Latest news with #ContrastSecurity
Associated Press
11 hours ago
- Business
- Associated Press
Contrast Introduces the First Unified Platform to See Application-Layer Attacks, Stop Breaches, and Remediate Vulnerabilities with AI
PLEASANTON, Calif.--(BUSINESS WIRE)--Jun 9, 2025-- Contrast Security, the global leader in Application Detection and Response (ADR), today announced the general availability of Northstar, a major release for the company that redefines how businesses see cyberattacks, stop breaches, and protect their applications and APIs. This is the industry's first platform to unite developers, security, and operations teams through an integrated user experience. Contrast pairs runtime data and contextual analysis with AI-powered auto-remediation to cut response times and eliminate noise, marking a breakthrough in application-layer security. The Contrast Graph: Live Runtime Insight That Drives Precision At the core of the platform is the Contrast Graph, which powers its most advanced capabilities, including optional agentic AI workflows that help teams respond faster and fix smarter. The Contrast Graph builds a real-time digital twin of an organization's application and API environment, mapping live attack paths, correlating runtime behavior, and exposing how vulnerabilities, threats, and assets are connected. This deep, dynamic context eliminates the guesswork that plagues traditional tools, enabling accurate, automated prioritization and remediation - so teams can focus on real risk and act with confidence. Tyler Shields, Principal Analyst at Enterprise Strategy Group, says, 'Connecting security operations processes with application security incident and vulnerability detection capabilities is a significant step towards breaking down the silos that exist between developers, application security, and security operations teams. This broad contextual analysis offering lends itself well to advanced AI-based prioritization and automated remediation, which are the key security outcomes required by security organizations today.' Runtime Intelligence That Sees, Stops, and Solves With the Northstar release, Security Operations and AppSec teams can, for the first time, see application-layer attacks as they happen, stop them instantly, and auto-remediate active vulnerabilities with the new Contrast AI. These capabilities leverage Contrast's powerful real-time context - paired with dynamic risk scoring that reflects exploitability, impact, and live attack activity, so teams always know where to focus. The unified platform provides views that are tailored to each role, enabling developers to prioritize remediation while SOC teams zero in on the most critical threats to limit damage. 'We are excited to see the new features and feel that Contrast is set apart from other competitors, beyond reach. It makes our jobs better and easier. The real data will allow our team to take action more efficiently,' said Martha Gamez-Smith CISSP, PMP, SSCP, Information Security Officer - Texas Computer Cooperative | Education Service Center, Region 20. Jeff Williams, an OWASP Founder, Contrast Security Founder and CTO, said, 'Northstar is the culmination of everything we've learned about defending modern software. We didn't just bolt together another set of tools—we reimagined AppSec from first principles. By combining runtime observability, real-time graph context, and AI-powered automation, we built a platform that doesn't just find problems—it understands them, prioritizes them, and helps teams fix them fast. This is the platform I've wanted since OWASP's earliest days—one that doesn't just generate alerts, but actually defends the software that powers our world.' ContrastNorthstarRelease Highlights: A Unified Perspective, Tailored for Every Team Contrast delivers a new visual user experience built around the Contrast Graph, giving Dev, Sec, and Ops teams real-time visibility into attacks, vulnerabilities, and business risk - all in views tailored to their roles and integrated into the developer, CNAPP, and SIEM solutions they use every day. The Contrast Graph acts as a live map of the application and API environment, showing how vulnerabilities, threats, and assets are connected so teams can act faster, together. Focus on What Matters Most Dynamic Risk Scoring: Continuously prioritizes vulnerabilities with architectural, threat, and business context based on real-world observations in production - so defenders can fix what's actually at risk. Unified ADR + AST: Bring together Application Detection and Response and Application Security Testing to break down silos across development, AppSec, and SecOps with shared context that connects incidents to vulnerabilities, aligning teams around real threats and faster resolution. Agentic AI That's Context-Aware Contrast AI SmartFix: Uses Contrast Graph data to generate fix plans, write code, create test scripts, and draft pull requests, dramatically reducing remediation time. Contrast MCP Server: Opens up access to Contrast's runtime insights - starting with vulnerability data and designed to support future agentic AI use cases. Faster Rollouts. Easier Management. Deployment Hub: Simplifies onboarding and managing updates across complex, distributed environments, speeding time to protection. Flex Agent: Streamlines agent deployment and updates at scale with no manual configuration required, simplifying installation and reducing setup time. Availability and Ecosystem Momentum The Contrast Northstar release is available today, delivering immediate value to both partner ecosystems and enterprise organizations looking to modernize their application security programs. Contrast integrates seamlessly with industry-leading tools like Splunk, Wiz, and Sumo Logic to ensure that security insights flow into the platforms teams already rely on. Additional integrations and strategic partnerships will be announced in the coming weeks, as Contrast continues to expand its global partners and redefine application-layer defense. To experience Contrast Northstar's release, go to: About Contrast Security Contrast Security is the global leader in Application Detection and Response (ADR), empowering organizations to see and stop attacks on applications and APIs in real time. Contrast embeds patented threat sensors directly into the software, delivering unmatched visibility and protection. With continuous, real-time defense, Contrast uncovers hidden application-layer risks that traditional solutions miss. Contrast's powerful Runtime Security technology equips developers, AppSec teams and SecOps with one platform that proactively protects and defends applications and APIs against evolving threats. View source version on CONTACT: Media Contact: Jake Milstein 206 718 9602 [email protected] KEYWORD: UNITED STATES NORTH AMERICA CALIFORNIA INDUSTRY KEYWORD: DATA MANAGEMENT SECURITY APPS/APPLICATIONS TECHNOLOGY SOFTWARE ARTIFICIAL INTELLIGENCE SOURCE: Contrast Security Copyright Business Wire 2025. PUB: 06/09/2025 06:00 AM/DISC: 06/09/2025 05:58 AM
Business Wire
11 hours ago
- Business
- Business Wire
Contrast Introduces the First Unified Platform to See Application-Layer Attacks, Stop Breaches, and Remediate Vulnerabilities with AI
PLEASANTON, Calif.--(BUSINESS WIRE)-- Contrast Security, the global leader in Application Detection and Response (ADR), today announced the general availability of Northstar, a major release for the company that redefines how businesses see cyberattacks, stop breaches, and protect their applications and APIs. This is the industry's first platform to unite developers, security, and operations teams through an integrated user experience. Contrast pairs runtime data and contextual analysis with AI-powered auto-remediation to cut response times and eliminate noise, marking a breakthrough in application-layer security. The Contrast Graph: Live Runtime Insight That Drives Precision At the core of the platform is the Contrast Graph, which powers its most advanced capabilities, including optional agentic AI workflows that help teams respond faster and fix smarter. The Contrast Graph builds a real-time digital twin of an organization's application and API environment, mapping live attack paths, correlating runtime behavior, and exposing how vulnerabilities, threats, and assets are connected. This deep, dynamic context eliminates the guesswork that plagues traditional tools, enabling accurate, automated prioritization and remediation - so teams can focus on real risk and act with confidence. Tyler Shields, Principal Analyst at Enterprise Strategy Group, says, 'Connecting security operations processes with application security incident and vulnerability detection capabilities is a significant step towards breaking down the silos that exist between developers, application security, and security operations teams. This broad contextual analysis offering lends itself well to advanced AI-based prioritization and automated remediation, which are the key security outcomes required by security organizations today.' Runtime Intelligence That Sees, Stops, and Solves With the Northstar release, Security Operations and AppSec teams can, for the first time, see application-layer attacks as they happen, stop them instantly, and auto-remediate active vulnerabilities with the new Contrast AI. These capabilities leverage Contrast's powerful real-time context - paired with dynamic risk scoring that reflects exploitability, impact, and live attack activity, so teams always know where to focus. The unified platform provides views that are tailored to each role, enabling developers to prioritize remediation while SOC teams zero in on the most critical threats to limit damage. "We are excited to see the new features and feel that Contrast is set apart from other competitors, beyond reach. It makes our jobs better and easier. The real data will allow our team to take action more efficiently," said Martha Gamez-Smith CISSP, PMP, SSCP, Information Security Officer - Texas Computer Cooperative | Education Service Center, Region 20. Jeff Williams, an OWASP Founder, Contrast Security Founder and CTO, said, 'Northstar is the culmination of everything we've learned about defending modern software. We didn't just bolt together another set of tools—we reimagined AppSec from first principles. By combining runtime observability, real-time graph context, and AI-powered automation, we built a platform that doesn't just find problems—it understands them, prioritizes them, and helps teams fix them fast. This is the platform I've wanted since OWASP's earliest days—one that doesn't just generate alerts, but actually defends the software that powers our world.' Contrast Northstar Release Highlights: A Unified Perspective, Tailored for Every Team Contrast delivers a new visual user experience built around the Contrast Graph, giving Dev, Sec, and Ops teams real-time visibility into attacks, vulnerabilities, and business risk - all in views tailored to their roles and integrated into the developer, CNAPP, and SIEM solutions they use every day. The Contrast Graph acts as a live map of the application and API environment, showing how vulnerabilities, threats, and assets are connected so teams can act faster, together. Focus on What Matters Most Dynamic Risk Scoring: Continuously prioritizes vulnerabilities with architectural, threat, and business context based on real-world observations in production - so defenders can fix what's actually at risk. Unified ADR + AST: Bring together Application Detection and Response and Application Security Testing to break down silos across development, AppSec, and SecOps with shared context that connects incidents to vulnerabilities, aligning teams around real threats and faster resolution. Agentic AI That's Context-Aware Contrast AI SmartFix: Uses Contrast Graph data to generate fix plans, write code, create test scripts, and draft pull requests, dramatically reducing remediation time. Contrast MCP Server: Opens up access to Contrast's runtime insights - starting with vulnerability data and designed to support future agentic AI use cases. Faster Rollouts. Easier Management. Deployment Hub: Simplifies onboarding and managing updates across complex, distributed environments, speeding time to protection. Flex Agent: Streamlines agent deployment and updates at scale with no manual configuration required, simplifying installation and reducing setup time. Availability and Ecosystem Momentum The Contrast Northstar release is available today, delivering immediate value to both partner ecosystems and enterprise organizations looking to modernize their application security programs. Contrast integrates seamlessly with industry-leading tools like Splunk, Wiz, and Sumo Logic to ensure that security insights flow into the platforms teams already rely on. Additional integrations and strategic partnerships will be announced in the coming weeks, as Contrast continues to expand its global partners and redefine application-layer defense. To experience Contrast Northstar's release, go to: About Contrast Security Contrast Security is the global leader in Application Detection and Response (ADR), empowering organizations to see and stop attacks on applications and APIs in real time. Contrast embeds patented threat sensors directly into the software, delivering unmatched visibility and protection. With continuous, real-time defense, Contrast uncovers hidden application-layer risks that traditional solutions miss. Contrast's powerful Runtime Security technology equips developers, AppSec teams and SecOps with one platform that proactively protects and defends applications and APIs against evolving threats.
Time of India
21-04-2025
- Business
- Time of India
Countries shore up their digital defenses as global tensions raise the threat of cyberwarfare
Hackers linked to Russia's government launched a cyberattack last spring against municipal water plants in rural Texas. At one plant in Muleshoe, population 5,000, water began to overflow. Officials had to unplug the system and run the plant manually. The hackers weren't trying to taint the water supply. They didn't ask for a ransom. Authorities determined the intrusion was designed to test the vulnerabilities of America's public infrastructure. It was also a warning: In the 21st century, it takes more than oceans and an army to keep the United States safe. A year later, countries around the world are preparing for greater digital conflict as increasing global tensions and a looming trade war have raised the stakes - and the chances that a cyberattack could cause significant economic damage, disrupt vital public systems, reveal sensitive business or government secrets, or even escalate into military confrontation. The confluence of events has national security and cyber experts warning of heightened cyberthreats and a growing digital arms race as countries look to defend themselves. At the same time, President Donald Trump has upended America's digital defenses by firing the four-star general who led the National Security Agency, shrinking cybersecurity agencies and slashing election cybersecurity initiatives. Live Events Businesses now are increasingly concerned about cyberattacks, and governments have moved to a war footing, according to a report this month by NCC Group, a British cybersecurity firm. Discover the stories of your interest Blockchain 5 Stories Cyber-safety 7 Stories Fintech 9 Stories E-comm 9 Stories ML 8 Stories Edtech 6 Stories "The geopolitical dust is still settling," said Verona Johnstone-Hulse, a London-based expert on government cybersecurity polices and the report's co-author. "What the new normal looks like is still not yet set." Many in the US are already calling for a more muscular approach to protecting the digital frontier. "Hybrid war is here to stay," said Tom Kellermann, senior vice president of cyberstrategy at Contrast Security. "We need to stop playing defense - it's time to make them play defense." Digital life means more targets for hackers Vulnerabilities have grown as people and businesses use connected devices to count steps, manage finances and operate facilities such as water plants and ports. Each network and connection is a potential target for foreign governments or the hacking groups that sometimes do their bidding. Espionage is one motive, demonstrated in a recent incursion linked to hackers in China. The campaign known as Salt Typhoon sought to crack the phones of officials, including Trump, before the 2024 election. These operations seek entry to sensitive corporate or government systems to steal secrets or monitor personal communications. Such information can be hugely valuable by providing advantages in trade negotiations or military planning. These hackers try to remain hidden for as long as possible. More obvious intrusions can serve as a warning or deterrent, such as the cyberattacks targeting the Texas water plants. Iran also has shown a willingness to use cyberattacks to make political points. The cyberattacks that frighten experts the most burrow deeply into telephone or computer networks, inserting backdoors or malware for later use. National security experts say this was the motivation behind a recent attack from China called Volt Typhoon that compromised telephone networks in the U.S. in an effort to gain access to an unknown number of critical systems. China could potentially use these connections to disable key infrastructure - power plants, communication networks, pipelines, hospitals, financial systems - as part of a larger conflict or before an invasion of Taiwan, national security experts said. "They can position their implants to be activated at a date and time in the future," said Sonu Shankar, a former researcher at Los Alamos National Laboratory who is now chief strategy officer at Phosphorus Cybersecurity. National security officials will not discuss details, but experts interviewed by The Associated Press said the U.S. no doubt has developed similar offensive capabilities. China has rejected US allegations of hacking, accusing America of trying to " smear " Beijing while conducting its own cyberattacks. Global tensions tick up Wars in Ukraine and the Middle East. Trade disputes. Shifting alliances. The risk of cyberattacks goes up in times of global tension, and experts say that risk is now at a high. US adversaries China, Russia, Iran and North Korea also have shown signs of cybercooperation as they forge tighter economic, military and political relationships. Speaking to Congress, Director of National Intelligence Tulsi Gabbard noted that Iran has supplied drones in exchange for Russian intelligence and cybercapabilities. "Russia has been the catalyst for much of this expanded cooperation, driven heavily by the support it has needed for its war effort against Ukraine," Gabbard told lawmakers. Amid global fears of a trade war after the tariffs that Trump has imposed, supply chains could be targeted in retaliation. While larger companies may have a robust cyberteam, small suppliers that lack those resources can give intruders easy access. And any tit-for-tat cycles of cyberconflict, in which one country hacks into a sensitive system as retaliation for an earlier attack, come with "great risk" for all involved, Shankar said. "It would put them on the path to military conflict." The Trump effect At a time when national security and cybersecurity experts say the U.S. should be bolstering its defenses, Trump has called for reductions in staffing and other changes to the agencies that protect American interests in cyberspace. For example, Trump recently fired Gen. Timothy Haugh, who oversaw the NSA and the Pentagon's Cyber Command. The U.S. faces "unprecedented cyber threats," said Virginia Sen. Mark Warner , the top Democrat on the Senate Intelligence Committee. He has asked the White House to explain Haugh's departure. "How does firing him make Americans any safer?" Warner said. Also under Trump, the U.S. Cybersecurity and Infrastructure Security Agency placed on leave staffers who worked on election security and cut millions of dollars in funding for cybersecurity programs for local and state elections. His administration eliminated the State Department's Global Engagement Center, which tracked and exposed foreign disinformation online. The CIA, NSA and other intelligence agencies also have seen reductions in staffing. The administration faced more questions over how seriously it takes cybersecurity after senior officials used the popular messaging app Signal to discuss sensitive information about upcoming military strikes in Yemen. Gabbard later called the episode a mistake. The officials in charge of America's cybersecurity insist Trump's changes will make the U.S. safer, while getting rid of wasteful spending and confusing regulations. The Pentagon, for instance, has invested in efforts to harness artificial intelligence to improve cyberdefenses, according to a report provided to Congress by Lt. Gen. William J. Hartman, acting commander of the NSA and Cyber Command. The changes at the Cybersecurity and Infrastructure Security Agency come as its leaders consider how best to execute their mission in alignment with the administration's priorities, a CISA statement said. "As America's Cyber Defense Agency, we remain steadfast in our mission to safeguard the nation's critical infrastructure against all cyber and physical threats," the statement read. "We will continue to collaborate with our partners across government, industry, and with international allies to strengthen global cybersecurity efforts and protect the American people from foreign adversaries, cybercriminals, and other emerging threats." Representatives for Gabbard's office and the NSA didn't respond to questions about how Trump's changes will affect cybersecurity. Signs of progress? Despite shifting alliances, a growing consensus about cyberthreats could prompt greater global cooperation. More than 20 nations recently signed on to an international framework on the use of commercial spyware. The U.S. has signaled it will join the nonbinding agreement. There's also broad bipartisan agreement in the U.S. about the need to help private industry bolster defenses. Federal estimates say the cybersecurity industry needs to hire an additional 500,000 professionals to meet the challenge, said Dean Gefen, former chief of cybertraining for Israel's Defense Intelligence Technological Unit. He's now the CEO of NukuDo, a cybersecurity training company. "Companies need effective guidance from the government - a playbook," Gefen said. "What to do, what not to do."
Boston Globe
20-04-2025
- Business
- Boston Globe
Countries shore up their digital defenses as global tensions raise the threat of cyberwarfare
A year later, countries around the world are preparing for greater digital conflict as increasing global tensions and a looming trade war have raised the stakes — and the chances that a cyberattack could cause significant economic damage, disrupt vital public systems, reveal sensitive business or government secrets, or even escalate into military confrontation. Advertisement The confluence of events has national security and cyber experts warning of heightened cyberthreats and a growing digital arms race as countries look to defend themselves. Get Starting Point A guide through the most important stories of the morning, delivered Monday through Friday. Enter Email Sign Up At the same time, President Trump has upended America's digital defenses by firing the four-star general who led the National Security Agency, shrinking cybersecurity agencies, and slashing election cybersecurity initiatives. Businesses now are increasingly concerned about cyberattacks, and governments have moved to a war footing, according to a 'The geopolitical dust is still settling,' said Verona Johnstone-Hulse, a London-based specialist on government cybersecurity policies and the report's coauthor. 'What the new normal looks like is still not yet set.' Advertisement Many in the United States are already calling for a more muscular approach to protecting the digital frontier. 'Hybrid war is here to stay,' said Tom Kellermann, senior vice president of cyberstrategy at Contrast Security. 'We need to stop playing defense — it's time to make them play defense.' Vulnerabilities have grown as people and businesses use connected devices to count steps, manage finances, and operate facilities such as water plants and ports. Each network and connection is a potential target for foreign governments or the hacking groups that sometimes do their bidding. Espionage is one motive, demonstrated in a recent incursion linked to hackers in China. The campaign known as Salt Typhoon sought to crack the phones of officials, including Trump, before the 2024 election. These operations seek entry to sensitive corporate or government systems to steal secrets or monitor personal communications. Such information can be hugely valuable by providing advantages in trade negotiations or military planning. These hackers try to remain hidden for as long as possible. More obvious intrusions can serve as a warning or deterrent, such as the cyberattacks targeting the Texas water plants. Iran also has shown a willingness to use cyberattacks to make political points. The cyberattacks that frighten experts the most burrow deeply into telephone or computer networks, inserting backdoors or malware for later use. National security experts say this was the motivation behind a recent attack from China called Volt Typhoon that compromised telephone networks in the United States in an effort to gain access to an unknown number of critical systems. China could potentially use these connections to disable key infrastructure — power plants, communication networks, pipelines, hospitals, financial systems — as part of a larger conflict or before an invasion of Taiwan, national security experts said. Advertisement 'They can position their implants to be activated at a date and time in the future,' said Sonu Shankar, a former researcher at Los Alamos National Laboratory who is now chief strategy officer at Phosphorus Cybersecurity. National security officials will not discuss details, but experts interviewed by the Associated Press said the country no doubt has developed similar offensive capabilities. China has rejected US allegations of hacking, accusing America of trying to 'smear' Beijing while conducting its own cyberattacks. Wars in Ukraine and the Middle East. Trade disputes. Shifting alliances. The risk of cyberattacks goes up in times of global tension, and experts say that risk is now at a high. US adversaries China, Russia, Iran, and North Korea also have shown signs of cyber cooperation as they forge tighter economic, military, and political relationships. Speaking to Congress, the director of National Intelligence, Tulsi Gabbard, noted that Iran had supplied drones in exchange for Russian intelligence and cyber capabilities. 'Russia has been the catalyst for much of this expanded cooperation, driven heavily by the support it has needed for its war effort against Ukraine,' Gabbard told lawmakers. Amid global fears of a trade war after the tariffs that Trump has imposed, supply chains could be targeted in retaliation. While larger companies may have a robust cyberteam, small suppliers that lack those resources can give intruders easy access. And any tit-for-tat cycles of cyberconflict, in which one country hacks into a sensitive system as retaliation for an earlier attack, come with 'great risk' for all involved, Shankar said. 'It would put them on the path to military conflict.' Advertisement At a time when national security and cybersecurity experts say the United States should be bolstering its defenses, Trump has called for reductions in staffing and other changes to the agencies that protect American interests in cyberspace. For example, Trump recently fired General Timothy Haugh, who oversaw the NSA and the Pentagon's Cyber Command. The nation faces 'unprecedented cyber threats,' said Virginia Senator Mark Warner, the top Democrat on the Senate Intelligence Committee. He has asked the White House to explain Haugh's departure. 'How does firing him make Americans any safer?' Warner said. Also under Trump, the US Cybersecurity and Infrastructure Security Agency placed on leave staffers who worked on election security and cut millions of dollars in funding for cybersecurity programs for local and state elections. His administration eliminated the State Department's Global Engagement Center, which tracked and exposed foreign disinformation online. The CIA, NSA, and other intelligence agencies also have seen reductions in staffing. Despite shifting alliances, a growing consensus about cyberthreats could prompt greater global cooperation. More than 20 nations recently signed on to an international framework on the use of commercial spyware. The United States has signaled it will join the nonbinding agreement. There's also broad bipartisan agreement about the need to help private industry bolster defenses. Federal estimates say the cybersecurity industry needs to hire an additional 500,000 professionals to meet the challenge, said Dean Gefen, former chief of cybertraining for Israel's Defense Intelligence Technological Unit. He's now the CEO of NukuDo, a cybersecurity training company. 'Companies need effective guidance from the government — a playbook,' Gefen said. 'What to do, what not to do.' Advertisement
Washington Post
20-04-2025
- Business
- Washington Post
Countries shore up their digital defenses as global tensions raise the threat of cyberwarfare
WASHINGTON — Hackers linked to Russia's government launched a cyberattack last spring against municipal water plants in rural Texas. At one plant in Muleshoe , population 5,000, water began to overflow. Officials had to unplug the system and run the plant manually. The hackers weren't trying to taint the water supply. They didn't ask for a ransom. Authorities determined the intrusion was designed to test the vulnerabilities of America's public infrastructure. It was also a warning: In the 21st century, it takes more than oceans and an army to keep the United States safe. A year later, countries around the world are preparing for greater digital conflict as increasing global tensions and a looming trade war have raised the stakes — and the chances that a cyberattack could cause significant economic damage, disrupt vital public systems , reveal sensitive business or government secrets, or even escalate into military confrontation. The confluence of events has national security and cyber experts warning of heightened cyberthreats and a growing digital arms race as countries look to defend themselves. At the same time, President Donald Trump has upended America's digital defenses by firing the four-star general who led the National Security Agency, shrinking cybersecurity agencies and slashing election cybersecurity initiatives . Businesses now are increasingly concerned about cyberattacks, and governments have moved to a war footing, according to a report this month by NCC Group, a British cybersecurity firm. 'The geopolitical dust is still settling,' said Verona Johnstone-Hulse, a London-based expert on government cybersecurity polices and the report's co-author. 'What the new normal looks like is still not yet set.' Many in the U.S. are already calling for a more muscular approach to protecting the digital frontier. 'Hybrid war is here to stay,' said Tom Kellermann , senior vice president of cyberstrategy at Contrast Security. 'We need to stop playing defense — it's time to make them play defense.' Vulnerabilities have grown as people and businesses use connected devices to count steps, manage finances and operate facilities such as water plants and ports. Each network and connection is a potential target for foreign governments or the hacking groups that sometimes do their bidding. Espionage is one motive , demonstrated in a recent incursion linked to hackers in China. The campaign known as Salt Typhoon sought to crack the phones of officials , including Trump, before the 2024 election. These operations seek entry to sensitive corporate or government systems to steal secrets or monitor personal communications . Such information can be hugely valuable by providing advantages in trade negotiations or military planning. These hackers try to remain hidden for as long as possible. More obvious intrusions can serve as a warning or deterrent, such as the cyberattacks targeting the Texas water plants. Iran also has shown a willingness to use cyberattacks to make political points . The cyberattacks that frighten experts the most burrow deeply into telephone or computer networks, inserting backdoors or malware for later use. National security experts say this was the motivation behind a recent attack from China called Volt Typhoon that compromised telephone networks in the U.S. in an effort to gain access to an unknown number of critical systems . China could potentially use these connections to disable key infrastructure — power plants, communication networks , pipelines, hospitals , financial systems — as part of a larger conflict or before an invasion of Taiwan, national security experts said. 'They can position their implants to be activated at a date and time in the future,' said Sonu Shankar, a former researcher at Los Alamos National Laboratory who is now chief strategy officer at Phosphorus Cybersecurity. National security officials will not discuss details, but experts interviewed by The Associated Press said the U.S. no doubt has developed similar offensive capabilities. China has rejected U.S. allegations of hacking, accusing America of trying to ' smear ' Beijing while conducting its own cyberattacks . Wars in Ukraine and the Middle East . Trade disputes. Shifting alliances . The risk of cyberattacks goes up in times of global tension, and experts say that risk is now at a high. U.S. adversaries China, Russia, Iran and North Korea also have shown signs of cybercooperation as they forge tighter economic, military and political relationships. Speaking to Congress , Director of National Intelligence Tulsi Gabbard noted that Iran has supplied drones in exchange for Russian intelligence and cybercapabilities. 'Russia has been the catalyst for much of this expanded cooperation, driven heavily by the support it has needed for its war effort against Ukraine,' Gabbard told lawmakers. Amid global fears of a trade war after the tariffs that Trump has imposed , supply chains could be targeted in retaliation. While larger companies may have a robust cyberteam, small suppliers that lack those resources can give intruders easy access. And any tit-for-tat cycles of cyberconflict, in which one country hacks into a sensitive system as retaliation for an earlier attack, come with 'great risk' for all involved, Shankar said. 'It would put them on the path to military conflict.' At a time when national security and cybersecurity experts say the U.S. should be bolstering its defenses, Trump has called for reductions in staffing and other changes to the agencies that protect American interests in cyberspace. For example, Trump recently fired Gen. Timothy Haugh, who oversaw the NSA and the Pentagon's Cyber Command. The U.S. faces 'unprecedented cyber threats,' said Virginia Sen. Mark Warner, the top Democrat on the Senate Intelligence Committee. He has asked the White House to explain Haugh's departure. 'How does firing him make Americans any safer?' Warner said. Also under Trump, the U.S. Cybersecurity and Infrastructure Security Agency placed on leave staffers who worked on election security and cut millions of dollars in funding for cybersecurity programs for local and state elections. His administration eliminated the State Department's Global Engagement Center , which tracked and exposed foreign disinformation online. The CIA , NSA and other intelligence agencies also have seen reductions in staffing. The administration faced more questions over how seriously it takes cybersecurity after senior officials used the popular messaging app Signal to discuss sensitive information about upcoming military strikes in Yemen. Gabbard later called the episode a mistake . The officials in charge of America's cybersecurity insist Trump's changes will make the U.S. safer, while getting rid of wasteful spending and confusing regulations. The Pentagon, for instance, has invested in efforts to harness artificial intelligence to improve cyberdefenses, according to a report provided to Congress by Lt. Gen. William J. Hartman, acting commander of the NSA and Cyber Command. The changes at the Cybersecurity and Infrastructure Security Agency come as its leaders consider how best to execute their mission in alignment with the administration's priorities, a CISA statement said. 'As America's Cyber Defense Agency, we remain steadfast in our mission to safeguard the nation's critical infrastructure against all cyber and physical threats,' the statement read. 'We will continue to collaborate with our partners across government, industry, and with international allies to strengthen global cybersecurity efforts and protect the American people from foreign adversaries, cybercriminals, and other emerging threats.' Representatives for Gabbard's office and the NSA didn't respond to questions about how Trump's changes will affect cybersecurity. Despite shifting alliances, a growing consensus about cyberthreats could prompt greater global cooperation. More than 20 nations recently signed on to an international framework on the use of commercial spyware. The U.S. has signaled it will join the nonbinding agreement. There's also broad bipartisan agreement in the U.S. about the need to help private industry bolster defenses. Federal estimates say the cybersecurity industry needs to hire an additional 500,000 professionals to meet the challenge, said Dean Gefen, former chief of cybertraining for Israel's Defense Intelligence Technological Unit. He's now the CEO of NukuDo, a cybersecurity training company. 'Companies need effective guidance from the government — a playbook,' Gefen said. 'What to do, what not to do.'
