MARYLAND – The director of the US National Security Agency on Nov 20 urged the private sector to take swift, collective action to share key details about breaches they have suffered at the hands of Chinese hackers who have infiltrated US telecommunications.

General Timothy Haugh, a four-star Air Force general who leads the NSA and Cyber Command, told Bloomberg News at the National Security Innovation Forum in Washington that public disclosure would help find and oust the hackers, as the US continues to try to understand a new spate of damaging mass breaches.

In calling for more disclosure, General Haugh didn’t identity specific companies.

General Haugh said he wants to provide a public “hunt guide” so cybersecurity professionals and companies can search out the hackers and eradicate them from telecommunications networks.

“The ultimate goal would be to be able to lay bare exactly what happened in ways that allow us to better posture as a nation and for our allies to be better postured,” he said, adding the US is reliant on industry to share insights into what happened on their own networks.

US authorities have confirmed Chinese hackers have infiltrated US telecommunications in what Senator Richard Blumenthal, a Connecticut Democrat, this week described as a “sprawling and catastrophic” infiltration. AT&T Inc, Verizon Communications Inc and T-Mobile are among those targeted.

Through those intrusions, the hackers targeted communications of a “limited number” of people in politics and government, US officials have said.

They include Vice-President Kamala Harris’ staff, president-elect Donald Trump and vice-president-elect JD Vance, as well as staffers for Senate Majority Leader Chuck Schumer, according to Missouri Republican Senator Josh Hawley.

Representatives of the Chinese government have denied the allegations.

China is “doing this on a scale en masse and as a national effort,” General Haugh said.

The US experience and response is more disjointed, given the limited reach of different law enforcement agencies and the dependence on information from the private sector. There are multiple investigations underway associated with the telecommunications breaches, he said.

“Everybody is in a slightly different place as it relates to Salt Typhoon,” General Haugh said, referring to Microsoft Corporation’s name for the group believed to be behind the telecommunications breaches.

Two cybersecurity experts who requested anonymity to speak freely have privately complained about the lack of information shared that could otherwise help them and others understand, find and tackle the hacks.

Detailed public disclosures would mean that even if some companies haven’t seen the intrusions yet, “they can begin to put countermeasures in place,” General Haugh said. It would also help other nations uncover and root it out too, General Haugh said.

“It’s going to take collective work,” he said, adding the “speed” with which everyone collaborates is a key step. BLOOMBERG

An Iranian hacking group is actively scouting U.S. election-related websites and American media outlets as Election Day nears, with activity suggesting preparations for more “direct influence operations,” according to a Microsoft blog published on Wednesday.

The hackers – dubbed Cotton Sandstorm by Microsoft and linked to Iran’s Islamic Revolutionary Guard Corps – performed reconnaissance and limited probing of multiple “election-related websites” in several unnamed battleground states, the report said. In May, they also scanned an unidentified U.S. news outlet to understand its vulnerabilities.

U.S. Vice President Kamala Harris, the Democratic candidate, faces Republican rival Donald Trump in the Nov. 5 presidential election, which polls suggest is an extremely tight race.

“Cotton Sandstorm will increase its activity as the election nears given the group’s operational tempo and history of election interference,” researchers wrote. The development is particularly concerning because of the group’s past efforts, they said.

A spokesperson for Iran’s mission to the United Nations said that “such allegations are fundamentally unfounded, and wholly inadmissible.”

“Iran neither has any motive nor intent to interfere in the U.S. election,” the spokesperson said.

In 2020, Cotton Sandstorm launched a different cyber-enabled influence operation shortly before the last presidential election, according to U.S. officials. Posing as the right-wing “Proud Boys,” the hackers sent thousands of emails to Florida residents, threatening them to “vote for Trump or else!”

The group also released a video on social media, purporting to come from activist hackers, where they showed them probing an election system. While that operation never affected individual voting systems, the goal was to cause chaos, confusion and doubt, senior U.S. officials said at the time.

Following the 2020 election, Cotton Sandstorm also ran a separate operation that encouraged violence against U.S. election officials who had denied claims of widespread voter fraud, Microsoft said.

The Office of the Director of National Intelligence, which is coordinating the U.S. federal effort to protect the election from foreign influence, referred Reuters to a past statement that said: “Foreign actors — particularly Russia, Iran, and China — remain intent on fanning divisive narratives to divide Americans and undermine Americans’ confidence in the U.S. democratic system.” REUTERS

WASHINGTON – A previously confidential directive by Biden administration lawyers lays out how military and spy agencies must handle personal information about Americans when using artificial intelligence, showing how the officials grappled with trade-offs between civil liberties and national security.

The results of that internal debate also underscore the constraints and challenges the government faces in issuing rules that keep pace with rapid advances in technology, particularly in electronic surveillance and related areas of computer-assisted intelligence gathering and analysis.

The administration had to navigate two competing goals, according to a senior administration official Joshua Geltzer, the top legal adviser to the National Security Council, “harnessing emerging technology to protect Americans, and establishing guardrails for safeguarding Americans’ privacy and other considerations”.

The White House last month held back the four-page, unclassified directive when President Joe Biden signed a major national security memo that pushes military and intelligence agencies to make greater use of AI within certain guardrails.

After inquiries from The New York Times, the White House has made the guidance public. A close read and an interview with Mr Geltzer, who oversaw the deliberations by lawyers from across the executive branch, offers greater clarity on the current rules that national security agencies must follow when experimenting with using AI.

Training AI systems requires feeding them large amounts of data, raising a critical question for intelligence agencies that could influence both Americans’ private interests and the ability of national security agencies to experiment with the technology.

When an agency acquires an AI system trained by a private sector firm using information about Americans, is that considered “collecting” the data of those Americans?

The guidance says that does not generally count as collecting the training data – so those existing privacy-protecting rules, along with a 2021 directive about collecting commercially available databases, are not yet triggered.

Still, the Biden team was not absolute on that question. The guidance leaves open the possibility that acquisition might count as collection if the agency has the ability to access the training data in its original form, “as well as the authorisation and intent to do so.” NYTIMES