• A Key Step in Preventing a Future SolarWinds

    In the weeks since news of the SolarWinds incident became public, commentators have offered no shortage of prescriptions for responding to the incident. Natalie Thompson writes that as information continues to emerge about the scope and scale of the incident and policymakers struggle with thorny questions regarding appropriate responses, urgent attention also is needed to actions that could prevent such large-scale catastrophes in the future.

  • Piling Up Incriminating Information about Trump’s Russian Connections

    Not all counterintelligence investigations lead to arrests, but many such investigations reveal weaknesses and vulnerabilities which may have escaped notice. John Sipher writes that a new book by Craig Unger, American Kompromat, serves that purpose. “By compiling decades of Trump’s seedy ties, disturbing and consistent patterns of behavior, and unexplained contacts with Russian officials and criminals, Unger makes a strong case that Trump is probably a compromised trusted contact of Kremlin interests.” Sipher adds that Trump’s election in 2016 “exposed a previously undetected flaw in our system of protecting national security secrets: A duly elected president cannot be denied a security clearance, yet the Republican Party nominated a candidate whose greed, lack of morals and relationship with criminal elements should have disqualified him for the lowest-level clearance, much less the highest office in the land.”

  • Donald Trump Spying Allegations: More Likely Useful Idiot than Putin’s Agent

    The question of Donald Trump’s relationship with the Kremlin has surfaced once again, this time in a new book by veteran U.S. journalist Craig Unger. The book, American Kompromat, claims that the former US commander-in-chief was cultivated as a Russian intelligence asset for more than four decades. Could it really be true that one of Washington’s bitterest adversaries would have a stooge at the very top of its ranks? To consider this question it’s important to understand the distinction between an asset and an agent (or spy). Simply put, an agent is a partner for life, whereas an asset is a friend with benefits. And, most likely, if Trump has been one of the two, it’s the latter.

  • North Korea Targeted Cybersecurity Researchers Using a Blend of Hacking and Espionage

    North Korean hackers have staged an audacious attack targeting cybersecurity researchers, many of whom work to counter hackers from places like North Korea, Russia, China and Iran. The attack involved sophisticated efforts to deceive specific people, which raises the level of social engineering, or phishing attacks, and enters the realm of spy tradecraft.

  • Espionage Attempts Like the SolarWinds Hack Are Inevitable, So It’s Safer to Focus on Defense – Not Retaliation

    Since taking office, President Joe Biden has ordered a thorough intelligence review of Russian aggression around the world, which includes hacking, election interference, poisoning political opponents and posting bounties for killing U.S. soldiers. His administration faces pressure from members of Congress in both parties and former government officials to respond forcefully to the SolarWinds breach. But the U.S. government may not be able to stop future intrusions into American computer systems. Scholarship describes how difficult it can be to effectively deter cyberattacks or punish those responsible, and suggests that retaliation – in whatever form it might take – will almost certainly invite counterhacks from Russia, worsening tensions between the countries and potentially escalating into the offline world.

  • Biden to Inherit Trump’s Aggressive Iran Social Media Campaign

    The incoming Biden administration is inheriting from President Donald Trump an Iran-focused social media campaign that dramatically boosted U.S. engagement with Iranians by sharply criticizing their Islamist rulers, a strategy that President-elect Joe Biden appears set to change. 

  • U.S. Hits Back at Russian Election Disinformation Ring

    The United States is taking steps to punish members of a Russian-backed influence operation that sought to interfere with November’s election and damage the campaign of President-elect Joe Biden. The Treasury Department on Monday announced sanctions against seven people and four companies, all connected to Ukrainian politician Andrii Derkach, previously identified by U.S. officials as a long-time Russian agent. Derkach fed Rudi Giuliani, Donald Trump’s personal lawyer, Russia-fabricated derogatory misinformation on Joe Biden, and Giuliani’s role in the plot was to disseminate it on pro-Trump news outlets like One America Network.

  • The Sunburst Hack Was Massive and Devastating – 5 Observations from a Cybersecurity Expert

    So much remains unknown about what is now being called the Sunburst hack, the cyberattack against U.S. government agencies and corporations. U.S. officials widely believe that Russian state-sponsored hackers are responsible. The attack gave the perpetrators access to numerous key American business and government organizations. The immediate effects will be difficult to judge, and a complete accounting of the damage is unlikely. However, the nature of the affected organizations alone makes it clear that this is perhaps the most consequential cyberattack against the U.S. to date.

  • Homeland Security and the China Challenge

    On 21 December, Acting Secretary of Homeland Security Chad F. Wolf delivered remarks at a virtual event hosted by the Heritage Foundation detailing the enduring threat from the People’s Republic of China (PRC) and DHS’s strategy to confront it. “Today, the threats to our peace and prosperity emanate largely from China,” Wolf said. “The Chinese Communist Party (CCP) picked up the mantle of Communist ideology and has adapted it to our times. Today, the ideology that fueled the Soviet Union is alive and well in China.”

  • Revelations of Cyberattacks on U.S. Likely Just “Tip of the Iceberg”

    Russian government hackers have infiltrated the computer networks of some of the nation’s biggest corporations, leading defense contractors, and top U.S. government agencies, including those in national security branches, in what security analysts believe is a “very significant” breach. The Russian espionage campaign was “sustained, targeted, far-reaching,” analysts say.

  • Election security It’s Official: The Election Was Secure

    Election officials and election security experts have long been clear: voter fraud is extraordinarily rare and the U.S. system has strong checks in place to protect the integrity of our voting process. “These are the facts,” says the Brennan Center for Justice. “But the facts have not stopped bad actors from trotting out baseless claims of ‘systemic voter fraud’ to suppress votes and undermine trust in our democracy for political gain.” Government officials, judges, and elected leaders, overwhelmingly Republican —and, in the executive branch and the judiciary, mostly Trump appointees — have publicly acknowledged confidence in the November election.

  • The Strategic Implications of SolarWinds

    Recent reports of a broad Russian cyber infiltration across U.S. government networks are a sign of how great-power competition will play out in the twenty-first century. Benjamin Jensen, Brandon Valeriano, and Mark Montgomery write that the SolarWinds operation demonstrates that U.S. Cyber Command’s vision of persistent engagement, which calls for preventively imposing costs as adversaries to shape competition in cyberspace, appears not to have worked as expected. “In the future, what is required is a deeper focus on denial-based approaches: How can the U.S. limit the attack surfaces available to the opposition and harden targets to ensure resilience?” they write.

  • Scope, Damage of Massive Russian Hack Still Uncertain

    Cyberexperts inside and outside the U.S. government are scrambling to determine the dimensions of the massive hack by Russian government hackers of dozens of government agencies and private organizations. “While the Russians did not have the time to gain complete control over every network they hacked, they most certainly did gain it over hundreds of them. It will take years to know for certain which networks the Russians control and which ones they just occupy,” said Thomas Bossert, Trump’s former cybersecurity adviser. Senator Richard Blumenthal (D-Connecticut), after closed-door meeting of the Senate Intelligence Committee, in which members were briefed by the intelligence community, said he was “deeply alarmed, and even downright frightened.”

  • U.S. National Security Officials Investigating Hacker Intrusions

    The Trump administration acknowledged Sunday that several U.S. institutions were hacked on behalf of a foreign government. Cybersecurity experts believe Russia is likely behind the attack on the U.S. Treasury and Commerce departments in what U.S. media is calling one of the most sophisticated attacks on U.S. government systems in years.

  • Quick Thoughts on the Russia Hack

    David Sanger, building on a Reuters story, reports in the New York Times that some country, probably Russia, “broke into a range of key government networks, including in the Treasury and Commerce Departments, and had free access to their email systems.” The breach appears to be much broader. Jack Goldsmith writes that The U.S. approach to preventing these breaches appears to involve five elements, but that, on the whole, these elements have failed to stop, prevent or deter high-level breaches.