President Donald J. Trump’s Administration has suggested massive overhauls in a number of policy areas, but few have remained as shrouded in uncertainty as Trump’s vision for the future of cybersecurity. All that is known is through Trump’s statements that attribution is hard, China spies for economic purposes, the private ...

U.S. failure to fully develop and implement a comprehensive cyber security strategy created the perfect opportunity for Russia to attack the Democratic National Committee computer network, and enabled them to meddle and interfere with the U.S. presidential election.   Years of bickering by federal agencies – over which agency was in ...

Presidential inaugurations not only mark the beginning of a new administration, but also the end of one too. As many remain uncertain about the policies of the new Trump Administration, it is important to also take a look back at the progress made by the Obama Administration. Coinciding with the ...

War, often rationalized as an extension of policy by violent means, has always been a deeply human experience. It defines much of human history and, unsurprisingly, changes in technology accompany—and are often driven by—adaptations in the conduct of warfare. Battles are increasingly fought at distance, progressing from the thrust of ...

Bob Work, the Deputy Secretary of Defense, will tell you the Third Offset is the next generation of warfare. It may take at least ten years but it will showcase the rise of the machine, and the decline of the human in the business of operating weapons systems. The speed ...

Imagine a weapon that strikes on its own, without the slightest hint of human judgment or compassion. It’s a chilling prospect, and not so far in the future unless the world calls a halt to such weapons’ development. Since the Campaign to Stop Killer Robots opened in April 2013, it ...

With news of nation-states allegedly attacking companies, political institutions, and world governments, it is important to know how attribution works in cybersecurity. For the unfamiliar, attribution is the process investigators and intelligence workers use to tie responsibility of an event or action to a person, group, or country. Unless there ...

Will the U.S. government see a large-scale breach in 2017? Common sense would say yes, whether by size, like the Office of Personnel Management, suspicion, like the Democratic National Committee, or by prestige, like CIA director John Brennan’s email. After all, our government is monumental in size and scope; has ...

On January 1st, the United Kingdom began the implementation of the Investigatory Powers Act, widely considered the most comprehensive—and intrusive—surveillance law in the Western world. The Act authorizes government access to bulk datasets such as travel logs, financial transactions, biometrics, the interception of digital communications data, the hacking of devices, ...

Surveillance law is absolutely necessary because it compels the government to write down, for all to clearly see, the rules that they must abide by as they undertake intrusive powers, often in secret, to investigate criminal activity and protect a country. To do so is to protect the rule of ...

On November 29, Royal Assent was given to the UK Investigatory Powers Act, after eight months of intensive Parliamentary scrutiny, with hundreds of amendments made, following lengthy pre-legislative debate in three Parliamentary Committees.  The Act draws on the input from three separate, independent inquiries that were set up after a ...

Much like with traditional crimes, cybercrimes leave a trail of breadcrumbs that, if assembled correctly, can create a reliable understanding of what occurred and can even lead investigators to the perpetrators. With cybercrime expected to cost society some $2 trillion by 2019, the field of digital forensic investigations will be ...

It’s safe to say 2016 was a banner year for cyber attacks and data breaches. Whether talking about an organization, or even a nation-state, the volume and sophistication of attacks has greatly increased. From Internet of Things-powered botnets capable of taking down even the most hardened infrastructure, to nation-states targeting ...

Russian President Vladimir Putin said in a statement Friday that he will not expel U.S. diplomats in response to U.S. sanctions imposed on Russia yesterday by President Barack Obama, a move Russian foreign minister Sergey Lavrov had advocated for. Putin called the “recent unfriendly steps” taken by the outgoing Obama ...

Threat intelligence sharing among vendor and industry peers has come a long way, and in 2017 there will be more opportunities than ever to demonstrate its value; especially as conversations around sharing intelligence between the public and private sectors continues. Crossing the Last Mile With Threat Intelligence Security vendors and ...

In July, Rob Dannenberg, the former head of security at Goldman Sachs and a 24-year veteran of the CIA, discussed Russia’s cyber strategy of information warfare and the role of proxies in undermining attribution efforts, consequentially stemming victims' political will to respond to provocations. Moving from the disruptive attack on ...

Editor’s Note: Over the coming days, The Cipher Brief presents some of our most incisive coverage on key issues of 2016 and a look ahead at what is yet to come in 2017. From disruptive distributed denial of service (DDoS) attacks rendering entire swathes of the Internet including Netflix, Twitter, ...

Back in August, The Cipher Brief sat down with Leo Taddeo, Chief Security Officer for Cryptzone, to discuss the cyber threats posed by Russia and China. While China primarily uses its cyber collection capabilities “to compete on an economic level,” Russia places a greater “emphasis on collecting military and diplomatic ...

What could possibly make the F-35 an even more advanced jet fighter? Lasers, according to the U.S. Air Force. The USAF plans, which would put the system into service sometime in the 2020s, will have to clear the same hurdles that have plagued all directed-energy weapons. These weapons have always ...

The size of the army matters—but technology wins wars. At the height of the Roman Empire, Roman Legions armed with arrows, long-staffs, and shields devastated the more numerous but ill-equipped barbarian hordes. In 1914, employing tanks and automatic weapons, the German army rolled across Europe, dominating the cavalry and breech-loaded ...

Directed-energy weapons have been an ambition of militaries across the world, since Archimedes focused the sun to set fire to Roman ships in 212 B.C. What was once considered a science project is now a necessity, and our continued military superiority depends on the outcome. Why? Our adversaries have made ...

With the growth of cybercrime facilitated by the global nature of the Internet, law enforcement is adapting their toolsets to better tackle the challenges presented by technologies that blur legal jurisdiction. The Cipher Brief spoke with Elaine Lammert, former Deputy General Counsel at the FBI, about the recent changes made ...

On December 1, Congress authorized sweeping new government hacking and surveillance authorities by allowing changes to Rule 41 of the Federal Rules of Criminal Procedure to take effect. Republican leaders stonewalled bipartisan efforts in the Senate and the House to stop or delay the change and it went into effect ...

What if the U.S. government could force entry—in other words, hack—into electronic devices around the world, using only one warrant, even if the owners of those devices were not suspected of any criminal activity - and it would be legal? The U.S. Department of Justice has made new changes to ...

When it comes to attribution—especially when foreign intelligence agencies are involved—plausible deniability is easy. However, the public has come to expect courtroom-quality evidence before believing attribution for cyber operations—a difficult task when the kind of cross-border cooperation you need to get to the bottom of the case is not likely ...

Do Chinese authorities need more laws to surveil people? From the earliest days of the Chinese Communist Party, authorities have kept the closest of eyes on all behavior for signs of dissent. At that time, party members were obliged to report on one another; during the Cultural Revolution, that grim ...

Last month, China’s legislature passed the Cybersecurity Law, which is due to take effect next summer. The controversial law has received a number of criticisms from technology companies, Western government officials, and human rights advocates. The Cipher Brief spoke with Adam Segal, Director of the Digital and Cyberspace Policy Program ...

Is a future where people can be arrested for crimes they have not yet committed dystopian or utopian? While this scenario remains the fodder of science fiction, new tools are rapidly challenging our libertarian conceptions of innocent until proven guilty. In the last few decades there has been enormous growth ...

The world has seen an enormous surge in the amount of data available, particularly human-generated digital exhaust from our Internet and communications habits. But only a small portion of this data is actually useful for security professionals. The U.S. Intelligence Community is hard pressed to find new tools to assist ...

What if it were possible to predict where a crime took place before it actually occurred – even determining the identity of the culprit in advance? Social scientists have long believed that historical crime trends influence future patterns. The revolution in advanced machine learning is putting these theories to the ...

Cyberspace has grown into a vital domain of everyday life—we work, socialize, play, and conduct financial transactions online. Our lives now have a digital touch, and much like in the physical world, our identities are at the core of our virtual experience. We rely on passwords to verify that we ...

The use of biometrics to authenticate identity has been the subject of great debate for years, with opposing sides arguing its value for security, privacy, and convenience. On one side, there is an absolute: the demand for infallible security beyond notoriously weak passwords or basic access cards to protect priceless ...

Amidst a rash of data breaches where compromised passwords provided the vector of attack – think Target, Anthem, OPM, or more recently, the Democratic National Committee – industry and government are working together to bolster their defenses.  Augmenting – or ideally, replacing – passwords with more secure, multi-factor authentication (MFA) ...

New technologies are changing the face of future warfare and few will be as impactful as the fusion of artificial intelligence into weapons systems. The Cipher Brief spoke with Paul Scharre, Senior Fellow and Director of the Future of Warfare Initiative at the Center for a New American Security, about the rationale ...

Should humans delegate the responsibility of decisions over life and death to computer algorithms? The answer is not as simple as it seems—and it is the fundamental question concerning the military application of artificial intelligence in the future. The world has seen incredible technological advances in recent decades; not least ...

Discussions on artificial intelligence (AI) too often revolve around concerns about the sensationalist threat of “killer robots,” usually featured in science-fiction films or computer games. Killing is depicted as easy and rapid, done by steel-clad monsters with super-human abilities. Let me put this fear to rest. We do not yet ...

It’s hard today to find a major breach where weak identity solutions did not provide the vector of attack.  More than 21 million personnel records – including details of my background check and images of my fingerprints – were stolen last year from the Office of Personnel Management (OPM) because ...

Last month, Kurdish forces in northern Iraq shot down an Islamic State drone booby-trapped with explosives that later killed two Peshmerga soldiers as they inspected it. The drone was not like the Reaper or Predator drones the U.S. uses to rain Hellfire missiles down in its global war on terror ...

Drones have traditionally been used by Western militaries as a tool in counterterrorism efforts, but insurgent and terrorist groups are increasingly turning to small hobby drones to bolster their own efforts. The Cipher Brief spoke with Robert Bunker of the Strategic Studies Institute on how insurgents can incorporate this new ...

There is growing evidence that non-state actors are incorporating drone technology into their unconventional tactics, prompting concerns from militaries on how they can effectively counter this emerging threat. The Cipher Brief spoke with Michael Balazs and Jonathan Rotner, who conducted MITRE’s counter-UAS challenge with the goal of finding non-kinetic interdiction ...

Americans will remember the 2016 U.S. Presidential Election as one of the most controversial in our history. Yet, debate extended beyond the fitness of the candidates. The threat of cyberattacks vexed the government and citizens alike. However, threats that haunted the public differed from those that could have influenced the ...

On Tuesday, people around the United States will flood to local polling places to cast their vote for the future leadership of the United States. Voting—the very foundation of representative democracy—is predicated on privacy, anonymity, and freedom from outside influence or coercion. At the core of this system is transparency, ...

When it comes to cybersecurity preparations for the 2016 election, it is now officially too late. The success, perceived and actual, of the election on Tuesday will depend on the efforts officials have made thus far, the willingness of adversaries to interfere, and vulnerabilities that make those threats real. A ...

With elections around the corner and ongoing fears of Russian interference and vulnerabilities in electronic election systems, The Cipher Brief sat down with Rachel DeLevie-Orey of the Atlantic Council to discuss the current state of the U.S. election system and why election technology—when correctly implemented—is so important for actually creating ...

Defending and securing a nation and its people would be much easier if those tasked with the job were psychics, like the precogs in Steven Spielberg’s 2002 thriller Minority Report. Turns out, that futuristic reality may not be too far-fetched. To that end, Intelligence Advanced Research Projects Activity (IARPA) – ...

All Americans – including both company executives and law enforcement officials across the nation – want to keep our country safe and secure. This shouldn’t be a shocking statement, but so often we hear the debates around encryption, privacy, and data security framed as a battle between law enforcement or ...

At least twice in the past year, the U.S. was Twappled.  That is, multibillion-dollar U.S. corporations used their significant position in their respective industry to obstruct the U.S. from conducting activities intrinsic to the purpose of government, but which these corporations saw as inconsistent with their own interests and ideals.  ...

Earlier this month, Director of National Intelligence (DNI) James Clapper described reaching out to the private sector as a “daunting task,” and that “there is still much to be done,” to improve information sharing in the age of digital communications. Brad Brekke, the FBI’s director of private sector engagement, added ...

As the military prepares for the transition to the next administration, the three service secretaries on Monday detailed their concerns about the challenges posed by weaponized drones, cyber threats, and working with the private sector. The civilian officials told a gathering hosted by the Center for a New American Security ...

Now that the Obama administration has publicly attributed the hacking of the Democratic National Committee and other political entities to “Russia’s senior-most officials,” the question remains, how will the U.S. respond to Russia’s meddling in the coming elections? After all, as James Lewis, Senior Vice President and Director of the ...