA, which helps protect the nation's power grids, elections and water utilities. In a sign of the heightened risk of a cyberattack, the F.B.I. directed officials in recent days to assist the cybersecurity agency in protecting critical infrastructure, according to an email obtained by The New York Times. But that directive came after F.B.I. officials tasked with working on cybersecurity or counterintelligence were asked to assist Immigration and Customs Enforcement on routine deportations. The administration has also purged decades of experience at the highest ranks of the F.B.I., heightening concerns that the bureau might be unprepared to deal with myriad crises that the agency faces on a daily basis, let alone the possibility of Iran taking revenge on American soil. Want all of The Times? Subscribe.
Forbes
4 days ago
- Politics
- Forbes
US And Israel Should Prepare For Destructive Iranian Cyberattacks, Ex-Intel Officer Says
In the aftermath of American strikes against multiple Iranian nuclear sites on Saturday, the country retaliated with strikes on Israel and on a U.S. base in Qatar, where no casualties were reported. This morning, a ceasefire was confirmed by all sides, though Israel quickly accused Iran of breaking it. But longer term, in lieu of a nuclear bomb or significant firepower in the face of U.S. and Israeli military might, Iran may turn to cyberattacks. The country has a 'robust cyber apparatus,' according to Sanaz Yashar, a former intelligence officer in Israel who fled Iran as a teenager and now runs a cybersecurity startup. Its cyber program is spread across three different agencies: the Islamic Revolutionary Guard Corps (IRGC), the Ministry of Intelligence and the Ministry of Defense. Yashar expects Iran's cyber offensive units to respond soon with 'quick and dirty' operations, which will be disruptive but not catastrophic. In the longer-term, 'there will be investment in destructive cyber capabilities' because they're 'impactful and deniable,' Yashar added. On Sunday, the DHS warned of an increased risk of cyberattacks either from Iran-friendly hacktivist groups or from the Iranian regime itself. 'Any new work is going to cause more strain on CISA.' A current CISA employee U.S. cyber infrastructure, however, may not be adequately prepared because of staff losses at the DHS Cybersecurity and Infrastructure Agency (CISA), which currently lacks a permanent director. The agency has been bleeding talent since many of its leadership, including former director Jen Easterly, have departed or were fired. Trump's nominated director, Sean Plankey, is yet to be confirmed. One CISA insider told Forbes that if there was to be an increase in Iranian cyber activity, the agency would be stretched to respond to the mass of threats currently facing America in cyberspace. 'Any new work is going to cause more strain on CISA because we aren't even being given the resources needed for our current workload,' they said. Concerns swirled online about if the problems at CISA could hobble a U.S. response. 'Start scheduling backups and don't be surprised by cyber attacks from Iran or their supporters. Right after dismantling CISA, perfect timing,' wrote Jeff Moss, founder of the DEF CON cyber conference and a former member of the CISA Cyber Security Advisory Council, on BlueSky. Though manifold reports have pointed to a CISA with low morale and overworked staff, the agency's public affairs director Marci McCarthy told Forbes that CISA had been 'lost and unfocused under Joe Biden,' with a 'ballooning budget.' Now, President Trump and secretary for homeland security Kristi Noem are refocusing CISA, said McCarthy. 'The agency was focused on censorship, branding and electioneering instead of defending America's critical infrastructure,' McCarthy said. 'That era is over. Today CISA is focused squarely on executing its statutory mission: serving as the national coordinator for securing and protecting the nation's critical infrastructure.' She added that there are currently 'no specific credible threats against the homeland,' but critical infrastructure organizations should remain vigilant. Iranian hackers have in recent years been accused of some significant cyberattacks. In late 2023, a number of American water plants were breached, which led to the 2024 sanctions of six officials at the IRGC. Earlier this year, the U.S. offered a $10 million reward for information on the identities and whereabouts of members of CyberAv3ngers, a group linked to various attacks on global critical infrastructure, with a focus on targeting Israeli-made equipment. Yashar said Iran's hackers will want to use attacks as a type of influence operation that will 'show off and enhance regime stability internally.' 'The biggest concern would be they go after databases of naval, aviation and shipping information for further targeting,' she said. But it's disputed just how much of a digital threat Iran poses. The CISA insider said Iran was not considered a serious cyber threat on the level of China or Russia. Other experts agree. John Hultquist, chief analyst at Google's Threat Intelligence Group, wrote on LinkedIn over the weekend that Iran's main focus for its cyber warfare is psychological. 'There is a real, practical risk to enterprises, but it's important that we don't overhype the threat here and give them the win they're after.' Israel began bombing Iran in mid-June, targeting its nuclear facilities. The U.S. launched air strikes over the weekend in support of Israel's effort to prevent Iran from building a nuclear weapon. How many years the American attack has put Tehran back is unclear, despite Trump's claims it had "totally obliterated" three of Iran's nuclear sites. Iran's leader Ayatollah Ali Khamenei has not yet spoken publicly about the strikes. Israel, which has built a major cyber intelligence operation across the IDF's Unit 8200, Mossad and other agencies, has not yet been credited with any significant cyberattacks since it launched airstrikes on Iran. Last week, a pro-Israel hacking crew known as Predatory Sparrow claimed responsibility for a breach of Iran's largest crypto exchange Nobitex, with as much as $90 million stolen. It's unclear what links, if any, Predatory Sparrow has to the Israel government. Iran, meanwhile, reportedly closed off its internet to protect from potential cyberattacks. One reason for the physical attacks on Iran's nuclear capabilities could be that cyber offensive operations are no longer effective enough. The Stuxnet cyberattacks on the Natanz nuclear facility back in 2009 were reportedly part of a joint U.S.-Israel effort that were estimated to have set Iran's nuclear program back by years. Now the same countries have taken to bombs rather than malware. More from Forbes Forbes Iranian Hackers Abuse Slack For Cyber Spying By Thomas Brewster Forbes Inside OilRig -- Tracking Iran's Busiest Hacker Crew On Its Global Rampage By Thomas Fox-Brewster Forbes Trump Pardoned Him. Now He's Selling His Cyber Business For $200 Million. By Thomas Brewster Forbes Iranians Hacked A Domestic Violence Shelter And U.S. Power Companies In Ransomware Rampage, DOJ Says By Thomas Brewster
Euronews
5 days ago
- Politics
- Euronews
How Iran could retaliate against the US with cyberattacks
The US Department of Homeland Security (DHS) has warned that Iran might use 'low-level cyber attacks' as one way to respond to attacks launched against its nuclear facilities over the weekend. The national terrorism bulletin issued on Sunday said there is no current threat against the US that has been identified but that there is the 'possibility' of threats to the US in the form of 'possible cyberattacks, acts of violence, and antisemitic hate crimes," Kristi Noem, the Secretary of Homeland Security said in a statement. The US Department of National Intelligence (DNI) considers Iran's cyber operations to be a 'major threat to the security of US networks and data,' according to a report published in March this year. But if Iran were to retaliate against the US with cyberattacks what would be the impact? Breaches of US government bodies, emails possible State-sponsored Iranian groups and hacktivists regularly target 'poorly secured US networks and Internet-connected devices for disruptive cyber attacks,' according to the DHS report. The US, among other countries, has designated the Islamic Revolutionary Guard Corps (IRGC) as a foreign terrorist group since2019. The Iranians are credited with launching attacks against 'critical infrastructure sectors' such as transportation, healthcare and the public health sector, according to the US Cybersecurity and Infrastructure Agency (CISA). Hackers sponsored by the Iranian government are credited with hacking a US-based children's hospital, a dam in New York and compromising the vulnerabilities of a Pennsylvania water authority and others across the US. The Federal Bureau of Investigation (FBI) said Iranian-backed actors were also linked to a series of 46 denial of service (DDoS) attacks against major American banks in 2012, such as American Express and Wells Fargo, that locked customers out of their accounts. Some institutions are already getting ready for increased Iranian cyber attacks, such as the US Food and Agriculture Information Sharing and Analysis Center (Food and Ag-ISAC) and the Information Technology - Information Sharing and Analysis Center (IT-ISAC). Both organisations released a joint statement on June 13, warning companies to prepare for 'the likelihood of increased cyber attacks from Iran targeting US companies'. Iranian state actor groups have also been accused by CISA of using 'brute force such as password spraying and multifactor authentication 'push bombing,'' with multiple phone notifications, to gain access to US organisations through programs like Microsoft 365, Azure and Citrix systems. Some of the information gathered in previous Iranian cyber attacks against US government bodies has been sold on cybercriminal forums 'to actors who may use the information… for additional malicious activity,' a 2024 CISA alert reads. Iranian actors have also infiltrated email accounts of key government officials, the DNI threat report said. Most recently, Iranian actors breached the email of a President Donald Trump staffer on the 2024 election campaign and sent a 'targeted spear-phishing email' to his employees. The group then 'tried to manipulate journalists into leaking information' that they had gathered from the campaign, according to the report. Iranian state actors have also in the past stolen information from American aerospace and satellite companies (in 2020) and universities ( in 2018). The role of hactivists The US-based cybersecurity firm Radware identified 100 new activist groups that sprang up in the last week since Iran's June 13 retaliation against Israel. Some of these groups, the firm said, have threatened to attack the US. Radware reported on June 18 that a group called Mr. Hamza teamed up with DieNet and other hacktivists groups to target the US 'if it joins the war against Iran'. Mr. Hamza claimed in a June 22 post on Telegram that it had launched attacks against various branches of the US Air Force, including the department's training platform, mission operational capabilities, and its cloud computing program. The group is also claiming to have attacked several US defence companies, such as RTX, Sierra Nevada Corporation and Aurora Flight Sciences, a Boeing subsidiary. Euronews Next is trying to independently verify these claims. DieNet said on its Telegram channel that it would attack again using data breaches, big [DDoS attacks] against critical infrastructure and ransomware. Radware believes that DieNet is a new group that emerged in 2025 but has already claimed 61 attacks against 19 US organisations between March 11 and 17 this year, including one that amassed a 'huge amount of data' from the International Trade Administration and the US Department of Commerce. 'DieNet's campaigns are unmistakably political,' a Radware alert from March reads. 'They openly blame… Trump for fueling their motivation, claiming their cyber offensives are acts of retaliation against US military interventions'. Iran has a 'considerable number' of state-sponsored threat groups that have targeted Israel in the past, such as Muddy Water, APT35 (OilRig), APT35 (Charming Kitten) and APT39 (Remix Kitten), the Radware report added.
Yahoo
19-06-2025
- Business
- Yahoo
AI For Impact Day welcomes Dell Technologies as platinum sponsor
MCLEAN, Va., June 18, 2025 /PRNewswire/ -- Agile Defense announced today that Dell Technologies has joined its AI for Impact Day event as the platinum sponsor. The one-day summit takes place on June 26 in Reston, VA. Participants will explore real-world applications of AI and data solutions to optimize government, improve operational efficiency and support mission critical tasks. "Technology is evolving at an unprecedented pace, so it's absolutely critical that government agencies and their partners continue to adapt and embrace these new tools to optimize operations and deliver modern solutions that can achieve mission success," said John Hart, Chief Growth Officer for Agile Defense. "That's why we're glad to have partners like Dell Technologies supporting AI for Impact Day to help bring industry leaders together to address both the challenges and opportunities that AI presents." Keynote speakers include FBI Associate Deputy Director and COO Will Rivers and Bob Costello, Chief Information Officer at the Cybersecurity and Infrastructure Security Agency (CISA). AI for Impact Day summit presentations and panel discussions will include how AI innovations are driving government operations, human-centered design and customer experience in federal applications, insights from government leaders, partners and experts in AI and HCD and how to advance digital transformation across government. Dell Technologies' Technical Strategist Chris Thomas will participate on a panel discussing modernizing legacy systems using AI and cloud, data strategy in government and AI-powered analytics. Other speakers in attendance will be representing some of the industry's biggest names including Second Front, HiddenLayer, Domino Data Lab, U.S. Naval Surface Force, Beacon Global Strategies and more. Additional information along with registration details are available at About Agile Defense:Agile Defense stands at the forefront of innovation, driving advanced capabilities and solutions tailored to the most critical national security and civilian missions. With more than 2,000 teammates operating in North America, Europe, Asia, and the Middle East, Agile Defense supports our customer missions around the globe. Our collaborative and multi-disciplinary teams bring creativity and flexibility to developing advanced digital transformation, data analytics, and cyber solutions. We are not afraid to take on the most difficult challenges because we know that together, we can accomplish anything. Learn more at View original content to download multimedia: SOURCE Agile Defense
