Yesterday, the U.S. Department of Justice (DoJ) released an indictment against four Russians in one of the most significant hacking-related law enforcement actions to date. According to the indictment, two criminals working at the behest of two officers of Russia’s Federal Security Service (FSB) hacked into Yahoo’s internal networks, compromised Yahoo user accounts, and used those compromises to pivot into accounts with other online services, including Google.
Charley Snyder is an affiliate of the Cyber Security Project at the Harvard Kennedy School’s Belfer Center for Science and International Affairs. Charley recently concluded several years of service in the Office of the Secretary of Defense (OSD), U.S. Department of Defense. Most recently he was Deputy Director of Strategic Cyber Defense and Capabilities, where he developed strategy and policies to counter foreign cyber threats and protect U.S. networks. Charley also focused on modernizing the Department’s information security technologies, culture and processes, and was responsible for the Hack the Pentagon Bug Bounty Pilot and the DoD Vulnerability Disclosure Program. Previously, he served as professional staff member in the U.S. Congress working on cybersecurity and counterterrorism issues. Charley has a B.S. from Cornell University and an M.A. in Security Studies from Georgetown University. He is a recipient of the OSD Medal for Exceptional Civilian Service and was a SANS Institute Difference Maker in 2016.
Subscribe to this Lawfare contributor via RSS.
On Wednesday, the Deputy Secretary of Defense issued a memo that clarifies how the Department of Defense (DoD) will implement President Trump’s executive order to freeze all civilian hiring across all departments and agencies.
Thanks to the at-times br
Amidst the whirlwind of executive orders and presidential memoranda that have been in the news, it was easy to miss a purported draft of President Trump’s first executive order (EO) covering cybersecurity issues, leaked to the Washington Post and released on Friday, January 27. The order, titled “Strengthening U.S. Cyber Security and Capabilities,” calls for several 60- and 100-day assessments of the state of U.S.