CyberWire Daily – “Rebooting the Government, One Cyber Law at a Time”

Date: November 10, 2025
Host: Dave Bittner (N2K Networks)
Featured Guest: Tim Starks (Senior Reporter, Cyberscoop)

Episode Overview

In this episode, CyberWire covers crucial government actions shaping cybersecurity: the congressional move to reopen the government by extending an expired cyber law, the Department of Defense’s (DoD) overhaul of US military cyber forces, and global cyber threats from state actors and criminal groups. The episode also includes a detailed interview with reporter Tim Starks about a cyber incident at the Congressional Budget Office (CBO) and the uncertain future for federal Cyber Corps scholarships. A “business roundup” touches on major funding and M&A moves in cybersecurity, while notable global incidents and regulatory shifts add context for industry professionals and policymakers alike.

Key Segments and Discussion Points

[00:15] - Congressional Action: Extending Cybersecurity Law

• Shutdown and Cyber Law Renewal:
  • Congress is poised to end the federal government shutdown with legislation that would also revive the expired Cybersecurity Information Sharing Act (CISA) of 2015, which protects companies legally when sharing cyber threat data.
  • The extension is temporary (through January), with lawmakers planning to debate a longer-term solution.
  • Competing visions: the Trump administration calls for a 10-year renewal, while House and Senate leaders differ on changes.
  • Quote:
    “The bill includes a short-term extension of the Cybersecurity Information Sharing Act of 2015, which lapsed at the end of September…a safeguard industry leaders consider essential.” (Bittner, 00:36)

[01:50] - DoD Overhauls US Military Cyber Forces

• Cyber Command “2.0” Plan:
  • New recruiting and retention strategies address longstanding talent gaps.
  • Key initiatives:
    • Virtual Advanced Cyber Training/Education Center (ready by 2028, fully operational by 2031)
    • Cyber Innovation Warfare Center (2026 and beyond)
  • Critics argue the process is too slow and call for a standalone cyber military branch.
  • Pentagon: The plan is a “transformative step toward greater lethality and agility.”

[03:50] - Major Global Threats & Vulnerabilities

• North Korean APTs:

  • North Korea’s KONNI APT hijacked Google accounts to take full control of Android devices in South Korea via spear phishing (impersonating the National Tax Service) and abusing Google’s Find Hub.
  • Expanded attack via Kakao Talk to infect more victims.
  • Victims: defector student counselors, others.
  • Quote:
    “Genians called the operation a highly sophisticated social engineering campaign combining device neutralization with account based malware propagation.” (Bittner, 05:20)

• EU AI Act Postponements:

  • European Commission to pause parts of the AI Act under pressure from big tech and US government.
  • Delays include a one-year grace period for high-risk AI, enforcement postponed to August 2027.

• Critical Web Vulnerability – Monsta FTP:

  • Watchtower discover remote code execution flaw in Monsta FTP, allowing unauthenticated server compromise.
  • Flaw patched rapidly post-disclosure; urgent updates recommended.

• Samsung Galaxy Espionage Campaign:

  • Nine-month spyware campaign “Landfall” exploited Galaxy image-processing (via WhatsApp zero-click) for surveillance in the Middle East.
  • Linked to commercial spyware vendors; similar to UAE-tied Stealth Falcon.

• Five Eyes Partnership Strained:

  • FBI-UK tension: US FBI director dropped London post despite promises, raising doubts about US reliability among allies.

• NSO Group Executive Shakeup:

  • Former US Ambassador David Friedman appointed executive chairman to help repair US ties and navigate sanctions.
  • NSO shifts US strategy post-Hollywood investment-led takeover, promising new vetting and oversight.

[12:50] - Cybersecurity Industry Business Roundup

• Major Funding and M&A Activities:
  • Armis: $435M pre-IPO round; company now valued at $6.1B.
  • Notable raises:
    • Denmark’s Formalize (€30M), Israel’s Daylight ($33M), Canada’s Flare ($30M).
    • Reflectives ($22M), Wide Field Security ($11.3M), stealth startups Milanta/Spectrum Labs ($10M each).
  • Mergers/Acquisitions:
    • Google’s $32B acquisition of Wiz cleared US antitrust review.
    • Francisco Partners takes Jamf private for $2.2B.
    • Other deals: Ping Identity buys Keyless; Zscaler buys SPLX; Bugcrowd acquires Mayhem Security.

[17:00] - Interview with Tim Starks (Cyberscoop): CBO Hack & Cyber Corps Crisis

Cyber Incident at the Congressional Budget Office (CBO)

• Discovery and Response:
  • CBO, as the Washington Post first reported, suffered a data breach suspected to involve a foreign actor (possibly China, according to researcher chatter).
  • Officials insist the breach was contained quickly, but damage assessment is ongoing.
• Potential Impact:
  • Exposed communications between CBO and lawmakers—a channel for fiscal and policy information.
  • Historical context: CBO as a nonpartisan resource critical to Congressional decision-making.
  • Quote:
    “Whoever the hackers were, they did get access to potentially the communications between the CBO and lawmakers…that’s potentially worrisome as far as the impact.” (Starks, 18:21)

Uncertainty for the Federal Cyber Corps ‘Scholarship for Service’ Program

• Background:
  • Scholarships cover school; recipients must serve the federal govt. within 18 months of graduation.
  • Shrinking federal jobs mean many students risk inability to fulfill obligations—and face loan conversion for the full amount (hundreds of thousands of dollars).
  • Cancellations of job fairs/internships, minimal communication have increased participant anxiety.
  • Quote:
    “They're very worried that what is going to happen is that they're not going to be able to find jobs to fulfill their part of the contract...this will be converted into loans. And this is hundreds of thousands of dollars for some of these students.” (Starks, 20:02)
• Potential Solutions & Institutional Response:
  • The OPM may offer mass deferments (post-shutdown), but students question if prolonged deferrals will result in actual jobs later.
  • State/local govt. jobs permitted for some, but are also scarce. Some contemplate private sector or military service as last-resort options.
  • Discussion exists around forgiveness programs or tying aid to a job guarantee.
  • Core worry: The program’s future viability as an answer to the federal cyber skills gap is at risk.
  • Quote:
    “How do you get people to sign up for a program when the people who were in the program before suddenly might not be able to get the jobs?” (Starks, 23:40)

Notable Quotes from the Interview

• On CBO Hack:
  “We've seen this kind of thing before…where there have been ways for hackers to sort of indirectly back into the offices of lawmakers…get some insight into the thinking of policymakers that we wouldn't normally want them to have.” (Starks, 18:21)

• On Cyber Corps Fallout:
  “A lot of them are having trouble finding jobs. Some of them have had offers for jobs that were rescinded or internships. So they're in a real big bind potentially.” (Starks, 20:02) “...this program was meant to be a way to fill the gigantic cybersecurity worker gap in the federal government.” (Starks, 23:40)

[29:00] - Human Side of Cybercrime

• ‘Tank’ (Yakov Pentchikov), Jabber Zeus cyber gang leader:
  • Now in prison, upbeat and charismatic despite infamous past.
  • Shows selective remorse: “He regrets trusting fellow hackers more than the havoc he caused in cybercrime.” (Bittner, ~29:50)
  • Memorable anecdote:
    “He poked his head around a pillar, flashed a movie star grin and winked. It was a fitting entrance for a man who once hacked banks by day and DJed nightclubs…by night.” (Bittner, 29:38)

[31:00+] - Closing Notes

• The episode concludes with a reminder of CyberWire’s resources, a note about the next day’s break for Veterans Day, and a pointer to an interview with veterans on the T-Minus podcast.

Timestamps for Key Segments

• Update on Cybersecurity Law Extension: 00:15–01:45
• DoD Cyber Command Overhaul: 01:50–03:45
• Major Threat/Incident Updates: 03:50–10:00
• Business Roundup: 12:50–16:00
• Interview: CBO Incident & Cyber Corps Troubles: 17:00–27:00
  • CBO hack discussion: 17:00–19:35
  • Cyber Corps scholarship crisis: 19:35–27:00
• Human Portrait – Cybercrime’s ‘Friendly Face’: 29:00–31:00

Episode Takeaways

• Cyber Policy is in Political Flux: Congressional gridlock and disagreements over cybersecurity law extensions signal instability in essential safeguards.
• Talent Pipeline Squeeze: The federal cybersecurity workforce shortage is being exacerbated by job freezes and program uncertainty—ironically, amid growing threat volume.
• Threats on All Sides: State-sponsored cyber campaigns, critical software vulnerabilities, and constraints on global intelligence cooperation remain top-of-mind risks.
• Industry Momentum: Despite governmental turmoil, investment in cybersecurity innovation and consolidation surges ahead.
• Human Stories Matter: The episode’s closing vignette reminds listeners that even notorious hackers have complex, personal arcs.

For more in-depth details, visit the full daily briefing at thecyberwire.com.