As the military prepares for the transition to the next administration, the three service secretaries on Monday detailed their concerns about the challenges posed by weaponized drones, cyber threats, and working with the private sector. The civilian officials told a gathering hosted by the Center for a New American Security ...

Most political leaders understand that governments that fail to respond to public provocations by foreign states do so at their own risk. In recent years, the U.S. and some of its allies (such as Australia, Estonia, Germany, Lithuania, and the U.K.) have been subjected to repeated, sophisticated, and costly cyber-attacks, emanating ...

Now that the Obama administration has publicly attributed the hacking of the Democratic National Committee and other political entities to “Russia’s senior-most officials,” the question remains, how will the U.S. respond to Russia’s meddling in the coming elections? After all, as James Lewis, Senior Vice President and Director of the ...

After much hand-wringing, the U.S. publicly admitted that the Russian government is interfering with the Presidential election. This was an open secret for weeks, but pious hopes for the bilateral relationship postponed any confirmation. The Russians calculate that they can manipulate the U.S. and take advantage of its spectacularly messy ...

The White House is looking to take a “proportional” response to Russia’s alleged hacking of U.S. political party organizations and effort to interfere in the election campaign. "We obviously will ensure that a U.S. response is proportional. It is unlikely that our response would be announced in advance. It’s certainly ...

October is National Cyber Security Awareness Month and The Cipher Brief is pulling together a Cyber Advisory Task Force made up of public and private sector professionals who are coming together to help create a blueprint that will address critical and emerging cyber threats.  Our goal is to help educate ...

The past year has proven to be a contentious and disruptive time for the technology sector. The threat of home grown terrorism combined with the adroit usage of social media by terrorist groups, has forced the tech sector to come into far closer contact with the intelligence community than it ...

As cyber attacks against U.S. government and private networks have increased in severity in recent years, the Congress and President have actively sought to identify, with the assistance of the U.S. private sector, conditions in U.S. law that could be hampering America’s development of an effective defense against such attacks, ...

A confusing legal landscape and ever changing technology has created a challenging environment for businesses to navigate.  The Cipher Brief recently spoke to Chris Pogue, the Chief Information Security Officer at Nuix, about the nature of the problem and what needs to be done to bring government and the private ...

The risk of attack or theft from cyber-enabled actors has been made extremely clear to both private businesses and governments. The last few years have demonstrated that any connected device – be it a computer, a phone, or even a car – can be hacked by someone. Often the response ...

As more and more business is conducted online and cyber criminals target in on a very lucrative market, both the public and private sector face increasing cybersecurity risks.  The Cipher Brief sat down with Scott Keoseyan, the leader for Deloitte’s Cyber Threat Analysis and Research Teams, and Keith Brogan, a ...

Whether it’s your phone, your computer, TV, or even a refrigerator, all those connected devices that we depend on in our daily lives have become targets for an ever-growing cadre of cyber criminals.  The Cipher Brief spoke with two Flashpoint officials, Chief Scientist Lance James and Subject Matter Expert Vitali ...

The Cipher Brief sat down with Steven Grossman, VP of Strategy and Enablement at Bay Dynamics, to discuss the current cyber threat landscape facing the financial sector. According to Grossman, insider threats pose the greatest risk to the global banking industry and that “being able to track, manage, and understand ...

Observers around the world were shocked when news broke about a major bank heist in Bangladesh. This was no ordinary robbery though – this time, the thieves stole tens of millions of dollars by exploiting a flaw in the SWIFT network—an internationally recognized code for banks. The cyber-oriented nature of ...

Cyber threats pose a challenge to banks and firms operating in the financial sector, primarily due to the fact that “vulnerability really exists everywhere,” both on the technological side and the business side, says Michael Orozco, Managing Director in Accenture Strategy Security. To help improve security in the financial sector, ...

Yahoo has announced hackers, believed to be state-sponsored, stole data on around 500 million users in 2014. The Cipher Brief’s Kaitlin Lavinder spoke with Vitali Kremez, a Senior Analyst at cyber intelligence company Flashpoint, about the hack. The Cipher Brief: Is it possible, given the scale of the hacking, that ...

There are two different types of insider threat: negligent and malicious. Negligent insiders are people who give attackers access by mistake. For example, the employee who clicks on a spear-phishing email and lets hackers into their employer’s networks is a negligent insider. This is a significant problem, but one that ...

The Cipher Brief sat down with Stuart Clarke, Chief Technical Officer for Cybersecurity at Nuix, to discuss how the visualization of data plays a critical role in detecting cyber threats, including insider threats originating from within a company itself. According to Clarke, visualization “solves a lot of problems” and being ...

Behavioral profiling plays an important role in the wider effort to counter cyber threats, explains Steve Bongardt, VP of Security Consulting Services at Fidelis Cybersecurity. When it comes to external threats, behavioral profiling helps when trying to“ understand motives in general and come up with typologies,” says Bongardt.  In regard ...

The U.S. government continues to face a “trust deficit” with the technology community and must emphasize building relationships with the private sector in order to deal with next generation threats, top current and former intelligence officials said on Wednesday. FBI Director James Comey, CIA Director John Brennan, Admiral Michael Rogers, head ...

In the wake of a series of hacks against government and private networks, it is clear that Russia and China are among the most active and proficient nations in regards to cyber operations. One needs to only review the most high-profile breaches to see that many of them are believed ...

The Cipher Brief spoke with Justin Harvey, CSO of Fidelis Cybersecurity, about the cyber threats posed by both China and Russia. According to Harvey, although last year’s agreement between U.S. President Barack Obama and China’s President Xi Jinping has resulted in a decrease in China’s cyber espionage, “The fight is ...

Every day, the line between cyber-threats and physical threats grows thinner – blurring the crucial distinction between attacks on networks and attacks on materials objects. 225,000 Ukrainians learned this in January of 2016 when they lost power following a cyber-attack on a Ukrainian power grid. The rise of the Internet ...

The Cipher Brief’s Luke Penn-Hall sat down with Steve Grobman, Intel Fellow and Chief Technology Officer for Intel Security, at the annual Black Hat cybersecurity conference, which took place in early August. Steve discussed how he views the threat from ransomware evolving. The Cipher Brief: How do you see ransomware ...

The Cipher Brief’s Luke Penn-Hall spoke to Tom Parker, Chief Technology Officer for FusionX, at the annual Black Hat cybersecurity conference that took place in early August. Parker shared his view of the threat landscape to Supervisory Control and Data Acqusition (SCADA) systems and other critical industrial infrastructure. The Cipher ...

An anonymous group this week dumped a cache of hacking tools allegedly linked to the National Security Agency (NSA) on the Internet, claiming it has another set of files for release to the highest bidder and raising speculation that Russia is behind yet another high-profile attack. Although questions continue to ...

If my first day at Black Hat was all about insider threats and ransomware, my second was focused on attackers. I had the opportunity to speak with a number of experts about how attackers are hitting systems and - arguably more importantly – why they are doing so. So what ...

The Cipher Brief’s Luke Penn-Hall is currently attending Black Hat, a premiere information security conference in Las Vegas, Nevada.  Here’s his update from Day 1: What is a USB Drop Attack?  That’s what I learned about today at a brief focused on assessing how often people actually plug strange USB ...

The Office of Personnel Management (OPM) hack raised the threat of Chinese cyber-espionage in a way that the American people had never seen before. American businesses, on the other hand, should have been extremely familiar with it. The Chinese government has a history of engaging in economic espionage – the ...

After years of the U.S. suffering losses valued in the billions of dollars due to economically-motivated cyber espionage from China, there are some signs that China has begun to reduce its intrusions into U.S. private sector firms’ computer networks. What led to this unexpected change in Chinese behavior? Is it ...

Many metaphors have been applied to the Internet—information superhighway, World Wide Web, cyberspace, etc.—each evoking its different aspects. A more comprehensive view is that the Internet – overlapping global networks of people, technology, and ideas – shares key features with a rainforest or a coral reef; a community of living ...

A global cybersecurity talent crisis is threatening both the public and private sectors, a new report released on Wednesday has found, leaving businesses and countries more vulnerable to attackers. The new study, “Hacking the Skills Shortage” by Intel Security and CSIS, surveyed eight countries — Australia, France, Germany, Israel, Japan, ...

It should come as no surprise that the federal government, particularly those agencies that make up the security community, want to adopt a shared services strategy. Shared services consolidates duplicative business operations, eliminates redundancy, and improves effectiveness, ultimately saving taxpayer dollars. It is a winning strategy for government leaders and ...

The FBI on Monday said it is investigating the hack involving the Democratic National Committee (DNC) after a cache of emails was leaked in advance of Hillary Clinton’s nomination as the Democratic Party’s nominee for President this week, an incident that has been linked by some to the Russian government.  ...

Social media is a potentially powerful source of information for the Intelligence Community, but the tensions between the government and the tech industry have made it more difficult for the IC to partner with industry in order to efficiently utilize it. The Cipher Brief asked Rhea Siers, former Deputy Associate ...

The issue of government access to privately held data about American citizens is an important one, and the debate about privacy has expanded into the field of social media. In early May, a firm called Dataminr – which provides real time updates on breaking events by monitoring Twitter data – ...

The clash between the tech industry and the federal government over data access has become an enduring part of the national narrative about countering violent extremism. On one side, there are those who argue that, as along as proper legal procedures are followed, the government should have access to people’s ...

When it comes to cyber attacks, one of the biggest problems is correctly determining who, exactly, is attacking you. This is called attribution, and it is extremely difficult, since many sophisticated actors are capable of obscuring or destroying evidence as to who they are. The difficulty of attribution is compounded ...

Most analysts have been impressed, and increasingly concerned, with the rapid improvement of Iran’s cyber capabilities. Tehran undoubtedly focuses the bulk of its cyber investment in defending itself from cyberattack, as well as being able to better monitor and manage its own people. That mission is a clear priority in ...

Hillary Clinton may have dodged an indictment when the FBI announced it would not recommend criminal charges against her for using a private email server while Secretary of State, but the State Department itself took a hit on account of its overall security culture. During the FBI announcement last week ...

One year ago, on July 10, 2015, Katherine Archuleta resigned her position as Director of the Office of Personnel Management (OPM) in the face of intense criticism following the announcement that OPM had been the victim of the worst breach of a government network in U.S. history. The actual breach ...

The speed at which drones went from classified military platforms to ubiquitous consumer products is staggering, and the next chapter in that proliferation is starting to unfold. Its location? The sea. Unmanned surface vehicles (USVs) are essentially drone ships. They bring a lot of the capabilities that were developed for ...

Remote controlled and autonomous ships will revolutionize the landscape of ship design and operations. Smarter ships and the Internet of Things will allow the creation of new services, which will support existing players to make their businesses more efficient, and will enable new players, with new business models, to enter ...

Unmanned Surface Vehicles (USVs) have the potential to be just as revolutionary as the Unmanned Aerial Vehicles (UAVs) that preceded them. The Cipher Brief spoke to Brad Pilsl, an Unmanned Systems Strategic Lead with Booz Allen Hamilton, about the development and possible uses for USVs. According to Pilsl, the market ...

The Federal Aviation Administration on Tuesday released the first operational rules for the commercial use of drones, a move experts say will help stoke business and innovation even as it leaves a number of critical issues unresolved. The long-anticipated rule — Part 107 of the Federal Aviation Regulations — details ...

The breach of the Democratic National Committee (DNC) by hackers believed to be affiliated with the Russian government is raising concerns about foreign interference in the coming election. The Cipher Brief spoke to Michael Sulick, former Director of the National Clandestine Service at the CIA, about why the Russians would ...

On Tuesday, it came to light that the Democratic National Convention’s (DNC) network had been breached by not one, but two different hacker groups that are believed to work for the Russian government. The Washington Post reported that one group - designated Cozy Bear – was likely working for the ...

Nearly everyone has, at some point, had to deal with long, terrible commutes caused by traffic congestion at rush hour. Or maybe you have endured long delays, or even spontaneous fires, because your city’s public transit system was never meant to handle the volume of use it is currently expected ...

The Internet of Things is making changes across the spectrum of American life, and now the technology has progressed to a point where it can start changing the way that urban centers operate. Smart cities could radically alter how Americans live and access municipal services in the future. The Cipher ...

Last December, the UAE (United Arab Emirates) marked its first national innovation week. The week refocused the attention of the government’s innovation value chain, challenging service providers to rethink convention in the pursuit of self-improvement. But if the UAE is to realize its smart, connected digital ambitions, it must do more to foster an ecosystem that integrates entrepreneurship and allows ground-breaking ideas to thrive alongside public services ...