The White House on Saturday announced that the United States Department of Justice would no longer secretly work to obtain the records of journalists involved as part of investigations into leaks.
The news was first reported by the Associated Press and was confirmed by the White House on Saturday.
“While the White House does not intervene in criminal investigations, the issuing of subpoenas for the records of reporters in leak investigations is not consistent with the President’s policy direction to the Department, and the Department of Justice has reconfirmed it will not be used moving forward,” White House Press Secretary Jen Psaki said in a statement.
The Times was not informed of the attempt by the Trump administration, according to the report. The Justice Department under Biden continued the investigation but informed The New York Times of its existence, the outlet reported. But the agency on March 3 placed a gag rule preventing anyone from speaking publicly about it until it was lifted.
David McCraw, the New York Times’ top lawyer, said the move was “unprecedented” and the gag order had been lifted Friday, according to the report.
In the statement Saturday, Psaki said “no one at the White House” had been aware of the gag order until Friday night.
In March 2017, WikiLeaks published a trove of leaked CIA hacking tools. The agency’s internal report, obtained last year by The Washington Post, eventually blamed the CIA’s hackers for spending too much effort “building cyber weapons at the expense of securing their own systems.”
A month after the CIA tools leaked, a group called the Shadow Brokers dumped its fifth batch of hacking tools that it had stolen from the NSA’s elite “Tailored Access Operations” group. Those tools were then used by foreign actors to carry out extensive cyberattacks, including the infamous WannaCry attacks, whose targets included American companies and government agencies.
For decades, the US has had the most sophisticated arsenal of cyberweapons in the world. But America’s focus on building up its cyber offenses – and lack of focus on defensive measures – has increasingly become one of its biggest weaknesses, The New York Times reporter Nicole Perlroth argues in a new book.
In “This Is How They Tell Me the World Ends: The Cyberweapons Arms Race,” Perlroth, who has covered cybersecurity for more than a decade, says other countries’ cyber capabilities have caught up to the US in recent years. At the same time, she argues, America’s critical infrastructure – because so much of it is owned by private companies and connected to the internet – has become a huge target for its adversaries.
“More nation-states and cybercriminals target the United States with cyberattacks than almost any other nation, and we’re the most vulnerable because we’re the most wired,” Perlroth said in an interview with Insider.
That wasn’t always the case, Perlroth said, adding that the US is largely to blame for the flood of attacks.
In 2010, the US and Israel used a computer worm known as Stuxnet to sabotage a substantial portion of Iran’s nuclear enrichment program, in what is widely considered the first cyber “use of force” that dealt damage in the physical world. Eventually, the code that powered the attack leaked online and hackers around the world – including in Iran – were able to reverse engineer it and re-deploy it for their own purposes.
According to Perlroth, that ignited a cyber arms race that hasn’t stopped.
“Since then, almost every government on earth with maybe the exception of Antarctica has pursued these programs,” Perlroth said. “And any government official will readily admit that the target of that attack – that Iran – caught up in terms of its capabilities for cyberattacks in a much shorter timeframe than we gave it credit for.”
Countries like Iran, Russia, China, and North Korea have poured massive amounts of resources into their cyber capabilities and have successfully hit American targets using tools originally built by the US and its allies as well as tools developed in-house. And because it’s so difficult to definitively attribute a cyberattack to a specific country, Perlroth said, the threat of the US retaliating with a strong offensive attack isn’t as strong of a deterrent as it is with conventional weapons.
“We don’t need to back off on offense,” she said. “But the thing is, if we’re going to pursue an offensive strategy, if we’re going to just keep hacking into our adversaries…then we need to make sure that our own grid and our own critical infrastructure isn’t vulnerable. And right now we’re incredibly vulnerable.”
“These are all things that could happen simultaneously and would be in many ways more deadly than a bomb going off somewhere,” Perlroth said, adding that these threats are amplified by the fact that private companies like Solarwinds, which own and operate the vast majority of US infrastructure, are first and foremost concerned with making money.
“The incentive has been get your product first to market, make your products easily accessible, not just to customers, but employees and contractors and vendors,” she said. Perlroth also said that, following the Solarwinds hack, the US government should “pause here and take inventory” of its own IT systems, including which software touches various networks, who makes it and where, and what security practices those companies have in place.
Ultimately, Perlroth said the US needs to better incentivize companies to prioritize security, both by requiring and rewarding good security practices through stricter legal requirements and tax credits, but also by slapping fines on “companies whose passwords are ‘Solarwinds123.’“