Top cyber takeaways from the Intelligence and National Security Summit

Concerns about China and generative AI dominated the cybersecurity discussions at the tenth edition of the Intelligence and National Security Alliance’s annual gathering, which drew hundreds of security professionals, spies and government experts.

NATIONAL HARBOR, MD. — Chinese hackers breached the email accounts of at least two dozen organizations, U.S. security officials and Microsoft announced on the eve of the annual Intelligence and National Security Summit here.

The targeted cyberattack that swept up at least two U.S. agencies offered a stark reminder of what’s at stake for the U.S. intelligence community as its leaders confront urgent cyberthreats.

“This is yet another example of what’s happening all around us every day. China is steadfast and determined to penetrate our governments, our companies, our critical infrastructure,” said NSA deputy director George Barnes during the conference’s opening session Thursday afternoon. “We all have to be understanding of the sophistication that’s coming at us.”

Barnes spoke on a panel featuring senior officials from five other intelligence agencies: CIA, FBI, the National Geospatial-Intelligence Agency, the Defense Intelligence Agency and the National Reconnaissance Office. The session set the tone for the two-day event focused on “Navigating Security Threats in an Uncertain World.” Panelists weighed in on everything from satellite defense to the Russia-Ukraine war and U.S. warfighting readiness.

Cybersecurity risks loomed large at the event, which brought all corners of the U.S. military and intelligence communities under the same roof. Speakers acknowledged there’s no turning back from trends in digitization that continue to introduce vulnerabilities in U.S. critical infrastructure.

Beijing’s big cyberthreat

U.S. intelligence officials are still wrapping their heads around the scope of a recent cybersecurity breach that siphoned off unclassified data from the State and Commerce departments.

The U.S. Cybersecurity and Infrastructure Security Agency said that the suspicious activity dated back to June 2023. The advanced persistent threat actors “used a Microsoft account (MSA) consumer key to forge tokens to impersonate consumer and enterprise users,” CISA said in a joint advisory with the FBI.

For its part, Microsoft said it had “completed mitigation of this attack for all customers” but that it would continue to monitor malicious activity from the “China-based” Storm-0558 group.

The incident underscored the sense among conference attendees that the threat from China would get worse before it gets better, whether that comes alongside a feared invasion of Taiwan or more routine intellectual property theft that uses increasingly sophisticated methods.

“You all have created some incredible technology — unfortunately, the Chinese are using it, too,” said Joseph Rouge, deputy director of intelligence, surveillance and reconnaissance for the U.S. Space Force, told attendees.

Rouge said the Space Force is working on making its satellite assets and other technologies resilient in the face of hacking threats.

Cyberattacks on satellite systems is “a threat we see every day,” Troy Meink, principal deputy director of the National Reconnaissance Office, said Thursday. “We’re constantly being bombarded by the Chinese and the Russians with respect to the cyber and their attempts to penetrate our networks.”

He said the intel agency works closely with NSA to defend against attempted intrusions but more work needs to be done.

“I think we are in a good position to protect our systems today, but without continued investment and diligence, we will not be tomorrow,” he said.

Several speakers pointed out that Chinese President Xi Jinping and the Chinese Communist Party are closely watching Russian President Vladimir Putin’s hybrid war in Ukraine for lessons that could apply to a Chinese military invasion of Taiwan.

CIA deputy director David Cohen said “Xi clearly has an ambition to unify Taiwan with the mainland.”

“I think the question he asks himself is, what is the best course for me to pursue unification? Is it through a military invasion? Is it through coercion, is it through other means?”

Sens. Mark Warner (D-Va.) and Marco Rubio (R-Fla.), the chair and vice chair of the Senate Select Committee on Intelligence, urged vigilance when it came to planning for potential cyberthreats from China, including the chaos that would coincide with an attempted takeover of Taiwan.

“I don’t think the Chinese want to have a war if they can avoid it… I do think we should not underestimate how critical and important [Taiwan] is to them, but we also shouldn’t underestimate how important it should be to us,” Rubio said. “It would fundamentally alter the world we’re in for 100 years.”

AI on the agenda

Intelligence leaders similarly cast advancements in artificial intelligence as game-changing for U.S. national security.

AI “probably more than anything else in our lifetimes will have just fundamental implications for almost everything we do in the government and in everyday life,” said Jon Finer, deputy national security advisor in the White House.

“President Biden has been very clear that he sees both incredible promise in this technology but also real risks” including AI applications in the cyber realm, Finer added during the closing session at the INSA conference today.

“What, if any, guardrails are going to be necessary to place around some of these risks that we’re most concerned about?” he said, hinting to the audience that attendees could expect to hear more from the White House soon on cybersecurity and AI.

Barnes, the NSA deputy director, pointed out that his agency is working on an AI roadmap and cited the Biden administration’s newly announced implementation plan for its National Cybersecurity Strategy. (At a rollout event for the implementation plan Thursday morning, acting National Cyber Director Kemba Walden pledged “the journey to reach President Biden’s destination won’t take as long as you think” as agencies put the document into action.)

Generative AI technology, popularized by tools such as OpenAI’s ChatGPT, holds promise for helping the government analyze troves of intelligence data.

Tonya Wilkerson, deputy director of the National Geospatial-Intelligence Agency, said the intelligence community would continue building AI models with industry “to best posture ourselves to be able to leverage and understand very quickly what’s happening in that deluge of data.”

The same powerful technologies are available to U.S. adversaries, including China, other experts at the event were quick to note.

“Generative AI could offer in our view a revolutionary improvement in China’s lack of high-quality foreign language talent,” RAND Corp. policy researcher Nathan Beauchamp-Mustafaga said. “China has 80 different [AI] models already domestically, so they are indeed pursuing this technology.”

Cybercriminal groups have similarly integrated AI into their workflows, as FBI deputy director Paul Abbate warned.

“We see bad actors using [AI] to generate malicious code … we see it in online exploitation, business email compromise,” he said. “The criminal actors are already putting these technologies to use, so we’re working hard and have been for some time to understand that.”