May 2, 2018 | News br>
In light of significant recent developments on the Korean Peninsula, this week’s brief highlights North Korean cyber-operations. While Pyongyang’s nuclear weapons program has drawn the most attention recently, North Korea’s cyber capabilities also represent a significant asymmetric capability that has been relied upon both to disrupt enemies of the Kim family as well as produce sources of funding through cyber-enabled crime.
Apr 25, 2018 | News br>
The National Institute of Standards and Technology has released its newest iteration of critical infrastructure cybersecurity framework. Today’s brief includes this document (Version 1.1), two developmental drafts with comments, a summary of a workshop held on the framework, and the first edition (Version 1.0) accompanied by two presentations on the framework. This collection of documents highlights the work of a key contributor to cybersecurity policy that is not considered to be part of the national security apparatus by most of the public.
Apr 18, 2018 | News br>
In March of 2018 the Inspector General for the Department of Justice issued a report on the FBI’s statements on its ability to break into the iPhone of Syed Rizwan Farook, one of the attackers killed in the San Bernardino terrorist attack. This report was in response to a referral after an Executive Assistant Director (EAD) alleged that the Operational Technology Division in fact had acquired the capability to unlock the iPhone but did not use it in order to support planned Congressional testimony on the encryption debate.
Apr 11, 2018 | News br>
Omnipresent in discussions of military use of cyber is how cyberspace fits in with the other warfighting “domains” of land, air, sea, and space. This question is vital to several issues facing future security and force planners including military command and control doctrine and the possibility of deterring aggression in one domain with the promise of punitive measures in another (cross-domain deterrence).
Apr 4, 2018 | News br>
The Cyber Vault has gathered below a compendium of basic documents from certain key cyber-related court cases. Court documents are often crucial to understanding the judicial history of legal quandaries related to internet technology as well as how the United States investigates and prosecutes cyber-enabled crime and espionage. The list is in alphabetical order by defendant. We encourage users to suggest additional cases or to provide relevant documents.
Apr 2, 2018 | News br>
President Trump signed the CLOUD Act into law on March 23, 2018, after the act passed through Congress – without a hearing or even a committee review – attached to an omnibus spending bill. As the CLOUD Act has significant implications for data security, privacy, and law enforcement capabilities in cyberspace, today we are adding the full text of the legislation to the Cyber Vault.
Mar 28, 2018 | News br>
The United States Department of Justice recently announced the indictment of nine Iranian citizens for actions related to cyber-enabled theft of research, data, and intellectual property, a constant threat to both public and private interests. Iran itself has been a target of major foreign cyber intrusions – most notably the 2009-2010 Stuxnet attacks on its nuclear enrichment facilities – and its sophisticated capabilities in the cyber field have made it a growing worry for cyber defenders in the U.S.
Mar 20, 2018 | News br>
USCYBERCOM has put flesh on the bones of its skeletal strategy declaration initially released in February 2018. A month later, on March 23, the Command made public a new, 12-page “Command Vision” that substantially expands on the earlier paper (posted below). Several analysts have already remarked on its significance. For example, Richard J. Harknett at the University of Cincinnati, who was consulted on the new approach, writes in Lawfare that it “marks a significant evolution in cyber operations and strategic thinking.”
Mar 14, 2018 | News br>
High-profile U.S. government personnel changes are dominating the news this week. Possibly slipping under the radar for many is the pivotal, pending nomination of Lt. Gen. Paul Nakasone to head the National Security Agency and U.S. Cyber Command, a post that will put him at the center of several hot-button national security – and political – controversies. Beyond the Russia hacking conundrum, the new NSA director will have to confront fundamental questions about the nature and direction of U.S. cyber strategy. The following sources trace the background and broad outlook Lt. Gen.
Mar 7, 2018 | News br>
The encryption debate pitting concerns of privacy and civil rights against concerns of law enforcement and national security has grown in significance in recent years. Today’s posting provides a series of reports and articles on current encryption concerns, followed by Congressional testimony from the Clinton-Era to the present. Reports and Articles