The May 7 indictment of a Chinese national and unnamed conspirator for hacking and stealing data from nearly 80 million customers of the health care company Anthem in 2015, which researchers previously linked to Chinese state-sponsored actors, is the latest iteration of a four-year U.S.
Latest in Cybersecurity
How do we quantify safety and security? That fundamental question underlies almost all modern national security questions (and, naturally, most commercial questions about risk as well). The cost-benefit analysis inherent in measuring safety and security drives decisions on, to cite just a few examples, new car safety devices, airplane maintenance schedules and the deployment of border security systems. In a world where resources are not infinite, some assessment of risk and risk mitigation necessarily attends any decision—whether it is implicit in the consideration or explicit.
Associate Deputy Attorney General Sujit Raman Remarks at the ABA Rule of Law Initiative Annual Issues Conference
On Tuesday, Associate Deputy Attorney General Sujit Raman delivered the following remarks to the ABA Rule of Law Initiative annual conference in a speech entitled “The Rule of Law in the Age of Great Power Competition in Cyberspace.”
The rush to bring law and order to online spaces is well and truly on. Two important documents on the topic of online speech regulation have come out of Paris in the past week alone.
I’d like to draw attention to Mark Pomerleau’s interesting piece at Fifth Domain examining the operational impact at Cyber Command (CYBERCOM) of several recent developments, including National Security Presidential Memorandum 13 (NSPM 13), doctrinal/policy innovations under the headings of “persistent engagement” and “defending forward,” and new/clarified authorities associated with the most recent National Defense Authorization Act (NDAA).
On April 22, Julia Angwin, an award-winning investigative journalist specializing in technology, was somewhat bizarrely fired as editor-in-chief from the fledgling media company she’d founded. The company, The Markup, was created in order to focus on data-driven journalism, and in solidarity five members of the seven-person editorial team resigned as well.
Today, Lawfare published an article by Alexei Bulazel, Sophia d’Antoine, Perri Adams and Dave Aitel on “The Risks of Huawei Risk Mitigation” that seemingly disagrees with an earlier piece of mine on the topic.
Cyberattacks don’t magically happen; they involve a series of steps. And far from being helpless, defenders can disrupt the attack at any of those steps. This framing has led to something called the “cybersecurity kill chain”: a way of thinking about cyber defense in terms of disrupting the attacker’s process.
It isn't as sexy as the overall question of Russian information operations or the president's obstructive criminal behavior, but as someone focused on cybersecurity more generally, I thought it would be amusing to tease out a few of the issues in the Mueller report that bump up against my day job.
Julian Assange’s arrest was a long time coming. After seven years hiding in Ecuador’s London embassy and a number of false alarms, the WikiLeaks founder was finally evicted from the building and passed to British law enforcement on April 11. Though journalists and commentators have long speculated that U.S.