Trump’s First-Term Cyber Actions Could Presage Solid Policy Activity Ahead

As a reminder, on Tuesdays and Thursdays, our premium subscribers have full access to our original content, expansive summaries, intelligently clustered related articles, our best and worst things of the day, and our customary closing thoughts.

So, please consider upgrading your subscription today to access this content along with Metacurity's complete archives.

Summary of the most critical infosec developments you should know today (complete postings available below to premium subscribers)

• The US Treasury Department imposed sanctions on alleged hacker Yin Kecheng and cybersecurity company Sichuan Juxinhe Network Technology Co., accusing both of being involved in a series of hacks by the Chinese threat group Salt Typhoon against American telecom companies.
• Donald Trump revoked a 2023 executive order signed by Joe Biden that sought to reduce the risks that artificial intelligence poses to consumers, workers, and national security.
• South Dakota Governor Kristi Noem harshly criticized the nation’s leading cybersecurity agency, the Cybersecurity and Infrastructure Security Agency (CISA), during her Secretary of Homeland Security confirmation hearing.
• The US Federal Trade Commission issued a report finding that businesses charge customers more for products based on insights gleaned from their consumer data and behaviors, including geolocation, demographics, shopping habits, or even how an individual moves their mouse on a webpage.
• The personal information of Ontario, Canada, students from as far back as 60 years was breached in a recent cyberattack on school software provider PowerSchool that affected millions across many boards in the province and, in some cases, included their medical information and even disciplinary records.
• Hewlett Packard Enterprise (HPE) is investigating claims of a new breach after the IntelBroker threat actor said they stole documents from the company's developer environments.
• The UAE Cyber Security Council announced that the national cybersecurity systems successfully thwarted malicious ransomware attacks targeting several strategic sectors in both public and private entities.
• In a posting to the Federal Register, the US Transportation Security Administration said it is locking in a pair of pipeline directives for additional years.
• Researchers at ESET report that a new UEFI Secure Boot bypass vulnerability tracked as CVE-2024-7344 that affects a Microsoft-signed application could be exploited to deploy bootkits even if Secure Boot protection is active.
• Hotel management platform Otelier suffered a data breach after threat actors breached its Amazon S3 cloud storage to steal millions of guests' personal information and reservations for well-known hotel brands like Marriott, Hilton, and Hyatt.
• Nigerian authorities dismantled a fake hotel review syndicate and arrested four Chinese nationals and 101 Nigerians for their roles in the elaborate internet fraud scheme.
• Security firm ScamSniffer said that crypto scammers have seriously pivoted to Telegram malware scams, which have surpassed traditional phishing in volume, increasing by 2,000% since November.
• Google says it has begun requiring users to turn on JavaScript, the widely used programming language to make web pages interactive, to use Google Search.

Trump’s First-Term Cyber Actions Could Presage Solid Policy Activity Ahead

Although it has been lost in the noise surrounding TikTok’s recent brief shutdown and Donald Trump’s executive order to delay enforcement of the divest-or-ban legislation that might permanently shutter the video service,  it was Trump himself who kicked off the controversy with an executive order (EO) on August 11, 2020.

That order, officially entitled “Addressing the Threat Posed by TikTok, and Taking Additional Steps To Address the National Emergency With Respect to the Information and Communications Technology and Services Supply Chain,” was one of many high-profile cybersecurity-related executive actions Trump undertook during his first White House term. It concluded that “action must be taken to address the threat posed by one mobile application in particular, TikTok,” and bucked any follow-on action to the Commerce Secretary.

Even before the order, the Trump administration had banned TikTok on military phones and phones used by the Departments of Homeland Security and Transportation. The EO’s mandate fizzled until Congress took over during the Biden administration, ultimately passing the law that resulted in the current crisis.

The TikTok EO is emblematic of what is an underreported aspect of the newly inaugurated president: His first administration was highly productive on the cybersecurity front, launching eleven major cybersecurity initiatives in just four years (see the list of actions and summaries below). The subjects of these cyber actions were wide-ranging, from a comprehensive national cybersecurity strategy to building up the nation’s cyber workforce to identity requirements that would limit foreign adversary use of US cloud providers.

Cybersecurity experts say these actions strengthened US government cybersecurity policy and advanced sound private sector security practices. Experts, including those on the opposite side of the political spectrum from Trump, have underscored that the first Trump administration’s activity on the cyber front, followed by a Biden administration that likewise prioritized cybersecurity, reflects the topic's nonpartisan nature.

If Trump picks respected cybersecurity leaders, as initial indications and behind-the-scene gossip indicate, Trump 2.0 could be a relative oasis of calm policymaking in what otherwise will likely be a turbulent presidency.