The Smart Grid: Status and Outlook

R45156

Tags: ,

Cybersecurity: Selected Issues for the 115th Congress

R45127

Tags:

Cyber Round Up: Cyber Command Strategy; Cyber Crime Suspect Arrested in Spain; U.S. Far Behind Russia and China in Cyber Operations

  • United States Cyber Command’s New Vision: What It Entails and Why It Matters (Lawfare): Yesterday, I posted a document from U.S. Cyber Command here.  Dr. Richard J. Harknett wrote a piece assessing the document for Lawfare on Friday, in which he labels the strategy a significant evolution in both strategy and operations for cyber.  Harknett lists some critical assumptions that the strategy makes in the strategy context. For operations, the strategy identifies ways in which cyber is a unique domain, according to Harknett. His full analysis of the strategy can be found here.

  • Billion euro cyber-suspect arrested in Spain (BBC): A suspect arrested in Spain is the alleged leader of an organized cyber crime gang that has siphoned money from over 100 banks since 2013, a recent article says. Steven Wilson, head of Europol’s Cyber-Crime Centre (EC3), said, “[t]he arrest of the key figure in this crime group illustrates that cyber-criminals can no longer hide behind perceived international anonymity.” The article emphasized that the arrest was the result of a coordinated international effort. The full story can be found here.

  • Russia and China have cyber operation plans, while we lag far behind (The Hill): An opinion piece written on The Hill yesterday suggests that the U.S. is far behind Russia and China when it comes to cyber operations. The article explains that those nations aren’t particularly good with offensive operations, the U.S. is just really bad when it comes to defense.  The U.S. has superiority in the fifth domain but that does not mean there isn’t room for improvement, the article says. The author suggests that part of this problem is due to both transparency and constant press about all U.S. failures. The story can be found here.

Tags: , , ,

Cyber Command Strategy Document: Achieve and Maintain Cyberspace Superiority

Command-Vision-for-USCYBERCOM-23-Mar-18

Tags:

Actual Indictment – Iranians Charged with Hacking 144 Universities and Lots More

Nine Iranians Charged With Conducting Massive Cyber Theft Campaign on Behalf of the Islamic Revolutionary Guard Corps

Mabna Institute Hackers Penetrated Systems Belonging to Hundreds of Universities, Companies, and Other Victims to Steal Research, Academic and Proprietary Data, and Intellectual Property

Tags: , ,

The Clarifying Lawful Overseas Use of Data (CLOUD) Act

This blog usually does not cover legislative proposals because they too often never progress through the process. But as Steve Vladeck first pointed out via tweet earlier this evening, the latest spending bill includes a provision worth addressing here.

The Clarifying Lawful Overseas Use of Data Act (CLOUD) Act, addressed the use of stored data overseas similar to that currently at issue in United States v. Microsoft Corp. which is at the Supreme Court. Vladeck explained in the same tweet that, if passed, this law could render that case moot and/or lead to the Justices to punt on the issue. The law adds to and amends the Stored Communications Act, 18 U.S.C. §§ 2701-2712.

A post from last week discussing the CLOUD Act addresses opposition to the Act but ultimately concludes that the new law will be beneficial. That post can be read here.  Another analysis from the Council on Foreign Relations looks at the implications for intelligence collection can be read here.

The full text of the proposed law, which is the last 32 pages of the 2232 page spending bill, is included below.

CLOUD Act

 

Tags: , , ,

US military cyber group tried to ‘manipulate the thinking’ of ISIS followers

A few weeks ago, I wrote a post on the difference between cyber and information warfare and U.S. policy in this sphere. The idea was sparked by a lecture from Gen. Michael Hayden this past fall at Syracuse University, when I realized that many people have likely conflated these two concepts. Cyber operations can be used for cyber warfare, defined as attacked computer systems. They can also be used as part of information warfare. It just so happens that most information today flows through cyberspace so cyber can have a bigger role in information operations.

Hayden said that the U.S. decided not to open the door to the world of information warfare. But a report yesterday says otherwise. The article from the Washington Examiner explains that Gen. Paul Nakasone, the head of Army Cyber Command, testified to the Senate about operations to “manipulate the thinking” of ISIS followers.

According to the article, Nakasone described his experience with the operations with the following: “I would offer that that is perhaps the piece of Ares that I’ve learned most about, being able to provide a message, being able to amplify a message to impact our adversaries.”  The article further elaborated that most of this work, which was done by Task Force Ares, was executed at a tactical and operational level. Nakasone has been nominated to lead U.S. Cyber Command and most of the testimony was focused on how the U.S. can protect the integrity of its elections from foreign meddling, the article said.

Personally, I’m glad to see the U.S. is engaging in this type of work. As I mentioned in the original post a few weeks ago, it would be somewhat silly to think that we weren’t engaged in information operations at least at some level. But it appears as though the military, which is also the entity I suggested giving this power to, is looking to expand its capabilities and further develop this tool.

Tags: , , , ,

Encryption Policy in Democratic Regimes: Finding Convergent Paths and Balanced Solutions

Below is a report from the East West Institute titled “Encryption Policy in Democratic Regimes: Finding Convergent Paths and Balanced Solutions.”  The organization’s own press release states that the report  “provides nine normative recommendations on encryption policy to ensure strong cybersecurity while enabling lawful law enforcement access to the plaintext of encrypted information in limited circumstances.”  The full press release can be found here, which includes links to the full report and executive summary.

ewi-encryption-us-version

Tags:

Cyber Round Up: Germany Calls Russian Cyber Attack ‘warfare’; Cyber Command Not a ‘Bully’; New SEC Guidance Comes Up Short

  • Russia cyber attack on Germany a ‘form of warfare’ (The Telegraph): A story last week discussed a recent and then still ongoing cyber attack against Germany. The report said that while government officials weren’t saying much, many expect there to be a lot more damage than those officials were initially letting on. The story suggested that the attacks were the work of Fancy Bear, a group allegedly associated with Putin’s intelligence agencies. The main concern, according to the article, is that the network attacked is supposed to be one of the most secure in Germany’s government. The full article can be read here.

  • US Cyber Command: An Assiduous Actor, Not a Warmongering Bully (Ciper Brief):  Last week, an article was posted on the Cipher Brief titled, “US Cyber Command: “When faced with a bully…hit him harder.” A response to that story came on Sunday on the same site, which refuted the idea that Cyber Command is a bully. The latter article explains that “[a] more positive account of the U.S. Cyber Command is that the organization is continuing to explore new approaches to ‘maneuver’ in this new ‘domain of warfare.’” That assertion is just one of many made by the author, who focused mostly on the developing nature of cyber space as the defining factor in Cyber Command’s current strategies. The full article can be read here.

  • SEC’s new cybersecurity guidance falls short (CSO Online):  Last week, this blog highlighted the new cyber guidance released by the SEC in a post that can be found here.  A piece by CSO Online reaches the conclusion that the SEC could have done much in its newest guidance, particularly in the wake of the Equifax breach. The article says that the guidance is an improvement, but that it still doesn’t have the teeth to make it truly effective. At the end of the day, the article explains, these are still just recommendations. The article contrasts this with data breach notification laws that have been passed in 48 states. The full article can be found here.

Tags: , , ,

Blockchain: Background and Policy Issues

Below is a Congressional Research Service report released last week that provides some basic background regarding blockchain technology and related policy issues.

BlockchainR45116

Tags: , ,

« Previous PageNext Page »

Authors

Untitled Document
Professor William Snyder

Professor William C. Snyderis a member of the faculty of the Institute for National Security and Counter-terrorism at Syracuse University after fifteen years with the United States Department of Justice.

Ryan D. White

Ryan D. WhiteRyan is currently a third year law student at Syracuse University College of Law, and is also pursuing a Master of Public Administration degree from Syracuse’s Maxwell School of Citizenship and Public Affairs. Ryan spent time with Homeland Security Investigations while pursuing his undergraduate degree at Wesleyan University, and spent his first summer of law school as clerk for the U.S. Attorney’s Office in the Western District of New York. He is a member of Syracuse Law Review, the Journal on Terrorism and Security Analysis, and participates in the Veteran’s Legal Clinic. Full biography

Shelby E. Mann

Ryan D. WhiteShelby is a second year law student at the Syracuse University College of Law. She is the 2018-9 Editor in Chief of the Syracuse Law Review, as well as a member of the Journal on Terrorism and Security Analysis, and the senior editor for the Syrian Accountability Project. During her final year at the University of Missouri, she served as a full-time news producer for ABC 17 News. Shelby spent her first summer of law school at the Shelby County District Attorney General's Office in Memphis, Tenn., in the Public Corruption and Economic Crimes Unit. Full biography

Christopher w. FolkChristopher W. Folk

is a 2017 graduate of SU College of Law. A non-traditional student, Christopher returned to academia after spending nearly twenty years in the high tech industry. Christopher served in the Marine Corps, graduated from Cornell University with a B.S. In Applied Economics and Business Management, attended Northeastern University’s High-Tech MBA Program and received a M.S. In Computer Information Systems. Christopher previously worked in Software Engineering. Christopher is currently serving his second term as Town Justice for the Town of Waterloo. Christopher externed with a Cybersecurity firm in the Washington, D.C. area between his first and second year at SU College of Law. Full biography

Anna Maria Castillo

Anna Maria Castillois 2016 graduate of Syracuse College of Law. She also holds a Master of Arts in International Relations from Syracuse University's Maxwell School of Citizenship and Public Affairs. She has interned at a London-based think-tank that specializes in transnational terrorism and global security and at the legal department of a defense contractor. She served as an executive editor in the Syracuse Law Review. Full biography

Jennifer A. CamilloJennifer A. Camillo

is a 2015 graduate of Syracuse College of Law and is a prosecutor. She has served as a law clerk in the United States Attorney’s Office for the Northern District of New York and the Cayuga County District Attorney’s Office and as an extern in the Oneida County District Attorney’s Office. She was a member of the Syracuse National Trial Team and was awarded the Tiffany Cup by the New York Bar Association for her trial advocacy achievements.

Tara J. PistoreseTara J. Pistorese

holds Juris Doctor and Masters of Public Administration degrees from Syracuse University's Maxwell School of Citizenship and Public Affairs and its College of Law. She wrote for this blog when a student. She is now a member of the U.S. Army Judge Advocate General's Corps.

Benjamin Zaiser

is both a scholar and a Federal Agent of the Federal Criminal Police Office of Germany. (Opinions expressed here are his own and not any part of official duty.) Full biography

Categories