putilov_denis - stock.adobe.com
News brief: U.S. cyberdefenses take aim at foreign threats
Check out the latest security news from the Informa TechTarget team.
U.S. cyberdefenders said they are stepping up efforts to counter foreign attacks that target American citizens and companies. In recent days, the Trump administration has taken several actions against groups it blames for cyber schemes and has outlined a strategy for a more assertive and better coordinated deterrence strategy.
Decisions from Washington this week struck some as mixed messages, however. The Federal Communications Commission voted 2-1 to scrap cybersecurity regulations the Biden administration placed on U.S. telecom providers, a move that Senate Democrats said would weaken defenses against attacks, such as the 2024 Salt Typhoon attack attributed to China-backed threat actors. Leaders at CISA, meanwhile, said they plan to make hiring a priority in 2026. Layoffs and voluntary departures have significantly affected CISA this year. Security efforts, the agency's acting director wrote in a recent memo to staff, are "hampered by an approximately 40% vacancy rate across key mission areas."
This week's featured news examines a new U.S. cybersecurity strategy, the creation of the Scam Center Strike Force and sanctions imposed on a Russian hosting company by U.S., U.K. and Australian governments.
U.S. strategy strives to deter cyberattacks from Russia and China
National Cyber Director Sean Cairncross outlined a new cyber strategy at the Aspen Cyber Summit, emphasizing a coordinated approach with six pillars of activity. Key focuses include countering foreign adversaries, such as Russia, China and international ransomware gangs, by imposing costs for cyberattacks, as current deterrence efforts have failed while threats become more aggressive. The aim, he said, is to make U.S. responses significant enough to deter foreign actors from continuing their malicious behavior.
The strategy prioritizes partnering with the private sector to identify and eliminate regulations Cairncross characterized as "burdensome," enabling companies to redirect resources toward protecting critical assets.
Another pillar involves growing the U.S. cyber workforce through a new initiative that unites businesses, venture capitalists and educational institutions, including the creation of a cybersecurity academy. While these priorities mirror the Biden administration's agenda, specific action items and implementation details remain unclear, with Cairncross promising a concise statement of intent and policy.
U.S. government takes aim at foreign scammers
The U.S. government has launched a collaborative Scam Center Strike Force involving representatives from the Justice, Treasury, State and Homeland Security departments to combat cybercriminal syndicates operating from Burma, Cambodia and Laos. These scam centers, primarily run by transnational Chinese organized crime groups, stole more than $9 billion from Americans in 2024 through romance scams and pig-butchering scams. The Strike Force aims to identify perpetrators, charge leaders, seize stolen funds and shut down infrastructure.
The syndicates generate tens of billions of dollars annually, with profits reportedly accounting for 40% of Cambodia's GDP in 2024. The Strike Force initiative includes visa restrictions, rewards up to $25 million for high-level figures, sanctions and partnerships with private companies, including Meta and Microsoft, to disrupt these criminal networks.
U.S. and allies sanction Russian company over hosting allegations
The U.S., Australia and the U.K. have sanctioned Russian company Media Land and its leaders for providing so-called "bulletproof hosting services" to LockBit and BlackSuit, two of the most prominent ransomware gangs. The Western nations accused the company of supplying infrastructure for cyberattacks against U.S. critical infrastructure and of aiding in DDoS attacks. The sanctions targeted Media Land's general director, financial manager, payment collector and three sister companies.
The nations also sanctioned Aeza Group's U.K. front company, Hypercore, which helped the previously sanctioned hosting provider evade restrictions, along with its director and subsidiaries in Serbia and Uzbekistan.
Treasury officials emphasized that this trilateral action demonstrates a collective commitment to combating cybercrime, while CISA released guidance to help network defenders mitigate attacks from bulletproof hosting services.
Read the full article by Eric Geller on Cybersecurity Dive.
Editor's note: An editor used AI tools to aid in the generation of this news brief. Our expert editors always review and edit content before publishing.
Phil Sweeney is an industry editor and writer focused on cybersecurity topics.
