Skip to content

Category Archives: Cybersecurity

Learning from the Attack against Sony

By
Friday, January 23, 2015 at 10:38 AM

On June 26, 2014, the BBC reported that North Korea threatened war against the United States if a Sony-produced movie (“The Interview”) was released. On November 24, 2014, Sony Pictures Entertainment was the victim of a cyberattack that compromised unreleased films, private correspondence, and other sensitive information. A group calling itself Guardians of Peace (GOP) . . .
Read more »

The State of the Union on Counterterrorism: Does The Rhetoric Match the Policies?

By
Wednesday, January 21, 2015 at 4:28 PM

On counterterrorism, the President’s speech was a study in mismatches—as was apparent last night in at least two respects. First: The address began with an odd intermix of statements related, on one hand, to the economy, and on the other hand, to post-9/11 military engagement and the subsequent end of the wars in Afghanistan and . . .
Read more »

Relevant Passages of President Obama’s State of the Union Address

By
Tuesday, January 20, 2015 at 9:32 PM

The following are the passages of tonight’s State of the Union address that seem to me most relevant to the Lawfare readership: Tonight, for the first time since 9/11, our combat mission in Afghanistan is over.  Six years ago, nearly 180,000 American troops served in Iraq and Afghanistan.  Today, fewer than 15,000 remain.  And we salute the courage . . .
Read more »

The NRC’s Bulk Collection Report: a High-Level Overview

By
Tuesday, January 20, 2015 at 3:00 PM

Last week, Wells noted the release of an important, 85-page report by the National Research Council. (Yesterday, Herb Lin added his thoughts about it.) Broadly, Bulk Collection of Signals Intelligence: Technical Options concludes that right now, there are no software-based techniques that could fully replace the bulk collection of data. Below, I offer a high-level, . . .
Read more »

What David Cameron Doesn’t Get

By
Tuesday, January 20, 2015 at 10:30 AM

Last week British Prime Minister David Cameron gave an extraordinary speech in which he urged the the banning of private communications, that is communications to which the government could not listen into when legally authorized to do so. Cameron is not the first government official to do so; GCHQ Director Robert Hannigan urged the same . . .
Read more »

Reactions to NYT Story on North Korean Cyber Penetration

By
Monday, January 19, 2015 at 9:45 AM

David Sanger and Martin Fackler write in the NYT that the NSA “drilled into the Chinese networks that connect North Korea to the outside world, picked through connections in Malaysia favored by North Korean hackers and penetrated directly into the North with the help of South Korea and other American allies,” and also placed malware . . .
Read more »

New NSA Documents on Offensive Cyberoperations

By
Sunday, January 18, 2015 at 2:10 PM

Jacob Appelbaum, Laura Poitras and others have another NSA aticle with an enormous Snowden document dump on Der Spiegel, giving details on a variety of offensive NSA cyberoperations to infiltrate and exploit networks around the world. There’s a lot here: 199 pages. (Here it is in one compressed archive.) Paired with the 666 pages released . . .
Read more »

President Obama Comments on Back-doors in Encryption

By
Friday, January 16, 2015 at 5:50 PM

We’ve yet to find a transcript of President Obama’s remarks during today’s press conference with British Prime Minister David Cameron, but according to several news outlets, the President made a number of interesting statements regarding cybersecurity and data encryption. “If we get into a situation which the technologies do not allow us at all to track . . .
Read more »

The Administration’s Cyber Proposals — Information Sharing

By
Friday, January 16, 2015 at 3:56 PM

As part of the run-up to the State of the Union address next week, the Administration has been releasing publicly some of its policy proposals.  One of the most notable suite of proposals involved new legislation relating to cybersecurity.  The transmittal letters and section-by-section analyses can be downloaded from the OMB website.  The White House . . .
Read more »

NRC Study on (The Lack of) Software-Based Replacements for Bulk Collection

By
Friday, January 16, 2015 at 11:34 AM

Scientific Computing had this news yesterday, about the important DNI-ordered study from the National Research Council: WASHINGTON, DC — No software-based technique can fully replace the bulk collection of signals intelligence, but methods can be developed to more effectively conduct targeted collection and to control the usage of collected data, says a new report from the National . . .
Read more »

The CENTCOM Twitter Hack

By
Tuesday, January 13, 2015 at 5:33 PM

By now, most readers of this blog are well aware that, for a brief period of time yesterday, ISIS cyber warriors (going under the hashtag #CyberCaliphate) took control of the CENTCOM Twitter and You-Tube accounts.  Twitter and You-Tube are, of course, public facing PR sites, not operational ones, but still, the image is jarring. So, . . .
Read more »

President Obama’s New Cybersecurity Legislative Proposal

By
Tuesday, January 13, 2015 at 3:51 PM

The White House has released an overview of the proposal previewed in today’s Washington Post which you can read here or below: Since the start of his Administration, when he issued the Cyberspace Policy Review — the first top-to-bottom, Administration-wide review of cybersecurity — President Obama has led efforts to better prepare our government, our economy, . . .
Read more »

Domain Name Control And Free Speech

By
Saturday, January 10, 2015 at 9:51 AM

What does ICANN have to do with Charlie Hebdo?  Quite a bit, it turns out ….. Lawfare has been paying a fair bit of attention to the decision by the United States to give up its contractual control of the Internet Assigned Numbers Authority (IANA).  That authority is currently conducted by the Internet Corporation for . . .
Read more »

FBI Director James Comey’s Remarks at International Conference on Cyber Security

By
Thursday, January 8, 2015 at 5:55 PM

Yesterday, FBI Director James Comey delivered a speech entitled “Addressing the Cyber Security Threat” at the International Conference on Cyber Security at Fordham University. During the speech, Director Comey doubled down on the FBI’s assertion that North Korea was behind the cyber attack on Sony Pictures, saying the hackers who attacked Sony had operated on . . .
Read more »

Armed Attacks in Cyberspace: A Reply to Admiral Stavridis

By
Thursday, January 8, 2015 at 1:45 PM

Last week, Admiral (Ret.) James Stavridis, former NATO Supreme Allied Commander and presently Dean of the Fletcher School of Law and Diplomacy at Tufts University, correctly expressed concern that “unlike sea, air and land, much of cyberspace’s doctrine remains undefined, to include even the most fundamental of terms. We do not even have an agreed-upon . . .
Read more »

FBI Director James Comey’s Remarks Today

By
Thursday, January 8, 2015 at 12:23 AM

I have been unable to find video or audio of FBI Director James Comey’s remarks today adding to his prior attribution of the Sony hack to North Korea. Nor has the FBI itself released the text. That said, Fortune magazine has published the following, describing it as “Comey’s remarks in full”: As you know, we . . .
Read more »

Lawfare Buys A Bitcoin—Buying the Coin

By
Wednesday, January 7, 2015 at 11:04 AM

So . . .  you can’t explore bitcoins unless you actually have one in hand. If you don’t then, well, it’s really all pretty theoretical. We wanted to have some skin in the game, so to speak, so we decided we needed a bitcoin of our own.  For reasons that will become clear as we . . .
Read more »

The ICANN Transition of Internet Governance

By
Tuesday, January 6, 2015 at 1:15 PM

I didn’t get a chance to post this over the weekend, but for those who are following the discussion over whether and how to transition control over the internet naming function to the international community, this editorial from the Washington Post suggests that there might be institutional caution growing.  Here is the opening: LAST MONTH, . . .
Read more »

Quick Responses to Schneier on Attribution in the Sony Hack

By
Monday, January 5, 2015 at 2:04 PM

Bruce Schneier has two typically fine new essays on the Sony hack.  The first (at the Atlantic.com) argues that “we still don’t know who’s behind” the Sony hack, and the second (at Time.com) explains why the government should “be much more forthcoming about its evidence” about attribution.  I generally agree.  But matters are even more complex . . .
Read more »

From Fake to Real Importance: Another Review of “The Interview”

By
Friday, December 26, 2014 at 6:41 PM

This morning the Associated Press reported that South Korea, Japan and the United States will be signing their first three-way intelligence-sharing pact as part of an effort to address the growing North Korean nuclear threat. Seems like a good time to review the film credited with drawing the Supreme Leader’s recent ire. It’s been two . . .
Read more »