US Cyber Official Adamant that Software Firms Aren’t Doing Enough Against Hackers

( – According to Jen Easterly, director of the US Cybersecurity and Infrastructure Security Agency, Chinese hackers are never identified nor are they ever deterred from hacking, and software providers aren’t doing enough to safeguard their products against cyberattacks that might be detrimental to US interests.

In a speech at Carnegie Mellon University, Easterly emphasized that the risk posed by technology was more serious and pervasive than a surveillance balloon. She urged tech companies to assume more responsibility for consumer security. She continued by citing data from Twitter and Microsoft showing that only a small percentage of consumers or commercial customers employ an additional layer of security when logging into their accounts. She called on software companies to adopt “radical transparency” and share their software design plans publicly, so they can be reviewed by experts.

Easterly’s lecture comes as American citizens anxiety over the introduction of large software systems with substantial security holes that hackers may easily exploit, is growing. According to Easterly, a large portion of software developers do not safeguard their products, and she said that customers should not be solely completely responsible for safety. She also underlined that cybersecurity in cyberspace is not a “cause,” but a “symptom” of cyberattacks. According to Easterly, large software vendors are not developing their products securely, which is the root of the issue, and this needs to be addressed more.

Although the recent shooting down of a suspected Chinese surveillance balloon that flew over multiple US states increased tensions in US-China relations, for years cybersecurity experts from across the US government have also repeatedly warned that China has been covertly collecting corporate and government secrets through hacking. Such cyber espionage campaigns often exploit widely popular software that can be used to gain access to US government agencies and corporations. In late 2021, suspected hackers used a popular password management software to breach multiple US defence contractors, according to researchers. The Biden administration has introduced cybersecurity regulations for sectors such as pipelines, and officials have not ruled out further regulation to improve cybersecurity defenses.

Copyright 2023,