One of the opening rounds of an information war between the Kremlin and a democratic country came from Melvin Redick, a fake Facebook account designed to look like your average American – only he was believed to be the handiwork of Russian intelligence. “These guys show hidden truth about Hillary ...

The United States has no peer competitors in conventional military power. But its adversaries are increasingly turning to asymmetric methods for engaging in conflict. Cyber-enabled information warfare (CEIW) is a form of conflict to which the United States – and liberal democracies more generally – are particularly vulnerable. Information warfare involves the ...

Much of the discussion surrounding Russian cyber-enabled information operations against Western societies focuses on technology, such as bots amplifying messages on social media and the hacking of institutions of power to then leak emails with potentially salacious material. But in order to meet the level of success that Russian intelligence ...

There can be no doubt that over the past ten years, Russia has honed its active measures operations – or covert action in U.S. intelligence parlance – into strategic tools to be taken seriously. A great deal of time and effort has been focused on the specific methodologies used by ...

In less than a week, on September 24th, the German public will vote in the country’s general elections – not only to determine who will sit in the country’s parliament, known as the Bundestag, but also who will become – or remain – Chancellor. As the economic and political European ...

Russia has shown it is both willing and capable of using cyber capabilities to interfere in the West's democratic elections. With the German elections coming up on September 24th, it is likely Russia will again – much like the United States and France – seek to sow confusion and distrust ...

While maritime accidents are bound to occur, the consistency and regional concentration of the U.S. Navy mishaps in the Asia-Pacific beg for explanation. Cyber vulnerabilities have long been acknowledged against commercial maritime vessels, but the targeting of new naval systems – whether for navigation, engine and steering control, or commanding ...

Recent fatal accidents involving two vessels in the U.S. Seventh Fleet led to a spate of speculation about whether somehow the navigation in these ships was compromised by a cyber intrusion. Global Positioning System (GPS) spoofing has been highlighted as a possible contributing factor. While investigations are still underway to ...

There has been a recent wave of high-sea collisions in the Asia-Pacific involving U.S. naval vessels – most notably the USS Fitzgerald and USS John S. McCain, which together have resulted in the loss of more U.S. military personnel then in Afghanistan so far this year. The incidents, both involving ...

Hunger and political instability go hand in hand. Fighting and droughts across Somalia, South Sudan, Yemen, and parts of Nigeria have caused dire situations and have driven up food prices, placing over 20 million people under increased risk of food insecurity. Terrorist groups and criminals prey on such situations, exacerbating ...

This century will be defined by two trends: how we manage climate change and how we manage the rise of megacities. Over the next 20 years, the global urban population will grow from 3.5 to 5 billion people. The strain on resources and the environmental stresses that accompany the growth ...

The United States is confronted with security challenges on a daily basis, from unending terrorist attacks to adversaries positioning themselves on the geopolitical and global economic stages. But behind the curtain of all of these problems resides a potentially devastating, long-term issue that demands attention: global food insecurity as both ...

ISIS recruitment messaging online is a current threat and growing concern, and as the group continues to lose physical territory in Iraq and Syria, it is feared that they will seek to inspire individuals around the world to wage war on the West. To combat the anticipated increase in ISIS ...

ISIS propagates its ideology and promises of a jihadi utopia through slick social media campaigns, seeking to inspire a global audience to take up arms against its enemies and the societies they represent. Perhaps less visible has been ISIS’ operational use of digital communications as a command and control platform ...

No terrorist group has capitalized on networked technology more than ISIS, both for recruitment messaging and commanding their fighters on the ground. The internet is their response to asymmetric disadvantage. Where they lack in infrastructure and resources of a state, they use the web to plan attacks, solicit money and ...

Although cyberspace may have been declared the fifth domain of warfare by the U.S. Department of Defense, many wonder if the concepts of warfare applies to this domain. Is the domain somehow different from the others? Can states achieve new political outcomes by the clever use of cyberspace alone? Can ...

The reality of modern times is that nations are in a constant state of cyber engagement – either for espionage, influence, or disruption purposes. While there is a tacit acknowledgement that cyber espionage for political and military purposes is is fair game, some actions such as the disruption of critical ...

It’s likely only a matter of time before a major cyber attack hits U.S. civilian infrastructure, but the nature of that digital violation and the means to respond remain uncertain, as many of the most sensitive systems operate under private sector control. There is a “narrow and fleeting window of ...

The taxonomy of cybersecurity often includes alarming declarations on par with acts of war. But cyber campaigns outside of active conflict hardly meet such a coercive threshold. While there are major concerns over the cybersecurity of the nation’s critical infrastructure – the power grid, water treatment plants, transportation hubs, energy ...

On July 5, Thai police arrested a man in Bangkok named Alexandre Cazes, a 26-year-old Canadian, for running an expansive online criminal bazaar called AlphaBay. Previously only known to law enforcement by his online moniker DeSnake, Cazes reportedly made the mistake of using his personal Hotmail email address to communicate ...

The top U.S. cyber diplomat will no longer have the direct ear of Secretary of State Rex Tillerson. The impending closure of the U.S. State Department’s Office of the Coordinator for Cyber Issues, established under President Barack Obama in 2011, has left some in dismay on how cybersecurity plays into ...

Beset by disruptive digital attacks, espionage, and cyber-enabled influence campaigns intended to sway public opinion, the United States and its allies are looking for ways to stop the onslaught of computer breaches into their systems. Many nations’ security services are bolstering their offensive military cyber capabilities and response frameworks to ...

Time and time again companies, organizations, and government agencies have proven that they can’t completely secure their computer networks from hackers – particularly nation-states with the resources to pursue access persistently. Instead of focusing solely on network defense, the United States can adopt a deterrence strategy that dissuades foreign governments ...

Disruptive and intrusive cyber activity pervades much of modern international relations. The trend towards the jockeying for global influence and geopolitical positioning through cyber means is only going to grow as more countries and non-state actors play out conflicts in the virtual domain. The responsibility for defending U.S. interests from ...

Tradecraft. A term popularized in the novels of John le Carré, but practiced by spies throughout history. Tradecraft includes a number of methodologies, ranging from chalk-marked dead drops, and honey traps, to wiretapping, losing a tail, and safe houses. Spies have to master their craft if they are to be ...

Intelligence officers must often use a false identity – a legend or cover. How has social media and digital technology changed how they create and preserve these cover identities, and what have counterintelligence units traditionally looked for when trying to identify foreign spies? The Cipher Brief’s Levi Maxey spoke with ...

Intelligence officers’ tradecraft is highly guarded for good reason. One of its most important aspects is establishing a cover identity so foreign governments and hostile groups are not aware who is spying on them. The Cipher Brief’s Levi Maxey spoke with Daniel Hoffman, a former CIA station chief, about what ...

Despite the many logistical and operational challenges of a transition, many acknowledge that U.S. Cyber Command must eventually separate from the National Security Agency. According to news reports, the Trump Administration is now finalizing plans to separate Cyber Command from its parent organization, the National Security Agency. While the details ...

Reports of intrusions into industrial control systems (ICS) broke late last week – this time in several U.S. power plants, including the Wolf Creek nuclear facility in Kansas.  The alleged perpetrator? Russia, leading many to compare these incidents to the successful and damaging Russian attacks against the electrical grid in ...

It’s Labor Day, September 4, 2017, and the National Security Agency has just intercepted communications between the senior leadership of the Iranian Revolutionary Guard Corps, the militant purveyors of the 1979 Iranian Revolution, and employees of the Iranian companies ITSecTeam and Mersad. The communications reveal future disruptive cyber attacks against ...

With the advent of digital communications, people thousands of miles apart can engage with each other seamlessly, and businesses can operate at a scale previously unknown, thanks to a burgeoning consumer electronics industry. But not all aspects of this industry are positive. Some contribute to global insecurity and human suffering. ...

Terrorism, political corruption, and human rights violations in sub-Saharan Africa are like any other business: management identifies and provides a needed product or service to willing buyers, thereby generating profits and reinvesting them. In the tragedy currently playing out in the Great Lakes region of Central Africa, especially in the ...

Last February, President Donald Trump issued an Executive Order calling on the Department of Treasury to review the 2010 Dodd-Frank Wall Street Reform and Consumer Protection Act enacted in the wake of the 2008 financial crisis. One Dodd-Frank provision the Trump Administration would like to suspend  is Section 1502, which requires U.S. companies that ...

Few security challenges muddle the distinction between government and business roles as those emanating from cyberspace. National security issues no longer remain solely under the purview of government agencies, and companies continue to find themselves in the sights of foreign adversaries. Moreover, attacks against commercial products have geopolitical ramifications. Software ...

Statecraft and business have always been closely linked, but the advent of digital technology has blurred the roles more than ever. Systems crucial to the economic well-being and national security of the United States rest in the hands of private companies. The two sectors must cooperate by sharing information at ...

The United Kingdom has revamped the way its intelligence agencies collaborate with private industry by establishing a new National Cyber Security Centre that leans towards more open and meaningful exchanges to help secure the country against malicious cyber attacks. The Cipher Brief’s Levi Maxey spoke with Sir David Omand, the ...

Terrorists’ tactics evolve with the times. Just as we have seen an adaption of terrorist methods for sowing fear and distrust, so, too, we have seen their propaganda machines evolve to inspire audiences globally. Gone are the days of printed manifestos, pamphlets, or fuzzy VHS tapes. The internet now facilitates ...

Continuing terror attacks around the world indicate law enforcement and intelligence agencies face difficulty in trying to identify and disrupt the plans of globally disparate and loosely affiliated entities. Terrorist groups have adapted to each step security services take against terror, including the severing of financial lifelines. With growing terrorist ...

Discussion of malicious cyber activity has mainly focused on criminal activity and countries’ intelligence efforts. Entities other than national governments – particularly terrorist groups – seem to be making their way, if slowly, into the cyber realm through hacking and leaking techniques, and commandeering social media sites. Beyond savvy messaging, ...

Today China began enforcing its controversial new Cybersecurity Law, which broadly demands that multinational companies make data accessible to the Chinese government while strengthening the regime's control over content found inappropriate. Such measures have been made under the auspices of bolstering Chinese national security, but could have profoundly negative impacts ...

One of the emerging trends in today’s expanding cyber espionage landscape has been China’s emergence as the leading practitioner of economic cyber espionage. What does the trajectory of Chinese economic espionage look like, and where do we still see barriers to the establishment of effective norms barring the practice before ...

When Beijing got the word that the United States was accelerating the deployment of its Terminal High Altitude Area Defense (THAAD) system to South Korea as a response to North Korea’s latest missile tests, senior Communist Party officials went, no pun intended, ballistic. The official Chinese news agency Xinhua wrote ...

Over the weekend, businesses and critical services like banks, hospitals, telecommunications services and transportation hubs around the world were hit with a cyber attack that locked users out of their own systems using a form of ransomware known as WannaCry. The potential loss of data may lead not only to ...

Who’s to blame for the astonishingly successful ransomware attack sweeping the planet? Microsoft, the information technology giant whose popular Windows operating systems harbored the flaw malicious hackers exploited to paralyze at least 200,000 computers and systems in 150 countries, is pointing the finger at Washington. “Repeatedly, exploits in the hands ...

Friday’s global attack on computers in some 150 countries was clearly a wake-up call. It took government systems offline, affected corporations of all kinds, took critical infrastructure systems out of service and even changed the agenda of the G7 meeting in Italy. But, it was an attack carried out without ...

The National Security Agency recently announced changes to its intelligence collection practices under Section 702 of the Foreign Intelligence Surveillance Act (FISA). The Cipher Brief spoke with Chris Inglis, the former deputy director of the NSA, about what these changes mean, why they might have come about, and how significant ...

The NSA recently said it would stop collecting signals intelligence solely “about” foreign targets by tapping the backbone of the internet resident within the United States. The announcement comes ahead of congressional consideration of the NSA’ s broader authorities outlined in Section 702 of the Foreign Intelligence Surveillance Act (FISA), ...

Ever wonder whether the National Security Agency picked up your text message or email because you mentioned ISIS leader Abu Bakr al Baghdadi to a friend? Claims of privacy infringement on Americans by the National Security Agency have been in headlines for years. Much of the criticism has related to ...

As people’s lives become more attached to the internet, cyber attacks will have more of an impact. One of the most pressing threats is the growth of botnets, or networks of compromised computers that can be leveraged for a variety of nefarious purposes. The Cipher Brief spoke with Omri Iluz, ...

Imagine an army of computers, acting under the instructions of a criminal syndicate, terrorist group, or foreign government. The sheer size of this network of devices augments the computing power of a single hacker, allowing them to coordinate attacks capable of knocking offline crucial websites belonging to banks, social media, ...