The main loss from the departure of Chris Painter, America’s top cyber diplomat, will not be the loss of one of the top U.S. civil servants in the field, with 26 years in government. Nor will the biggest hit be to U.S. airlines, whose business models have increasingly been depending ...

Despite the many logistical and operational challenges of a transition, many acknowledge that U.S. Cyber Command must eventually separate from the National Security Agency. According to news reports, the Trump Administration is now finalizing plans to separate Cyber Command from its parent organization, the National Security Agency. While the details ...

Reports of intrusions into industrial control systems (ICS) broke late last week – this time in several U.S. power plants, including the Wolf Creek nuclear facility in Kansas.  The alleged perpetrator? Russia, leading many to compare these incidents to the successful and damaging Russian attacks against the electrical grid in ...

Relations between the United States and North Korea hit a new low following Pyongyang’s test of an ICBM July 4. With a range of up to 5,000 miles – capable of reaching Alaska – the Hwasong-14 is North Korea’s longest-range missile to date, and its successful test is a direct ...

In May, the U.S. Ground-based Midcourse Defense system - the GMD - successfully intercepted a mock ICBM in a critical test of the U.S. missile defense umbrella. Given the growing threat of the development of a North Korean ICBM capable of reaching the United States, this is excellent news. However, ...

The Pentagon’s missile defense review is now underway, incorporating mandates from both the White House and Congress. One of its considerations, at presidential direction, is whether there should be a relative “rebalancing” between homeland and regional missile defense. Regional defense has received a relatively greater share of the Missile Defense ...

As the dust settles on last Tuesday’s NotPetya malware outbreak, it is increasingly evident that this was not a ransomware, money-making attack at all; rather it was a targeted, destructive cyberattack against Ukraine. It utilized deception in which it was designed to look like ransomware but wasn’t. It targeted obscure ...

Intelligence Advanced Research Projects Activity Director Jason Matheny worries a lot about national security risks that probably aren’t headlining many lists of pressing threats to the United States — pandemics, autonomous systems, and strategic nuclear war, to name a few. “We also have a need to protect what’s right now ...

It’s Labor Day, September 4, 2017, and the National Security Agency has just intercepted communications between the senior leadership of the Iranian Revolutionary Guard Corps, the militant purveyors of the 1979 Iranian Revolution, and employees of the Iranian companies ITSecTeam and Mersad. The communications reveal future disruptive cyber attacks against ...

Last February, President Donald Trump issued an Executive Order calling on the Department of Treasury to review the 2010 Dodd-Frank Wall Street Reform and Consumer Protection Act enacted in the wake of the 2008 financial crisis. One Dodd-Frank provision the Trump Administration would like to suspend  is Section 1502, which requires U.S. companies that ...

With the advent of digital communications, people thousands of miles apart can engage with each other seamlessly, and businesses can operate at a scale previously unknown, thanks to a burgeoning consumer electronics industry. But not all aspects of this industry are positive. Some contribute to global insecurity and human suffering. ...

Terrorism, political corruption, and human rights violations in sub-Saharan Africa are like any other business: management identifies and provides a needed product or service to willing buyers, thereby generating profits and reinvesting them. In the tragedy currently playing out in the Great Lakes region of Central Africa, especially in the ...

Malicious and trusted insiders pose a range of challenges in terms of counterintelligence risks and physical threats, and experts say policy needs to catch up quickly to the new technologies available to help mitigate the problem. “There’s a lack of willingness to share information, and that’s why I still believe ...

The explosion of data in a digital world has exposed people to volumes of information as never before. But just as this data will increase exponentially with time, so too will the number of questions that can be posed against these expansive datasets. To find insight buried in this immense ...

National Geospatial-Intelligence Agency Deputy Director Susan Gordon on Wednesday called for the government and Intelligence Community to prioritize innovation to better confront the broad array of threats the United States faces today. Adversaries always have access to commonly available things, which means that those in the IC must find ways ...

The United Kingdom has revamped the way its intelligence agencies collaborate with private industry by establishing a new National Cyber Security Centre that leans towards more open and meaningful exchanges to help secure the country against malicious cyber attacks. The Cipher Brief’s Levi Maxey spoke with Sir David Omand, the ...

Few security challenges muddle the distinction between government and business roles as those emanating from cyberspace. National security issues no longer remain solely under the purview of government agencies, and companies continue to find themselves in the sights of foreign adversaries. Moreover, attacks against commercial products have geopolitical ramifications. Software ...

Statecraft and business have always been closely linked, but the advent of digital technology has blurred the roles more than ever. Systems crucial to the economic well-being and national security of the United States rest in the hands of private companies. The two sectors must cooperate by sharing information at ...

Terrorists’ tactics evolve with the times. Just as we have seen an adaption of terrorist methods for sowing fear and distrust, so, too, we have seen their propaganda machines evolve to inspire audiences globally. Gone are the days of printed manifestos, pamphlets, or fuzzy VHS tapes. The internet now facilitates ...

Continuing terror attacks around the world indicate law enforcement and intelligence agencies face difficulty in trying to identify and disrupt the plans of globally disparate and loosely affiliated entities. Terrorist groups have adapted to each step security services take against terror, including the severing of financial lifelines. With growing terrorist ...

Discussion of malicious cyber activity has mainly focused on criminal activity and countries’ intelligence efforts. Entities other than national governments – particularly terrorist groups – seem to be making their way, if slowly, into the cyber realm through hacking and leaking techniques, and commandeering social media sites. Beyond savvy messaging, ...

The worldwide WannaCry ransomware, which targeted computers running the Microsoft Windows operating system, was an admonition to everyone who connects to cyberspace – especially the U.S. intelligence community.  WannaCry was only the most recent example in a long line of high-profile cyber attacks that demonstrated how the timely application of ...

Over the past few weeks, a critical question has been discussed amidst cybersecurity professionals and experts. Who would pair North Korean-linked malware with an alleged U.S. government cyber exploit leaked by the suspected Russia-affiliated Shadow Brokers to create a new variant of ransomware – a form of malware typically within ...

Today China began enforcing its controversial new Cybersecurity Law, which broadly demands that multinational companies make data accessible to the Chinese government while strengthening the regime's control over content found inappropriate. Such measures have been made under the auspices of bolstering Chinese national security, but could have profoundly negative impacts ...

The U.S. Missile Defense Agency (MDA) performed a successful test of the Ground-based Missile Defense (GMD) system on Tuesday. This was the first test of the GMD that simulated the intercept of an intercontinental ballistic missile (ICBM). The GMD is the United States’ only system that can defend against long-range ...

A new DIA effort to attract a wider range of contractors and be nimbler is showing promise despite the hurdles it has to jump. The "iHub" mechanism was instituted in September by Lt. Gen. Vincent Stewart, the DIA Director, and is aimed at connecting providers directly with DIA officers with ...

We are living in a new era, with unprecedented industrial scale theft of intellectual property and company secrets. The most recent example is a vast cyber espionage campaign, dubbed Operation Cloud Hopper, made public this April. In this global campaign, a China based group targeted IT service providers, thereby obtaining ...

Is this ever going to end? The daily barrage of hacking news assaulting us in headlines is making us numb, if not scared to death. However, there is a little-known secret that gets lost in all of this cyber-disaster noise. The U.S government does, in fact, have a three- to ...

One of the emerging trends in today’s expanding cyber espionage landscape has been China’s emergence as the leading practitioner of economic cyber espionage. What does the trajectory of Chinese economic espionage look like, and where do we still see barriers to the establishment of effective norms barring the practice before ...

It has been three years since the Obama Administration publically indicted five Chinese military officials for hacking U.S. companies, a move that prompted negotiations to halt economic cyber espionage intended to benefit Chinese economic competitiveness. The Cipher Brief spoke with John Hultquist, the Manager of Analysis at FireEye, about the ...

When Beijing got the word that the United States was accelerating the deployment of its Terminal High Altitude Area Defense (THAAD) system to South Korea as a response to North Korea’s latest missile tests, senior Communist Party officials went, no pun intended, ballistic. The official Chinese news agency Xinhua wrote ...

Everybody who depends on digital information systems, which is everybody, saw a few glimpses of silver lining from the WannaCry ransomware attack that took the planet by storm Friday. For one thing, the attacks slowed, and there was no massive second wave. “The good news is, the infection rates have ...

Over the weekend, businesses and critical services like banks, hospitals, telecommunications services and transportation hubs around the world were hit with a cyber attack that locked users out of their own systems using a form of ransomware known as WannaCry. The potential loss of data may lead not only to ...

Who’s to blame for the astonishingly successful ransomware attack sweeping the planet? Microsoft, the information technology giant whose popular Windows operating systems harbored the flaw malicious hackers exploited to paralyze at least 200,000 computers and systems in 150 countries, is pointing the finger at Washington. “Repeatedly, exploits in the hands ...

Friday’s global attack on computers in some 150 countries was clearly a wake-up call. It took government systems offline, affected corporations of all kinds, took critical infrastructure systems out of service and even changed the agenda of the G7 meeting in Italy. But, it was an attack carried out without ...

In response to the massive Wannacry ransomware attack that infected over 200,000 computers around the world, Brad Smith, Microsoft’s President and Chief Legal Officer, wrote a blog post Sunday night on lessons from the cyberattack—and the “urgent need for collective action” to keep people safe online. Below is an excerpt. ...

On Friday, a massive cyber attack hit organizations across globe. The attacks crippled two hospitals in the United Kingdom, and hit a number of companies across 150 countries around the world, infecting at least 200,000 computers, with malware disproportionately affecting Russia, Ukraine, India, and Taiwan. Targets also include banks, telecommunication service ...

The long-awaited executive order on cybersecurity is out. It’s not dramatic or surprising (perhaps because drafts have been floating around Washington for weeks), but it has good ideas. It’s level-headed and pragmatic. The main thing to consider with the order is that it is mainly a presidential task order, calling ...

With a barrage of attacks regularly hammering the private sector and nearly every U.S. federal agency, there is a strong need for government policies within an overarching cyber deterrence strategy. The impacts of network intrusions go well beyond the immediate loss of data, but ripple into malicious influence over public ...

At the RSA conference in February, Microsoft's Chief Legal Officer called for a "digital Geneva Convention" to help provide parameters on offensive cyber operations and address a rapidly growing area of concern for many organizations. This followed on the heels of the release of the second iteration of the Tallinn ...

The National Security Agency recently announced changes to its intelligence collection practices under Section 702 of the Foreign Intelligence Surveillance Act (FISA). The Cipher Brief spoke with Chris Inglis, the former deputy director of the NSA, about what these changes mean, why they might have come about, and how significant ...

The NSA recently said it would stop collecting signals intelligence solely “about” foreign targets by tapping the backbone of the internet resident within the United States. The announcement comes ahead of congressional consideration of the NSA’ s broader authorities outlined in Section 702 of the Foreign Intelligence Surveillance Act (FISA), ...

Ever wonder whether the National Security Agency picked up your text message or email because you mentioned ISIS leader Abu Bakr al Baghdadi to a friend? Claims of privacy infringement on Americans by the National Security Agency have been in headlines for years. Much of the criticism has related to ...

From kamikaze drones to prototypes using facial recognition technology to help protect troops, a group of Georgetown University students enrolled in a class dubbed, “Hacking for Defense,” spent a semester developing innovative solutions to rapidly solve major national security problems. On Monday, four teams took to the stage to present ...

As people’s lives become more attached to the internet, cyber attacks will have more of an impact. One of the most pressing threats is the growth of botnets, or networks of compromised computers that can be leveraged for a variety of nefarious purposes. The Cipher Brief spoke with Omri Iluz, ...

Imagine an army of computers, acting under the instructions of a criminal syndicate, terrorist group, or foreign government. The sheer size of this network of devices augments the computing power of a single hacker, allowing them to coordinate attacks capable of knocking offline crucial websites belonging to banks, social media, ...

With the proliferation of smart devices connected to the public internet the population of botnets – networks of compromised devices that can be leveraged for large-scale cyber attacks – has exploded. The Cipher Brief spoke with Kevin Reid, Vice President of National Security and Chief Information Officer at KeyLogic and ...

As governments and industries try to understand the ever-evolving landscape of cyber threats to civilian nuclear power plants, it is becoming clear that property and information are not the only assets at stake. Public confidence is also at risk. The steady stream of news about massive hacking of government and corporate ...

In 2010, then-Deputy Secretary of Defense William J. Lynn III made a pivotal decision for the future of cyberspace and the U.S. military: He saw to it that the U.S. Department of Defense declared cyberspace a “domain” of warfare. This decision created the organizational impetus for the DoD to organize ...

The two separate worlds of electronic warfare and cybersecurity are beginning to overlap, if not collide. In the U.S. military, electronic warfare and cyber capabilities live in different military domains, delivered by operators who exist in different military units and who largely grew up in different career fields. The National ...