Skip to content

Category Archives: Cybersecurity: LOAC-Military

Problems with Cyber Arms Control

By
Thursday, February 26, 2015 at 3:17 PM

The New York Times has an editorial today, calling for an arms control effort in cyberspace.  The Times effort is, honestly, a bit simplistic, as is its conclusion: The tougher challenge is on the global level. Cyberwarfare has already done considerable damage and can lead to devastating consequences. The best way forward is to accelerate . . .
Read more »

New NSA Documents on Offensive Cyberoperations

By
Sunday, January 18, 2015 at 2:10 PM

Jacob Appelbaum, Laura Poitras and others have another NSA aticle with an enormous Snowden document dump on Der Spiegel, giving details on a variety of offensive NSA cyberoperations to infiltrate and exploit networks around the world. There’s a lot here: 199 pages. (Here it is in one compressed archive.) Paired with the 666 pages released . . .
Read more »

The CENTCOM Twitter Hack

By
Tuesday, January 13, 2015 at 5:33 PM

By now, most readers of this blog are well aware that, for a brief period of time yesterday, ISIS cyber warriors (going under the hashtag #CyberCaliphate) took control of the CENTCOM Twitter and You-Tube accounts.  Twitter and You-Tube are, of course, public facing PR sites, not operational ones, but still, the image is jarring. So, . . .
Read more »

FBI Director James Comey’s Remarks at International Conference on Cyber Security

By
Thursday, January 8, 2015 at 5:55 PM

Yesterday, FBI Director James Comey delivered a speech entitled “Addressing the Cyber Security Threat” at the International Conference on Cyber Security at Fordham University. During the speech, Director Comey doubled down on the FBI’s assertion that North Korea was behind the cyber attack on Sony Pictures, saying the hackers who attacked Sony had operated on . . .
Read more »

Armed Attacks in Cyberspace: A Reply to Admiral Stavridis

By
Thursday, January 8, 2015 at 1:45 PM

Last week, Admiral (Ret.) James Stavridis, former NATO Supreme Allied Commander and presently Dean of the Fletcher School of Law and Diplomacy at Tufts University, correctly expressed concern that “unlike sea, air and land, much of cyberspace’s doctrine remains undefined, to include even the most fundamental of terms. We do not even have an agreed-upon . . .
Read more »

Was It North Korea?

By
Wednesday, December 24, 2014 at 12:44 PM

By now, we are all familiar with the attribution problems inherent in cyberspace.  Notwithstanding, I have been provisionally willing to accept the FBI’s assertion of North Korean responsibility for the Sony hack, if only because I assumed that it was premised on significant classified information to which we were not privy and that neither the . . .
Read more »

A Modest Defense of the Government’s Legal and Policy Confusion Re Sony

By
Tuesday, December 23, 2014 at 8:25 PM

The attribution problem makes it very hard for the public to know if North Korea in fact attacked Sony, the precise damage Sony suffered, and the party responsible for the (apparent) counter-attack in North Korea.  Attribution problems are present in other realms of conflict, of course.  Some kinetic terrorist attacks leave no fingerprint; covert action is . . .
Read more »

North Korean Internet Down

By
Monday, December 22, 2014 at 3:36 PM

The New York Times is reporting that the entire North Korean network is off line as of right now.  No information at all on the cause.  Here is the opening from the article: North Korea’s already tenuous links to the Internet went completely dark on Monday after days of instability, in what Internet monitors described . . .
Read more »

USG Seems Befuddled About How to Respond to Sony Hack

By
Saturday, December 20, 2014 at 9:25 PM

David Sanger, Nicole Perlroth, and Eric Schmitt have a must-read NYT story on USG thinking about a response to the Sony hack, allegedly carried by the North Korean government.  The story is jaw-dropping because, after many years of USG thinking about cyberwar and its cousins, the government seems in disarray about how to respond to . . .
Read more »

The Sony Hack: Attribution Problems, and the Connection to Domestic Surveillance

By
Friday, December 19, 2014 at 5:19 PM

The FBI said today of the Sony hack: As a result of our investigation, . . . the FBI now has enough information to conclude that the North Korean government is responsible for these actions.  While the need to protect sensitive sources and methods precludes us from sharing all of this information, our conclusion is . . .
Read more »

On the Sony Hack

By
Friday, December 19, 2014 at 1:28 PM

I’ve written two essays on the Sony hack, one for the Wall Street Journal, and the other for Vice Motherboard. The former opens: Earlier this month, a mysterious group that calls itself Guardians of Peace hacked into Sony Pictures Entertainment’s computer systems and began revealing many of the Hollywood studio’s best-kept secrets, from details about unreleased . . .
Read more »

Mysterious ’08 Turkey Pipeline Blast Opened New Cyberwar Era

By
Wednesday, December 10, 2014 at 1:47 PM

Bloomberg has the story.  For those who think that cyber conflict is a bit of a myth, this is a cautionary tale.  From the opening: The pipeline was outfitted with sensors and cameras to monitor every step of its 1,099 miles from the Caspian Sea to the Mediterranean. The blast that blew it out of . . .
Read more »

The FBI Impersonates the Media: Some of the Rules Governing Cyber-Subterfuge

By
Friday, November 7, 2014 at 2:54 PM

The developing story of the FBI’s impersonation of journalists is, in a way, really the story of Timberline high school in Washington State. In June of 2007 Timberline had received a series of bomb threats, prompting a week of evacuations. The FBI and local law enforcement traced the problem to an anonymous account on the . . .
Read more »

Everybody is Vulnerable

By
Wednesday, July 30, 2014 at 8:01 PM

Even the vaunted Israelis. “A Chinese hacking team previously accused of being behind raids against US defence contractors has been accused of a new data heist: plundering the tech behind Israel’s Iron Dome missile defence system.”  Apparently this was in 2011-12 so it isn’t connected to the current conflict — except, of course, that it . . .
Read more »

A Taxonomy of Cyber War IHL Questions

By
Thursday, July 3, 2014 at 11:50 AM

I have been asked to write a chapter, tentatively entitled “Law and Warfare in the Cyber Domain,” for the next edition of Moore, Roberts & Turner, eds., National Security Law.  As part of that effort, I have been thinking about where the gaps are in the domain of international humanitarian law as applied in cyberspace.  . . .
Read more »

Bits and Bytes

By
Monday, June 30, 2014 at 11:56 AM

While the rest of the world is watching the Supreme Court’s final decision day of the year, it’s been a busy time in the cyber world as well.  Herewith seven (!) bits and bytes of interest, in no particular order: Facebook’s Psych Experiment.  You’ve no doubt read that Facebook manipulated news feeds as an experiment. . . .
Read more »

Wishful Thinking Department

By
Monday, April 7, 2014 at 1:29 PM

Conversation at the Rosenzweig breakfast table this morning: Wife:  “That’s just dreaming.” Me: “What?” Wife (pointing to front page New York Times article): “Thinking that the Chinese will become more transparent.” Apparently, the US has been giving the Chinese briefings on “the Pentagon’s doctrine for defending against cyberattacks against the United States — and for . . .
Read more »

Bits and Bytes — Military Focus

By
Monday, April 7, 2014 at 8:15 AM

Three items of particular interest to our cyber warfare aficionados in today’s Bits and Bytes (plus one lagniappe on the Internet of Things): Developments in Iranian Cyber Warfare 2013-14.  From the Institute for National Security Studies in Israel:  “Over the course of 2013, Iran became one of the most active players in the international cyber . . .
Read more »

Snowden Disclosures and Norms of Cyber-Attacks

By
Thursday, March 20, 2014 at 11:00 AM

Secrecy—of the sort that typically shrouds cyber-defense and cyber-attack capabilities and doctrine—complicates the development of international norms.  Secrecy makes it difficult to engage in sustained diplomacy about rules.  Officials can talk about them at high levels of generality, but can’t get very specific, and it’s therefore hard to reach agreement.  Secrecy makes it difficult to . . .
Read more »

Security Programs take Center Stage in Austin During South by Southwest

By
Thursday, March 6, 2014 at 6:57 PM

If you’ve never been to Austin during South by Southwest, you are truly missing out.  SXSW season begins today with the SXSW Interactive and Film Festivals, and I’m happy to report that the Strauss Center at UT is sponsoring or co-sponsoring an array of security-and-technology events over the next few days.  I’ll do my best . . .
Read more »