Login
Get started Get started
Get started Login
Products
Solutions
KNOWLEDGE
HELP CENTER
COMPANY

Open web

DARK WEB

DATASETS

TECHNOLOGIES

Learn

Your hub for web data

BLOG

Featured Article

Access Exclusive Content: Introducing CFC Content for Webz.io News API

Webz.io is now offering access to exclusive CFC (Centre Français d’exploitation du droit de Copie) content.

Back to all Dark Web Pulses
Dark Web News

Practical Implications of the 2025 Trump Administration on Cybersecurity: Three Days Later

January 23, 2025    
Practical Implications of the 2025 Trump Administration on Cybersecurity: Three Days Later

“Oh, you have no idea how crazytown it is!” These were the words I just heard in a recorded phone call between our Director of Business Development and a Managing Partner at a government-focused cybersecurity firm based in Seattle, Washington. Crazytown is the new word on the street for what is happening to the US government’s cybersecurity capability this week following a series of what is being described by an anonymous source to TechCrunch as “horribly shortsighted” making of the new administration. But this is not a political post. I want to keep this as practical as possible, so let’s review the decisions made over this week and their implications for business and government work.

#1: Trump administration dismantles the CSRB

On Tuesday, just one day after the Trump administration was put in charge at the White House, the Department of Homeland Security informed members of multiple advisory committees that they were effectively fired. One of those committees is the Cyber Safety Review Board, the board responsible for investigating major cybersecurity incidents to understand their root causes and provide recommendations for improving national cybersecurity. The major incident being investigated that everyone seems to be discussing was the Salt Typhoon attack, which seems to be a lot more serious than we initially thought. That investigation is currently halted. I’m sure there are many more that are quite serious but are not being discussed.

But the implications are far greater. As part of this shutdown, almost every department the aforementioned company works with, from CISA to the NSA, has been shut down for the last two days. “Private companies are still very interested [in dark web activity], but we do a lot of financial work with the Secret Service, and they [the dark web monitoring and cybercrime unit] are also being dismantled right now.” The short-term implications here are harder to see, but in the long term, this leaves the US telecom industry incredibly vulnerable to increased attacks from government actors as the CSRB has not completed its investigation or released its findings. 

#2: FDA FMEA (Failure Modes and Effects Analysis) no longer required

The FDA FMEA, which is responsible for the cybersecurity hardening of medical devices, is no longer required. That means medical devices that communicate over Bluetooth or WiFi no longer need to go through hardening processes anymore from a government perspective. Without the systems put into place to detect and analyze potential cybersecurity failures, medical devices will be significantly more susceptible to hacking, which will jeopardize patient safety and data privacy. This could lead to incidents that could disrupt treatment disruptions or cause actual physical harm. While this would definitely erode the public’s trust in the medical system, which we saw the effects of during COVID, it will also lead to increased liability for medical manufacturers. Ultimately, without the cybersecurity hardening required under the FMEA, we are setting the stage for a dangerous landscape where medical devices could pose significant risks to patients, instead of being there to help them.

Check Your Organization’s Exposure on the Dark Web

#3: Trump pardons Silk Road Founder Ross Ulbricht

On his first day in office, President Trump pardoned Silk Road founder Ross Ulbricht, who was sentenced to life in prison for running an underground online marketplace. While the practical implications of this are few and far between, there are further implications that are not being discussed. According to the phone call we just had with the same managing partner, the FBI is currently being restricted from investigating any “dark web stuff, which leaves them completely dismantled. The Forensic Lab is on hold, it literally has no funding right now.” Practically, there is no federal law enforcement concerning the dark web at the moment. 

What does that mean for you? By restricting the FBI from investigating the dark web and defunding the forensic lab, there is a possibility that cybercriminals and malicious government actors will become more emboldened to act. That means more breach attempts, more successful breaches, and a significantly increased rise in ransomware and extortion. Without forensic analysis, the FBI will have a much harder time identifying the source and actor associated with the attack, emboldening them to conduct even more damaging attacks. 

#4: Hardening of the CMMC for the Department of Defense Supply Chain paused

By pausing the hardening of the Cybersecurity Maturity Model Certification (CMMC) for the Department of Defense (DoD) supply chain, the new administration has introduced a much higher level of risk for both national security and the integrity of critical defense infrastructure. Relaxed cybersecurity standards, a very big deal for the DoD, create an environment where defense contractors become much more susceptible to a number of cyber threats. Let’s make a list: data breaches, espionage, operational disruptions, communications compromise, supply chain poisoning, counterfeiting, DDoS attacks, ransomware attacks, IP theft, sabotage, insider threats, disinformation, [takes a deep breath], and that’s just the start. By pausing a critical hardening process on an incredibly sensitive supply chain issue, the new administration could expose sensitive information, such as classified military technology and national security secrets, to potential adversarial governments or terrorist groups who would likely exploit these vulnerabilities for malicious purposes, now or in the future.

Additionally, if a compromised supply chain exists for a military, there could be a rolling effect. Think about the production of essential military equipment and delivery to military personnel currently deployed overseas. These essential personnel could see significant disruptions to the flow of equipment, goods, contractors, or repairs. A negative impact if this occurred would be an understatement. The good news is that this is only a pause. However, a pause can have devastating effects, prolonging the time that the supply chain is vulnerable and (again, hopefully not) raising some concerns about the ability of the military to safeguard sensitive information while maintaining a secure network of suppliers.

What’s next?

Well, if you read this, you might think, “Well, this is very, very bad.” It could very well be. Coupled with the news about the Trump administration’s removal of Biden’s restrictions on AI development and its impact on cybersecurity, there is a lot of uncertainty. But is it all bad? All of this is a maybe. There are serious implications to resetting the baseline this quickly into the new administration. Would private cybersecurity need to step in to bridge new gaps? Will the new administration set its own policies to govern cybersecurity threats? It’s too early to know. Let’s hope these issues are resolved quickly. If you feel like you need to jump into the dark web to see your exposure, we are here for you. Fill out the form on this page, and we will get in touch with you to ensure that you understand your organization’s level of exposure and what you can do about it. We look forward to helping you keep your organization significantly more secure.

Dark Web MonitoringTrending
steve
steve

Spread the News
Previous Post

Not subscribed to our Dark Web Pulse updates?

By submitting you agree to Webz.io's Privacy Policy and further marketing communications.

Read More

Could Panasonic’s Breach Have Been Prevented?
January 24, 2022    

Could Panasonic’s Breach Have Been Prevented?

On November 26, 2021, Panasonic joined a long list of companies that suffered a data breach over the past year. See the posts we found in the dark web that could indicate that an attack was in the making.
Top 5 Ransomware Group Trends in 2021
January 24, 2022    

Top 5 Ransomware Group Trends in 2021

Ransomware gangs ramped up their cyber attacks in 2021. Here are 5 trends related to these groups that you need to know.
The Rise in Use of Alternative Social Media Platforms for Illicit Activities
January 24, 2022    

The Rise in Use of Alternative Social Media Platforms for Illicit Activities

The year of 2021 has seen the rise of alternative social media platforms. Discover the top illicit discussion topics we monitored on these sites.

Feed Your Machines the Data They Need

Feed Your Machines the Data They Need

GET STARTED

Expose Hidden Risks to Your Domain

Uncover dark web threats with Lunar, the next gen dark web intel platform

Keep Reading
Learn more
Subscribe to our newsletter for more news and updates!

Ready to Explore Web Data at Scale?

Speak with a data expert to learn more about Webz.io’s solutions
get started
Create your API account and get instant access to millions of web sources
SEE DEMO