May 16, 2018 | News br>
On May 13, President Trump announced on Twitter that he was working with President Xi Jinping of China to assist the Chinese telecommunications company ZTE. This announcement surprised many in the national security community as the US Government has in the past claimed that devices made by ZTE, as well as other Chinese telecom firms such as Huawei, are used by the Chinese Government to conduct surveillance.
May 9, 2018 | Briefing Book br>
The Office of the Director of National Intelligence has released its report on the use of FISA orders and national security letters during calendar year 2017. This week’s Cyber Brief includes the most recent report as well as all previous reports back to statistics on calendar year 2013. These statistics are valuable in understanding the scope of and trends in government surveillance under national security authorities.
May 2, 2018 | News br>
In light of significant recent developments on the Korean Peninsula, this week’s brief highlights North Korean cyber-operations. While Pyongyang’s nuclear weapons program has drawn the most attention recently, North Korea’s cyber capabilities also represent a significant asymmetric capability that has been relied upon both to disrupt enemies of the Kim family as well as produce sources of funding through cyber-enabled crime.
Apr 25, 2018 | Briefing Book br>
The National Institute of Standards and Technology has released its newest iteration of critical infrastructure cybersecurity framework. Today’s brief includes this document (Version 1.1), two developmental drafts with comments, a summary of a workshop held on the framework, and the first edition (Version 1.0) accompanied by two presentations on the framework. This collection of documents highlights the work of a key contributor to cybersecurity policy that is not considered to be part of the national security apparatus by most of the public.
Apr 18, 2018 | News br>
In March of 2018 the Inspector General for the Department of Justice issued a report on the FBI’s statements on its ability to break into the iPhone of Syed Rizwan Farook, one of the attackers killed in the San Bernardino terrorist attack. This report was in response to a referral after an Executive Assistant Director (EAD) alleged that the Operational Technology Division in fact had acquired the capability to unlock the iPhone but did not use it in order to support planned Congressional testimony on the encryption debate.
Apr 11, 2018 | News br>
Omnipresent in discussions of military use of cyber is how cyberspace fits in with the other warfighting “domains” of land, air, sea, and space. This question is vital to several issues facing future security and force planners including military command and control doctrine and the possibility of deterring aggression in one domain with the promise of punitive measures in another (cross-domain deterrence).
Apr 4, 2018 | News br>
The Cyber Vault has gathered below a compendium of basic documents from certain key cyber-related court cases. Court documents are often crucial to understanding the judicial history of legal quandaries related to internet technology as well as how the United States investigates and prosecutes cyber-enabled crime and espionage. The list is in alphabetical order by defendant. We encourage users to suggest additional cases or to provide relevant documents.
Apr 2, 2018 | News br>
President Trump signed the CLOUD Act into law on March 23, 2018, after the act passed through Congress – without a hearing or even a committee review – attached to an omnibus spending bill. As the CLOUD Act has significant implications for data security, privacy, and law enforcement capabilities in cyberspace, today we are adding the full text of the legislation to the Cyber Vault.
Mar 28, 2018 | News br>
The United States Department of Justice recently announced the indictment of nine Iranian citizens for actions related to cyber-enabled theft of research, data, and intellectual property, a constant threat to both public and private interests. Iran itself has been a target of major foreign cyber intrusions – most notably the 2009-2010 Stuxnet attacks on its nuclear enrichment facilities – and its sophisticated capabilities in the cyber field have made it a growing worry for cyber defenders in the U.S.
Mar 20, 2018 | News br>
USCYBERCOM has put flesh on the bones of its skeletal strategy declaration initially released in February 2018. A month later, on March 23, the Command made public a new, 12-page “Command Vision” that substantially expands on the earlier paper (posted below). Several analysts have already remarked on its significance. For example, Richard J. Harknett at the University of Cincinnati, who was consulted on the new approach, writes in Lawfare that it “marks a significant evolution in cyber operations and strategic thinking.”