The modern data center is evolving like few ever thought possible, and this progression is in play across the public and private sector for good reason. Cloud migration delivers tangible benefits, ranging from reduced operational costs, lower head counts, and improved security posture, just to name a few. While the ...

Some may remember the Hypercolor t-shirt of the 1990s. Made of a thermochromic material, the shirts represent an early example of a “smart material.” As the roots of the name suggest, the changes in color (chromic) occur in response to changes in temperature (thermo). Since, smart materials have evolved from ...

False flag operations have been routine ploys in espionage and warfare for centuries. Now they have turned up in cyber operations. The Cipher Brief spoke with Tim Maurer, co-director of the Cyber Policy Initiative at the Carnegie Endowment for International Peace, about the history of these subterfuges and how governments ...

How can a government, or a company, determine who launched a cyber attack? Attribution becomes even more difficult when the attackers disguise themselves as others. The Cipher Brief asked Hank Thomas, a partner and Chief Operating Officer at Strategic Cyber Ventures, what so-called false flags in cyberspace look like and ...

A false flag operation – pretending to be someone else while conducting spycraft or warfare – is an age-old tactic. With the advent of cyber espionage and digital warfare, those maneuvering in the virtual domain can use false flags. In the Digital Age, determining the origins of cyber attacks is ...

Zero-day vulnerabilities -- security flaws in commercial software or hardware for which developers haven’t devised a patch -- have existed since the dawn of the Digital Age, but today, former NSA and CIA director Michael Hayden said at a meeting of cyber security experts convened by The Cipher Brief, they’re ...

The problem of stolen credentials is a well-known threat in the security industry. But knowing something is a problem and understanding the full scope are two different things. The Shamoon 2 attacks targeting critical organizations across Saudi Arabia should serve as a clear demonstration about how significant the problem of ...

Few topics lend themselves to more polemics than government collection and exploitation of zero-day vulnerabilities, or security flaws in commercial software and hardware not yet disclosed to the vendors, to facilitate intelligence gathering efforts. The choices for intelligence agencies are, in short, to either collect and retain zero-day vulnerabilities to ...

With the seemingly constant barrage of leaks revealing the U.S. intelligence community’s hacking capabilities, many are wondering where government draws the line between priorities of intelligence collection versus assisting companies to secure their products in order to keep the digital lives of U.S. citizens and companies secure. The Cipher Brief ...

Wikileaks’ “Vault7” disclosure last month of apparent CIA hacking tools marked the third recent incident in which an inadvertent public release of alleged government hacking techniques has sent the private sector scrambling to protect users. The two others involved a release of alleged NSA tools by group that calls itself ...

The top counterintelligence priorities of the United States government are insider threats, protecting critical infrastructure, and supply chain security, according to National Counterintelligence Executive Bill Evanina, and tackling those requires a “team approach” of the government and private sector. “The threats are real and our adversaries are more brazen than ...

In a world where globalization makes it possible for adversaries to compete with American technologies, the United States must consistently innovate and adopt new tools and methods to stay ahead in the national security space.  That was the message at a special panel held at Georgetown University on Monday, called ...

An air gap – meaning, a computer without direct network access of any kind – seems like the perfect solution to the gossamer threads of connectivity. You can’t hack something you can’t connect to. But air gapped systems aren’t unhackable. That’s not to say air gaps don’t have their place.  ...

Connectivity continues to enmesh businesses, governments, societies and people – a trend that will only accelerate with the growth of public cloud services and devices linked together in the Internet of Things. But some of the most sensitive sectors are attempting to cordon off their networks from the outside. Highly ...

In the world of network security, the term air gap refers to a situation in which the computer network is physically separated from other networks, particularly, less secure and public networks such as the internet. Today, air-gapped networks are widely used in military defense systems, critical infrastructure, the financial sector, ...

European countries are becoming increasingly wary of foreign disinformation and subversion operations in their own internal politics following Russian interference in last year’s U.S. elections. The small Baltic states of Estonia, Latvia, and Lithuania, however, understand the threat of Russian hybrid warfare – a coordinated mix of conventional military action, ...

Where will Russian President Vladimir Putin strike next? With the 2018 Russian election around the corner, former Soviet states are nervous. Foreign adventures are the quickest way for a politician to get a bump in the polls. What does this mean for cybersecurity? In the internet era, one thing is ...

Russian offensive cyber capabilities are as sophisticated as those of other major cyber powers, such as the United States and China, and they likely exceed Baltic states’ ability to defend critical infrastructures. A successful large-scale cyberattack during peace time, or prior to or in concert with a conventional attack – ...

There as been discussion of a separation between the National Security Agency and U.S. Cyber Command for a while, only for the change in administrations to cause brief hesitation. Now that the Trump administration is in full swing, it is time to revisit the prospect of a split between the ...

WikiLeaks on Tuesday published what it claims to be the CIA’s hacking techniques to exploit devices such as smart phones, computers, and Internet-connected televisions for the collection of intelligence around the world. If proven to be authentic, it “will be a huge benefit to our adversaries,” says Michael Morell, the ...

Cyberspace is often portrayed as a new domain of international relations – a Wild West where there are no rules or guiding principles to govern the behavior of states. Such perceptions of anarchism have bred uncertainty over what is or is not acceptable activity among governments. This often leads to ...

NATO’s Cooperative Cyber Defence Centre of Excellence last month published the Tallinn Manual 2.0 on the International Law Applicable to Cyber Operations, a follow-on project to the first, 2013, edition of the manual, which focused on cyber operations in peacetime. The work of a distinguished and geographically diverse group of ...

A group of international law experts met in Tallinn, Estonia, after the 2007 onslaught of cyber attacks against sites in the country, to create the Tallinn Manual in order to clarify what constitutes an act of war in cyberspace and how countries could lawfully respond. The vast majority of everyday ...

Cyber operations remain at the forefront of confrontations between the West and Moscow as relations continue to deteriorate. Russia asserted itself in 2007 with “patriotic hackers” launching a volley of distributed denial of service (DDoS) attacks on Estonian systems. Then in 2008, cyber attacks preceded the Russo-Georgian war, and again ...

Understanding the Russian criminal underground is essential when discussing Russian proxies in cyberspace. How do cybercriminal entities interact with each other and what is their relationship with the Russian government? The Cipher Brief spoke with Ed Cabrera, the Chief Cybersecurity Officer at Trend Micro and the former Chief Information Security ...

What if network defenders knew that a cyber operation occurred during Moscow business hours, that it involved a Russian IP address, and that the cyber actors used a Cyrillic keyboard? Would those indicators by themselves be enough for attribution?  Given the Russian cyber environment, the answer is clearly “no.” Those ...

India’s growing wealth and regional influence has afforded it the ability and cause to develop a more technologically advanced defense industry. However, since India opened its defense industry to private companies in 2001, progress has been slow in diminishing bureaucratic barriers that hinder innovation. The Cipher Brief spoke with retired ...

Lockheed Martin is in the midst of a lucrative deal to move production of America’s venerable F-16 fighter jet to India. While there are no more U.S. military contracts for the aging fighter, it is still very popular abroad, and the deal aims to benefit India’s domestic defense industry and ...

After decades of government support and investment, the South Korean defense industry can now produce advanced tanks, ships, and submarines and is poised to become a major arms exporter. South Korea intends to build on this progress in order to develop its own fifth generation fighter. The Cipher Brief spoke ...

For many, cybersecurity is a technical problem and therefore requires technical solutions. But for policymakers and the national security community, a key takeaway from this year’s RSA Conference is that cybersecurity is simply a digital extension of many of the threats that have been around for a long time: organized ...

This week I am attending the RSA Conference, a global convention bringing together government and business approaches to secure the digital channels people depend on every day. To catch up on what has been buzzing in the public presentations and private corridors of this year’s RSA Conference, check out my ...

The cybersecurity industry, much like other sectors, is dealing with an influx of data. In response, security experts hope to harness the power of artificial intelligence and machine learning to effectively and efficiently augment their ability to detect, predict, and contain threats to their networks. The Cipher Brief spoke with ...

This week I am attending the RSA Conference, a global convention bringing together government and business approaches to secure the digital channels people depend on every day. To catch up on what has been buzzing in the public presentations and private corridors of this year’s RSA Conference, check out my ...

If you missed our previous dispatch, I am attending the annual RSA Conference in San Francisco, a global event where private and public sectors come together to hash out the most pressing concerns in cybersecurity today. Prior discussions hit on technical approaches to privacy, the role of government in laying ...

This week I’m attending the annual RSA Conference in San Francisco, where government and industry leaders have come together to discuss the looming challenges and newest tools in cybersecurity. Throughout the week, I’ll be speaking with experts, bringing you insights on the threats emanating from cyberspace, ranging from ransomware and ...

Since the first CIA Predator drone strike in October 2001, the United States, among others, has sought to expand the technology to facilitate remote warfare. UN peacekeeping forces use drones for intelligence gathering in such places as Mali, the Central African Republic, and the Democratic Republic of the Congo. The ...

Remotely controlled aircraft, or drones, have long become common in military settings—possibly most infamously pictured as a U.S. Predator launching Hellfire missiles at suspected terrorists in far corners of the globe. How can they be used for humanitarian purposes, though? The Cipher Brief spoke with former U.S. Ambassador Jack Chow, ...

While receiving significant publicity from global media, the rise of the humanitarian drone is so far more of a whimper than a bang. This article explores some critical perspectives behind the limited use of drones. In 2016, the Swiss Foundation for Mine Action (FSD) undertook the first systematic survey on perceptions ...

The impact that the Snowden revelations had on private businesses is one of the most overlooked stories in the Snowden saga, particularly the impact on technology and Internet communications companies such as Apple, Google, Verizon, and Cisco.  In my opinion, the Snowden revelations impacted businesses’ willingness to work with the ...

Many view cybersecurity as passively blocking attempts to breach networks, but security experts have long advocated more active measures in defense of sensitive networks. Advances in artificial intelligence and machine learning could make such efforts scalable to the vast connectivity of the modern age. The Cipher Brief spoke with David ...

We live in an age where what used to be the figment of science fiction is now a reality, changing the way people go about their daily lives. Advances in artificial intelligence and machine learning are the new frontier, and their inception creates just as many risks as opportunities. In ...

The cybersecurity industry is currently enamored with concepts of autonomous defense, including elements of machine learning, behavioral analytics, and artificial intelligence—and rightly so. Programed to be able to study all vulnerabilities in the public domain, autonomous bots (autbots)—not to be confused with bots simply conducting repetitive tasks like guessing default ...

With cybercrime expected to reach costs nearing $2 trillion by 2019, firms are urgently seeking ways to better defend their networks from the harmful impacts of embarrassing leaks and disruptive extortion. The Cipher Brief spoke with Justin Harvey, the Managing Director and Global Lead at Accenture Security’s Incident Response Practice, ...

Cybersecurity is often discussed in relation to the major global powers: China’s economic espionage, Russian influence operations, and U.S. dragnet global surveillance to thwart terrorism. However, as other countries move to digitize their economies, cybercriminals are zeroing in on these new and lucrative targets while regional players are quickly incorporating ...

Recent years have witnessed a series of increasingly audacious and unprecedented cyber attacks, leading up to the recent accusations of Russian hacking throughout last year’s U.S. presidential election season. In the Middle East, the Gulf region has also experienced its fair share of the threat from cyberspace. In fact, proportional ...

Cyber is emerging as Iran’s weapon of choice for dealing with both domestic and foreign opponents. For more than a decade, the Islamic Republic has waged a relentless cyber­spying campaign against Iranian dissidents. Following its discovery of the Stuxnet cyberattacks on its nuclear program in 2010 and the imposition of ...

The cultural shift stemming from a “need-to-know” to a “need-to-share” atmosphere in the intelligence community in the wake of 9/11 has been necessary to operate in today’s complex environment, experts and former national security officials say, but elements of the system may need an overhaul to tackle the increased insider ...

For years, the easiest avenue to conduct a cyber attack against a business or an organization was social engineering attacks via emails. While still a primary concern, criminals and nation-states have begun adapting their methods by targeting the largest and most public surface of any business: their presence on social ...

Distinguishing between whistleblowers who want to point out and fix problems within the intelligence community and employees who want to damage national security will demand increased attention as the insider threat problem grows, experts say. On November 30, contractors who hold facility clearances were required to have a written insider ...

When defense contractor Harold Martin was charged with the alleged theft of highly classified documents from the National Security Agency (NSA), federal prosecutors deemed the potential crime “breathtaking” in scope. The documents were said to date back from 1996, when Martin first got security clearance, to his arrest this year. ...