While maritime accidents are bound to occur, the consistency and regional concentration of the U.S. Navy mishaps in the Asia-Pacific beg for explanation. Cyber vulnerabilities have long been acknowledged against commercial maritime vessels, but the targeting of new naval systems – whether for navigation, engine and steering control, or commanding ...

Recent fatal accidents involving two vessels in the U.S. Seventh Fleet led to a spate of speculation about whether somehow the navigation in these ships was compromised by a cyber intrusion. Global Positioning System (GPS) spoofing has been highlighted as a possible contributing factor. While investigations are still underway to ...

There has been a recent wave of high-sea collisions in the Asia-Pacific involving U.S. naval vessels – most notably the USS Fitzgerald and USS John S. McCain, which together have resulted in the loss of more U.S. military personnel then in Afghanistan so far this year. The incidents, both involving ...

ISIS recruitment messaging online is a current threat and growing concern, and as the group continues to lose physical territory in Iraq and Syria, it is feared that they will seek to inspire individuals around the world to wage war on the West. To combat the anticipated increase in ISIS ...

ISIS propagates its ideology and promises of a jihadi utopia through slick social media campaigns, seeking to inspire a global audience to take up arms against its enemies and the societies they represent. Perhaps less visible has been ISIS’ operational use of digital communications as a command and control platform ...

No terrorist group has capitalized on networked technology more than ISIS, both for recruitment messaging and commanding their fighters on the ground. The internet is their response to asymmetric disadvantage. Where they lack in infrastructure and resources of a state, they use the web to plan attacks, solicit money and ...

Although cyberspace may have been declared the fifth domain of warfare by the U.S. Department of Defense, many wonder if the concepts of warfare applies to this domain. Is the domain somehow different from the others? Can states achieve new political outcomes by the clever use of cyberspace alone? Can ...

The reality of modern times is that nations are in a constant state of cyber engagement – either for espionage, influence, or disruption purposes. While there is a tacit acknowledgement that cyber espionage for political and military purposes is is fair game, some actions such as the disruption of critical ...

It’s likely only a matter of time before a major cyber attack hits U.S. civilian infrastructure, but the nature of that digital violation and the means to respond remain uncertain, as many of the most sensitive systems operate under private sector control. There is a “narrow and fleeting window of ...

The taxonomy of cybersecurity often includes alarming declarations on par with acts of war. But cyber campaigns outside of active conflict hardly meet such a coercive threshold. While there are major concerns over the cybersecurity of the nation’s critical infrastructure – the power grid, water treatment plants, transportation hubs, energy ...

By now, you’ve probably heard the news that the U.S. State Department is losing its top diplomat on issues relating to cybersecurity, Chris Painter. In addition, the rumors are that those associated with Painter’s Office of the Cyber Coordinator will be reassigned to the Bureau of Economic and Business Affairs. ...

If the U.S. Department of Defense were an economy unto itself, it would be the 20th largest in the world. Like any other advanced modern economy, it is deeply integrated with the entire globe, its supply chains often stretching into countries with whom the United States has adversarial relations. The ...

Beset by disruptive digital attacks, espionage, and cyber-enabled influence campaigns intended to sway public opinion, the United States and its allies are looking for ways to stop the onslaught of computer breaches into their systems. Many nations’ security services are bolstering their offensive military cyber capabilities and response frameworks to ...

Time and time again companies, organizations, and government agencies have proven that they can’t completely secure their computer networks from hackers – particularly nation-states with the resources to pursue access persistently. Instead of focusing solely on network defense, the United States can adopt a deterrence strategy that dissuades foreign governments ...

Disruptive and intrusive cyber activity pervades much of modern international relations. The trend towards the jockeying for global influence and geopolitical positioning through cyber means is only going to grow as more countries and non-state actors play out conflicts in the virtual domain. The responsibility for defending U.S. interests from ...

Despite the many logistical and operational challenges of a transition, many acknowledge that U.S. Cyber Command must eventually separate from the National Security Agency. According to news reports, the Trump Administration is now finalizing plans to separate Cyber Command from its parent organization, the National Security Agency. While the details ...

With a barrage of attacks regularly hammering the private sector and nearly every U.S. federal agency, there is a strong need for government policies within an overarching cyber deterrence strategy. The impacts of network intrusions go well beyond the immediate loss of data, but ripple into malicious influence over public ...

In 2010, then-Deputy Secretary of Defense William J. Lynn III made a pivotal decision for the future of cyberspace and the U.S. military: He saw to it that the U.S. Department of Defense declared cyberspace a “domain” of warfare. This decision created the organizational impetus for the DoD to organize ...

The two separate worlds of electronic warfare and cybersecurity are beginning to overlap, if not collide. In the U.S. military, electronic warfare and cyber capabilities live in different military domains, delivered by operators who exist in different military units and who largely grew up in different career fields. The National ...

The isolation of cyber as an entirely independent domain of warfare is both inaccurate and dangerous. Today, the Pentagon faces an essential task, to integrate cyber capabilities with warfighting in the physical world. Cyber capabilities cannot be detached from other domains of warfare, such as electromagnetic, air, land, sea, and ...

China is a burgeoning great power. It is continually figuring out the various dimensions of power – not least of which is power in cyberspace – and putting them to use. Like other great powers dealing in an unknown medium, it is, to quote Deng Xiaoping, crossing the river by ...

European countries are becoming increasingly wary of foreign disinformation and subversion operations in their own internal politics following Russian interference in last year’s U.S. elections. The small Baltic states of Estonia, Latvia, and Lithuania, however, understand the threat of Russian hybrid warfare – a coordinated mix of conventional military action, ...

Where will Russian President Vladimir Putin strike next? With the 2018 Russian election around the corner, former Soviet states are nervous. Foreign adventures are the quickest way for a politician to get a bump in the polls. What does this mean for cybersecurity? In the internet era, one thing is ...

Russian offensive cyber capabilities are as sophisticated as those of other major cyber powers, such as the United States and China, and they likely exceed Baltic states’ ability to defend critical infrastructures. A successful large-scale cyberattack during peace time, or prior to or in concert with a conventional attack – ...

In 2013, former President Barack Obama was close to ending the “dual-hat” leadership of both the National Security Agency and U.S. Cyber Command, only to be dissuaded by senior officials arguing the close integration with the NSA continued to be necessary for the maturation of the then only 4-year-old Cyber ...

There as been discussion of a separation between the National Security Agency and U.S. Cyber Command for a while, only for the change in administrations to cause brief hesitation. Now that the Trump administration is in full swing, it is time to revisit the prospect of a split between the ...

A group of international law experts met in Tallinn, Estonia, after the 2007 onslaught of cyber attacks against sites in the country, to create the Tallinn Manual in order to clarify what constitutes an act of war in cyberspace and how countries could lawfully respond. The vast majority of everyday ...

Cyberspace is often portrayed as a new domain of international relations – a Wild West where there are no rules or guiding principles to govern the behavior of states. Such perceptions of anarchism have bred uncertainty over what is or is not acceptable activity among governments. This often leads to ...

NATO’s Cooperative Cyber Defence Centre of Excellence last month published the Tallinn Manual 2.0 on the International Law Applicable to Cyber Operations, a follow-on project to the first, 2013, edition of the manual, which focused on cyber operations in peacetime. The work of a distinguished and geographically diverse group of ...

Cyber operations remain at the forefront of confrontations between the West and Moscow as relations continue to deteriorate. Russia asserted itself in 2007 with “patriotic hackers” launching a volley of distributed denial of service (DDoS) attacks on Estonian systems. Then in 2008, cyber attacks preceded the Russo-Georgian war, and again ...

Understanding the Russian criminal underground is essential when discussing Russian proxies in cyberspace. How do cybercriminal entities interact with each other and what is their relationship with the Russian government? The Cipher Brief spoke with Ed Cabrera, the Chief Cybersecurity Officer at Trend Micro and the former Chief Information Security ...

What if network defenders knew that a cyber operation occurred during Moscow business hours, that it involved a Russian IP address, and that the cyber actors used a Cyrillic keyboard? Would those indicators by themselves be enough for attribution?  Given the Russian cyber environment, the answer is clearly “no.” Those ...

For many, cybersecurity is a technical problem and therefore requires technical solutions. But for policymakers and the national security community, a key takeaway from this year’s RSA Conference is that cybersecurity is simply a digital extension of many of the threats that have been around for a long time: organized ...

If you missed our previous dispatch, I am attending the annual RSA Conference in San Francisco, a global event where private and public sectors come together to hash out the most pressing concerns in cybersecurity today. Prior discussions hit on technical approaches to privacy, the role of government in laying ...

This week I’m attending the annual RSA Conference in San Francisco, where government and industry leaders have come together to discuss the looming challenges and newest tools in cybersecurity. Throughout the week, I’ll be speaking with experts, bringing you insights on the threats emanating from cyberspace, ranging from ransomware and ...

We live in an age where what used to be the figment of science fiction is now a reality, changing the way people go about their daily lives. Advances in artificial intelligence and machine learning are the new frontier, and their inception creates just as many risks as opportunities. In ...

Many view cybersecurity as passively blocking attempts to breach networks, but security experts have long advocated more active measures in defense of sensitive networks. Advances in artificial intelligence and machine learning could make such efforts scalable to the vast connectivity of the modern age. The Cipher Brief spoke with David ...

The cybersecurity industry is currently enamored with concepts of autonomous defense, including elements of machine learning, behavioral analytics, and artificial intelligence—and rightly so. Programed to be able to study all vulnerabilities in the public domain, autonomous bots (autbots)—not to be confused with bots simply conducting repetitive tasks like guessing default ...

Cyber is emerging as Iran’s weapon of choice for dealing with both domestic and foreign opponents. For more than a decade, the Islamic Republic has waged a relentless cyber­spying campaign against Iranian dissidents. Following its discovery of the Stuxnet cyberattacks on its nuclear program in 2010 and the imposition of ...

Cybersecurity is often discussed in relation to the major global powers: China’s economic espionage, Russian influence operations, and U.S. dragnet global surveillance to thwart terrorism. However, as other countries move to digitize their economies, cybercriminals are zeroing in on these new and lucrative targets while regional players are quickly incorporating ...

When the Russian intelligence operation designed to influence our 2016 election is used as a case study to train new Russian intelligence officers, it will be considered the most successful covert action operation in the history of Mother Russia. This operation, known as “Grizzly Steppe,” will be in the annals ...

With news of nation-states allegedly attacking companies, political institutions, and world governments, it is important to know how attribution works in cybersecurity. For the unfamiliar, attribution is the process investigators and intelligence workers use to tie responsibility of an event or action to a person, group, or country. Unless there ...

Let’s agree on one thing, when it comes to Russia’s recent interference with the U.S. presidential election, no one yet has found a way to deter President Vladimir Putin from doing it again – here in this country or elsewhere. At Thursday’s Senate Armed Services Committee hearing on foreign cyber ...

Pundits will pick over the lessons of 2016 for a long time, and as they do, cyber experts are looking at the past year and finding lessons as well, with far-reaching implications for our nation’s security. For most Americans, the 2016 election was the year cybersecurity moved from being an ...

Leaders of three top Senate national security committees are to meet Wednesday to discuss alleged Russian hacking of last month’s elections, and the Senate Foreign Relations committee has set a closed-door briefing on the Obama administration’s response for Thursday, a committee aide told The Cipher Brief late Tuesday. According to ...

Russian President Vladimir Putin said in a statement Friday that he will not expel U.S. diplomats in response to U.S. sanctions imposed on Russia yesterday by President Barack Obama, a move Russian foreign minister Sergey Lavrov had advocated for. Putin called the “recent unfriendly steps” taken by the outgoing Obama ...

In July, Rob Dannenberg, the former head of security at Goldman Sachs and a 24-year veteran of the CIA, discussed Russia’s cyber strategy of information warfare and the role of proxies in undermining attribution efforts, consequentially stemming victims' political will to respond to provocations. Moving from the disruptive attack on ...

Editor’s Note: Over the coming days, The Cipher Brief presents some of our most incisive coverage on key issues of 2016 and a look ahead at what is yet to come in 2017. From disruptive distributed denial of service (DDoS) attacks rendering entire swathes of the Internet including Netflix, Twitter, ...

Back in August, The Cipher Brief sat down with Leo Taddeo, Chief Security Officer for Cryptzone, to discuss the cyber threats posed by Russia and China. While China primarily uses its cyber collection capabilities “to compete on an economic level,” Russia places a greater “emphasis on collecting military and diplomatic ...

President Barack Obama says the U.S. will respond to the Russia’s interference in the 2016 campaign. In an interview with NPR on Friday, Obama said, "I think there is no doubt that when any foreign government tries to impact the integrity of our elections ... we need to take action. ...