The Trump Administration’s National Security Council has released an unclassified set of guidelines for determining when the U.S. government will disclose – rather than retain for espionage purposes – a computer vulnerability that it discovers to the relevant private sector vendor so that a patch can be distributed. Led by ...

The Cipher Brief Cyber Advisory Board’s Bob Gourley commented on the Trump administration’s new process for disclosing software vulnerabilities it has detected – the first time a U.S. administration has revealed its internal rules, aka the Vulnerability Equities Process. This is a significant improvement and clarification of the existing process ...

The intelligence community has been taking body blows lately – with Friday’s WikiLeaks dump of CIA hacking tools and a report in The New York Times discusses just how damaging the August 2016 Shadow Brokers thefts from NSA have turned out to be.  While there has been no acknowledgment by ...

Software is the invisible underpinning for much of our digital world. At its core is source code: the lingua franca that allows software-based technology systems to operate and evolve. Typically, source code is the very embodiment of a particular innovation. It is intellectual property that defines the software-based innovation, its ...

One of the fundamental issues for geopolitical leaders is to determine when existing international institutions no longer meet present needs and new institutions and methods of operation are required. Such an issue now faces the cyber realm. The internet is structurally and operationally international, and as the internet, the cloud, ...

The numbers are staggering, yet only the tip of the iceberg. More than 145 million American citizens are affected by the Equifax data breach disclosed last month; that’s more than half of the American adult population. At the same time, this is only the latest in a series of cyber ...

Earlier this month, two members of the House of Representatives Tom Graves (R-GA) and Kyrsten Sinema (D-AZ) introduced a bill called Active Cyber Defense Certainty Act, dubbed the “hack back” bill, which would allow companies to hack the hackers who infiltrate their computer networks to retrieve or delete stolen data ...

During multiple war zone tours of duty in the Middle East and South Asia, I learned firsthand how timely and effective incident response entails real time insight, color, and context for the analyst. Incident response should enable the analyst more efficiently to mitigate the damage from an attack, as well ...

Russian state-sponsored hackers reportedly stole details in 2015 on how the U.S. spies on foreign intelligence targets through cyber espionage, as well as how it defends against cyber operations directed at its classified networks. According to the Wall Street Journal, the material was taken from a NSA contractor’s private computer ...

In May 2015, Russia and China signed a “nonaggression pact” in cyberspace. They agreed not to target each other with cyber attacks and promote the idea of sovereignty in cyberspace. China and Russia are now seeking to eliminate virtual private network services (VPN’s) from their respective internet space. Russian President ...

It is a problem for the U.S. that many of the core concepts that guide internet policy date to the 1990s. One such concept is that the internet is a virtual alternative to the Westphalian state, without borders and where sovereignty does not apply. The problem with this concept is ...

In the nearly seven years since the U.S. Department of Defense declared cyberspace a “domain” of warfare – alongside land, air, sea, and space – the Pentagon has developed an overarching Cyber Strategy to guide their efforts in the new domain and raised a Cyber Command that has grown from ...

On Wednesday, the Department of Homeland Security (DHS) issued a binding directive compelling all federal civilian departments and agencies to identify and develop a plan to end any use of and remove any Moscow-based Kaspersky Lab products from their computer systems. “The Department is concerned about the ties between certain ...

Recent fatal accidents involving two vessels in the U.S. Seventh Fleet led to a spate of speculation about whether somehow the navigation in these ships was compromised by a cyber intrusion. Global Positioning System (GPS) spoofing has been highlighted as a possible contributing factor. While investigations are still underway to ...

There has been a recent wave of high-sea collisions in the Asia-Pacific involving U.S. naval vessels – most notably the USS Fitzgerald and USS John S. McCain, which together have resulted in the loss of more U.S. military personnel then in Afghanistan so far this year. The incidents, both involving ...

With round one of renegotiations behind us, and round two scheduled to begin on September 1 in Mexico City, despite efforts to move quickly, there is still a pretty long road ahead for the next version of the North American Free Trade Agreement (NAFTA). When NAFTA was first negotiated in ...

The reality of modern times is that nations are in a constant state of cyber engagement – either for espionage, influence, or disruption purposes. While there is a tacit acknowledgement that cyber espionage for political and military purposes is is fair game, some actions such as the disruption of critical ...

It’s likely only a matter of time before a major cyber attack hits U.S. civilian infrastructure, but the nature of that digital violation and the means to respond remain uncertain, as many of the most sensitive systems operate under private sector control. There is a “narrow and fleeting window of ...

The taxonomy of cybersecurity often includes alarming declarations on par with acts of war. But cyber campaigns outside of active conflict hardly meet such a coercive threshold. While there are major concerns over the cybersecurity of the nation’s critical infrastructure – the power grid, water treatment plants, transportation hubs, energy ...

Nearly everyone now accepts that Russia attempted to interfere with the U.S. electoral process with the aim of harming Hillary Clinton’s presidential campaign. Even President Donald Trump has grudgingly admitted that Russia was behind the hacking of the Democratic National Committee. But for a long, long time – far too ...

No consensus report resulted from the yearlong negotiations of the 5th United Nations Group of Governmental Experts (GGE) on the Developments in the Field of Information and Communications Technologies (ICTs). As the meeting drew to a close in June, the 25 government officials ended their work with a disappointing acknowledgement ...

The White House’s National Security team is expected to issue a report early this week outlining U.S. options for deterring adversaries in cyber space.  The report, called for as part of President Donald Trump’s Cyber Executive Order issued last May, is expected to offer a range of options from economic ...

Unsurprisingly, the fifth UN Group of Governmental Experts (GGE) ran into difficulties that proved fatal. Previous GGEs operated in a more favorable international climate. The substance of the GGE’s work peaked with its 2013 Report and by the end of the 2015 session, it was clear that the GGE format ...

The fallout of major cyber attacks and espionage campaigns increasingly shapes interactions between nations. The vulnerability of the United States to such digital intrusions will only grow as the country becomes more dependent on networked technologies, particularly the Pentagon’s weapon systems. Mere network defense is not sufficient; the United States ...

Disruptive and intrusive cyber activity pervades much of modern international relations. The trend towards the jockeying for global influence and geopolitical positioning through cyber means is only going to grow as more countries and non-state actors play out conflicts in the virtual domain. The responsibility for defending U.S. interests from ...

How should nations collaborate in cyberspace? Can a nation like the U.S. and one like Russia bridge their views on data collection? What’s the future of artificial intelligence? The Cipher Brief’s Kaitlin Lavinder talked with Michael Daniel, former special assistant to President Barack Obama and cybersecurity coordinator at the White ...

One of the only tasks the U.S. Constitution declares that the federal government must do is to provide for the common defense. That is the government’s foundational truth and purpose; to protect American lives, liberty, and their pursuit of happiness from those that would disrupt it. So, the question on ...

The newest ransomware attack called NotPetya has re-ignited the debate ongoing since the earlier WannaCry attack. Cybersecurity experts, policymakers, and citizens affected have all asked: who is to blame for these attacks? The underlying vulnerability in both these attacks is based on a Microsoft vulnerability, which was discovered and extensively used by the National Security ...

As the dust settles on last Tuesday’s NotPetya malware outbreak, it is increasingly evident that this was not a ransomware, money-making attack at all; rather it was a targeted, destructive cyberattack against Ukraine. It utilized deception in which it was designed to look like ransomware but wasn’t. It targeted obscure ...

In the early days of the internet, criminals quickly saw the new technology as an avenue for data theft, extortion, and uninhibited global reach. These criminals found safe haven behind anonymizing technology and governments slow or unwilling to solve the puzzle presented by borderless technology. The intersection of national security ...

Malicious and trusted insiders pose a range of challenges in terms of counterintelligence risks and physical threats, and experts say policy needs to catch up quickly to the new technologies available to help mitigate the problem. “There’s a lack of willingness to share information, and that’s why I still believe ...

Each minute of each day federal cybersecurity teams triage an unimaginable number of threats to our national security. While many of those threats are from nation-state backed hackers attempting to breach our defenses, there are just as many critical threats coming from inside an agency. Insider threats are not new. ...

There is little argument that the relationship between the public and private sectors has to be far stronger in order for the U.S. Government and U.S. Businesses to adequately protect themselves from emerging cyber attacks. One of the challenges to date has been agreeing on how to share information between ...

Few security challenges muddle the distinction between government and business roles as those emanating from cyberspace. National security issues no longer remain solely under the purview of government agencies, and companies continue to find themselves in the sights of foreign adversaries. Moreover, attacks against commercial products have geopolitical ramifications. Software ...

Statecraft and business have always been closely linked, but the advent of digital technology has blurred the roles more than ever. Systems crucial to the economic well-being and national security of the United States rest in the hands of private companies. The two sectors must cooperate by sharing information at ...

The United Kingdom has revamped the way its intelligence agencies collaborate with private industry by establishing a new National Cyber Security Centre that leans towards more open and meaningful exchanges to help secure the country against malicious cyber attacks. The Cipher Brief’s Levi Maxey spoke with Sir David Omand, the ...

President Donald Trump made it abundantly clear at the recent NATO heads of State meeting in Brussels that he wants to see members of the transatlantic alliance boost their military spending. Denmark, the only Nordic country that is a member of both NATO and the European Union, has been a ...

The worldwide WannaCry ransomware, which targeted computers running the Microsoft Windows operating system, was an admonition to everyone who connects to cyberspace – especially the U.S. intelligence community.  WannaCry was only the most recent example in a long line of high-profile cyber attacks that demonstrated how the timely application of ...

Over the past few weeks, a critical question has been discussed amidst cybersecurity professionals and experts. Who would pair North Korean-linked malware with an alleged U.S. government cyber exploit leaked by the suspected Russia-affiliated Shadow Brokers to create a new variant of ransomware – a form of malware typically within ...

Today China began enforcing its controversial new Cybersecurity Law, which broadly demands that multinational companies make data accessible to the Chinese government while strengthening the regime's control over content found inappropriate. Such measures have been made under the auspices of bolstering Chinese national security, but could have profoundly negative impacts ...

We are living in a new era, with unprecedented industrial scale theft of intellectual property and company secrets. The most recent example is a vast cyber espionage campaign, dubbed Operation Cloud Hopper, made public this April. In this global campaign, a China based group targeted IT service providers, thereby obtaining ...

Is this ever going to end? The daily barrage of hacking news assaulting us in headlines is making us numb, if not scared to death. However, there is a little-known secret that gets lost in all of this cyber-disaster noise. The U.S government does, in fact, have a three- to ...

One of the emerging trends in today’s expanding cyber espionage landscape has been China’s emergence as the leading practitioner of economic cyber espionage. What does the trajectory of Chinese economic espionage look like, and where do we still see barriers to the establishment of effective norms barring the practice before ...

Despite the insistence of many pundits and technical experts, the recent WannaCry outbreak was – mercifully – a poorly organized attack with a poorly constructed tool. It was, in fact, the best of all worst-case scenarios. This salvo – and the attendant global reaction – only highlights the degree of gross ...

It has been three years since the Obama Administration publically indicted five Chinese military officials for hacking U.S. companies, a move that prompted negotiations to halt economic cyber espionage intended to benefit Chinese economic competitiveness. The Cipher Brief spoke with John Hultquist, the Manager of Analysis at FireEye, about the ...

When Beijing got the word that the United States was accelerating the deployment of its Terminal High Altitude Area Defense (THAAD) system to South Korea as a response to North Korea’s latest missile tests, senior Communist Party officials went, no pun intended, ballistic. The official Chinese news agency Xinhua wrote ...

Cybercrime is market-driven, with criminals gravitating toward models that maximize their return on investment. Criminals will divest and lessen efforts that have lower returns in favor of campaigns that improve profitability. Regrettably, we’re seeing this happen with ransomware, which is an extremely efficient crime and is growing both in popularity ...

Everybody who depends on digital information systems, which is everybody, saw a few glimpses of silver lining from the WannaCry ransomware attack that took the planet by storm Friday. For one thing, the attacks slowed, and there was no massive second wave. “The good news is, the infection rates have ...

Over the weekend, businesses and critical services like banks, hospitals, telecommunications services and transportation hubs around the world were hit with a cyber attack that locked users out of their own systems using a form of ransomware known as WannaCry. The potential loss of data may lead not only to ...