Bottom Line Up Front The investigation into the hacking of Amazon founder Jeff Bezos’ phone demonstrates how private firms have developed sophisticated electronic espionage capabilities. From social engineering to cyberespionage, private firms and individuals are increasingly hired by governments to blackmail critics and rivals. This trend will likely intensify—barriers ...

Today, the U.S. Department of Justice revealed indictments for nine Iranian hackers and the U.S. Treasury sanctioned these same individuals as well as one entity, the Mabna Institute, for engaging in state-sponsored theft of intellectual property from 144 U.S. universities – estimated to value $3.4 billion. The campaign also targeted ...

Revealing the identities of intelligence officials – a practice known as doxing – could become more common among nation-states, directed in particular at the clandestine cyber-spies who operate overseas. Doing so undermines an unspoken norm of confidentiality among even adversarial intelligence services – where they allow each other to operate ...

One of the opening rounds of an information war between the Kremlin and a democratic country came from Melvin Redick, a fake Facebook account designed to look like your average American – only he was believed to be the handiwork of Russian intelligence. “These guys show hidden truth about Hillary ...

On Wednesday, the Department of Homeland Security (DHS) issued a binding directive compelling all federal civilian departments and agencies to identify and develop a plan to end any use of and remove any Moscow-based Kaspersky Lab products from their computer systems. “The Department is concerned about the ties between certain ...

Americans are suffering from an undiagnosed condition. Overwhelmed and outmatched by the allure, complexity, and insecurity of networked technologies, we’ve been left confused and compromised across multiple fault lines. The public’s poor aptitude for digital life has now moved beyond the realm of just personal risk and actually poses a ...

Few were paying attention, but the CIA did something groundbreaking in 2015. For the first time since before man walked on the moon, the Agency created a new directorate. The idea was to move officers into the age of cyber, to arm them with the kinds of digital skills they ...

One of the emerging trends in today’s expanding cyber espionage landscape has been China’s emergence as the leading practitioner of economic cyber espionage. What does the trajectory of Chinese economic espionage look like, and where do we still see barriers to the establishment of effective norms barring the practice before ...

It has been three years since the Obama Administration publically indicted five Chinese military officials for hacking U.S. companies, a move that prompted negotiations to halt economic cyber espionage intended to benefit Chinese economic competitiveness. The Cipher Brief spoke with John Hultquist, the Manager of Analysis at FireEye, about the ...

When Beijing got the word that the United States was accelerating the deployment of its Terminal High Altitude Area Defense (THAAD) system to South Korea as a response to North Korea’s latest missile tests, senior Communist Party officials went, no pun intended, ballistic. The official Chinese news agency Xinhua wrote ...

Russian cyber operations are widely discussed and reported on today. Conversations frequently range from how the Russian government hacked the Democratic National Committee (DNC) to the utilization of Russian social media trolls for political influence. Often missing from the conversation, however, is how these operations fit into the overall context ...

False flag operations have been routine ploys in espionage and warfare for centuries. Now they have turned up in cyber operations. The Cipher Brief spoke with Tim Maurer, co-director of the Cyber Policy Initiative at the Carnegie Endowment for International Peace, about the history of these subterfuges and how governments ...

How can a government, or a company, determine who launched a cyber attack? Attribution becomes even more difficult when the attackers disguise themselves as others. The Cipher Brief asked Hank Thomas, a partner and Chief Operating Officer at Strategic Cyber Ventures, what so-called false flags in cyberspace look like and ...

A false flag operation – pretending to be someone else while conducting spycraft or warfare – is an age-old tactic. With the advent of cyber espionage and digital warfare, those maneuvering in the virtual domain can use false flags. In the Digital Age, determining the origins of cyber attacks is ...

China continues to deploy military equipment to contested islands in the South China Sea, raising concerns among regional players and U.S. forces stationed in the Pacific.    A Chinese government strategy document published last month by China’s state-owned news agency Xinhua signals that Beijing is building up its military cyber ...

In September 2015, Chinese President Xi Jinping and President Barack Obama reached an agreement that neither nation would “conduct or knowingly support cyber-enabled theft of intellectual property, including trade secrets or other confidential business information, with the intent of providing competitive advantages to companies or commercial sectors.” Many astute observers ...

With just a few weeks left until French voters head to the polls, far-right presidential candidate Marine Le Pen made her way to Moscow for a surprise meeting with Russian President Vladimir Putin.   As Putin stood last Friday beside his open admirer — Le Pen supports lifting Russian sanctions, ...

Connectivity continues to enmesh businesses, governments, societies and people – a trend that will only accelerate with the growth of public cloud services and devices linked together in the Internet of Things. But some of the most sensitive sectors are attempting to cordon off their networks from the outside. Highly ...

In the world of network security, the term air gap refers to a situation in which the computer network is physically separated from other networks, particularly, less secure and public networks such as the internet. Today, air-gapped networks are widely used in military defense systems, critical infrastructure, the financial sector, ...

A group of international law experts met in Tallinn, Estonia, after the 2007 onslaught of cyber attacks against sites in the country, to create the Tallinn Manual in order to clarify what constitutes an act of war in cyberspace and how countries could lawfully respond. The vast majority of everyday ...

Cyberspace is often portrayed as a new domain of international relations – a Wild West where there are no rules or guiding principles to govern the behavior of states. Such perceptions of anarchism have bred uncertainty over what is or is not acceptable activity among governments. This often leads to ...

NATO’s Cooperative Cyber Defence Centre of Excellence last month published the Tallinn Manual 2.0 on the International Law Applicable to Cyber Operations, a follow-on project to the first, 2013, edition of the manual, which focused on cyber operations in peacetime. The work of a distinguished and geographically diverse group of ...

Editor’s Note: Over the coming days, The Cipher Brief presents some of our most incisive coverage on key issues of 2016 and a look ahead at what is yet to come in 2017. From disruptive distributed denial of service (DDoS) attacks rendering entire swathes of the Internet including Netflix, Twitter, ...

Back in August, The Cipher Brief sat down with Leo Taddeo, Chief Security Officer for Cryptzone, to discuss the cyber threats posed by Russia and China. While China primarily uses its cyber collection capabilities “to compete on an economic level,” Russia places a greater “emphasis on collecting military and diplomatic ...

U.S. competitors and adversaries are probably” mystified,” says the Atlantic Council’s Mathew Burrows, by President-elect Donald Trump’s refusal to accept a CIA assessment that Russia is behind the hacking of the Democratic National Committee and his disinterest in daily intelligence community briefings.  The Cipher Brief spoke to Burrows to learn ...

In the wake of a series of hacks against government and private networks, it is clear that Russia and China are among the most active and proficient nations in regards to cyber operations. One needs to only review the most high-profile breaches to see that many of them are believed ...

The Cipher Brief spoke with Justin Harvey, CSO of Fidelis Cybersecurity, about the cyber threats posed by both China and Russia. According to Harvey, although last year’s agreement between U.S. President Barack Obama and China’s President Xi Jinping has resulted in a decrease in China’s cyber espionage, “The fight is ...

The Office of Personnel Management (OPM) hack raised the threat of Chinese cyber-espionage in a way that the American people had never seen before. American businesses, on the other hand, should have been extremely familiar with it. The Chinese government has a history of engaging in economic espionage – the ...

After years of the U.S. suffering losses valued in the billions of dollars due to economically-motivated cyber espionage from China, there are some signs that China has begun to reduce its intrusions into U.S. private sector firms’ computer networks. What led to this unexpected change in Chinese behavior? Is it ...

Many metaphors have been applied to the Internet—information superhighway, World Wide Web, cyberspace, etc.—each evoking its different aspects. A more comprehensive view is that the Internet – overlapping global networks of people, technology, and ideas – shares key features with a rainforest or a coral reef; a community of living ...

Hollywood has a clear idea of what it would look like if someone used cyber-capabilities against us: a man in a room full of screens would be typing madly, planes would fall out of the sky, there would be explosions everywhere, and so forth. According to Director of National Intelligence, ...