DOCSLIB.ORG

Dhs's Progress in Securing Election

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Dhs's Progress in Securing Election DHS’S PROGRESS IN SECURING ELECTION SYSTEMS AND OTHER CRITICAL INFRASTRUCTURE HEARING BEFORE THE COMMITTEE ON HOMELAND SECURITY HOUSE OF REPRESENTATIVES ONE HUNDRED FIFTEENTH CONGRESS SECOND SESSION JULY 11, 2018 Serial No. 115–70 Printed for the use of the Committee on Homeland Security Available via the World Wide Web: http://www.govinfo.gov U.S. GOVERNMENT PUBLISHING OFFICE 33–942 PDF WASHINGTON : 2019 VerDate Mar 15 2010 15:40 Jan 03, 2019 Jkt 000000 PO 00000 Frm 00001 Fmt 5011 Sfmt 5011 H:\115TH CONGRESS\18FL0711\18FL0711 HEATH Congress.#13 COMMITTEE ON HOMELAND SECURITY MICHAEL T. MCCAUL, Texas, Chairman LAMAR SMITH, Texas BENNIE G. THOMPSON, Mississippi PETER T. KING, New York SHEILA JACKSON LEE, Texas MIKE ROGERS, Alabama JAMES R. LANGEVIN, Rhode Island LOU BARLETTA, Pennsylvania CEDRIC L. RICHMOND, Louisiana SCOTT PERRY, Pennsylvania WILLIAM R. KEATING, Massachusetts JOHN KATKO, New York DONALD M. PAYNE, JR., New Jersey WILL HURD, Texas FILEMON VELA, Texas MARTHA MCSALLY, Arizona BONNIE WATSON COLEMAN, New Jersey JOHN RATCLIFFE, Texas KATHLEEN M. RICE, New York DANIEL M. DONOVAN, JR., New York J. LUIS CORREA, California MIKE GALLAGHER, Wisconsin VAL BUTLER DEMINGS, Florida CLAY HIGGINS, Louisiana NANETTE DIAZ BARRAGA´ N, California THOMAS A. GARRETT, JR., Virginia BRIAN K. FITZPATRICK, Pennsylvania RON ESTES, Kansas DON BACON, Nebraska DEBBIE LESKO, Arizona BRENDAN P. SHIELDS, Staff Director STEVEN S. GIAIER, General Counsel MICHAEL S. TWINCHEK, Chief Clerk HOPE GOINS, Minority Staff Director (II) VerDate Mar 15 2010 15:40 Jan 03, 2019 Jkt 000000 PO 00000 Frm 00002 Fmt 5904 Sfmt 5904 H:\115TH CONGRESS\18FL0711\18FL0711 HEATH C O N T E N T S Page STATEMENTS The Honorable Michael T. McCaul, a Representative in Congress From the State of Texas, and Chairman, Committee on Homeland Security: Oral Statement ..................................................................................................... 1 Prepared Statement ............................................................................................. 2 The Honorable Bennie G. Thompson, a Representative in Congress From the State of Mississippi, and Ranking Member, Committee on Homeland Security: Oral Statement ..................................................................................................... 3 Prepared Statement ............................................................................................. 37 The Honorable Sheila Jackson Lee, a Representative in Congress From the State of Texas: Prepared Statement ............................................................................................. 38 WITNESSES Mr. Christopher C. Krebs, Under Secretary, National Protection and Pro- grams Directorate, U.S. Department of Homeland Security: Oral Statement ..................................................................................................... 42 Prepared Statement ............................................................................................. 43 Ms. Nellie M. Gorbea, Secretary of State, State of Rhode Island: Oral Statement ..................................................................................................... 49 Prepared Statement ............................................................................................. 51 FOR THE RECORD The Honorable Bennie G. Thompson, a Representative in Congress From the State of Mississippi, and Ranking Member, Committee on Homeland Security: Letters ................................................................................................................... 5 Press Releases ...................................................................................................... 23 Documents ............................................................................................................ 33 APPENDIX Questions From Honorable John Katko for Christopher C. Krebs ...................... 89 Questions From Honorable John Ratcliffe for Christopher C. Krebs .................. 90 Questions From Honorable James R. Langevin for Christopher C. Krebs ......... 90 (III) VerDate Mar 15 2010 15:40 Jan 03, 2019 Jkt 000000 PO 00000 Frm 00003 Fmt 5904 Sfmt 5904 H:\115TH CONGRESS\18FL0711\18FL0711 HEATH VerDate Mar 15 2010 15:40 Jan 03, 2019 Jkt 000000 PO 00000 Frm 00004 Fmt 5904 Sfmt 5904 H:\115TH CONGRESS\18FL0711\18FL0711 HEATH DHS’S PROGRESS IN SECURING ELECTION SYSTEMS AND OTHER CRITICAL INFRA- STRUCTURE Wednesday, July 11, 2018 U.S. HOUSE OF REPRESENTATIVES, COMMITTEE ON HOMELAND SECURITY, Washington, DC. The committee met, pursuant to notice, at 10:31 a.m., in room HVC–210, Capitol Visitor Center, Hon. Michael T. McCaul (Chair- man of the committee) presiding. Present: Representatives McCaul, King, Rogers, Barletta, Perry, Katko, Hurd, McSally, Fitzpatrick, Estes, Bacon, Lesko, Thompson, Jackson Lee, Langevin, Keating, Payne, Vela, Watson Coleman, Rice, Correa, Demings, and Barraga´n. Chairman MCCAUL. The Committee on Homeland Security will come to order. The committee is meeting today to examine the work that the Department of Homeland Security is doing to assist State and local officials to secure election infrastructure, including voting ma- chines, vote tallying systems, and voter databases. In addition to election security, we will also examine DHS’s role working across all 16 critical infrastructures, because a cyber threat to elections may pose a similar threat to other critical infra- structure sectors. I now recognize myself for an opening statement. Our democratic system and critical infrastructures are under at- tack. In 2016, Russia meddled in our Presidential election through a series of cyber attacks and information warfare. Their goals were to undermine the credibility of the outcome and sow discord and chaos among the American people. This was a provocative attack against our country; we must not allow it to happen again. I have stated repeatedly and long before the last election that foreign interference in our democracy cannot be tolerated. I strongly believe we will be targeted again this No- vember in the midterm elections, and we need to be prepared. That is why we included $380 million in grants to the Election Assistance Commission and $26 million to the Department of Homeland Security for election infrastructure in fiscal year 2018. These funds will enhance election technology and bolster cyber readiness. However, malicious use of the internet and the exploitation of so- cial media are not just aimed at our election systems. In March, the FBI and DHS reported that Russian hackers attacked Amer- (1) VerDate Mar 15 2010 15:40 Jan 03, 2019 Jkt 000000 PO 00000 Frm 00005 Fmt 6633 Sfmt 6633 H:\115TH CONGRESS\18FL0711\18FL0711 HEATH 2 ican nuclear power plants. Crippling or shutting down major parts of our energy sector would be catastrophic. Russia has already done this to our allies. In 2015, a cyber at- tack turned off electricity for hundreds of thousands of Ukrainians. Last year, I stood on the front lines of Russia’s cyber war in Ukraine and saw the effects first-hand. Nation-state hacking is real and it is dangerous. Unfortunately, Russia is not the only villain. Between 2011 and 2013, Iranian hackers attacked dozens of U.S. banks and tried to shut down a dam in New York. In 2014, Chinese hackers stole 22 million secu- rity clearances from OPM, including my own. These attacks and others are part of a greater onslaught being waged against the United States. As a result, I have made strengthening our cybersecurity a top priority of this committee. In the past year we have passed legisla- tion to create the Cyber Security and Infrastructure Security Agen- cy to elevate and operationalize the cybersecurity mission at DHS; authorize cyber incident response teams to assist local and State officials in identifying cyber risks and restoring essential services; and reauthorize DHS to ensure it offers services to local and State election officials upon request. We are proud of these accomplishments, but we can always do more. So today’s hearing gives us a chance to offer new ideas and promote new solutions to help protect our elections and other crit- ical infrastructures. I would like to thank the witnesses for being here today. We are grateful for your service to the country and expertise and look for- ward to working with each of you. [The statement of Chairman McCaul follows:] STATEMENT OF CHAIRMAN MICHAEL T. MCCAUL JULY 11, 2018 Our democratic system and critical infrastructure are under attack. In 2016, Russia meddled in our Presidential election through a series of cyber at- tacks and information warfare. Their goals were to undermine the credibility of the outcome and sow discord among the American people. This was a provocative attack against our country and we must not allow it to happen again. I have stated repeatedly, and long before the last election, that foreign inter- ference in our democracy cannot be tolerated. I strongly believe we’ll be targeted again this November. We need to be prepared. That is why we included $380 million in grants to the Election Assistance Com- mission and $26 million to DHS for election infrastructure in the fiscal year 2018 omnibus. These funds will enhance election technology and bolster cyber readiness. However, malicious use of the internet and the exploitation of social media are not just aimed at our election systems. In March, the FBI and DHS reported that Russian hackers attacked American nuclear power plants. Crippling or shutting down major parts of our energy sector would
Load more

Recommended publications
  • Potential Human Cost of Cyber Operations
    ICRC EXPERT MEETING 14–16 NOVEMBER 2018 – GENEVA THE POTENTIAL HUMAN COST OF CYBER OPERATIONS REPORT ICRC EXPERT MEETING 14–16 NOVEMBER 2018 – GENEVA THE POTENTIAL HUMAN COST OF CYBER OPERATIONS Report prepared and edited by Laurent Gisel, senior legal adviser, and Lukasz Olejnik, scientific adviser on cyber, ICRC THE POTENTIAL HUMAN COST OF CYBER OPERATIONS Table of Contents Foreword............................................................................................................................................. 3 Acknowledgements ............................................................................................................................. 4 Executive summary ............................................................................................................................. 5 Introduction....................................................................................................................................... 10 Session 1: Cyber operations in practice .………………………………………………………………………….….11 A. Understanding cyber operations with the cyber kill chain model ...................................................... 11 B. Operational purpose ................................................................................................................. 11 C. Trusted systems and software supply chain attacks ...................................................................... 13 D. Cyber capabilities and exploits ..................................................................................................
    [Show full text]
  • Reporting, and General Mentions Seem to Be in Decline
    CYBER THREAT ANALYSIS Return to Normalcy: False Flags and the Decline of International Hacktivism By Insikt Group® CTA-2019-0821 CYBER THREAT ANALYSIS Groups with the trappings of hacktivism have recently dumped Russian and Iranian state security organization records online, although neither have proclaimed themselves to be hacktivists. In addition, hacktivism has taken a back seat in news reporting, and general mentions seem to be in decline. Insikt Group utilized the Recorded FutureⓇ Platform and reports of historical hacktivism events to analyze the shifting targets and players in the hacktivism space. The target audience of this research includes security practitioners whose enterprises may be targets for hacktivism. Executive Summary Hacktivism often brings to mind a loose collective of individuals globally that band together to achieve a common goal. However, Insikt Group research demonstrates that this is a misleading assumption; the hacktivist landscape has consistently included actors reacting to regional events, and has also involved states operating under the guise of hacktivism to achieve geopolitical goals. In the last 10 years, the number of large-scale, international hacking operations most commonly associated with hacktivism has risen astronomically, only to fall off just as dramatically after 2015 and 2016. This constitutes a return to normalcy, in which hacktivist groups are usually small sets of regional actors targeting specific organizations to protest regional events, or nation-state groups operating under the guise of hacktivism. Attack vectors used by hacktivist groups have remained largely consistent from 2010 to 2019, and tooling has assisted actors to conduct larger-scale attacks. However, company defenses have also become significantly better in the last decade, which has likely contributed to the decline in successful hacktivist operations.
    [Show full text]
  • Ethical Hacking
    Ethical Hacking Alana Maurushat University of Ottawa Press ETHICAL HACKING ETHICAL HACKING Alana Maurushat University of Ottawa Press 2019 The University of Ottawa Press (UOP) is proud to be the oldest of the francophone university presses in Canada and the only bilingual university publisher in North America. Since 1936, UOP has been “enriching intellectual and cultural discourse” by producing peer-reviewed and award-winning books in the humanities and social sciences, in French or in English. Library and Archives Canada Cataloguing in Publication Title: Ethical hacking / Alana Maurushat. Names: Maurushat, Alana, author. Description: Includes bibliographical references. Identifiers: Canadiana (print) 20190087447 | Canadiana (ebook) 2019008748X | ISBN 9780776627915 (softcover) | ISBN 9780776627922 (PDF) | ISBN 9780776627939 (EPUB) | ISBN 9780776627946 (Kindle) Subjects: LCSH: Hacking—Moral and ethical aspects—Case studies. | LCGFT: Case studies. Classification: LCC HV6773 .M38 2019 | DDC 364.16/8—dc23 Legal Deposit: First Quarter 2019 Library and Archives Canada © Alana Maurushat, 2019, under Creative Commons License Attribution— NonCommercial-ShareAlike 4.0 International (CC BY-NC-SA 4.0) https://creativecommons.org/licenses/by-nc-sa/4.0/ Printed and bound in Canada by Gauvin Press Copy editing Robbie McCaw Proofreading Robert Ferguson Typesetting CS Cover design Édiscript enr. and Elizabeth Schwaiger Cover image Fragmented Memory by Phillip David Stearns, n.d., Personal Data, Software, Jacquard Woven Cotton. Image © Phillip David Stearns, reproduced with kind permission from the artist. The University of Ottawa Press gratefully acknowledges the support extended to its publishing list by Canadian Heritage through the Canada Book Fund, by the Canada Council for the Arts, by the Ontario Arts Council, by the Federation for the Humanities and Social Sciences through the Awards to Scholarly Publications Program, and by the University of Ottawa.
    [Show full text]
  • Critical Infrastructure Report
    AUTHORED BY: TIFFANY EAST ER ADAM EATON HALEY EWING TREY GREEN CHRIS GRIFFIN CHANDLER LEWIS KRISTINA MILLIGAN KERI WEINMAN ADVISOR: DR. DANNY DAVIS 2018-2019 CAPSTONE PROJECT CLIENT: POINTSTREAM, INC. COMPREHENSIVE U.S. CYBER FRAMEWORK KEY ASPECTS OF CRITICAL INFRASTRUCTURE, PRIVATE SECTOR, AND PERSONALLY IDENTIFIABLE INFORMATION 2018 – 2019 Capstone Team The Bush School of Government and Public Service, Texas A&M University Advisor: Danny W. Davis, Ph.D. About the Project This project is a product of the Class of 2019 Bush School of Government and Public Service, Texas A&M University Capstone Program. The project lasted one academic year and involved eight second-year master students. It intends to synthesize and provide clarity in the realm of issues pertaining to U.S. Internet Protocol Space by demonstrating natural partnerships and recommendations for existing cyber incident response. The project was produced at the request of PointStream Inc., a private cybersecurity contractor. Mission This capstone team analyzed existing frameworks for cyber incident response for PointStream Inc. in order to propose a comprehensive and efficient plan for U.S. cybersecurity, critical infrastructure, and private sector stakeholders. Advisor Dr. Danny Davis - Associate Professor of the Practice and Director, Graduate Certificate in Homeland Security Capstone Team Tiffany Easter - MPSA 2019 Adam Eaton - MPSA 2019 Haley Ewing - MPSA 2019 Trey Green - MPSA 2019 Christopher Griffin - MPSA 2019 Chandler Lewis - MPSA 2019 Kristina Milligan - MPSA 2019 Keri Weinman - MPSA 2019 Acknowledgement The Capstone Team would like to express gratitude to COL Phil Waldron, Founder and CEO of PointStream Inc., for this opportunity and invaluable support throughout the duration of this project.
    [Show full text]
  • Bashe Attack Global Infection by Contagious Malware 2
    CyRiM Report 2019 Bashe attack Global infection by contagious malware 2 About CyRiM About Cambridge Centre for Risk Studies Cyber risks are emerging risk with new complexities that The Centre for Risk Studies is a world leading centre for call for insurers and risk managers to jointly develop the study of the management of economic and societal innovative solutions and tools, and enhance awareness risks. The Centre’s focus is the analysis, assessment, and underwriting expertise. and mitigation of global vulnerabilities for the The Cyber Risk Management (CyRiM) project is led by advancement of political, business, and individual NTU-IRFRC in collaboration with industry partners and decision makers. academic experts. CyRiM is a pre-competitive research project that aims to foster an efficient cyber risk The Centre provides frameworks for recognizing, insurance market place through engaging industry and assessing, and managing the impacts of systemic academic experts guided by government and policy level threats. The research programme is concerned with research. The CyRiM project will help Singapore to catastrophes and how their impacts ripple across an become an industry centre of excellence on cyber risk increasingly connected world with consequent effects on and grow the cyber risk insurance market by promoting the international economy, financial markets, firms in the both the demand and the supply of insurance coverage. financial sectors, and global corporations. To test research outputs and guide new research agendas, the For more information about CyRiM please visit Centre engages with the business community, http://irfrc.ntu.edu.sg/Research/cyrim/Pages/Home.aspx government policy makers, regulators, and industry bodies.
    [Show full text]
  • Trends in Online Foreign Influence Efforts
    Trends in Online Influence Efforts∗ Diego A. Martiny Jacob N. Shapiroz Julia G. Ilhardtx Version 2.0 August 5, 2020 Abstract Information and Communications Technologies (ICTs) create novel opportuni- ties for a wide range of political actors. Foreign governments have used social media to influence politics in a range of countries by promoting propaganda, advocating controversial viewpoints, and spreading disinformation. This report updates previ- ous work with data on 76 such foreign influence efforts (FIE) targeting 30 different countries from 2013 through 2019, as well as 20 domestic influence efforts (DIE) in which governments targeted their own citizens. Influence efforts (IEs) are de- fined as: (i) coordinated campaigns by a state or the ruling party in an autocracy to impact one or more specific aspects of politics at home or in another state, (ii) through media channels, including social media, by (iii) producing content designed to appear indigenous to the target state. The objective of such campaigns can be quite broad and to date have included shaping election outcomes at various levels, shifting the political agenda on topics ranging from health to security, and encour- aging political polarization. Our data draw on more than 920 media reports and 380 research articles/reports to identify IEs, track their progress, and classify their features. ∗We are grateful to a range of colleagues including Laura Courchesne, Nick Feamster, Andy Guess, Hans Klein, Brendan Stewart, and Alicia Wanless for helpful comments and feedback. Will Lowe provided invaluable advice on data structure and data entry. Jordan Allen, Nicola Bariletto, Arya Goel, Danielle Hull, Janette Lu, Imane Mabrouk, Matthew Merrigan, Justinas Mickus, Brendan O'Hara, Jan Oledan, Kamila Radjabova, Nina Sheridan, Joe Shipley, Jack Tait, Kamya Yadav, and Luca Zanotti provided excellent research assistance.
    [Show full text]
  • Cyber Attribution: Technical and Legal Approaches and Challenges
    DRAFT: PLEASE DO NOT QUOTE OR CITE WITHOUT PERMISSION 1 Cyber attribution: technical and legal approaches and challenges Nicholas Tsagourias Michael D Farrell University of Sheffield Georgia Institute of Technology Sheffield, UK Atlanta, USA [email protected] [email protected] Introduction Attribution describes the process of assigning a particular act to its source not necessarily in the sense of its physical perpetrator but more importantly in the sense of its mastermind. Attribution is important because it forms the basis of appropriate and effective technical, political and legal determinations and underpins technical, political and legal action and responsibility. In the cyber context, attribution has often been presented as a challenge because of the anonymity cyberspace affords, the possibility of spoofing, the multi-stage nature of cyber attacks, and the indiscriminate nature of cyber tools. To this, one should add the required human and technical resources, the lengthy time scales, and the associated investigatory demands. State to state attribution is treated with even more trepidation since the aforementioned problems are magnified whereas attribution or misattribution can engender serious consequences. Things, however, are changing. In the period 2007 to 2018, there have been more than twenty examples of high profile attribution claims of nation-state cyber attacks.1 These include attributions made by governments, civil society, and industry. One of the first public, high-profile instances of a large-scale cyberattack from a nation-state was the DDoS attack against the Estonian government, banks, and news agencies in 2007. The Prime Minister of Estonia, Andrus Ansip, attributed the attacks to Russia.2 This attribution received public criticism from Finnish security company F-secure,3 and was 1 The term cyber attack is used here to describe malicious cyber operations in general 2 Anderson, Nate.
    [Show full text]
  • USAF Counterproliferation Center CPC Outreach Journal #1051
    Issue No. 1051, 29 March 2013 Articles & Other Documents: Featured Article: Reports Warn of Lax Inspections, Bioterror Lab Risks 1. ‘Most Substantive’ Iran Nuclear Talks to Date, but Narrow Area of Agreement 2. UN Excludes Major Powers from Syria Chemical Arms Inquiry 3. ‘Iran may Freeze some Nuclear Activity to Ease Sanctions’ 4. North Korea 'Defeats' US Troops in New Video 5. Experts: NKorea Training Teams of 'Cyber Warriors' 6. Top China College Linked to PLA's Cyberspying Unit 7. U.S., South Korea Strengthen Response to North Korea’s Provocations 8. President Park Asks N. Korea to Give Up its Nukes 9. N. Korea Warns Pre-Emptive Nuclear Attack part of its Military Options 10. ‘Combat-Ready’ North Korea Threatens Hawaii, US Mainland 11. N. Korea Cuts Inter-Korean Military Hotline 12. Nuclear-Capable US Bombers Fly Over S. Korea 13. N.K. Leader Orders Rocket Forces to be on Standby to Strike U.S. and S. Korean Targets 14. China Defends Deal to Build 1000 MW Nuclear Plant for Pakistan 15. India Readies Hi-Tech Naval Base to Keep Eye on China 16. US, Russian Defense Chiefs Agree to Resume Missile Defense Talks 17. Russia to Equip Submarine Forces With High-Precision Weapons 18. Biological Attacks 'Getting Easier for Terrorists' 19. Reports Warn of Lax Inspections, Bioterror Lab Risks 20. Hagel might Have Final Say on Controversial Missile Defense Program 21. Cyber Threats Can Lurk in DoD Electronics, Software Purchases 22. US Jails Chinese Engineer for Taking Files on Missile Guidance System to China 23. The Threat of Nuclear Proliferation: A Response to “Thou Shalt Not Fear a Nuclear Iran” 24.
    [Show full text]
  • King's College, London: Department of War Studies
    UNIVERSITY OF READING U.S. Strategic Cyber Deterrence Options Doctor of Philosophy in Politics Department of Politics & International Relations Scott Jasper March 2018 1 Contents Abstract......................................................................................................................... 3 List of Abbreviations..................................................................................................... 4 Introduction................................................................................................................... 7 Section One: Thinking about Deterrence Chapter I: Literature Review........................................................................................59 Chapter II: Global Cybered Conflict...........................................................................120 Chapter III: Theoretical Foundations..........................................................................158 Section Two: Contemporary Deterrence Strategies Chapter IV: Deterrence by Retaliation.........................................................................198 Chapter V: Deterrence by Denial................................................................................. 234 Chapter VI: Deterrence by Entanglement.....................................................................269 Section Three: A New Strategic Option Chapter VII: Active Cyber Defense..............................................................................307 Conclusion.....................................................................................................................343
    [Show full text]
  • Cyber Attack Trends Analysis Report
    C Y BER AT TA CK TRENDS ANALYSIS KEY INSIGHTS TO GEAR UP FOR IN 2019 2019 Security Report Volume 01 CHECK POINT RESEARCH — 2019 SECURITY REPORT | 1 VOLUME 01 2019 SECURITY REPORT 01 INTRODUCTION: METHODOLOGY 3 02 OVERVIEW: MAJOR CYBER ATTACKS 4 03 2018: THREAT TRENDS 5 04 PAST: REVIEW OF 2017 PREDICTIONS 18 05 CONCLUSION: NEXT STEPS 21 INDEX OF 2018’S TOP MALWARE FAMILIES 22 APPENDIX A: TOP MALWARE FAMILIES 24 APPENDIX B: GLOBAL TOP EXPLOITED VULNERABILITIES 37 APPENDIX C: MALWARE FAMILY DESCRIPTIONS 39 CHECK POINT RESEARCH — 2019 SECURITY REPORT | 2 INTRODUCTION: METHODOLOGY 2018 introduced a challenging threat landscape. Threat actors consistently improved their cyber weapons and quickly adopted new methods and adapted their attacks to emerging technologies. And although it may have seemed the past year was quieter, this is far from the case. While threat actors were trying hard to keep a lower profile with their menacing activities, they could not escape our watchful eye. Indeed, never does a day go by that we do not see organizations under constant attack from the ever growing number of malware spreading at higher rates than ever. In this first installment of the 2019 Security Report we review the latest threats facing organizations in the fifth generation of the cyber landscape and provide you with our observations and insights from the past year. From massive data breaches and crippling ransomware attacks to a meteoric rise in cryptojackers, there was no shortage in disruption caused to global organizations. With data drawn from our ThreatCloud World Cyber Threat Map and our experience within the cyber re- search community, we will give a comprehensive overview of the trends observed in the categories of Cryptominers, Ransomware, Malware techniques, Data Breaches, Mobile and Nation State cyber attacks.
    [Show full text]
  • Criminal Charges As a Response to Nation-State Malicious Cyber Activity
    Persistent Enforcement: Criminal Charges as a Response to Nation-State Malicious Cyber Activity Garrett Hinck & Tim Maurer* INTRODUCTION The question of how states attribute responsibility for malicious cyber activity to other state actors has provoked much attention from both policymakers and scholars.1 Yet one approach to this problem has not been analyzed in depth: the use of criminal charges to allege or suggest state responsibility for cyber inci- dents. The United States has increasingly used this instrument since 2014. Its Department of Justice in fact adopted an explicit goal of bringing charges against foreign actors responsible for cyber activity. 2 Federal prosecutors have unsealed a series of indictments and criminal charges against Chinese intelligence of®cers involved in the theft of intellectual property and Iranian and North Korean indi- viduals who carried out destructive cyber attacks on behalf of their governments. This also includes charges against Russian intelligence of®cers alleged to have interfered in the 2016 U.S. election. This increasing number of criminal charges raises several important questions: What are the goals of these criminal charges, especially those against foreign intelligence of®cers unlikely ever to be arrested by U.S. law enforcement? Are criminal charges merely a more formal approach to alleging state responsibility than leaking statements from ªsenior administration of®cialsº to the media about cyber threats from other states? And how should this strategy of bringing criminal charges be evaluated in the context of broader U.S. policy efforts to combat mali- cious cyber activity? How does it interact with the Justice Department's stance of independence from political considerations? The U.S.
    [Show full text]
  • The Origins of Russia's Broad Political Assault on the United States
    GETTY SETBOUN IMAGES/MICHEL The Origins of Russia’s Broad Political Assault on the United States By James Lamond October 2018 WWW.AMERICANPROGRESS.ORG The Origins of Russia’s Broad Political Assault on the United States By James Lamond October 2018 Contents 1 Introduction and summary 3 Background and context: The importance of 2014 7 LOE 1: Information warfare 9 LOE 2: Cyberintrusion 10 LOE 3: Courting of conservative institutions 12 LOE 4: Fostering destabilizing political movements 15 LOE 5: Voter targeting 17 Policy implications 21 Conclusion 22 About the author 23 Endnotes Introduction and summary On January 6, 2017, the U.S. intelligence community released a declassified assess- ment to the public confirming what most had already suspected: Russian President Vladimir Putin had ordered an influence campaign in 2016 aimed at the U.S. presi- dential election.1 Since the intelligence community released its assessment, the pub- lic has learned a great deal about this assault from the special counsel investigation, press reporting, and declassified intelligence. Based on analysis of available material, it has become increasingly clear when, how, and why Russia launched the campaign against American democracy. It is evident that there was a surge of activity intended to influence the American electorate and political institutions that originated in 2014 as a counterresponse to the U.S.-led international isolation of Russia following its intervention in Ukraine. To be clear, Russia’s use of political weaponry against the United States extends
    [Show full text]