Cyber Round Up: Nuclear Response to Cyber Attacks; North Korea and ‘Catastrophe’; State Cyber Office

  • Pentagon considers nuclear response to retaliate for large cyber attacks (CSO Online): A draft version of the Pentagon’s 2018 Nuclear Posture Review states that the use of nuclear weapons should only be contemplated in “extreme circumstances,” according to a recent article.  That article also points out that a large scale cyber attack could create “extreme circumstances.” While the Posture document itself does not identify cyber attacks by name, off the record officials commented that such an attack could qualify.The article focuses mainly on policy around nuclear weapons, but further reiterates that the U.S. position that it can respond to cyber attacks in a time and manner of its choosing. The full article can be read here.
  • House votes to restore State cyber office, bucking Tillerson (The Hill): An article yesterday reported that the House of Representatives passed a bill that would restore a cyber office that was shut down five months ago by the Secretary of State. The Cyber Diplomacy Act would “establish an Office of Cyber Issues to engage with other countries on cyber threats and promote U.S. interests in cyberspace abroad.” The original move was intended to streamline the Department’s operations, according to the article, and officials say that cyber has remained a priority since then. The full article can be read here.

Tags: , , ,

ICYMI: FBI Director on Digital Age, Encryption

Earlier this month, FBI Director Christopher Wray addressed the FBI International Conference on Cyber Security at Fordham University. The full text of his remarks, titled “Raising Our Game: Cyber Security in an Age of Digital Transformation” are included below and can be found here.

Raising Our Game_ Cyber Security in an Age of Digital Transformation — FBI

Tags: , ,

Cyber Round Up: Department of Defense Prepares for New Type of War; Department of Homeland Security Breach; The Need for At-Home Cybersecurity Solutions

  • Cybersecurity Showdown: Why the Military Is Preparing for a New Kind of War (The National Interest):
    President Trump just signed the 2018 National Defense Authorization Act (NDAA) into law, according to a recent article. This year’s NDAA includes provisions in “Cyberspace-Related Matters” (Title XVI, Subsection C) requiring the White House and the Department of Defense to focus and establish national standards and guidance in the cybersecurity and cyber-warfare space. The National Interest article analyzes Congress’ priorities regarding cyberspace as presented in the 2018 NDAA. Those priorities include developing legal norms in cyber warfare and reviewing where the US currently stands in cybersecurity. You can find the entire analysis here.
  • The new DHS breach illustrates what’s wrong with today’s cybersecurity practices (The Hill): We are only 10 days into 2018 and we have already learned of a Department of Homeland Security breach. The department sent out notification letters to selected employees on January 3, according to a DHS memo. The breach occurred in 2014 and impacted 247,167 employee records, according to The Hill. The article, however, points out how the DHS memo characterized the breach as a “privacy incident,” which “can have different reporting requirements than cyber incidents.” Read more about the different impacts and requirements various designations following breaches can have here.
  • Cybersecurity Solutions Need to Start at Home, CUJO Offers Strong Defense at a Decent Cost (Forbes): Cybersecurity threats expand beyond businesses, and it is important to have protections at home. Choosing a defense mechanism can be difficult, however, according to a recent article. The article discusses CUJO, a “smart firewall device” consumers can use to protect “connected homes and Internet of Things devices.” CUJO provides protection and network management using a combination of cloud services, machine learning, and mobile apps. Learn more about CUJO and how you can enhance at-home cybersecurity methods here.

Tags: , , , , , , ,

Cyber Round Up: Ethical Hackers; Meltdown and Spectre; Cyber & International Law

  • Anatomy of an ethical hacker: What it takes to operate on the frontlines of cybersecurity (Tech World): A recent article attempts to distinguish ethical hackers from any negative connotations that may be associated with the word. Hackers are not “anti social and geeky,” the article explains, but instead are “social, curious, adaptable and motivated”by a number of different things. The article summarizes what ethical, or white hat hackers are and why they do what they do. The full article can be read here.here.
  • A Critical Intel Flaw Breaks Basic Security for Most Computers (Wired): A new article discusses a report from researchers from several universities and companies about the flaw in Intel hardware that has affected many computers.  The report highlights two major attacks based on the hardware flaw, Spectre and Meltdown. “While programs are typically not permitted to read data from other programs, a malicious program can exploit Meltdown and Spectre to get hold of secrets stored in the memory of other running programs,” according to the article and report. The article explains that Spectre steals data from other apps on a computer and Meltdown can access “higher-privileged parts” of a computer.  The full article can be found here.
  • Approaches to International Cyberlaw: A View from Israel (Lawfare): A post on Lawfare late in December focused on how impressed the authors were with the Hebrew University Cyber Security Research Center’s event on the Tallinn Manuals on Cyber Operations. The post explains that the event covered topics such as sovereignty, force, and self defense. While there were some near consensus thoughts, including that international treaties were unlikely, the authors explain that most of the discussions involved significant splits in methodology and approach, which the post discusses. The full blog can be read here.

 

Tags: , , ,

CSIS: The Kremlin Playbook

CSIS has a podcast addressing Russia’s 2016 election meddling and how it fits into their broader scheme of information warfare.  The podcast can be heard on their website here, which also includes this description:

“In 2016, a rival foreign power, Vladimir Putin’s Russia, launched an attack on the United States of America.   What we now know is that American intelligence agencies have concluded that Russia planned and executed a campaign to undermine our democracy and to affect our Presidential election.

For President Trump, Russia is a complicated subject.  But this podcast isn’t about Donald Trump’s complications with Russia, nor is it about Republicans and Democrats.   One of the dangers in the hyper partisan American debate over Russia’s role in the 2016 presidential election is that it is blurring the larger picture.  This three part podcast mini-series is about the larger picture.  Episode one will look at why Russia meddled in our election; episode two will examine case studies of past Russian behavior; and episode three will discuss what the US can do to counter Russia’s actions.

Hosted by CSIS’s H. Andrew Schwartz, co-host of ‘Bob Schieffer’s About the News'”

Tags: , , ,

Tenured Opening for an Accomplished National Security Law and Policy Academic

Syracuse University College of Law invites applicants for a tenured faculty position as Institute for National Security and Counterterrorism (INSCT) Director beginning Fall 2018. Founded in 2003 as a collaboration between the College of Law and the Maxwell School of Citizenship and Public Affairs, INSCT is an internationally renowned university institute with an established history of sponsored research, policy analysis, and educational programs. Applicants for Director must have a distinguished record of research and teaching commensurate with a tenured faculty appointment. Applicants must also have expertise and interests in national security, broadly understood to include the fields of international law, counterterrorism, and human rights. Special consideration will be given to applicants with expertise in cybersecurity. We prefer applicants with experience directing a university-level institute, including experience with interdisciplinary engagement, strategic planning, sponsored research, the design and administration of educational programs, and fundraising. The College of Law particularly welcomes applications from candidates for this position who contribute to the diversity of the College of Law community.

Candidates should have an excellent academic record with at least a J.D. degree. Preferred post-J.D. experience and credentials include advanced degree, judicial clerkship, relevant legal practice, or similar experience. A record of excellent teaching and distinguished scholarship, commensurate with a tenured faculty appointment, are required. Expertise and interests in national security, broadly defined, are also required. Prior law school teaching and a demonstrated ability to lead an interdisciplinary research and teaching institute are preferred. Candidates who contribute diversity to the College of Law are also preferred. As part of their teaching commitments, candidates will be expected to teach a first year course or a core upper-division course.

Responsibilities: Directing INSCT and serving as a tenured faculty member at the College of Law. Director responsibilities include interdisciplinary engagement, strategic planning for institute development, pursuit of sponsored research grants, organization of colloquia and conferences, administration of educational programs, management of INSCT personnel, cultivating alumni relationships, and fundraising. Responsibilities of tenured faculty members include teaching law courses, engagement in academic scholarship, publishing, presentations, committee work at the College and University, community service work and advising students.

Interested applicants should apply to http://sujobopps.com/postings/72909.

Please include a letter of interest, applicant resume, and the names of three references, including academic references capable of assessing the applicant’s potential as a legal academic, and references who can address the applicant’s potential to direct a university institute. Syracuse University is committed to diversity and is an equal opportunity employer. Applications will be accepted until the position is filled; however, priority consideration will be given to applications received prior to January 15, 2018.

Here is the complete position prospectus:

 

INSCT_Director_Position_Prospectus

Continue reading

Tags: ,

Cyber Round Up: Kaspersky sues U.S. government; AI and Cyber Arms Race; U.S. Blames North Korea for WannaCry

  • Kaspersky Lab asks court to overturn U.S. government software ban (Reuters): The major Russian software company has resorted to legal measures in response to recent bans on its use by federal agencies, reports say. Although sales to U.S. government agencies comprise only .03% of its U.S. sales, the damage to Kaspersky’s reputation and trickle down effect on U.S. sales has been much greater, the article says. The article explains that the company asked a district court to overturn the ban. The full story can be read here.

  • The cyberspace arms race: artificial intelligence & cyber security (The Forum Network):  An article last week discussed the role of artificial intelligence and the cyber arms race. The piece looks at the short, medium, and long term effects of artificial intelligence-powered cyber weapons. The article explains that hackers are developing AI for offensive hacking operations, but the parallel defense measures are not being produced at the same rate.  Finally, the author gives his suggestions for policy makers to address this set of concerns. The full article can be found here.

  • U.S. blames North Korea for ‘WannaCry’ cyber attack (NY Times): The U.S. government has publicly attributed the WannaCry attack earlier this year to North Korea, an article yesterday said. Homeland Security adviser Tom Bossert issued a statement on the matter, which the article quotes. A second official explained that a hacking entity called Lazarus Group, which operates on behalf of the North Korean government, carried out the attacks. Although there were no indictments, this was still part of a name and shame strategy to “erode and undercut their ability to launch attacks.”  The full article can be read here.

 

Tags: , , ,

National Security Strategy and Cyber

Yesterday, President Trump released his National Security Strategy with the theme “America First.”  The strategy consists of four main pillars:  I. Protect the American People, The Homeland, and The American Way of Life; II. Promote American Prosperity; III. Preserve Peace Through Strength; IV. Advance American Influence. Each of those pillars contained policy objectives and specific “priority actions” designed to help achieve them.

One of the four objectives in Pillar I is to “Keep America Safe in the Cyber Era.”  The strategy acknowledges the threats that exist to critical infrastructure, federal networks, and security for both businesses and individuals in the private sector.  The strategy identifies the nation’s cyber capabilities as determinative of its future: “America’s response to the challenges and opportunities of the cyber era will determine our future prosperity and security.” The priority actions for the cyber tenet of Pillar I, which are explained more fully in the document below, are:

  • Identify and Prioritize Risk
  • Build Defensible Government Networks
  • Deter and Disrupt Malicious Cyber Actors
  • Improve Information Sharing and Sensing
  • Deploy Layered Defenses

All of those are laudable goals and logically sound steps to achieving cyber security. But, it is much easier said than done.

One of the goals in Pillar II is to “Lead in Research, Technology, Invention, and Innovation.” This includes the U.S. “prioritiz[ing] emerging technologies critical to economic growth and security, such as data science, encryption, autonomous technologies, . . . advanced computing technologies, and artificial intelligence. From self-driving cars to autonomous weapons, the field of artificial intelligence, in particular, is progressing rapidly.”

Another goal of Pillar II is to “Promote and Protect the U.S. National Security Innovation Base,” which emphasizes protecting U.S. intellectual property from nations such as China. Although not explicit in the strategy itself, this implicates cyber security.

Pillar III includes the objective to “Renew Capabilities,” including those in cyberspace. “Malicious state and non-state actors use cyberattacks for extortion, information warfare, disinformation, and  more. . . . The United States will deter, defend, and when necessary defeat malicious actors who use cyberspace capabilities against the United States. When faced with the opportunity to take action against malicious actors in cyberspace, the United States will be risk informed, but not risk averse, in considering our options.”

Priority Actions for renewing cyber capability, whose full explanations are again in the document below, include:

  • Improve Attribution, Accountability, and Response
  • Enhance Cyber Tools and Expertise
  • Improve Integration and Agility

Although it has no dedicated section of its own, the strategy references the critical value of information and information operations in the modern era.

Finally, Pillar IV focuses on increasing American influence. The first cyber related Priority Action in this section is to “Ensure Common Domains Remain Free” which states that actions in several domains, including cyberspace, must comply with international law.

The second priority is to “Protect a Free and Open Internet.” The strategy explains that “[t]he United States will advocate for open, interoperable communications, with minimal barriers to the global exchange of information and services. The United States will promote the free flow of data and protect its interests through active engagement in key organizations, such as the Internet Corporation for Assigned Names and Numbers (ICANN), the Internet Governance Forum (IGF), the UN, and the International Telecommunication Union (ITU).”

NSS-Final-12-18-2017-0905

 

 

 

Tags:

National Security Strategy Speaks of Cyberattacks Used for Information Warfare

Today, the White House released the National Security Strategy of the United States of America.  Here are its primary statements about cyberspace:

Cyberspace

Malicious state and non-state actors use cyberattacks for extortion, information warfare, disinformation, and more. Such attacks have the capability to harm large numbers of people and institutions with comparatively minimal investment and a troubling degree of deniability. These attacks can undermine faith and confidence in democratic institutions and the global economic system.

Many countries now view cyber capabilities as tools for projecting influence, and some use cyber tools to protect and extend their autocratic regimes. Cyberattacks have become a key feature of modern conflict. The United States will deter, defend, and when necessary defeat malicious actors who use cyberspace capabilities against the United States. When faced with the opportunity to take action against malicious actors in cyberspace, the United States will be risk informed, but not risk averse, in considering our options.

Priority Actions

IMPROVE ATTRIBUTION, ACCOUNTABILITY, AND RESPONSE: We will invest in capabilities to support and improve our ability to attribute cyberattacks, to allow for rapid response.

ENHANCE CYBER TOOLS AND EXPERTISE: We will improve our cyber tools across the spectrum of conflict to protect U.S. Government assets and U.S. critical infrastructure, and to protect the integrity of data and information. U.S. departments and agencies will recruit, train, and retain a workforce capable of operating across this spectrum of activity.

IMPROVE INTEGRATION AND AGILITY: We will improve the integration of authorities and procedures across the U.S. Government so that cyber operations against adversaries can be conducted as required. We will work with the Congress to address the challenges that continue to hinder timely intelligence and information sharing, planning and operations, and the development of necessary cyber tools.

Tags: , ,

Cyber Round Up: Developing Iranian Cyber Threat; Cyberwar to Improve Security?; Office Employees and Insider Threats

  • Following the Developing Iranian Cyberthreat (Fifth Domain):  Russia and China always come to mind when thinking of U.S. adversaries in cyberspace, but don’t forget about Iran, a recent article says. Iran both recruits hackers to work for the government and encourages them to operate independently, the author explains.  The article walks through Iran’s development as a threat in cyberspace and its main actors. It also addresses Iran’s military cyber capabilities and the role of foreign assistance. The full article can be read here.
  • Is cyberwar the fastest way to improve cybersecurity? (CSO Online): It’s difficult to convince people to take cybersecurity seriously. According to a recent article, one way that certainly would motivate people would be a serious cyberspace conflict. This idea makes sense — people always respond after major incidents. The article explains a concept that we’ve highlighted before, which is that people choose convenience over security. Cybersecurity is really an economics problem, the author says, in that people want functional products, not secure ones, so that’s what is produced. The article makes clear that war is not desirable but lists some of the progress that may be made as a result. The full piece can be read here.
  • 99% of office workers threaten their company’s cybersecurity (Tech Republic): It is a well understood tenet of cybersecurity that the greatest harm to any system can be done via the insider threat. An article from Tech Republic showed how prevalent that threat is with a recent study.  Over 1,000 office workers were interviewed and 99% of responses indicated at least one cyber habit that would compromise the integrity of an office’s security system. 49% of people responded that they accessed company documents after leaving the company, a huge increase from 28% since last time the study was conducted. The full article with all the details of the study can be found here.

Tags:

Next Page »

Authors

Untitled Document
Professor William Snyder

Professor William C. Snyderis a member of the faculty of the Institute for National Security and Counter-terrorism at Syracuse University after fifteen years with the United States Department of Justice.

Ryan D. White

Ryan D. WhiteRyan is currently a third year law student at Syracuse University College of Law, and is also pursuing a Master of Public Administration degree from Syracuse’s Maxwell School of Citizenship and Public Affairs. Ryan spent time with Homeland Security Investigations while pursuing his undergraduate degree at Wesleyan University, and spent his first summer of law school as clerk for the U.S. Attorney’s Office in the Western District of New York. He is a member of Syracuse Law Review, the Journal on Terrorism and Security Analysis, and participates in the Veteran’s Legal Clinic. Full biography

Shelby E. Mann

Ryan D. WhiteShelby is a second year law student at the Syracuse University College of Law. During her final year at the University of Missouri, she served as a full-time news producer for ABC 17 News. Shelby spent her first summer of law school at the Shelby County District Attorney General's Office in Memphis, Tenn., in the Public Corruption and Economic Crimes Unit. She is a member of Syracuse Law Review, the Journal on Terrorism and Security Analysis, and the senior editor for the Syrian Accountability Project. Full biography

Christopher w. FolkChristopher W. Folk

is a 2017 graduate of SU College of Law. A non-traditional student, Christopher returned to academia after spending nearly twenty years in the high tech industry. Christopher served in the Marine Corps, graduated from Cornell University with a B.S. In Applied Economics and Business Management, attended Northeastern University’s High-Tech MBA Program and received a M.S. In Computer Information Systems. Christopher previously worked in Software Engineering. Christopher is currently serving his second term as Town Justice for the Town of Waterloo. Christopher externed with a Cybersecurity firm in the Washington, D.C. area between his first and second year at SU College of Law. Full biography

Anna Maria Castillo

Anna Maria Castillois 2016 graduate of Syracuse College of Law. She also holds a Master of Arts in International Relations from Syracuse University's Maxwell School of Citizenship and Public Affairs. She has interned at a London-based think-tank that specializes in transnational terrorism and global security and at the legal department of a defense contractor. She served as an executive editor in the Syracuse Law Review. Full biography

Jennifer A. CamilloJennifer A. Camillo

is a 2015 graduate of Syracuse College of Law and is a prosecutor. She has served as a law clerk in the United States Attorney’s Office for the Northern District of New York and the Cayuga County District Attorney’s Office and as an extern in the Oneida County District Attorney’s Office. She was a member of the Syracuse National Trial Team and was awarded the Tiffany Cup by the New York Bar Association for her trial advocacy achievements.

Tara J. PistoreseTara J. Pistorese

holds Juris Doctor and Masters of Public Administration degrees from Syracuse University's Maxwell School of Citizenship and Public Affairs and its College of Law. She wrote for this blog when a student. She is now a member of the U.S. Army Judge Advocate General's Corps.

Benjamin Zaiser

is both a scholar and a Federal Agent of the Federal Criminal Police Office of Germany. (Opinions expressed here are his own and not any part of official duty.) Full biography

Categories