• CybersecurityU.S. Response to SolarWinds Cyber Penetrations: A Good Defense Is the Best Offense

    By Paul Kolbe

    We are in a new “Long War,” an ambient cyber conflict that will play out over decades against multiple adversaries. This is a conflict where the best offense may be a good defense. Limiting the potential harm adversaries can impose on us, while retaining the ability to inflict asymmetric damage, offers the best hope of bolstering U.S. national security and creating a world of cyber deterrence and restraint. Hopefully, SolarWinds marks the inflection point of a pivot to a more effective defense-based national cyber strategy.

  • PERSPECTIVE: Cyber conductIsrael, Cyberattacks and International Law

    Recently, several cyberattacks have hit Israeli companies. While Israel has not yet publicly attributed the attacks to any foreign state, media outlets report that Israeli cybersecurity experts have tied the operations of the main hacker groups behind these attacks—BlackShadow and Pay2Kitten—to Iran. Tal Mimran and Yuval Shany write that in response, Israel seems to be increasingly turning toward international law to guide its approach to hostile activities in cyberspace

  • Perspective: Cyber conductIsrael, Cyberattacks and International Law

    Recently, several cyberattacks have hit Israeli companies. While Israel has not yet publicly attributed the attacks to any foreign state, media outlets report that Israeli cybersecurity experts have tied the operations of the main hacker groups behind these attacks—BlackShadow and Pay2Kitten—to Iran. Tal Mimran and Yuval Shany write that in response, Israel seems to be increasingly turning toward international law to guide its approach to hostile activities in cyberspace

  • Argument: Legal aspects of cyberwarfareCyberattacks and the Constitution

    The United States has one of the world’s strongest and most sophisticated capabilities to launch cyberattacks against adversaries. How does the U.S. Constitution allocate power to use that capability? And, Matthew Waxman asks, what does that allocation tell us about appropriate executive-legislative branch arrangements for setting and implementing cyber strategy?

  • CyberwarFrom Cold War to Gray War: Internet Conflict Intensifying

    By Jamie Dettmer

    A former top security adviser to Boris Johnson has revealed that Britain has launched recently a series of covert cyber-based attacks on Russian leaders and their interests to “impose a price greater than one they might have expected” for their cyber-offensive against the West. Other allied powers, including the U.S., are doing so, too, say Western intelligence officials in what is becoming a “like-for-like” cyber-conflict with the Kremlin in the so-called the “gray space,” the gap between normal state relations and armed conflict.

  • DeepfakesWould You Fall for a Fake Video? Research Suggests You Might

    Deepfakes are videos that have been manipulated in some way using algorithms. As concerns about election interference around the globe continue to rise, the phenomenon of deepfakes and their possible impact on democratic processes remains surprisingly understudied.

  • DeepfakesUsing Frequency Analysis to Recognize Fake Images

    They look deceptively real, but they are made by computers: so-called deep-fake images are generated by machine learning algorithms, and humans are pretty much unable to distinguish them from real photos. New method makes it possible to expose fake images created by computer algorithms rather than by humans.

  • The Russia connectionSenate Intel Releases Report on Intel Community Assessment of Russian Interference

    On Tuesday, Senate Select Committee on Intelligence released a new report, the fourth and penultimate volume in the Committee’s bipartisan Russia investigation. The latest installment examines the sources, tradecraft, and analytic work behind the 2017 Intelligence Community Assessment (ICA) that determined Russia conducted an unprecedented, multi-faceted campaign to interfere with the 2016 U.S. presidential election. “One of the ICA’s most important conclusions was that Russia’s aggressive interference efforts should be considered ‘the new normal,’” said Senator Richard Burr (R-North Carolina), the committee’s chairman.

  • PerspectiveWhy China's Coronavirus Lies Don't Matter If It Plays the Long Information Game

    The world will never be the same after COVID-19 –but Mark Payumo writes that this will not be because people sheltered in place and reacquainted themselves with traditional family bonding, but because China opened a new front in information warfare. “This front is global in scale and one that Beijing has laid the groundwork for a decade prior to the pandemic,” he writes. “As it unravels, it underscores one fact that we already know: that the world, especially truly-functioning West democracies, continues to fail in responding to Chinese global statecraft that may threaten civil liberties as we know it.”

  • ArgumentHackers Are Everywhere. Here’s How Scholars Can Find Them.

    The world of cyber operations is full of hard national security choices. Ben Buchanan asks: “How do long-held ideas of counterintelligence, deterrence and deception apply in this new arena of competition? How does escalation work with hacking? Who carried out this intrusion, and what was the intention behind it? Most of all, what does any of this mean for geopolitics in the modern age, and how can scholars communicate that to policymakers?”

  • Truth decayOut-of-Context Photos Are a Powerful Low-Tech form of Misinformation

    By Lisa Fazio

    When you think of visual misinformation, maybe you think of deepfakes – videos that appear real but have actually been created using powerful video editing algorithms. The creators edit celebrities into pornographic movies, and they can put words into the mouths of people who never said them. But the majority of visual misinformation that people are exposed to involves much simpler forms of deception. One common technique involves recycling legitimate old photographs and videos and presenting them as evidence of recent events.

  • CyberwarHow Iran’s Military Outsources Its Cyberthreat Forces

    By Dorothy Denning

    Two years ago, I wrote that Iran’s cyberwarfare capabilities lagged behind those of both Russia and China, but that it had become a major threat which will only get worse. It had already conducted several highly damaging cyberattacks. Since then, Iran has continued to develop and deploy its cyberattacking capabilities. It carries out attacks through a network of intermediaries, allowing the regime to strike its foes while denying direct involvement.

  • CyberwarCyberspace Is the Next Front in Iran-U.S. Conflict – and Private Companies May Bear the Brunt

    By Bryan Cunningham

    Iran and other nations have waged a stealth cyberwar against the United States for at least the past decade, largely targeting not the government itself but, rather, critical infrastructure companies. This threat to the private sector will get much worse before it gets better and businesses need to be prepared to deal with it.

  • CyberwarsU.S. Monitoring Cyberspace for Signs of Iranian Aggression

    By Jeff Seldin

    U.S. government officials are watching and waiting, with many believing it is only a matter of time before Iran lashes out in cyberspace for the U.S. drone strike that killed Quds Force commander Qassem Soleimani last week. According to the latest advisory from the Department of Homeland Security, there are still “no specific, credible threats” to the United States. But officials say Iran’s public assurances that it is done retaliating mean little.

  • CyberwarsHow Real Is the Threat of Cyberwar Between Iran and the U.S.?

    By Vasileios Karagiannopoulos

    There are widespread concerns that rising tensions between the United States and Iran might fuel further conflict between the two countries. Considering the importance of information networks and cyberspace for our everyday lives, there is also concern that this conflict might not only take place in the physical world but could take the form of cyber-attacks. These could have serious consequences, particularly since Iran has demonstrated an increase in its cyber-capability in the past decade.