US ‘Strike Force’ Keeps Disruptive Tech From Adversaries
The U.S. Department of Justice (DoJ) and the Department of Commerce launched a “Disruptive Technology Strike Force” to investigate and prosecute criminal violations of U.S. export control laws.
The aim is to prevent foreign actors from obtaining potentially sensitive technologies, including semiconductors.
The strike force will bring together government experts, including the FBI, Homeland Security Investigations (HSI) and 14 U.S. Attorneys’ Offices in 12 metropolitan regions across the country.
It will be co-led by Assistant Attorney General Matthew Olsen of the DoJ’s National Security Division and Assistant Secretary for Export Enforcement Matthew Axelrod of the Commerce Department’s Bureau of Industry and Security.
The strike force itself plans to use advanced data analytics to conduct investigations and will foster partnerships with the private sector and international organizations.
“Advances in technology have the potential to alter the world’s balance of power,” Axelrod said in a statement. “This strike force is designed to protect U.S. national security by preventing those sensitive technologies from being used for malign purposes.”
Casey Ellis, founder and CTO at Bugcrowd, noted the Bureau of Industry and Security (BIS) in the Department of Commerce is usually in charge of keeping an eye on and enforcing US export controls.
“Meanwhile, the DoJ enforces laws to allow for the kinds of activities that might be necessary to achieve the goals of this team, as well as a closer collaboration with prosecutors on the actual crimes it may uncover,” he explained.
He said the partnership with DoJ signaled a stronger intent to discover and prosecute, which may act as a deterrent, but ultimately it will come down to how this arrangement plays out in the real world.
“Foreign adversaries follow their own laws and rules, not those of the countries they are trying to attack,” he adds. “The existence of laws and rules, on their own, isn’t enough to stop this type of activity.”
An example of this is traditional, economically motivated cybercrime, which has been criminalized under laws like the Computer Fraud and Abuse Act of 1986 but continues to grow in profitability and impact.
“The only true method to prevent technology from falling into the wrong hands is to properly secure it at the technical level,” Ellis said.
He pointed out the focus on semiconductors and equipment for making chips is a natural choice because they are at the center of the technology trade and capability war between China and the U.S.
“The more fundamental and advanced a technology is, the more likely it is to become dual-use, even if that wasn’t its original intended purpose,” he said.
Darryl MacLeod, vCISO at LARES Consulting, noted other technologies, such as artificial intelligence (AI), advanced robotics and 5G telecommunications infrastructure, posed a significant threat if exported to adversaries.
“These technologies have civilian and military applications and could potentially be used to develop advanced surveillance systems or autonomous weapons,” he explained.
MacLeod added that private sector security leaders are critical in identifying and addressing the risks of exporting sensitive technologies.
“These leaders deeply understand their industry’s vulnerabilities and can provide valuable input on improving export control policies,” he said. “They can also assist in educating their employees on the importance of protecting sensitive information and identifying potential insider threats.”
He says to be effective, the strike force must also be able to adapt to changing threats and technologies, staying ahead of its adversaries by identifying and controlling emerging technologies that could pose a threat in the future.
“They should leverage advanced technology, such as AI and machine learning, to monitor and analyze export activities for potential threats,” MacLeod adds.
Ellis notes there is a growing body of policymakers and lawmakers who greatly appreciate the input of technologists to soundboard ideas, get feedback, fill technology and knowledge gaps and better help them understand the consequences and unintended effects of technology policy decisions.
He said technologists can get involved through initiatives like Hackers on the Hill, writing letters and responding to published requests for comment.
MacLeod pointed out that private companies, not the government, develop and export many sensitive technologies.
“This means the strike force must work closely with the private sector to ensure that export controls are adequate and that companies know their responsibilities,” he said.
Some countries may be willing to use illegal means to acquire sensitive technologies, such as cyberespionage or theft.
“The strike force must be able to detect and respond to such activities, which can be challenging to identify and prosecute,” MacLeod said.
