National Security Agency (NSA) cyber security director Anne Neuberger has been picked to lead on cyber security for president elect Joe Biden, as the Trump era drew to a violent end on 6 January 2021 when armed, far right terrorists temporarily occupied the US Capitol building in Washington DC, disrupting the confirmation of Biden’s victory and creating an operational security nightmare.
Neuberger, who has been with the NSA for the past decade, will fill the newly created role of deputy national security advisor for cyber security on Biden’s incoming National Security Council (NSC), according to Politico, which cited sources familiar with the appointment.
The reports suggest a refreshed approach to cyber security under the Biden administration and the possibility of a more hardline approach to nation-state attackers, including Russia, which is currently suspected with high certainty of being behind the significant SolarWinds Sunburst/Solorigate attack in December 2020 – something Trump denies.
According to Politico, the Biden transition team declined to comment on any appointments, but said the incoming administration would elevate cyber security as a priority across the government from the get-go, strengthening engagement with the private sector, academia and civil society, and renewing the US’ commitment to international legal norms
Trump himself was no shrinking violet on security, overseeing the creation of the US’s Cybersecurity and Infrastructure Security Agency (CISA) in 2018, but he was frequently at odds with his own security personnel and law enforcement agencies, particularly when it came to calling out the activities of the Russian intelligence services.
Indeed, following his resounding defeat in the November 2020 general election, Trump fired CISA head Chris Krebs after the agency rejected his baseless claims of election fraud.
Posting to Twitter as events unfolded on Wednesday, Krebs accused Trump of being directly responsible for the attack on the Capitol, saying the president, his campaign staff, legal team and supporters had fanned the flames of disinformation, culminating in the incident, which killed four.
Separately, the attack on the US seat of power by insurrectionists has prompted calls for the federal government to conduct an urgent review of its cyber security in addition to its operational security.
While it is unlikely that any of the terrorists set out to exfiltrate government data, many cyber security experts are urging caution in the coming days, and suggest the government treat all devices in the building as potentially having been compromised.
Some of the terrorists were photographed sitting at and accessing computer terminals used by senior US lawmakers, including that of Nancy Pelosi, the speaker of the House of Representatives, who did not appear to have had time to lock her PC when the building was put into lockdown.
One former congressional systems administrator suggested the government should rebuild its networks from scratch, wipe every device and conduct visual internal inspections of its IT equipment.
Read more about US election security
- Election Day in the US occurred with no evidence of cyber attacks or voting machine hacks, but CISA has its hands full with disinformation and conspiracy theories.
- A number of infosec experts, election officials and government agencies say Election Day was free from hacking and cyber attacks, but the White House disagrees.
- Technologies were weaponised to undermine the 2020 US presidential election, but IT systems have also helped to identify fraud and verify results in a hotly contested election.