DOCSLIB.ORG

Defining Russian Election Interference: an Analysis of Select 2014 to 2018 Cyber Enabled Incidents

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Defining Russian Election Interference: an Analysis of Select 2014 to 2018 Cyber Enabled Incidents ISSUE BRIEF Defining Russian Election Interference: An Analysis of Select 2014 to 2018 Cyber Enabled Incidents SEPTEMBER 2018 LAURA GALANTE & SHAUN EE FOREWORD f all the political ideas to defend themselves before the court of human history, few have proven as potent and as compelling as that of electoral democracy. Through the twentieth century, The Scowcroft Center for democracy has faced off many times against fascism, commu- Strategy and Security works to O nism, and other ideologies, and proven itself time and again to have develop sustainable, nonpartisan the stronger case. The central tenet of democracy—that people should strategies to address the most important security challenges be able to select for themselves the leaders who can best govern and facing the United States and the meet their political needs—has ascended around the world, so much so world. The Center honors Gener- that in many places it is difficult to remember that it was ever in doubt. al Brent Scowcroft’s legacy of Indeed, today’s authoritarians often go to great lengths to mimic the service and embodies his ethos trappings of democracy, ceding the point that elections are the best of nonpartisan commitment to the cause of security, support means to deliver political legitimacy. for US leadership in cooperation with allies and partners, and But in recent years, electoral democracy has once more come under dedication to the mentorship of challenge, threatening to undermine these hard-won social and political the next generation of leaders. freedoms. Around the globe, tensions over the distribution of global- ization’s boons have led to widespread discontent and a resurgence Defining Russian Election Interference: ISSUE BRIEF An Analysis of Select 2014 to 2018 Cyber Enabled Incidents in populism, while revisionist governments—such as in tangible examples of cyber activity within a broader the Kremlin—have demonstrated clear intent to manip- universe of election interference. ulate these seismic political forces to discredit democ- racy in other countries. Among the foremost drivers By providing a taxonomy of different forms and levels of this challenge, however, has been the rise of new of state involvement in election interference, it gives media and digital technologies, and their intersection a guide to the recent history of election influence and with traditional political and social life. These technolo- interference. From there, it posits what norms and tac- gies have at times demonstrated exhilarating promise, tics have emerged as commonalities in the behavior of giving citizens new tools to organize and governments nation-states, asking: How will the toolsets and norms new tools to lead. But they have also created new vul- we currently see in play shape nation-state use of tech- nerabilities, both technological and societal, that ma- nology in the future? licious actors have proven able and willing to exploit, damaging public trust in democratic institutions, ex- These may be titanic problems, but fortunately the ploiting societal tensions, and eroding the foundation Cyber Statecraft Initiative has not been alone in taking of our ruled based international system. them on, and is working alongside a number of other centers throughout the Atlantic Council and beyond. The magnitude and cross-cutting nature of this chal- Established in 1961 as part of a transatlantic effort to lenge means that no single actor can solve this prob- reinvigorate democracy and democratic values, the lem alone. Any effective solution must draw together Council is uniquely positioned to tackle yet another expertise from across all sectors, uniting technolo- set of challenges to democracy more than a half cen- gists, policymakers, civil society, and corporate lead- tury later. Its Eurasia Center has called attention to ers alike. Coming from the Cyber Statecraft Initiative Moscow’s influence operations throughout Europe with of the Atlantic Council’s Scowcroft Center for Strategy its Kremlin’s Trojan Horses reports, with two editions and Security, this Issue Brief is one such attempt to do released in November 2016 and November 2017, and just that. In the spirit of our mission to build bridges a forthcoming edition launching in November 2018. between the technology and policy communities, the The Eurasia Center convened the Global Forum on Council brought together a high-level group of ex- Strategic Communications (StratCom) in September perts and policymakers on the sidelines of the Munich 2017 and October 2018, and launched DisinfoPortal. Security Conference in February 2018. org, a one-stop interactive guide to the Kremlin’s infor- mation war, bringing together thirty organizations and Out of the many strands of that discussion, the more than one hundred experts working to counter Scowcroft Center’s senior fellow Laura Galante then disinformation. expertly wove together this Issue Brief. In January 2017, all seventeen United States intelligence agencies However, Russia is far from the only actor in this space, published a nearly unprecedented and unclassified as- and the Digital Forensics Research Lab (DFRLab) has sessment of Russian interference in the 2016 US presi- built a leading center of open source and digital forensic dential elections, which stated: analysts, as well a global network of “digital sherlocks,” tracking events in governance, technology, security, Moscow’s influence campaign followed a mes- and where each intersect as they occur. Over the past saging strategy that blends covert intelligence two years, the DFRLab has built capabilities to identify, operations—such as cyber activity—with overt ef- expose, and explain disinformation where and when it forts by the Russian Government agencies, state- occurs; to promote objective truth as a foundation of owned media, third party intermediaries, and paid government for and by people; to protect democratic social media users or “trolls.” institutions and norms from those who would seek to undermine them in the digital engagement space. The Cyber enabled influence operations encompass a DFRLab has focused on election integrity through a range of activity that is separate, but mutually reinforc- series of #ElectionWatch campaigns monitoring the ing, for instance hacking into an email account then spread of disinformation tactics and narratives around releasing embarrassing or false information via social prominent global elections, partnering both with local media content. This Issue Brief provides a lexicon and actors and tech companies in countries as far-ranging 2 ATLANTIC COUNCIL Defining Russian Election Interference: ISSUE BRIEF An Analysis of Select 2014 to 2018 Cyber Enabled Incidents as Brazil, Colombia, France, Germany, Italy, Malaysia, racy—or whether they undermine it—will be decided and Mexico. by how well today’s policymakers, technologists, and civil society cooperate to produce principles and stan- Ultimately, all these efforts—and more—will be needed dards that withstand the test of time. to ensure that electoral democracy can stand up to the challenges of the twenty-first century. This Issue Brief is a part of that, aiming to continue the conver- sation around cyber enabled influence operations, not to be the final word on it. As technological progress continues apace, new developments that have little precedent in democracy’s long history will continue to Damon Wilson emerge. Whether those developments bolster democ- Executive Vice President, Atlantic Council ATLANTIC COUNCIL 3 Defining Russian Election Interference: ISSUE BRIEF An Analysis of Select 2014 to 2018 Cyber Enabled Incidents INTRODUCTION agreement on interference activities. A lack of spec- ificity and consistency in terminology has contributed he past five years have demonstrated at least greatly to the confusion surrounding a number of the one thing about election interference: though interference cases discussed in this report. If there is a it keeps happening, nobody can agree on just single lesson from cyber activity over the last decade, Twhat it is. The 2016 US elections served as a it is that states must have a common lexicon in order flashpoint in recognizing modern election interference, to respond to cyber threats. It is not enough to simply but there have been numerous instances of interfer- speak of “hacking the vote.” Hopefully, by providing ence in other European elections that can provide these initial terms, this report can spur a wider discus- valuable lessons, and this report aims to connect them sion on defining actions and sponsorship in this domain. into a coherent and singular framework. While not meant to be exhaustive, this report assesses four elec- Interference Actions: tions and a referendum that have been characterized by attempted foreign interference. Infrastructure Exploitation: An action—including reconnaissance and collection efforts—that gathers The five case studies were selected because they illus- or distorts data or functionality of information tech- trate a variety of actions associated with modern cyber nology (IT) systems or networks. and information operations from both a technical and psychological perspective. Each case study summa- Vote Manipulation: An action that alters vote tal- rizes the openly available information about these inci- lies, vote input, vote transmission, or other modes of dents and identifies the state sponsorship and actions counting and transmitting the voters’ true choices. involved per the definitions developed for this report. This does not include
Load more

Recommended publications
  • Hacking the Web
    Hacking the Web (C) 2009-2020 Arun Viswanathan Ellis Horowitz Marco Papa 1 Table of Contents } General Introduction } Authentication Attacks } Client-Side Attacks } Injection Attacks } Recent Attacks } Privacy Tools 2 (C) 2009-2020 Arun Viswanathan Ellis Horowitz Marco Papa Why secure the Web? } The Web has evolved into an ubiquitous entity providing a rich and common platform for connecting people and doing business. } BUT, the Web also offers a cheap, effective, convenient and anonymous platform for crime. } To get an idea, the Web has been used for the following types of criminal activities (source: The Web Hacking Incidents Database (WHID) http://projects.webappsec.org/w/page/13246995/Web-Hacking-Incident-Database) } Chaos (Attack on Russian nuclear power websites amid accident rumors (5Jan09) } Deceit (SAMY XSS Worm – Nov 2005) } Extortion (David Aireys domain hijacked due to a CSRF (cross site request forgery) flaw in Gmail – 30Dec2007) } Identity Theft (XSS on Yahoo! Hot jobs – Oct 2008) } Information Warfare (Israeli Gaza War - Jan 2009 / Balkan Wars – Apr 2008 ) } Monetary Loss (eBay fraud using XSS) } Physical Pain (Hackers post on epilepsy forum causes migraines and seizures – May 2008) } Political Defacements (Hacker changes news release on Sheriffs website – Jul 2008) (Obama, Oreilly and Britneys Twitter accounts hacked and malicious comments posted – Jan 09) } Chinese Gaming sites hacked (Dec. 2011) 3 Copyright(C) 2009 (c) -20092020- 2019Arun Arun Viswanathan Viswanathan Ellis HorowitzEllis Horowitz Marco Marco Papa Papa
    [Show full text]
  • Deception, Disinformation, and Strategic Communications: How One Interagency Group Made a Major Difference by Fletcher Schoen and Christopher J
    STRATEGIC PERSPECTIVES 11 Deception, Disinformation, and Strategic Communications: How One Interagency Group Made a Major Difference by Fletcher Schoen and Christopher J. Lamb Center for Strategic Research Institute for National Strategic Studies National Defense University Institute for National Strategic Studies National Defense University The Institute for National Strategic Studies (INSS) is National Defense University’s (NDU’s) dedicated research arm. INSS includes the Center for Strategic Research, Center for Complex Operations, Center for the Study of Chinese Military Affairs, Center for Technology and National Security Policy, Center for Transatlantic Security Studies, and Conflict Records Research Center. The military and civilian analysts and staff who comprise INSS and its subcomponents execute their mission by conducting research and analysis, publishing, and participating in conferences, policy support, and outreach. The mission of INSS is to conduct strategic studies for the Secretary of Defense, Chairman of the Joint Chiefs of Staff, and the Unified Combatant Commands in support of the academic programs at NDU and to perform outreach to other U.S. Government agencies and the broader national security community. Cover: Kathleen Bailey presents evidence of forgeries to the press corps. Credit: The Washington Times Deception, Disinformation, and Strategic Communications: How One Interagency Group Made a Major Difference Deception, Disinformation, and Strategic Communications: How One Interagency Group Made a Major Difference By Fletcher Schoen and Christopher J. Lamb Institute for National Strategic Studies Strategic Perspectives, No. 11 Series Editor: Nicholas Rostow National Defense University Press Washington, D.C. June 2012 Opinions, conclusions, and recommendations expressed or implied within are solely those of the contributors and do not necessarily represent the views of the Defense Department or any other agency of the Federal Government.
    [Show full text]
  • 1 Cold War Contested Truth
    Cold War Contested Truth: Informants, Surveillance, and the Disciplining of Black Radicalism, 1947-1957 Charisse Burden-Stelly, PhD Africana Studies and Political Science Carleton College [email protected] (510) 717-9000 Introduction During the height of the era of McCarthyism, roughly 1947-1957, Black radicalism was surveilled, disciplined, discredited, and criminalized through a multitude of anticommunist technologies. These included “parallelism,” red-baiting, infiltration, and guilt by association. McCarthyism was constituted by a range of legislation meant to fortify the U.S. security state against the Communist threat, starting with the Foreign Agents Registration Act of 1938, and including the Alien Registration Act of 1940 (commonly known as the Smith Act); the Labor Management Relations Act of 1947 (often referred to as the Taft-Hartley Act); Executive Order 9835 of 1947 (the “Loyalty Order”) and its supersession by Executive Order 10450 in 1953; the Attorney General’s List of Subversive Organizations; and the Internal Security Act of 1950 (also known as the McCarran Act). It was under this legal architecture that scores of activists and scholars who defied Cold War statist pedagogy were indicted, deported, incarcerated, surveilled, and forced underground. This paper uses the examples of the the Peace Information Center (PIC) the Sojourners for Truth and Justice (STJ), and the Council on African Affairs (CAA) to elucidate that career confidential informants, “stool pigeons,” and “turncoats” were instrumental to the Cold War state apparatus’s transmogrification of Black radicals committed to anti-imperialism, anticolonialism, antiracism, peace, and the eradication of economic exploitation into criminals and subversives. Black 1 radicalism can be understood as African descendants’ multivalent and persistent praxis aimed at dismantling structures of domination that sustain racialized dispossession, exploitation, and class-based domination.
    [Show full text]
  • In the Court of Chancery of the State of Delaware Karen Sbriglio, Firemen’S ) Retirement System of St
    EFiled: Aug 06 2021 03:34PM EDT Transaction ID 66784692 Case No. 2018-0307-JRS IN THE COURT OF CHANCERY OF THE STATE OF DELAWARE KAREN SBRIGLIO, FIREMEN’S ) RETIREMENT SYSTEM OF ST. ) LOUIS, CALIFORNIA STATE ) TEACHERS’ RETIREMENT SYSTEM, ) CONSTRUCTION AND GENERAL ) BUILDING LABORERS’ LOCAL NO. ) 79 GENERAL FUND, CITY OF ) BIRMINGHAM RETIREMENT AND ) RELIEF SYSTEM, and LIDIA LEVY, derivatively on behalf of Nominal ) C.A. No. 2018-0307-JRS Defendant FACEBOOK, INC., ) ) Plaintiffs, ) PUBLIC INSPECTION VERSION ) FILED AUGUST 6, 2021 v. ) ) MARK ZUCKERBERG, SHERYL SANDBERG, PEGGY ALFORD, ) ) MARC ANDREESSEN, KENNETH CHENAULT, PETER THIEL, JEFFREY ) ZIENTS, ERSKINE BOWLES, SUSAN ) DESMOND-HELLMANN, REED ) HASTINGS, JAN KOUM, ) KONSTANTINOS PAPAMILTIADIS, ) DAVID FISCHER, MICHAEL ) SCHROEPFER, and DAVID WEHNER ) ) Defendants, ) -and- ) ) FACEBOOK, INC., ) ) Nominal Defendant. ) SECOND AMENDED VERIFIED STOCKHOLDER DERIVATIVE COMPLAINT TABLE OF CONTENTS Page(s) I. SUMMARY OF THE ACTION...................................................................... 5 II. JURISDICTION AND VENUE ....................................................................19 III. PARTIES .......................................................................................................20 A. Plaintiffs ..............................................................................................20 B. Director Defendants ............................................................................26 C. Officer Defendants ..............................................................................28
    [Show full text]
  • Cyber-Conflict Between the United States of America and Russia CSS
    CSS CYBER DEFENSE PROJECT Hotspot Analysis: Cyber-conflict between the United States of America and Russia Zürich, June 2017 Version 1 Risk and Resilience Team Center for Security Studies (CSS), ETH Zürich Cyber-conflict between the United States of America and Russia Authors: Marie Baezner, Patrice Robin © 2017 Center for Security Studies (CSS), ETH Zürich Contact: Center for Security Studies Haldeneggsteig 4 ETH Zürich CH-8092 Zurich Switzerland Tel.: +41-44-632 40 25 [email protected] www.css.ethz.ch Analysis prepared by: Center for Security Studies (CSS), ETH Zürich ETH-CSS project management: Tim Prior, Head of the Risk and Resilience Research Group; Myriam Dunn Cavelty, Deputy Head for Research and Teaching; Andreas Wenger, Director of the CSS Disclaimer: The opinions presented in this study exclusively reflect the authors’ views. Please cite as: Baezner, Marie; Robin, Patrice (2017): Hotspot Analysis: Cyber-conflict between the United States of America and Russia, June 2017, Center for Security Studies (CSS), ETH Zürich. 2 Cyber-conflict between the United States of America and Russia Table of Contents 1 Introduction 5 2 Background and chronology 6 3 Description 9 3.1 Tools and techniques 9 3.2 Targets 10 3.3 Attribution and actors 10 4 Effects 11 4.1 Social and internal political effects 11 4.2 Economic effects 13 4.3 Technological effects 13 4.4 International effects 13 5 Consequences 14 5.1 Improvement of cybersecurity 14 5.2 Raising awareness of propaganda and misinformation 15 5.3 Observation of the evolution of relations between the USA and Russia 15 5.4 Promotion of Confidence Building Measures 16 6 Annex 1 17 7 Glossary 18 8 Abbreviations 19 9 Bibliography 19 3 Cyber-conflict between the United States of America and Russia Executive Summary Effects Targets: US State institutions and a political The analysis found that the tensions between the party.
    [Show full text]
  • ASD-Covert-Foreign-Money.Pdf
    overt C Foreign Covert Money Financial loopholes exploited by AUGUST 2020 authoritarians to fund political interference in democracies AUTHORS: Josh Rudolph and Thomas Morley © 2020 The Alliance for Securing Democracy Please direct inquiries to The Alliance for Securing Democracy at The German Marshall Fund of the United States 1700 18th Street, NW Washington, DC 20009 T 1 202 683 2650 E [email protected] This publication can be downloaded for free at https://securingdemocracy.gmfus.org/covert-foreign-money/. The views expressed in GMF publications and commentary are the views of the authors alone. Cover and map design: Kenny Nguyen Formatting design: Rachael Worthington Alliance for Securing Democracy The Alliance for Securing Democracy (ASD), a bipartisan initiative housed at the German Marshall Fund of the United States, develops comprehensive strategies to deter, defend against, and raise the costs on authoritarian efforts to undermine and interfere in democratic institutions. ASD brings together experts on disinformation, malign finance, emerging technologies, elections integrity, economic coercion, and cybersecurity, as well as regional experts, to collaborate across traditional stovepipes and develop cross-cutting frame- works. Authors Josh Rudolph Fellow for Malign Finance Thomas Morley Research Assistant Contents Executive Summary �������������������������������������������������������������������������������������������������������������������� 1 Introduction and Methodology ��������������������������������������������������������������������������������������������������
    [Show full text]
  • View/Open (13.5MB)
    Open-Access-Publikation im Sinne der CC-Lizenz BY-NC-ND 4.0 © 2017, V&R unipress GmbH, Göttingen ISBN Print: 9783847107620 – ISBN E-Lib: 9783737007627 ContemporaryIssues in International Security and Strategic Studies Volume 1 Edited by James Bindenagel, Matthias Herdegen and Karl Kaiser Open-Access-Publikation im Sinne der CC-Lizenz BY-NC-ND 4.0 © 2017, V&R unipress GmbH, Göttingen ISBN Print: 9783847107620 – ISBN E-Lib: 9783737007627 James Bindenagel /Matthias Herdegen / Karl Kaiser (eds.) International Securityinthe 21st Century Germany’s International Responsibility With 2figures V&Runipress Bonn UniversityPress Open-Access-Publikation im Sinne der CC-Lizenz BY-NC-ND 4.0 © 2017, V&R unipress GmbH, Göttingen ISBN Print: 9783847107620 – ISBN E-Lib: 9783737007627 Bibliographic information published by the Deutsche Nationalbibliothek The Deutsche Nationalbibliothek lists this publication in the Deutsche Nationalbibliografie; detailed bibliographic data are available online: http://dnb.d-nb.de. ISSN 2513-1591 ISBN 978-3-7370-0762-7 You can find alternative editions of this book and additional material on our website: www.v-r.de Publications of Bonn University Press are published by V& R unipress GmbH. 2017, V&R unipress GmbH, Robert-Bosch-Breite 6, 37079 Gçttingen, Germany / www.v-r.de This publication is licensed under a Creative Commons Attribution-Non Commercial- No Derivatives 4.0 International license, at DOI 10.14220/9783737007627. For a copy of this license go to http://creativecommons.org/licenses/by-nc-nd/4.0/. Any use in cases
    [Show full text]
  • View Final Report (PDF)
    TABLE OF CONTENTS TABLE OF CONTENTS I EXECUTIVE SUMMARY III INTRODUCTION 1 GENESIS OF THE PROJECT 1 RESEARCH QUESTIONS 1 INDUSTRY SITUATION 2 METHODOLOGY 3 GENERAL COMMENTS ON INTERVIEWS 5 APT1 (CHINA) 6 SUMMARY 7 THE GROUP 7 TIMELINE 7 TYPOLOGY OF ATTACKS 9 DISCLOSURE EVENTS 9 APT10 (CHINA) 13 INTRODUCTION 14 THE GROUP 14 TIMELINE 15 TYPOLOGY OF ATTACKS 16 DISCLOSURE EVENTS 18 COBALT (CRIMINAL GROUP) 22 INTRODUCTION 23 THE GROUP 23 TIMELINE 25 TYPOLOGY OF ATTACKS 27 DISCLOSURE EVENTS 30 APT33 (IRAN) 33 INTRODUCTION 34 THE GROUP 34 TIMELINE 35 TYPOLOGY OF ATTACKS 37 DISCLOSURE EVENTS 38 APT34 (IRAN) 41 INTRODUCTION 42 THE GROUP 42 SIPA Capstone 2020 i The Impact of Information Disclosures on APT Operations TIMELINE 43 TYPOLOGY OF ATTACKS 44 DISCLOSURE EVENTS 48 APT38 (NORTH KOREA) 52 INTRODUCTION 53 THE GROUP 53 TIMELINE 55 TYPOLOGY OF ATTACKS 59 DISCLOSURE EVENTS 61 APT28 (RUSSIA) 65 INTRODUCTION 66 THE GROUP 66 TIMELINE 66 TYPOLOGY OF ATTACKS 69 DISCLOSURE EVENTS 71 APT29 (RUSSIA) 74 INTRODUCTION 75 THE GROUP 75 TIMELINE 76 TYPOLOGY OF ATTACKS 79 DISCLOSURE EVENTS 81 COMPARISON AND ANALYSIS 84 DIFFERENCES BETWEEN ACTOR RESPONSE 84 CONTRIBUTING FACTORS TO SIMILARITIES AND DIFFERENCES 86 MEASURING THE SUCCESS OF DISCLOSURES 90 IMPLICATIONS OF OUR RESEARCH 92 FOR PERSISTENT ENGAGEMENT AND FORWARD DEFENSE 92 FOR PRIVATE CYBERSECURITY VENDORS 96 FOR THE FINANCIAL SECTOR 96 ROOM FOR FURTHER RESEARCH 97 ACKNOWLEDGEMENTS 98 ABOUT THE TEAM 99 SIPA Capstone 2020 ii The Impact of Information Disclosures on APT Operations EXECUTIVE SUMMARY This project was completed to fulfill the including the scope of the disclosure and capstone requirement for Columbia Uni- the disclosing actor.
    [Show full text]
  • Distributed Attacks and the Healthcare Industry 01/14/2021
    Distributed Attacks and the Healthcare Industry 01/14/2021 Report #: 202101141030 Agenda Image source: CBS News • Overview of distributed attacks • Supply chain attacks • Discussion of SolarWinds attack • Managed Service Provider attacks • Discussion of Blackbaud attack • How to think about distributed attacks • References • Questions Slides Key: Non-Technical: Managerial, strategic and high- level (general audience) Technical: Tactical / IOCs; requiring in-depth knowledge (sysadmins, IRT) 2 Overview: Distributed Attacks What is a distributed attack? Traditional attack = a single compromise impacts a single organization 3 Overview: Distributed Attacks (continued) What is a distributed attack? Distributed attack = a single compromise that impacts multiple organizations Image source: cyber.gc.ca 4 Overview: Distributed Attacks (continued) But what about DDoS (distributed denial of service) attacks? Not a distributed attack in the context of the presentation, since it only targets one organization! Image source: F5 Networks We will be discussing two types of distributed attacks in this presentation, both of which present a significant threat to healthcare: supply chain attacks and managed service provider attacks. We will be analyzing two cases: the SolarWinds attack (supply chain), as well as the Blackbaud breach (managed service provider). This presentation is based on the best information available at the time of delivery – new details will emerge. 5 Supply Chain Attacks Image source: Slidebazaar What is a supply chain? • A supply chain
    [Show full text]
  • Episode 230: Click Here to Kill Everybody
    Episode 230: Click Here to Kill Everybody Stewart Baker: [00:00:03] Welcome to Episode 230 of The Cyberlaw Podcast brought to you by Steptoe & Johnson. We are back and full of energy. Thank you for joining us. We're lawyers talking about technology, security, privacy, and government. And if you want me to talk about hiking through the rain forest of Costa Rica and just how tough my six-year-old granddaughter is, I'm glad to do that too. But today I'm joined by our guest interviewee Bruce Schneier, an internationally renowned technologist, privacy and security guru, and the author of the new book, Click Here to Kill Everybody: Security and Survival in a Hyper-Connected World. We'll be talking to him shortly. For the News Roundup, we have Jamil Jaffer, who's the founder of the estimable and ever-growing National Security Institute. He's also an adjunct professor at George Mason University. Welcome, Jamil. Jamil Jaffer: [00:00:57] Thanks, Stewart. Good to be here. Stewart Baker: [00:00:58] And David Kris, formerly the assistant attorney general in charge of the Justice Department's National Security Division. David, welcome. David Kris: [00:01:07] Thank, you. Good to be here. Stewart Baker: [00:01:08] And he is with his partner in their latest venture, Nate Jones, veteran of the Justice Department, the National Security Council, and Microsoft where he was an assistant general counsel. Nate, welcome. Nate Jones: [00:01:23] Thank you. Stewart Baker: [00:01:25] I'm Stewart Baker, formerly with the NSA and DHS and the host of today's program.
    [Show full text]
  • Reporting, and General Mentions Seem to Be in Decline
    CYBER THREAT ANALYSIS Return to Normalcy: False Flags and the Decline of International Hacktivism By Insikt Group® CTA-2019-0821 CYBER THREAT ANALYSIS Groups with the trappings of hacktivism have recently dumped Russian and Iranian state security organization records online, although neither have proclaimed themselves to be hacktivists. In addition, hacktivism has taken a back seat in news reporting, and general mentions seem to be in decline. Insikt Group utilized the Recorded FutureⓇ Platform and reports of historical hacktivism events to analyze the shifting targets and players in the hacktivism space. The target audience of this research includes security practitioners whose enterprises may be targets for hacktivism. Executive Summary Hacktivism often brings to mind a loose collective of individuals globally that band together to achieve a common goal. However, Insikt Group research demonstrates that this is a misleading assumption; the hacktivist landscape has consistently included actors reacting to regional events, and has also involved states operating under the guise of hacktivism to achieve geopolitical goals. In the last 10 years, the number of large-scale, international hacking operations most commonly associated with hacktivism has risen astronomically, only to fall off just as dramatically after 2015 and 2016. This constitutes a return to normalcy, in which hacktivist groups are usually small sets of regional actors targeting specific organizations to protest regional events, or nation-state groups operating under the guise of hacktivism. Attack vectors used by hacktivist groups have remained largely consistent from 2010 to 2019, and tooling has assisted actors to conduct larger-scale attacks. However, company defenses have also become significantly better in the last decade, which has likely contributed to the decline in successful hacktivist operations.
    [Show full text]
  • Covert Networks a Comparative Study Of
    COVERT NETWORKS A COMPARATIVE STUDY OF INTELLIGENCE TECHNIQUES USED BY FOREIGN INTELLIGENCE AGENCIES TO WEAPONIZE SOCIAL MEDIA by Sarah Ogar A thesis submitted to Johns Hopkins University in conformity with the requirements for the degree of Master of Arts Baltimore, Maryland December 2019 2019 Sarah Ogar All Rights Reserved Abstract From the Bolshevik Revolution to the Brexit Vote, the covert world of intelligence has attempted to influence global events with varying degrees of success. In 2016, one of the most brazen manifestations of Russian intelligence operations was directed against millions of Americans when they voted to elect a new president. Although this was not the first time that Russia attempted to influence an American presidential election, it was undoubtedly the largest attempt in terms of its scope and the most publicized to date. Although much discussion has followed the 2016 election, there have not been much concerted historical analysis which situates the events of 2016 within the global timeline of foreign intelligence collection. This paper argues that the onset of social media has altered intelligence collection in terms of its form, but not in terms of its essence. Using the case study method, this paper illustrates how three different nations apply classical intelligence techniques to the modern environment of social media. This paper examines how China has utilized classical agent recruitment techniques through sites like LinkedIn, how Iran has used classical honey trap techniques through a combination of social media sites, and how Russia has employed the classical tactics of kompromat, forgery, agents of influence and front groups in its modern covert influence campaigns.
    [Show full text]