A hundred years from now historians will write that one of America’s greatest contributions to the world was the Internet. Though other countries and foreign citizens contributed to the effort, U.S. government funding and American academics and technologists created the Internet. As U.S. dependence on the Internet for our economic ...

Cyber has quickly become the global threat that knows no borders, nor does it distinguish between the public and private sectors.  Executives from the world’s largest tech companies gathered at the World Economic Forum in Davos last month to talk about the problem and try to find solutions that could ...

Like many cyber experts in Washington, Jamil Jaffer wears multiple hats. He’s worked both inside and outside of government and is currently the Vice President of Strategy and Partnerships at IronNet Cybersecurity, Founder of the National Security Institute at George Mason University and a Visiting Fellow with Stanford’s Hoover Institution. ...

Catherine Lotrionte has been the power broker behind Washington D.C.’s International Conference on Cyber Engagement for seven years now and she’s getting ready to host it again this April with The Atlantic Council.  Formerly serving as Counsel to the President’s Foreign Intelligence Advisory Board and former Assistant General Counsel at ...

2018 was a rough year for customers and companies impacted by cyber breaches.  Businesses from Under Armour to Facebook to Marriott were targeted by hackers, leaving the data of hundreds of millions of customers exposed this year.  According to Cipher Brief experts, 2019 isn’t likely to be much better and ...

At a recent private D.C. dinner, Homeland Security Secretary Kirstjen Nielsen gathered with academics and cyber experts from the private sector to talk candidly about urgent cyber threats and actions that DHS is taking to address them. It was an intimate event, hosted by Atlantic Council President Fred Kempe and ...

BOOK REVIEW: Dawn of The Code War: Americas Battle Against Russia, China, and the Rising Global Cyber Threat By: John P. Carlin with Garrett M. Graff, Public Affairs, New York, 2018 Reviewed by Peter M. Tran In 1789, Benjamin Franklin wrote in a letter that “Our new Constitution is now established, and ...

This brief is part of The Cipher Brief’s 2018 Annual Threat Report.   Bottom Line: There are three prominent technological security concerns for the United States with a growing Chinese strategic competitor to the east: Beijing’s push toward cyber and electronic warfare, its development of counter-space capabilities that threaten U.S. space ...

In a recent interview, The Cipher Brief sat down with former NSA and CIA director Michael Hayden to talk about global threats, and in particular, cyber threats and efforts to address them, specifically within the private sector.  Hayden has famously said before that when it comes to cyber, ‘the cavalry ...

Election security, the migration of people toward the U.S.’ southern border and the public-private critical intersection of cyber security are just a few of the pressing issues facing the Department of Homeland Security.   DHS Secretary Kirsten Nielsen expressed confidence going into the mid-term election, calling it “the most secure election ...

Cipher Brief Editorial Note: On the heels of Cybersecurity Awareness Month in October, President Donald Trump has proclaimed November as National Critical Infrastructure Security and Resilience Month. It’s a mouthful, but the declaration highlights the important need to focus on securing critical infrastructure.  Secretary of State Kirstjen Nielsen released a ...

Twitter is releasing a trove of known accounts and posts that it says were used to meddle in U.S. elections dating back to 2016.  According to the company, the data includes more than 4,600 accounts and more than 10 million tweets, photos, GIFs and broadcasts linked to Russia and Iran.  ...

‘The Homeland’ is bringing you a series of candid, intimate interviews with former Secretaries of the Department of Homeland Security throughout the month of October.  DHS was born out of 9/11, when 23 different agencies were pulled into one department in an effort to provide greater organization and communication in ...

The recent release of the Department of Defense (DoD) cyber strategy essentially announced the department’s ambitions to resume the role of the 800-pound gorilla in cyber. The offensively focused plan is a sharp redirect from the strategies of late and unreturned crush on Silicon Valley, both of which made it ...

While much of the focus on North Korea has been on efforts by the U.S. to negotiate a denuclearization deal, the cyber threat posed by Pyongyang remains a real threat, just out of view of the headlines. Bottom Line: The Democratic People's Republic of Korea's (DPRK) foreign doctrine in cyberspace is ...

Facebook announced on Friday that as many as 50 million of the platform’s social media accounts had been hacked giving attackers access to user’s personal information.  As some call for greater oversight and regulation, the company is already facing potentially stiff fines in Europe.    Cipher Brief Expert and former ...

Rob Joyce is the Senior Advisor for Cybersecurity Strategy at the National Security Agency.  He was also a key speaker at DEF CON 26, the premiere hacker's convention held every year in Las Vegas.  Following in the footsteps of previous NSA leaders, Joyce's mission at DEF CON this year was ...

The Cipher Brief is bringing subscribers different expert perspectives on cyber threats this week.  Today's perspective comes from Rick Ledgett, former Deputy Director of the National Security Agency.  We spoke with Rick about the same issues that we spoke with former NCTC Director Nick Rasmussen about to get his take on ...

The U.S. Administration released its new National Cyber Strategy on Thursday, covering a broad number of security-related issues that fall into four main categories, it refers to as ‘pillars’. The first pillar includes securing federal networks and information, securing critical infrastructure, fighting cybercrime and seeking improved incident reporting.  The second ...

The Cipher Brief is taking a look at different expert perspectives on cyber threats this week.  As one of those perspectives, we spoke with Nick Rasmussen, the former Director of the National Counterterrorism Center (NCTC) about the current cyber threat environment ranging from terrorism to nation state threats, to deterring attacks ...

CEOs, CISOs’ CTO’s and other c-suites are meeting at SINET’s Global Cybersecurity Innovation Summit in London this week. Cipher Brief CEO & Publisher Suzanne Kelly, who is moderating a session on the global cyber influence of Russia, China, Iran and North Korea, also had the private sector in mind when ...

A recent article titled, The Untold Story of NotPetya, The Most Devastating Cyberattack in History came out a few weeks ago and I’ve been ruminating on it ever since.  It bothered me because while the NotPetya ransomware attack is old news if you are in the cybersecurity business, there is a lot of ...

The world’s malicious cyber actors -- Russia, China, Iran, and North Korea – have spoiled cyber’s original, idealistic vision and instead use cyberspace to advance competitive interests to undermine Western laws and norms and pursue a clandestine means (cyber theft) to catch up with the West in technology, political influence, ...

As part of The Cipher Brief’s 'Academic Innovator' initiative to bring rising, innovative voices into the national security dialogue, we are reaching out to universities and inviting students to contribute their thoughts on pressing national and global security issues. Below is a different twist on a current proposal put forth ...

Ten years ago this month, war erupted between Russia and Georgia after Georgian troops attacked South Ossetia and shelled the town of Tskhinvali, in response to alleged Russian provocations. Russia justified its military action based on countering Georgia's aggression- President Medvedev's called the attack an attempted "genocide" against innocent civilians.  ...

The U.S. re-imposed sanctions on Iran on Monday after pulling out of the JCPOA Agreement in May.  European allies responded by issuing a statement saying the nuclear agreement with Iran "is working."   The reimposition of sanctions followed Iranian military exercises in the Gulf last week that U.S. officials largely interpreted ...

Up Front:  The U.S. government is taking on a more aggressive role in its mission to protect software supply chains from being infiltrated, as the government’s public-private cyber lead agency announces new initiatives to share information and improve response to cyber threats. The Department of Homeland Security announced the launch ...

The 2018 NATO summit and the months leading up to it were a spectacle of diplomacy at its finest and at its worse. The media drama surrounding the summit overshadowed the big strides the Alliance has made in its cyber defense mandate. With the announcement that Allies agreed on how to integrate ...

Like the parable of the six blind men trying to learn what an elephant is by only touching one piece of the creature, regulators are assessing the nation’s cybersecurity efforts by looking at initiatives individually rather than holistically. As with the elephant, selecting one piece of the broader cyber information ...

Bottom Line: In the past decade, Iran’s cyber capabilities have evolved from a tool used to lash out against domestic opponents of the Islamic Republic to a central pillar of its national strategy of holding adversaries at risk and gleaning crucial foreign intelligence. Despite a fall in disruptive Iranian cyberattacks ...

Few would argue that in a world of consistent, emerging cyber threats, the role of the Chief Information Security Officer is one that requires a special kind of calm as well as a steady stream of credible, timely information.  Some of the information that is used to build a strong ...

On the heels of the Helsinki summit between U.S. President Donald Trump and Russian President Vladimir Putin, it bears revisiting some of the important, outstanding questions that remain about how President Trump might approach the financial sanctions imposed on Russia since its 2014 seizure of Crimea. Measures such as freezing ...

Protecting the technology networks connecting more than two million employees working in over 400 government agencies serving about 325 million Americans is a herculean feat. In May, the Office of Management and Budget (OMB) released a report stating 74 percent of these federal agencies are at “high risk or risk” ...

I remember doing the Time Warp Drinking those moments when The blackness would hit me And the void would be calling Let's do the Time Warp again Let's do the Time Warp again Rocky Horror Picture Show, 1975 Cyberspace is akin to the haunted mansion of a gothic horror movie.  ...

In part two of The Cipher Brief’s two-part series on how Russia is building its virtual battlefield, we look at the U.S response to the tools and tactics that the Kremlin is employing and ask whether it’s enough.  Response: The U.S. has responded to Russian activity in cyberspace through diplomatic ...

Russia knows how to spread chaos and outrage in American politics, but Russia may pose a far greater threat to the U.S. economy and the infrastructure it depends on. The president’s Council of Economic Advisers estimates that hostile cyber actions against American private industry cost the U.S. economy as much ...

The Trump Administration is likely deliberating now the U.S. Department of Defense’s role in defending US interests via cyberspace – specifically, whether to continue President Obama’s Presidential Policy Directive 20. U.S. military cyber operations will likely be determined by this internal debate. The previous administration emphasized caution in the application ...

  The Trump administration has a dozen top cybersecurity priorities ranging from a new national cyber strategy to dealing with increasingly bold nation-state adversaries. One priority – that should be near the top of the stack – may not be obvious, but it is critical: a determined study of the ...

As the world focuses on the Singapore summit between President Donald Trump and North Korean leader Kim Jong Un, the President’s Treasury Secretary announced sanctions against five Russian entities and three individuals for their ties to Russian cyber activities, prompting some to question the Administration’s mixed signals on Russia over ...

The massive data breach that occurred at the U.S. Office of Personnel Management (OPM) in 2015 was attributed, in part, to aging technology systems. In fact, legacy technology pervades federal government systems. It is estimated that nearly 80 percent of federal information technology dollars are spent maintaining outdated systems.  Meanwhile, ...

U.S. companies got a disturbing preview of just how Russia might be able to steal their secrets, with news that Kaspersky Lab anti-virus software was allegedly used to hack an unsuspecting NSA contractor. Russian state-sponsored hackers reportedly stole critical details on how the U.S. conducts cyber espionage and defends against ...

Russian state-sponsored hackers were able to steal National Security Agency material on methods they use to conduct cyber espionage as well as how they help defend critical U.S. government networks, according to The Wall Street Journal. An NSA contractor placed the material on his or her private computer – a ...

Following a U.S. government-wide ban last month and recent news reports alleging that Kaspersky Lab enabled Russian intelligence to swipe highly classified NSA material from an employee’s private computer, questions have begun to swirl regarding the Moscow-based company’s relationship with the Kremlin. The Cipher Brief’s Levi Maxey spoke with Chris ...

After reports that highly classified intelligence material was taken from a NSA contractor’s private computer through the individual’s use of Kaspersky Lab’s antivirus software, all eyes turned to the Moscow-based company’s relationship with Russian intelligence and the Kremlin. As private companies using the antivirus software scramble to assess their exposure, ...

The United States has no peer competitors in conventional military power. But its adversaries are increasingly turning to asymmetric methods for engaging in conflict. Cyber-enabled information warfare (CEIW) is a form of conflict to which the United States – and liberal democracies more generally – are particularly vulnerable. Information warfare involves the ...

Much of the discussion surrounding Russian cyber-enabled information operations against Western societies focuses on technology, such as bots amplifying messages on social media and the hacking of institutions of power to then leak emails with potentially salacious material. But in order to meet the level of success that Russian intelligence ...

On Friday, Ben Wallace, the Minister of State for Security for the United Kingdom, said in a BBC radio interview the UK government believes a North Korean hacking group was responsible for the “WannaCry” malware attack, which shut down Britain’s National Health Service data system in May. “I obviously can’t ...

Dan Coats, Director of National Intelligence, told the Aspen Security Forum today that he believes the U.S. national security community lacks the capability to prevent a “cyber-9/11”—meaning a collapse of critical infrastructure caused by malware unleashed by a state or transnational organized crime group. “Imagine a shutdown of the electric ...

Amidst a busy week in national security, The Cipher Brief’s CEO and Publisher, Suzanne Kelly, spoke with Admiral James Stavridis, former Supreme Allied Commander of NATO, author of the new book The Leader’s Bookshelf, and member of the Cipher Brief Network, to discuss the military budget, cyber security, the use ...

Whenever people think about cybersecurity, technology, and innovation, they tend to think about Silicon Valley, but The Cipher Brief asked Bob Stratton, a General Partner at MACH37™, what other regions he is seeing a lot of innovation, or perhaps even the most innovation. Bob Stratton: Interestingly, one of the founding ...