Nearly everyone now accepts that Russia attempted to interfere with the U.S. electoral process with the aim of harming Hillary Clinton’s presidential campaign. Even President Donald Trump has grudgingly admitted that Russia was behind the hacking of the Democratic National Committee. But for a long, long time – far too ...

No consensus report resulted from the yearlong negotiations of the 5th United Nations Group of Governmental Experts (GGE) on the Developments in the Field of Information and Communications Technologies (ICTs). As the meeting drew to a close in June, the 25 government officials ended their work with a disappointing acknowledgement ...

The White House’s National Security team is expected to issue a report early this week outlining U.S. options for deterring adversaries in cyber space.  The report, called for as part of President Donald Trump’s Cyber Executive Order issued last May, is expected to offer a range of options from economic ...

Unsurprisingly, the fifth UN Group of Governmental Experts (GGE) ran into difficulties that proved fatal. Previous GGEs operated in a more favorable international climate. The substance of the GGE’s work peaked with its 2013 Report and by the end of the 2015 session, it was clear that the GGE format ...

The fallout of major cyber attacks and espionage campaigns increasingly shapes interactions between nations. The vulnerability of the United States to such digital intrusions will only grow as the country becomes more dependent on networked technologies, particularly the Pentagon’s weapon systems. Mere network defense is not sufficient; the United States ...

Disruptive and intrusive cyber activity pervades much of modern international relations. The trend towards the jockeying for global influence and geopolitical positioning through cyber means is only going to grow as more countries and non-state actors play out conflicts in the virtual domain. The responsibility for defending U.S. interests from ...

How should nations collaborate in cyberspace? Can a nation like the U.S. and one like Russia bridge their views on data collection? What’s the future of artificial intelligence? The Cipher Brief’s Kaitlin Lavinder talked with Michael Daniel, former special assistant to President Barack Obama and cybersecurity coordinator at the White ...

One of the only tasks the U.S. Constitution declares that the federal government must do is to provide for the common defense. That is the government’s foundational truth and purpose; to protect American lives, liberty, and their pursuit of happiness from those that would disrupt it. So, the question on ...

The newest ransomware attack called NotPetya has re-ignited the debate ongoing since the earlier WannaCry attack. Cybersecurity experts, policymakers, and citizens affected have all asked: who is to blame for these attacks? The underlying vulnerability in both these attacks is based on a Microsoft vulnerability, which was discovered and extensively used by the National Security ...

As the dust settles on last Tuesday’s NotPetya malware outbreak, it is increasingly evident that this was not a ransomware, money-making attack at all; rather it was a targeted, destructive cyberattack against Ukraine. It utilized deception in which it was designed to look like ransomware but wasn’t. It targeted obscure ...

In the early days of the internet, criminals quickly saw the new technology as an avenue for data theft, extortion, and uninhibited global reach. These criminals found safe haven behind anonymizing technology and governments slow or unwilling to solve the puzzle presented by borderless technology. The intersection of national security ...

Malicious and trusted insiders pose a range of challenges in terms of counterintelligence risks and physical threats, and experts say policy needs to catch up quickly to the new technologies available to help mitigate the problem. “There’s a lack of willingness to share information, and that’s why I still believe ...

Each minute of each day federal cybersecurity teams triage an unimaginable number of threats to our national security. While many of those threats are from nation-state backed hackers attempting to breach our defenses, there are just as many critical threats coming from inside an agency. Insider threats are not new. ...

There is little argument that the relationship between the public and private sectors has to be far stronger in order for the U.S. Government and U.S. Businesses to adequately protect themselves from emerging cyber attacks. One of the challenges to date has been agreeing on how to share information between ...

Few security challenges muddle the distinction between government and business roles as those emanating from cyberspace. National security issues no longer remain solely under the purview of government agencies, and companies continue to find themselves in the sights of foreign adversaries. Moreover, attacks against commercial products have geopolitical ramifications. Software ...

Statecraft and business have always been closely linked, but the advent of digital technology has blurred the roles more than ever. Systems crucial to the economic well-being and national security of the United States rest in the hands of private companies. The two sectors must cooperate by sharing information at ...

The United Kingdom has revamped the way its intelligence agencies collaborate with private industry by establishing a new National Cyber Security Centre that leans towards more open and meaningful exchanges to help secure the country against malicious cyber attacks. The Cipher Brief’s Levi Maxey spoke with Sir David Omand, the ...

President Donald Trump made it abundantly clear at the recent NATO heads of State meeting in Brussels that he wants to see members of the transatlantic alliance boost their military spending. Denmark, the only Nordic country that is a member of both NATO and the European Union, has been a ...

The worldwide WannaCry ransomware, which targeted computers running the Microsoft Windows operating system, was an admonition to everyone who connects to cyberspace – especially the U.S. intelligence community.  WannaCry was only the most recent example in a long line of high-profile cyber attacks that demonstrated how the timely application of ...

Over the past few weeks, a critical question has been discussed amidst cybersecurity professionals and experts. Who would pair North Korean-linked malware with an alleged U.S. government cyber exploit leaked by the suspected Russia-affiliated Shadow Brokers to create a new variant of ransomware – a form of malware typically within ...

Today China began enforcing its controversial new Cybersecurity Law, which broadly demands that multinational companies make data accessible to the Chinese government while strengthening the regime's control over content found inappropriate. Such measures have been made under the auspices of bolstering Chinese national security, but could have profoundly negative impacts ...

We are living in a new era, with unprecedented industrial scale theft of intellectual property and company secrets. The most recent example is a vast cyber espionage campaign, dubbed Operation Cloud Hopper, made public this April. In this global campaign, a China based group targeted IT service providers, thereby obtaining ...

Is this ever going to end? The daily barrage of hacking news assaulting us in headlines is making us numb, if not scared to death. However, there is a little-known secret that gets lost in all of this cyber-disaster noise. The U.S government does, in fact, have a three- to ...

One of the emerging trends in today’s expanding cyber espionage landscape has been China’s emergence as the leading practitioner of economic cyber espionage. What does the trajectory of Chinese economic espionage look like, and where do we still see barriers to the establishment of effective norms barring the practice before ...

Despite the insistence of many pundits and technical experts, the recent WannaCry outbreak was – mercifully – a poorly organized attack with a poorly constructed tool. It was, in fact, the best of all worst-case scenarios. This salvo – and the attendant global reaction – only highlights the degree of gross ...

It has been three years since the Obama Administration publically indicted five Chinese military officials for hacking U.S. companies, a move that prompted negotiations to halt economic cyber espionage intended to benefit Chinese economic competitiveness. The Cipher Brief spoke with John Hultquist, the Manager of Analysis at FireEye, about the ...

When Beijing got the word that the United States was accelerating the deployment of its Terminal High Altitude Area Defense (THAAD) system to South Korea as a response to North Korea’s latest missile tests, senior Communist Party officials went, no pun intended, ballistic. The official Chinese news agency Xinhua wrote ...

Cybercrime is market-driven, with criminals gravitating toward models that maximize their return on investment. Criminals will divest and lessen efforts that have lower returns in favor of campaigns that improve profitability. Regrettably, we’re seeing this happen with ransomware, which is an extremely efficient crime and is growing both in popularity ...

Everybody who depends on digital information systems, which is everybody, saw a few glimpses of silver lining from the WannaCry ransomware attack that took the planet by storm Friday. For one thing, the attacks slowed, and there was no massive second wave. “The good news is, the infection rates have ...

Over the weekend, businesses and critical services like banks, hospitals, telecommunications services and transportation hubs around the world were hit with a cyber attack that locked users out of their own systems using a form of ransomware known as WannaCry. The potential loss of data may lead not only to ...

Who’s to blame for the astonishingly successful ransomware attack sweeping the planet? Microsoft, the information technology giant whose popular Windows operating systems harbored the flaw malicious hackers exploited to paralyze at least 200,000 computers and systems in 150 countries, is pointing the finger at Washington. “Repeatedly, exploits in the hands ...

Friday’s global attack on computers in some 150 countries was clearly a wake-up call. It took government systems offline, affected corporations of all kinds, took critical infrastructure systems out of service and even changed the agenda of the G7 meeting in Italy. But, it was an attack carried out without ...

In response to the massive Wannacry ransomware attack that infected over 200,000 computers around the world, Brad Smith, Microsoft’s President and Chief Legal Officer, wrote a blog post Sunday night on lessons from the cyberattack—and the “urgent need for collective action” to keep people safe online. Below is an excerpt. ...

As businesses wake up to the possibility that the WannaCry ransomware tool will spread beyond the already estimated 200,000 computers already infected across Europe, experts are calling for a stronger public-private partnership on cybersecurity. The wake up call from this latest attack: there was a patch that would have shored ...

The long-awaited executive order on cybersecurity is out. It’s not dramatic or surprising (perhaps because drafts have been floating around Washington for weeks), but it has good ideas. It’s level-headed and pragmatic. The main thing to consider with the order is that it is mainly a presidential task order, calling ...

With a barrage of attacks regularly hammering the private sector and nearly every U.S. federal agency, there is a strong need for government policies within an overarching cyber deterrence strategy. The impacts of network intrusions go well beyond the immediate loss of data, but ripple into malicious influence over public ...

With the help of big data analytics, the Department of Defense Insider Threat Management and Analysis Center — better known as the DITMAC — is looking to transform the DoD’s approach to the threats trusted insiders can pose to personnel and information. Developed in the wake of the 2013 shooting ...

At the RSA conference in February, Microsoft's Chief Legal Officer called for a "digital Geneva Convention" to help provide parameters on offensive cyber operations and address a rapidly growing area of concern for many organizations. This followed on the heels of the release of the second iteration of the Tallinn ...

As people’s lives become more attached to the internet, cyber attacks will have more of an impact. One of the most pressing threats is the growth of botnets, or networks of compromised computers that can be leveraged for a variety of nefarious purposes. The Cipher Brief spoke with Omri Iluz, ...

Imagine an army of computers, acting under the instructions of a criminal syndicate, terrorist group, or foreign government. The sheer size of this network of devices augments the computing power of a single hacker, allowing them to coordinate attacks capable of knocking offline crucial websites belonging to banks, social media, ...

With the proliferation of smart devices connected to the public internet the population of botnets – networks of compromised devices that can be leveraged for large-scale cyber attacks – has exploded. The Cipher Brief spoke with Kevin Reid, Vice President of National Security and Chief Information Officer at KeyLogic and ...

As governments and industries try to understand the ever-evolving landscape of cyber threats to civilian nuclear power plants, it is becoming clear that property and information are not the only assets at stake. Public confidence is also at risk. The steady stream of news about massive hacking of government and corporate ...

A zero-day, meaning a tool used to exploit a newly discovered computer vulnerability, alone does not make an attack. It is but one element of many in an attack, chain and there's much more we can do to increase the odds attacks are defeated. I recently participated in The Cipher ...

The modern data center is evolving like few ever thought possible, and this progression is in play across the public and private sector for good reason. Cloud migration delivers tangible benefits, ranging from reduced operational costs, lower head counts, and improved security posture, just to name a few. While the ...

Russian cyber operations are widely discussed and reported on today. Conversations frequently range from how the Russian government hacked the Democratic National Committee (DNC) to the utilization of Russian social media trolls for political influence. Often missing from the conversation, however, is how these operations fit into the overall context ...

False flag operations have been routine ploys in espionage and warfare for centuries. Now they have turned up in cyber operations. The Cipher Brief spoke with Tim Maurer, co-director of the Cyber Policy Initiative at the Carnegie Endowment for International Peace, about the history of these subterfuges and how governments ...

How can a government, or a company, determine who launched a cyber attack? Attribution becomes even more difficult when the attackers disguise themselves as others. The Cipher Brief asked Hank Thomas, a partner and Chief Operating Officer at Strategic Cyber Ventures, what so-called false flags in cyberspace look like and ...

A false flag operation – pretending to be someone else while conducting spycraft or warfare – is an age-old tactic. With the advent of cyber espionage and digital warfare, those maneuvering in the virtual domain can use false flags. In the Digital Age, determining the origins of cyber attacks is ...

Zero-day vulnerabilities -- security flaws in commercial software or hardware for which developers haven’t devised a patch -- have existed since the dawn of the Digital Age, but today, former NSA and CIA director Michael Hayden said at a meeting of cyber security experts convened by The Cipher Brief, they’re ...