• The Russia connectionSenate Intel Releases Report on Intel Community Assessment of Russian Interference

    On Tuesday, Senate Select Committee on Intelligence released a new report, the fourth and penultimate volume in the Committee’s bipartisan Russia investigation. The latest installment examines the sources, tradecraft, and analytic work behind the 2017 Intelligence Community Assessment (ICA) that determined Russia conducted an unprecedented, multi-faceted campaign to interfere with the 2016 U.S. presidential election. “One of the ICA’s most important conclusions was that Russia’s aggressive interference efforts should be considered ‘the new normal,’” said Senator Richard Burr (R-North Carolina), the committee’s chairman.

  • PerspectiveWhy China's Coronavirus Lies Don't Matter If It Plays the Long Information Game

    The world will never be the same after COVID-19 –but Mark Payumo writes that this will not be because people sheltered in place and reacquainted themselves with traditional family bonding, but because China opened a new front in information warfare. “This front is global in scale and one that Beijing has laid the groundwork for a decade prior to the pandemic,” he writes. “As it unravels, it underscores one fact that we already know: that the world, especially truly-functioning West democracies, continues to fail in responding to Chinese global statecraft that may threaten civil liberties as we know it.”

  • ArgumentHackers Are Everywhere. Here’s How Scholars Can Find Them.

    The world of cyber operations is full of hard national security choices. Ben Buchanan asks: “How do long-held ideas of counterintelligence, deterrence and deception apply in this new arena of competition? How does escalation work with hacking? Who carried out this intrusion, and what was the intention behind it? Most of all, what does any of this mean for geopolitics in the modern age, and how can scholars communicate that to policymakers?”

  • Truth decayOut-of-Context Photos Are a Powerful Low-Tech form of Misinformation

    By Lisa Fazio

    When you think of visual misinformation, maybe you think of deepfakes – videos that appear real but have actually been created using powerful video editing algorithms. The creators edit celebrities into pornographic movies, and they can put words into the mouths of people who never said them. But the majority of visual misinformation that people are exposed to involves much simpler forms of deception. One common technique involves recycling legitimate old photographs and videos and presenting them as evidence of recent events.

  • CyberwarHow Iran’s Military Outsources Its Cyberthreat Forces

    By Dorothy Denning

    Two years ago, I wrote that Iran’s cyberwarfare capabilities lagged behind those of both Russia and China, but that it had become a major threat which will only get worse. It had already conducted several highly damaging cyberattacks. Since then, Iran has continued to develop and deploy its cyberattacking capabilities. It carries out attacks through a network of intermediaries, allowing the regime to strike its foes while denying direct involvement.

  • CyberwarCyberspace Is the Next Front in Iran-U.S. Conflict – and Private Companies May Bear the Brunt

    By Bryan Cunningham

    Iran and other nations have waged a stealth cyberwar against the United States for at least the past decade, largely targeting not the government itself but, rather, critical infrastructure companies. This threat to the private sector will get much worse before it gets better and businesses need to be prepared to deal with it.

  • CyberwarsU.S. Monitoring Cyberspace for Signs of Iranian Aggression

    By Jeff Seldin

    U.S. government officials are watching and waiting, with many believing it is only a matter of time before Iran lashes out in cyberspace for the U.S. drone strike that killed Quds Force commander Qassem Soleimani last week. According to the latest advisory from the Department of Homeland Security, there are still “no specific, credible threats” to the United States. But officials say Iran’s public assurances that it is done retaliating mean little.

  • CyberwarsHow Real Is the Threat of Cyberwar Between Iran and the U.S.?

    By Vasileios Karagiannopoulos

    There are widespread concerns that rising tensions between the United States and Iran might fuel further conflict between the two countries. Considering the importance of information networks and cyberspace for our everyday lives, there is also concern that this conflict might not only take place in the physical world but could take the form of cyber-attacks. These could have serious consequences, particularly since Iran has demonstrated an increase in its cyber-capability in the past decade.

  • PerspectiveIran Spent Years Building a Cyber Arsenal. Will It Unleash That Arsenal Now?

    In 2007, a computer virus crippled centrifuges at Iran’s uranium enrichment facility in Natanz, setting back its nuclear program by years. Chris Meserole writes that the Stuxnet attack—not uncovered until a few years later—taught the revolutionary regime in Tehran a valuable lesson about how effective cyber weapons can be, prompting Tehran to invest heavily in cyber capabilities of its own. “The results speak for themselves: Iranian hacking groups have graduated from conventional distributed denial of service (DDoS) and domain name system (DNS) attacks to more sophisticated operations against critical infrastructure and industrial control systems,” he writes.

  • Perspective: Cyber operationsMilitary Cyber Operations: The New NDAA Tailors the 48-Hour Notification Requirement

    Congress will soon enact the National Defense Authorization Act for Fiscal Year 2020 (NDAA fiscal 2020), which includes a provision that will fine-tune the range of military cyberoperations subject to the 48-hour notification requirement associated with “sensitive military cyber operations.”

  • PerspectiveWhy Cyber Operations Do Not Always Favor the Offense

    Among policymakers and analysts, the assumption that cyberspace favors the offense is widespread. Those who share this assumption have been urging the U.S. government to prioritize offensive cyber operations. Rebecca Slayton writes that the belief in offense dominance is understandable – but mistaken: A focus on offense “increases international tensions and states’ readiness to launch a counter-offensive after a cyberattack, and it often heightens cyber vulnerabilities,” she writes.

  • CyberwarU.S. Cyber-Attacked Iran after Iran’s Attack on Saudi Oil: Report

    The United States carried out a cyberattack against Iran after Iran attacked Saudi oil facilities in September. Reuters, citing unnamed U.S. officials, reports that the cyberattacks targeted physical hardware which Iran uses to spread propaganda.

  • PerspectiveArmy Cyber Lobbies for Name Change This Year, as Information Warfare Grows in Importance

    Army Cyber Command has been lobbying for a name change to better reflect its growing mission, one in which its cyber professionals are increasingly focused on operating below the threshold of armed conflict every day. Lt. Gen. Stephen Fogarty, Army Cyber commander, says his staff is providing a proposal to change their command’s name to Army Information Warfare Command.

  • Perspective: CyberwarBritain Is “At War Every Day” Due to Constant Cyberattacks, Chief of the Defense Staff says

    The Chief of the U.K. Defense Staff has said that Britain is “at war every day” due to constant cyberattacks from Russia and elsewhere. Russia and China’s “interpretation” of the rules governing international engagement threatened “the ethical and legal basis on which we apply the rule of armed conflict,” General Carter said. “Russia is much more of a threat today than it was five years ago.” He added: “There is still clearly going to be human interaction – warfare is essentially a political function - but it will be a much more sophisticated and will include the new domains [alongside land, sea and air] of space and cyber.”

  • Perspective: Cyberattacking IranThe Urgent Search for a Cyber Silver Bullet Against Iran

    After spending billions of dollars to assemble the world’s most potent arsenal of cyberweapons and plant them in networks around the world, United States Cyber Command — and the new era of warfighting it has come to represent — may face a critical test in the coming weeks. To punish Iran for its last month’s attack on Saudi oil facilities, a second U.S. cyberstrike — after one launched against Iran just three months ago — has emerged as the most appealing course of action for President Donald Trump. “The question circulating now through the White House, the Pentagon and Cyber Command’s operations room is whether it is possible to send a strong message of deterrence with a cyberattack without doing so much damage that it would prompt an even larger Iranian counterstrike,” David Sanger and Julian Barnes write, noting that in the past decade, the United States has launched at least three major cyberattacks against Iran. “In each case, the damage to Iranian systems could be repaired over time. And in each case, the effort to deter Iran was at best only partly successful,” they write.