Also to note from last week, the defense policy bill was signed, funding the federal government and including specific money for “hunt forward” missions. Since 2018, the digital warfighting unit has deployed such teams as part of its “persistent engagement” strategy 38 times to 21 foreign countries to uncover malware and other vulnerabilities over 60 networks.
The bill states that if the president determines an “active, systemic and ongoing campaign of attacks in cyberspace by a foreign power” against the U.S. government or the country’s critical infrastructure, CYBERCOM can conduct offensive operations in response, with presidential approval.
The bipartisan bill creates an assistant secretary of cyber policy at the Pentagon – a move the administration previously objected to. It also codifies the State Department’s new cybersecurity bureau, helmed by the country’s first cyber ambassador.
While covering fed moves, the National Telecommunications and Information Administration announced that it has now awarded preliminary grants from its $45 billion “Internet for All” program to all 50 states, following the delivery of $6 million to Massachusetts. Every state is guaranteed at least $100 million for broadband expansion once the full awards are given, with many states expected to receive several times that amount.
Why do we care?
With the new year, the US has codified the State department’s cyber bureau, included new military options for cyber, and given out all the allocated funds for broadband. That feels like the end of the beginning for several stories.
I’m not predicting a drop in ransomware activity or cybercrime overall. However, there are more consequences for countries involved in cyber activities.