FBI chief says Chinese hackers have infiltrated critical US infrastructure (opens in new tab)

How quickly can the FBI get everyone in the country to patch their servers, rearchitect their industrial control systems, etc.? I don’t doubt there’s a political angle here but he doesn’t have a magic want to change everyone’s funding and priorities even within the federal government, much less the private sector. Think about all of those companies where they’re notoriously stingy because they’re still pretending IT isn’t core to their business, to at nothing of the ones where the CIO was selected for being the CEO’s favorite golf buddy or the owner’s nephew, and ask how many of them are going to react to a request from Wray by changing their plans and budget versus saying “if the FBI cares so much, they can pay for it”.

I suspect that this will come up legislatively over time - everyone is watching Russia’s electronic warfare against Ukrainian infrastructure – and it’s a good time to write to your representatives about what you think policy responses should be. For example, I’d like to see it be harder for companies to deploy the “nation state-level attack” excuses without some barrier to entry greater than “we’d been slacking on patches for 18 months”.

When any given infrastructure is a federation of multiple state, federal, and private parties; it’s not trivial.

Perhaps private industry and state governments should be more open to secure standards and rights to repair (looking at my ISP enforced routers).

It is an odd statement. Perhaps it’s that it’s too hard/expensive/we don’t care enough to properly secure some of these systems?

> This sounds like pure propaganda

It is.