• ARGUMENT: Cyber offenseResponsible Cyber Offense

    There is responsible conduct in cyberspace, and there is irresponsible conduct. Perri Adams, Dave Aitel, George Perkovich, and JD Work write that “If the SolarWinds operation was a case of somewhat responsible hacking within the bounds of acceptable state action (even if Russia is far from a responsible actor in cyberspace), the Exchange operation, by contrast, demonstrates how an irresponsibly conducted espionage operation can escalate into collateral damage and instability.” They write that, despite critical preventive efforts, “offensive operations will continue apace in the foreseeable future—conducted by the United States, its allies and its adversaries. The choice is whether and how to engage in them responsibly and minimize cost to societies.”

  • CyberwarWith Cyberattacks Growing More Frequent and Disruptive, a Unified Approach Is Essential

    By Yasser Morgan

    Coordinated cyberattacks can create massive disruptions to infrastructure and supply chains. New treaties are needed to prevent cyberwarfare, but it’s challenging to predict technological advances.

  • ARGUMENT: Taking down botsWhen Should U.S. Cyber Command Take Down Criminal Botnets?

    Trickbot is back. U.S. Cyber Command targeted this malware in autumn 2020 in an unprecedented use of military offensive cyber operations to disrupt a purely criminal operation. Jason Healey writes that “Such military operations are a good idea only in cases that meet a five-part test of imminence, severity, overseas focus, nation-state adversary, and military as a last-ish resort.”

  • SolarWindsU.S. Response to SolarWinds Cyber Penetrations: A Good Defense Is the Best Offense

    By Paul Kolbe

    We are in a new “Long War,” an ambient cyber conflict that will play out over decades against multiple adversaries. This is a conflict where the best offense may be a good defense. Limiting the potential harm adversaries can impose on us, while retaining the ability to inflict asymmetric damage, offers the best hope of bolstering U.S. national security and creating a world of cyber deterrence and restraint. Hopefully, SolarWinds marks the inflection point of a pivot to a more effective defense-based national cyber strategy.

  • PERSPECTIVE: Cyber conductIsrael, Cyberattacks and International Law

    Recently, several cyberattacks have hit Israeli companies. While Israel has not yet publicly attributed the attacks to any foreign state, media outlets report that Israeli cybersecurity experts have tied the operations of the main hacker groups behind these attacks—BlackShadow and Pay2Kitten—to Iran. Tal Mimran and Yuval Shany write that in response, Israel seems to be increasingly turning toward international law to guide its approach to hostile activities in cyberspace

  • Perspective: Cyber conductIsrael, Cyberattacks and International Law

    Recently, several cyberattacks have hit Israeli companies. While Israel has not yet publicly attributed the attacks to any foreign state, media outlets report that Israeli cybersecurity experts have tied the operations of the main hacker groups behind these attacks—BlackShadow and Pay2Kitten—to Iran. Tal Mimran and Yuval Shany write that in response, Israel seems to be increasingly turning toward international law to guide its approach to hostile activities in cyberspace

  • Argument: Legal aspects of cyberwarfareCyberattacks and the Constitution

    The United States has one of the world’s strongest and most sophisticated capabilities to launch cyberattacks against adversaries. How does the U.S. Constitution allocate power to use that capability? And, Matthew Waxman asks, what does that allocation tell us about appropriate executive-legislative branch arrangements for setting and implementing cyber strategy?

  • CyberwarFrom Cold War to Gray War: Internet Conflict Intensifying

    By Jamie Dettmer

    A former top security adviser to Boris Johnson has revealed that Britain has launched recently a series of covert cyber-based attacks on Russian leaders and their interests to “impose a price greater than one they might have expected” for their cyber-offensive against the West. Other allied powers, including the U.S., are doing so, too, say Western intelligence officials in what is becoming a “like-for-like” cyber-conflict with the Kremlin in the so-called the “gray space,” the gap between normal state relations and armed conflict.

  • DeepfakesWould You Fall for a Fake Video? Research Suggests You Might

    Deepfakes are videos that have been manipulated in some way using algorithms. As concerns about election interference around the globe continue to rise, the phenomenon of deepfakes and their possible impact on democratic processes remains surprisingly understudied.

  • DeepfakesUsing Frequency Analysis to Recognize Fake Images

    They look deceptively real, but they are made by computers: so-called deep-fake images are generated by machine learning algorithms, and humans are pretty much unable to distinguish them from real photos. New method makes it possible to expose fake images created by computer algorithms rather than by humans.

  • The Russia connectionSenate Intel Releases Report on Intel Community Assessment of Russian Interference

    On Tuesday, Senate Select Committee on Intelligence released a new report, the fourth and penultimate volume in the Committee’s bipartisan Russia investigation. The latest installment examines the sources, tradecraft, and analytic work behind the 2017 Intelligence Community Assessment (ICA) that determined Russia conducted an unprecedented, multi-faceted campaign to interfere with the 2016 U.S. presidential election. “One of the ICA’s most important conclusions was that Russia’s aggressive interference efforts should be considered ‘the new normal,’” said Senator Richard Burr (R-North Carolina), the committee’s chairman.

  • PerspectiveWhy China's Coronavirus Lies Don't Matter If It Plays the Long Information Game

    The world will never be the same after COVID-19 –but Mark Payumo writes that this will not be because people sheltered in place and reacquainted themselves with traditional family bonding, but because China opened a new front in information warfare. “This front is global in scale and one that Beijing has laid the groundwork for a decade prior to the pandemic,” he writes. “As it unravels, it underscores one fact that we already know: that the world, especially truly-functioning West democracies, continues to fail in responding to Chinese global statecraft that may threaten civil liberties as we know it.”

  • ArgumentHackers Are Everywhere. Here’s How Scholars Can Find Them.

    The world of cyber operations is full of hard national security choices. Ben Buchanan asks: “How do long-held ideas of counterintelligence, deterrence and deception apply in this new arena of competition? How does escalation work with hacking? Who carried out this intrusion, and what was the intention behind it? Most of all, what does any of this mean for geopolitics in the modern age, and how can scholars communicate that to policymakers?”

  • Truth decayOut-of-Context Photos Are a Powerful Low-Tech form of Misinformation

    By Lisa Fazio

    When you think of visual misinformation, maybe you think of deepfakes – videos that appear real but have actually been created using powerful video editing algorithms. The creators edit celebrities into pornographic movies, and they can put words into the mouths of people who never said them. But the majority of visual misinformation that people are exposed to involves much simpler forms of deception. One common technique involves recycling legitimate old photographs and videos and presenting them as evidence of recent events.

  • CyberwarHow Iran’s Military Outsources Its Cyberthreat Forces

    By Dorothy Denning

    Two years ago, I wrote that Iran’s cyberwarfare capabilities lagged behind those of both Russia and China, but that it had become a major threat which will only get worse. It had already conducted several highly damaging cyberattacks. Since then, Iran has continued to develop and deploy its cyberattacking capabilities. It carries out attacks through a network of intermediaries, allowing the regime to strike its foes while denying direct involvement.