• SolarWindsSolarWinds Hack Bigger, More Dangerous than Previously Thought, Tech Execs Warn

    By Jeff Seldin

    Executives with technology companies impacted by the massive cybersecurity breach known as the SolarWinds hack are giving U.S. lawmakers more reason to worry, warning the intrusion is both bigger and more dangerous than first realized.

  • ARGUMENT: Reframing the China InitiativeThe Biden Administration Should Review and Rebuild the Trump Administration’s China Initiative from the Ground Up

    In mid-January an MIT engineering professor Gang Chen was arrested as part of the Trump administration’s China Initiative, which was launched in November 2018 as a prosecutorial response to China’s persistent, pervasive, and well-documented campaign of economic espionage and illicit knowledge transfer. The Chen case demonstrates why the initiative’s overly broad focus on China has been met with relentless criticism from academic institutions and Asian American advocacy groups.

  • China syndromeU.S. Government to Stop Buying Chinese-Made Drones

    By John Xie

    In its latest move to address national security threats posed by Chinese-made drones, the U.S. federal government’s purchasing agency no longer will purchase drones from Chinese manufacturers. China currently dominates the drone-manufacturing market. One Chinese company, DJI, which is the world’s largest drone maker, has a 76.8 percent share of the U.S. market.

  • ARGUMENT: China & U.S. academe Chinese Presence in U.S. Academic Institutions

    When talking about the intensifying U.S.-China competition, most people think of trade battles, tariffs, human-rights abuses in Xinjiang, the militarization of the South China Sea, China’s growing nuclear arsenal, and similar issues. In many ways, however, U.S. universities and research institutions are a more immediate battleground for the U.S.-China rivalry.

  • The Russia connectionFrench Companies Targeted by Russian Cyberattack between 2017 and 2020

    A broad Russian cyberattacks in France was carried out via French software Centreon, which serves large companies and government agencies. The cyberattack resembles Russia’s exploitation of vulnerabilities in SolarWinds to attacks American companies and government agencies. The scope of Russia’s cyberattack in France is still uncertain.

  • ARGUMENT: China strategyThe U.S.’s China Strategy Needs New Tools

    Chinese state capitalism caught U.S. policymakers flat-footed. While far from perfect, the “China model” is dramatically reshaping global industry through the concentrated power of economic tools like subsidies, market protection, forced technology transfer and economic espionage. .” Jordan Schneider and David Talbot write that “the toolbox they inherited from the Trump administration is a few drill bits short.” The fact is, “Trump’s China trade strategy failed,” and “Trump’s tariffs also didn’t achieve their domestic objectives.” The U.S. needs to implement a multifaceted strategy to combat Chinese coercion,” Schneider and Talbot write, highlighting the essential components of this new strategy.

  • CybersecurityThe SolarWinds Hack Was All but Inevitable – Why National Cyber Defense Is a “Wicked” Problem and What Can Be Done about It

    By Terry Thompson

    Software supply chains are vulnerable to hackers: Many U.S. companies outsource software development because of a talent shortage, and some of that outsourcing goes to companies in Eastern Europe that are vulnerable to Russian operatives. One problem is that U.S. national cyber defense is split between the Department of Defense and the Department of Homeland Security, which leaves gaps in authority. There are no easy solutions to shoring up U.S. national cyber defenses.

  • ARGUMENT: CybersecurityA Key Step in Preventing a Future SolarWinds

    In the weeks since news of the SolarWinds incident became public, commentators have offered no shortage of prescriptions for responding to the incident. Natalie Thompson writes that as information continues to emerge about the scope and scale of the incident and policymakers struggle with thorny questions regarding appropriate responses, urgent attention also is needed to actions that could prevent such large-scale catastrophes in the future.

  • ARGUMENT: The Russia connectionPiling Up Incriminating Information about Trump’s Russian Connections

    Not all counterintelligence investigations lead to arrests, but many such investigations reveal weaknesses and vulnerabilities which may have escaped notice. John Sipher writes that a new book by Craig Unger, American Kompromat, serves that purpose. “By compiling decades of Trump’s seedy ties, disturbing and consistent patterns of behavior, and unexplained contacts with Russian officials and criminals, Unger makes a strong case that Trump is probably a compromised trusted contact of Kremlin interests.” Sipher adds that Trump’s election in 2016 “exposed a previously undetected flaw in our system of protecting national security secrets: A duly elected president cannot be denied a security clearance, yet the Republican Party nominated a candidate whose greed, lack of morals and relationship with criminal elements should have disqualified him for the lowest-level clearance, much less the highest office in the land.”

  • The Russia connectionDonald Trump Spying Allegations: More Likely Useful Idiot than Putin’s Agent

    By Kyle Cunliffe

    The question of Donald Trump’s relationship with the Kremlin has surfaced once again, this time in a new book by veteran U.S. journalist Craig Unger. The book, American Kompromat, claims that the former US commander-in-chief was cultivated as a Russian intelligence asset for more than four decades. Could it really be true that one of Washington’s bitterest adversaries would have a stooge at the very top of its ranks? To consider this question it’s important to understand the distinction between an asset and an agent (or spy). Simply put, an agent is a partner for life, whereas an asset is a friend with benefits. And, most likely, if Trump has been one of the two, it’s the latter.

  • CybersecurityNorth Korea Targeted Cybersecurity Researchers Using a Blend of Hacking and Espionage

    By Paulo Shakarian

    North Korean hackers have staged an audacious attack targeting cybersecurity researchers, many of whom work to counter hackers from places like North Korea, Russia, China and Iran. The attack involved sophisticated efforts to deceive specific people, which raises the level of social engineering, or phishing attacks, and enters the realm of spy tradecraft.

  • EspionageEspionage Attempts Like the SolarWinds Hack Are Inevitable, So It’s Safer to Focus on Defense – Not Retaliation

    By William Akoto

    Since taking office, President Joe Biden has ordered a thorough intelligence review of Russian aggression around the world, which includes hacking, election interference, poisoning political opponents and posting bounties for killing U.S. soldiers. His administration faces pressure from members of Congress in both parties and former government officials to respond forcefully to the SolarWinds breach. But the U.S. government may not be able to stop future intrusions into American computer systems. Scholarship describes how difficult it can be to effectively deter cyberattacks or punish those responsible, and suggests that retaliation – in whatever form it might take – will almost certainly invite counterhacks from Russia, worsening tensions between the countries and potentially escalating into the offline world.

  • IranBiden to Inherit Trump’s Aggressive Iran Social Media Campaign

    By Michael Lipin

    The incoming Biden administration is inheriting from President Donald Trump an Iran-focused social media campaign that dramatically boosted U.S. engagement with Iranians by sharply criticizing their Islamist rulers, a strategy that President-elect Joe Biden appears set to change. 

  • The Russia connectionU.S. Hits Back at Russian Election Disinformation Ring

    By Jeff Seldin

    The United States is taking steps to punish members of a Russian-backed influence operation that sought to interfere with November’s election and damage the campaign of President-elect Joe Biden. The Treasury Department on Monday announced sanctions against seven people and four companies, all connected to Ukrainian politician Andrii Derkach, previously identified by U.S. officials as a long-time Russian agent. Derkach fed Rudi Giuliani, Donald Trump’s personal lawyer, Russia-fabricated derogatory misinformation on Joe Biden, and Giuliani’s role in the plot was to disseminate it on pro-Trump news outlets like One America Network.

  • CybersecurityThe Sunburst Hack Was Massive and Devastating – 5 Observations from a Cybersecurity Expert

    By Paulo Shakarian

    So much remains unknown about what is now being called the Sunburst hack, the cyberattack against U.S. government agencies and corporations. U.S. officials widely believe that Russian state-sponsored hackers are responsible. The attack gave the perpetrators access to numerous key American business and government organizations. The immediate effects will be difficult to judge, and a complete accounting of the damage is unlikely. However, the nature of the affected organizations alone makes it clear that this is perhaps the most consequential cyberattack against the U.S. to date.