NSI Newswatch Newsletter 12/21/2022


NSI's Weekly Security NewsWatch
For security leaders who want to extend their knowledge base: 10 expertly curated news items, summarized and designed to widen your perspective.
In This Issue 
  • SHARPEN THE FOCUS OF IMPACT 2023Share your expert opinion 
  • China and Russia 'Sharing a Toolkit' to Dismantle the West
  • CISA: Russian Hackers Infiltrated U.S. Satellite Network
  • NSA Publishes 2022 Cybersecurity Year in Review
  • Feds Order Review of Power-Grid Security After Attacks
  • U.S. Slaps Restrictions on Chinese Chipmaker and Others over National Security
  • Russian Spy Ring Ran Stolen U.S. Weapons Tech Through N.H. Home, Feds Say
  • Florida Man Guilty of Unlawful Possession of Weapons, Classified Information
  • NSA: Chinese Hackers Are Attacking Flaw in Widely Used Networking Device
  • Putin to Choose Cyber Warfare Before Nuclear Weapons, Former NSA Chief Says
  • Holiday Threats: Potential Targets in a Complex Threat Environment
FORWARD to security colleagues who want to extend their knowledge base and widen their perspective of the security professionFORWARD to security colleagues who want to extend their knowledge base and widen their perspective of the security profession
Registration for IMPACT 2023 is Open: Act Now to Get the Early-bird Rate

China and Russia 'Sharing a Toolkit' to Dismantle the West, NATO Ambassador Says (Newsweek, 12/20/22)

China and Russia are "sharing a toolkit" of strategies to undermine NATO members and Western governments must do more to defend themselves against the two countries, a senior U.S. diplomat has warned.  Discussing the threat posed by Beijing and Moscow, Julianne Smith, U.S. ambassador to NATO, said: "Those two are increasingly sharing a toolkit that should concern the NATO alliance."

Her comments come as Beijing and Moscow increase military exercises and foreign policy alignment against the West.  China announced that joint drills with the Russian Navy will be held off the coast of Zhejiang province, south of Shanghai, this week.  China and Russia are allies with a shared anti-West sentiment.  The two states revealed a pact in February, days before Russia invaded Ukraine.  At a meeting between Chinese President Xi Jinping and Russian counterpart Vladimir Putin, the two men said their countries' partnership has "no limits" and vowed to deepen ties in different areas. More 

CISA: Russian Hackers Infiltrated U.S. Satellite Network (Cyber Scoop, 12/16/22)

CISA researchers recently discovered suspected Russian hackers lurking inside a U.S. satellite network, raising fresh concerns about Moscow’s intentions to infiltrate and disrupt the rapidly expanding space economy.  While details of the attack are scant, researchers blamed the incident on the Russian military group known as Fancy Bear, or APT28.  It involved a satellite communications provider with customers in U.S. critical infrastructure sectors.

Responding to a tip about suspicious network behavior, CISA researchers found hackers inside the satellite network earlier this year.  MJ Emanuel, a CISA incident response analyst, said it appeared that Fancy Bear was in the victim’s networks for months.  Space security is a growing global concern, especially as key industries and militaries around the world increasingly rely on satellites for vital communications, GPS and internet access. More

NSA Publishes 2022 Cybersecurity Year in Review (NSA, 12/15/22)

The NSA published its 2022 Cybersecurity Year in Review to share its mission focuses and demonstrate how it is producing cybersecurity outcomes for the nation.  This year’s report highlights NSA’s ability to scale cybersecurity solutions through strong partnerships, resulting in speed and agility.  “By protecting the U.S. Government’s most sensitive networks, we cascade solutions that help secure critical infrastructure, U.S. allies, and businesses and consumers around the world,” said Rob Joyce, NSA Cybersecurity Director.

The Year in Review highlights NSA’s efforts, including collaborating with industry to harden billions of endpoints against active and ongoing nation-state threats; disclosing dozens of zero-day vulnerabilities to vendors to remediate before nation-state actors exploit them; and publicly releasing cybersecurity guidance to protect against active adversary and cybercriminal threats and to harden systems. More

Feds Order Review of Power-Grid Security After Attacks (AP, 12/15/22)

Federal regulators ordered a review of security standards at the nation’s far-flung electricity transmission network, following shootings at two electric substations in North Carolina that damaged equipment and caused more than 45,000 customers to lose power.  The order by the Federal Energy Regulatory Commission directs officials to study the effectiveness of existing reliability standards for the physical security of the nation’s power grid and determine whether they need to be improved.
“The security and reliability of the nation’s electric grid is one of FERC’s top priorities,” FERC Chairman Richard Glick said at a commission meeting. “In light of the increasing number of recent reports of physical attacks on our nation’s infrastructure, it's important that we fully and clearly review effectiveness of our existing physical security standard to determine whether additional improvements are necessary to safeguard the bulk power system.″ More

U.S. Slaps Restrictions on Chinese Chipmaker and Others over National Security (CNBC, 12/15/22)

The Biden administration said it was “severely” restricting dozens of mostly Chinese organizations, including at least one chipmaker, over their efforts to use advanced technologies to help modernize China’s military.  The 36 entities will face “stringent license requirements” that hamper their access to certain U.S.-produced commodities, software, and technologies — including artificial intelligence and advanced computing, the Commerce Department’s Bureau of Industry and Security said.

The action comes more than two months after the Biden administration imposed new curbs on China’s access to advanced semiconductors.  The new designations also take aim at Russia-linked entities supporting that country’s military invasion of Ukraine.  The actions will protect U.S. national security by squelching Beijing’s ability to “leverage artificial intelligence, advanced computing, and other powerful, commercially available technologies,” Alan Estevez, undersecretary of Commerce for Industry and Security, said. More

Russian Spy Ring Ran Stolen U.S. Weapons Tech Through N.H. Home, Feds Say (NBC Boston, 12/14/22)

A group of Russians and Americans secretly funneled millions of dollars’ worth of military and other sensitive equipment through New Hampshire and elsewhere in the country to evade U.S. sanctions, federal officials announced.  The technology included ammunition for sniper rifles and electronics that can be used in nuclear or hypersonic -- faster than the speed of sound -- weapons, officials said.

Alexey Brayman, a permanent resident of the U.S. living in Merrimack, N.H., was arrested, along with Vadim Yermolenko of New Jersey, according to the DOJ.  Suspected Russian spy Vadim Konoshchenok was arrested in the Baltic country of Estonia, where authorities found about 375 lbs. of ammunition from the U.S.  Four others in Russia were charged as well.  Brayman's home "was a frequent transshipment point for items that were unlawfully exported from the United States to Russia," prosecutors wrote in the charging documents. More

Spend Less Time Pulling Together Security Awareness Content

License NSI's Employee Security Connection
Content for Your Facility or Agency

  • Quarterly 8-page digital newsletter you can share with cleared and uncleared employees alike at your facility
  • Meets NISPOM-rule requirements
  • Easily drop in your organization logo to brand it your own
  • Easily add your own content if you wish
  • Take aim at a superior rating 
  • A staple of industry and government security programs since 1985
  • Learn a little more
Learn a little bit more

Florida Man Guilty of Unlawful Possession of Weapons, Classified Info Relating to National Defense (DOJ, 12/13/22)

A federal jury convicted Jeremy Brown, 48, of Tampa, for possession of an unregistered sawed-off shotgun and an unregistered short-barreled rifle, two counts of possession of unregistered M67 fragmentation grenades, willful retention of national defense information and illegal storage of explosives.  According to evidence presented at trial, on Sept. 30, 2021, the FBI executed an arrest and search warrant at Brown’s residence in Tampa.

During the search, agents found an unregistered AR-15-style rifle, modified to have a 10” barrel, in Brown’s bedroom.  Agents also found a sawed-off shotgun, also unregistered, on a couch inside of Brown’s recreational vehicle (RV), which was parked near his home.  Inside a briefcase next to the shotgun, agents found a classified Trip Report that Brown had authored shortly before he retired from the U.S. Special Forces.  Inside the bedroom of that same RV, agents found an ammunition vest containing two M-67 fragmentation grenades hidden in the pockets.  U.S. Army records confirmed that the grenades had originally been in the possession of the U.S. Army. More

NSA: Chinese Hackers Are Attacking Flaw in Widely Used Networking Device (Cyber Scoop, 12/13/22)

The NSA said Chinese state-backed hackers are exploiting a flaw in a widely used networking device that allows an attacker to carry out remote code execution.  In its advisory, the NSA said it believes a Chinese hacking crew known as APT5 “has demonstrated capabilities” against an application delivery controller made by Citrix.  Citrix released a patch to fix the vulnerability and said that “exploits of this issue on unmitigated appliances in the wild have been reported.”

The spy agency’s advisory effectively burns down an apparent Chinese intelligence operation by exposing its tools and advising potential victims on how to prevent further attacks.  The NSA has historically preferred to monitor such attacks rather than publicizing them, but in recent years it has grown more proactive in sharing intelligence on attackers such as APT5.  Now that they’ve been burned, the hackers behind the operation targeting Citrix may step up the pace of their attacks. More

Putin to Choose Cyber Warfare Before Nuclear Weapons, Former NSA Chief Says (The Hill, 12/13/22)

Retired Gen. Keith Alexander, former NSA director and head of U.S. Cyber Command, said Russian President Vladimir Putin is likely to continue using cyberattacks against Ukraine before using nuclear weapons.  Alexander explained that although Russia hasn’t done significant damage so far on the cyber front, Putin is not prepared to use nuclear weapons against Ukraine, as he knows doing so could pull the U.S. and other NATO countries into the war. 

“I think he will use [cyber] clearly before nuclear,” Alexander said.  “If he uses nuclear, he’s dead,” he said, adding that “if [Putin] uses the nuclear option, I believe that will cause NATO to rethink [whether] they’re in or out. … I think [Putin] recognizes that, and I think the administration made that clear,” he continued. More

Holiday Threats: Potential Targets in a Complex Threat Environment (HS Today, 12/13/22)

The large gatherings, religious observances, and themed events that make the holidays festive for so many also make Hanukkah, Christmas, and New Year’s Eve an attractive target for violent extremists looking to take advantage of opportunistic, symbolic, and often soft targets.  The most recent National Terrorism Advisory System Bulletin noted that “the holiday season and associated large gatherings” were among the upcoming events that “threat actors could exploit,” with targets of potential violence including “public gatherings, faith-based institutions, the LGBTQI+ community, schools, racial and religious minorities, government facilities and personnel, U.S. critical infrastructure, the media, and perceived ideological opponents.”

In the heyday of ISIS propaganda, imagery of terrorists torching Christmas trees, gunning down or running down Santa, bombs in Santa’s toy sack, or blood-spattered holiday decorations were as much a fixture in the run-up to the season as half-price sales and caroling.  More

Registration is Open: Act now to get the early-bird rate.


Someone forward this to you? Go ahead and sign up for yourself here

Advertising - Over 14k security professionals subscribe. For more information contact us at infoctr@nsi.org 

Stay out of the junk folder:



National Security Institute
3 Sanger Circle, Dover, MA 02030

Contact: 508-533-9099 or infoctr@nsi.org 
Learn More: nsi.org
Copyright © 2022 NSI, All rights reserved.
You are receiving this email because you opted in at our website nsi.org

Our mailing address is:
DOVER, MA 02030