Summary

Podcast Summary: Click Here's Episode 177 – "Mic Drop: NSA’s David Luber on Russia, China and the Power of Partnerships"

Introduction

In Episode 177 of Click Here, titled "Mic Drop: NSA’s David Luber on Russia, China and the Power of Partnerships," host Deana Temple-Raston engages in a comprehensive discussion with David Luber, the Director of the Cybersecurity Directorate at the National Security Agency (NSA). Released on October 25, 2024, this episode delves into the evolving landscape of cyber threats posed by Russia and China, the strategic operations undertaken by U.S. Cyber Command, and the critical role of international partnerships in combating cyber adversaries.

Hunt Forward Operations: Proactive Cyber Defense

The conversation begins with an exploration of Hunt Forward Operations, a proactive approach where U.S. Cyber Command teams collaborate with foreign partners to identify and mitigate cyber threats before they can be exploited.

Deana Temple-Raston introduces the concept:
“A few months before the Russian invasion in 2022, a contingent of cyber operators from US Cyber Command quietly flew to Ukraine on a secret mission... They're called Hunt Forward Operations.” [01:37]
David Luber elaborates on the operational framework:
“One can then go and support a country in their cybersecurity... It's a side by side type operation...” [02:10]

These operations are designed to embed U.S. cyber expertise alongside allied forces, enhancing their ability to detect and neutralize malware and other cyber threats. Luber emphasizes the importance of intelligence sharing:
"We partner with the Hunt Forward teams to ensure that they have the best insights possible from intelligence..." [02:36]

Russia’s Cyber Expectations vs. Reality in Ukraine

A significant portion of the discussion centers on Russia's anticipated cyber aggression during the Ukraine conflict and the actual outcomes.

Deana Temple-Raston notes the initial fears:
“The general sense at the time was that Russia was going to use the war in Ukraine to show the world how cyberattacks would change what we thought we knew about modern warfare, but that didn't happen.” [03:21]
David Luber responds:
“If you go back to the start of the Ukraine conflict... There was no real big bang.” [03:45]

Despite pre-war preparations by Russia, including the planting of malware targeting critical infrastructure, the Hunt Forward Operations successfully identified and removed many of these threats quietly, preventing the large-scale disruptions that were feared.

Case Study: The Kasat Satellite Attack

Luber and Deana delve into a specific incident highlighting the sophistication of Russian cyber tactics.

Deana Temple-Raston recounts the attack:
“One of the things that actually happened... was a Russian hack into the Kasat satellite on the eve of the war... Russian hackers had broken into the company's modems and dropped wiper malware on them.” [04:05-04:36]
David Luber discusses the aftermath:
“Russian hackers broke into the company's modems and dropped wiper malware on them. BioSat ended up working closely with the NSA...” [05:20]

This attack disrupted high-speed internet access for thousands across Europe, showcasing the potential impact of cyber warfare on critical infrastructure. The collaboration between BioSat and the NSA was crucial in mitigating the damage and preventing future breaches.

Shifting Tactics: From Destruction to Espionage

Luber explains how Russian cyber strategies have evolved from overt attacks to more covert espionage aimed at gaining battlefield intelligence.

David Luber states:
“What I think has shifted... is the Russians shifting back to more espionage... to conduct espionage against Ukrainian systems so that I can have an advantage on the battlefield.” [06:20]

This transition underscores a strategic pivot towards intelligence gathering, allowing Russia to enhance its operational effectiveness without causing immediate, large-scale disruptions.

China’s Emerging Cyber Threat: Volt Typhoon

The conversation shifts focus to China, highlighting the emergence of advanced cyber threats that pose significant challenges to U.S. cybersecurity.

Deana Temple-Raston introduces China’s cyber unit:
“China's offensive cyber operations against the People's Liberation Army has a hacking unit that researchers have named Volt Typhoon.” [06:51]
David Luber elaborates on Volt Typhoon's tactics:
“In Volt Typhoon, it's really the idea of pre-positioning for a future computer network attack at a time of their choosing...” [07:47]

Volt Typhoon represents a sophisticated approach where hackers plant malicious code within U.S. infrastructure, potentially serving as “ticking time bombs” to be activated during conflicts. This stealthy method contrasts with Russia’s previously more aggressive tactics and poses a new level of threat requiring vigilant detection and prevention.

Election Security and Evolving Threats

With the 2024 elections approaching, concerns about cyber interference are paramount. Luber addresses the dynamic nature of these threats.

Deana Temple-Raston asks:
“With an election around the corner... has the nature of meddling actually evolved?” [10:42]
David Luber responds:
“Adversaries are always changing their trade craft... it's an evolving landscape that requires constant change and constant vigilance...” [10:56]

Luber emphasizes that cyber adversaries continuously adapt their methods, necessitating persistent and adaptive defense strategies to safeguard electoral processes from interference.

The Power of Partnerships and Preemption

A recurring theme in the episode is the critical role of partnerships in effective cyber defense.

David Luber asserts:
“It does take a number of different US government partners, industry partners, and even foreign partners to ensure that we can identify, enumerate and then work towards the ability to thwart ransomware activity across the globe.” [08:39]
Deana Temple-Raston summarizes:
“It seems like what you're saying is the best solution is preemption.” [09:13]
David Luber reinforces the concept:
“Exactly. ... it means relentlessly tracking adversaries...” [09:15]

Luber advocates for a strategy of persistent engagement, where continuous intelligence sharing and collaboration among various stakeholders enable preemptive actions against cyber threats, thereby neutralizing adversaries before they can execute significant attacks.

Conclusion

In this episode of Click Here, David Luber provides invaluable insights into the current state of cyber warfare, highlighting the adaptive tactics of Russian and Chinese adversaries and the essential role of international partnerships in countering these threats. The discussion underscores the necessity of proactive defense measures and persistent collaboration to safeguard critical infrastructure and democratic processes from sophisticated cyber threats.

Notable Quotes with Timestamps

“It is a side by side type operation...” – David Luber [02:26]
“There was no real big bang.” – David Luber [03:45]
“What I think has shifted... is the Russians shifting back to more espionage.” – David Luber [06:20]
“Volt Typhoon... pre-positioning for a future computer network attack.” – David Luber [07:47]
“Adversaries are always changing their trade craft.” – David Luber [10:56]

This episode offers a detailed examination of the nuanced and evolving nature of cyber threats, emphasizing the importance of strategic partnerships and adaptive defense mechanisms in maintaining national and global cybersecurity.

Summary

Podcast Summary: Click Here's Episode 177 – "Mic Drop: NSA’s David Luber on Russia, China and the Power of Partnerships"

Introduction

Hunt Forward Operations: Proactive Cyber Defense

Deana Temple-Raston introduces the concept:
“A few months before the Russian invasion in 2022, a contingent of cyber operators from US Cyber Command quietly flew to Ukraine on a secret mission... They're called Hunt Forward Operations.” [01:37]
David Luber elaborates on the operational framework:
“One can then go and support a country in their cybersecurity... It's a side by side type operation...” [02:10]

Russia’s Cyber Expectations vs. Reality in Ukraine

A significant portion of the discussion centers on Russia's anticipated cyber aggression during the Ukraine conflict and the actual outcomes.

Deana Temple-Raston notes the initial fears:
“The general sense at the time was that Russia was going to use the war in Ukraine to show the world how cyberattacks would change what we thought we knew about modern warfare, but that didn't happen.” [03:21]
David Luber responds:
“If you go back to the start of the Ukraine conflict... There was no real big bang.” [03:45]

Case Study: The Kasat Satellite Attack

Luber and Deana delve into a specific incident highlighting the sophistication of Russian cyber tactics.

Deana Temple-Raston recounts the attack:
“One of the things that actually happened... was a Russian hack into the Kasat satellite on the eve of the war... Russian hackers had broken into the company's modems and dropped wiper malware on them.” [04:05-04:36]
David Luber discusses the aftermath:
“Russian hackers broke into the company's modems and dropped wiper malware on them. BioSat ended up working closely with the NSA...” [05:20]

Shifting Tactics: From Destruction to Espionage

Luber explains how Russian cyber strategies have evolved from overt attacks to more covert espionage aimed at gaining battlefield intelligence.

David Luber states:
“What I think has shifted... is the Russians shifting back to more espionage... to conduct espionage against Ukrainian systems so that I can have an advantage on the battlefield.” [06:20]

This transition underscores a strategic pivot towards intelligence gathering, allowing Russia to enhance its operational effectiveness without causing immediate, large-scale disruptions.

China’s Emerging Cyber Threat: Volt Typhoon

The conversation shifts focus to China, highlighting the emergence of advanced cyber threats that pose significant challenges to U.S. cybersecurity.

Deana Temple-Raston introduces China’s cyber unit:
“China's offensive cyber operations against the People's Liberation Army has a hacking unit that researchers have named Volt Typhoon.” [06:51]
David Luber elaborates on Volt Typhoon's tactics:
“In Volt Typhoon, it's really the idea of pre-positioning for a future computer network attack at a time of their choosing...” [07:47]

Election Security and Evolving Threats

With the 2024 elections approaching, concerns about cyber interference are paramount. Luber addresses the dynamic nature of these threats.

Deana Temple-Raston asks:
“With an election around the corner... has the nature of meddling actually evolved?” [10:42]
David Luber responds:
“Adversaries are always changing their trade craft... it's an evolving landscape that requires constant change and constant vigilance...” [10:56]

Luber emphasizes that cyber adversaries continuously adapt their methods, necessitating persistent and adaptive defense strategies to safeguard electoral processes from interference.

The Power of Partnerships and Preemption

A recurring theme in the episode is the critical role of partnerships in effective cyber defense.

David Luber asserts:
“It does take a number of different US government partners, industry partners, and even foreign partners to ensure that we can identify, enumerate and then work towards the ability to thwart ransomware activity across the globe.” [08:39]
Deana Temple-Raston summarizes:
“It seems like what you're saying is the best solution is preemption.” [09:13]
David Luber reinforces the concept:
“Exactly. ... it means relentlessly tracking adversaries...” [09:15]

Conclusion

Notable Quotes with Timestamps

“It is a side by side type operation...” – David Luber [02:26]
“There was no real big bang.” – David Luber [03:45]
“What I think has shifted... is the Russians shifting back to more espionage.” – David Luber [06:20]
“Volt Typhoon... pre-positioning for a future computer network attack.” – David Luber [07:47]
“Adversaries are always changing their trade craft.” – David Luber [10:56]

wavePod

177. Mic Drop: NSA’s David Luber on Russia, China and the power of partnerships

Powered by Wave AI

Summary

Summary