Washington, D.C., February 28, 2023 - In February 1998, 25 years ago this month, the United States suffered a series of cyber intrusions known as SOLAR SUNRISE that then-Deputy Secretary of Defense John Hamre called “the most organized and systematic [cyber] attack the Pentagon has seen to date.” Coming rapidly on the heels of ELIGIBLE RECEIVER 1997 (ER97), a multi-agency, no-notice exercise that raised more questions than answers about h
Washington, D.C., January 6, 2022 - On the first anniversary of the January 6, 2021, attack on the United States Capitol, a review of government materials by the National Security Archive’s Cyber Vault project shows the double-edged impact of social media during the episode. While the Internet played a large role in the planning and execution of the riot, as well as creating various cybersecurity risks, it also enormously facilitated subsequent investigations. At the same time, its use in surveillance by government agencies has been
Washington, D.C., December 6, 2021 — This week, as NATO concludes its annual flagship cyber exercise, Cyber Coalition 21, newly declassified documents detail American collaboration with NATO allies to dissuade and impede Russian advances, both in cyberspace and in European territory. The recently released materials feature after action reports (AARs) and planning documents concerning the BALTIC GHOST series of cyber exercises.
Washington D.C., July 23, 2021 - Earlier this week, the Department of Homeland Security (DHS) announced the Transportation Security Administration (TSA) had released a second set of pipeline cybersecurity regulations, requiring “owners and operators of TSA-designated critical pipelines that transport hazardous liquids and natural gas to implement a number of urgently needed protections against cyberintrusions.” This directive, preceded by an emergency pipeline cybersecurity directive issued in May, follows the ransomware attack on
Washington, D.C., July 8, 2021 – The Justice Department's recent seizure of more than 30 US-owned web domains accused of disseminating Iranian disinformation is eliciting alarm from free speech advocates and foreign policy analysts alike. On June 22, DOJ announced the seizures related to a violation of U.S.
Washington, D.C., May 12, 2021 — This week’s ransomware episode involving Colonial Pipeline has exposed deep cracks in America’s digital armor. However, lost in the flurry of calls for swift action to avoid future damage is the fact that such attacks have been predicted for some time, as a sampling of government records posted today by the National Security Archive shows.
Washington, D.C., April 26, 2021 — The recent passage of the “Cyber Diplomacy Act of 2021” by the House of Representatives suggests U.S. lawmakers are eager to expand the U.S.’s toolbox for addressing cyber threats to explicitly include diplomacy, according to a compilation of policy records posted today by the nongovernmental National Security Archive. Introduced on the heels of the SolarWinds breach, the bill would establish a new “Bureau of International Cyberspace Policy.”
Cyber Brief: Cyberspace Solarium Commission Recommendations in the FY21 National Defense Authorization Act
Washington, D.C., December 21, 2020 – With the House and Senate’s passage this month of the William M. (Mac) Thornberry National Defense Authorization Act for Fiscal Year 2021 (hereafter referred to as the FY21 NDAA), the Cyber Vault has reviewed the enrolled bill to compare it to the recommendations of the bipartisan Cyberspace Solarium Commission. With the Senate’s veto-proof vote of 84 to 13, the bill is expected to become law even if President Trump decides to oppose it.
Washington, D.C., October 22, 2020 - The Department of Homeland Security describes critical infrastructure as “the physical and cyber systems and assets that are so vital to the United States that their incapacity or destruction would have a debilitating impact on our physical or economic security or public health or safety.” While the Trump administration has seen the establishment of the Cybersecurity and Infrastructure Security Agency through legislation, the presidency of Donald Trump has also been