Last Summer, the World's Top Software-Security Experts Were

Total Page:16

File Type:pdf, Size:1020Kb

Last Summer, the World's Top Software-Security Experts Were A DeclarationLast summer, the world’s top software-security experts were of Cyber-War panicked by the discovery of a drone-like computer virus, radically different from and far more sophisticated than any they’d seen. The race was on to figure out its payload, its purpose, and who was behind it. As the world now knows, the Stuxnet worm appears to have attacked Iran’s nuclear program. And, as MICHAEL JOSEPH GROSS reports, while its source remains something of a mystery, Stuxnet is the new face of 21st-century war: invisible, anonymous, and devastating 152 VANITY FAIR PHOTOGRAPHS BY JONAS FREDWALL KARLSSON APRIL 2011 A DeclarationLast summer, the world’s top software-security experts were of Cyber-War panicked by the discovery of a drone-like computer virus, radically different from and far more sophisticated than any they’d seen. The race was on to figure out its payload, its purpose, and who was behind it. As the world now knows, the Stuxnet worm appears to have attacked Iran’s nuclear program. And, as MICHAEL JOSEPH GROSS reports, while its source remains something of a mystery, Stuxnet is the new face of 21st-century war: invisible, anonymous, and devastating GAME OF SHADOWS Eugene Kaspersky, co-founder and C.E.O. of Kaspersky Lab— a Moscow-based computer-security company and an early investigator of Stuxnet—photographed on the Bolshoy Moskvoretsky Bridge, FOR DETAILS, GO TO VF.COM/CREDITS near the Kremlin. APRIL 2011 153 “PERSON OF INTEREST” Computer-security researcher Frank Rieger, one of the !rst to study the Stuxnet worm closely, at Berlin’s Chaos computer Club. Stuxnet’s code is diagrammed in the background. 154 VANITY FAIR www.vanityfair.com APRIL 2011 worm’s voluminous, intricate code on the Web. In terms of func- tionality, this was the largest piece of malicious software that most researchers had ever seen, and orders of magnitude more complex in structure. (Malware’s previous heavyweight champion, the Con- #cker worm, was only one-twentieth the size of this new threat.) During the next few months, a handful of determined people #- nally managed to decrypt almost all of the program, which a Mi- crosoft researcher named “Stuxnet.” On #rst glimpsing what they found there, they were scared as hell. “Zero Day” ne month before that midnight summons—on June 17—Sergey Ulasen, the head of the Anti- Virus Kernel department of VirusBlokAda, a small information-technology security com- ll over Europe, pany in Minsk, Belarus, sat in his o"ce read- smartphones rang in the middle of the night. Rolling over in bed, ing an e-mail report: a client’s computer in blinking open their eyes, civilians reached for the little devices and, Iran just would not stop rebooting. Ulasen got a copy of the in the moment of answering, were e!ectively drafted as soldiers. Ovirus that was causing the problem and passed it along to a They shook themselves awake as they listened to hushed descrip- colleague, Oleg Kupreev, who put it into a “debugger”—a soft- tions of a looming threat. Over the next few days and nights, in ware program that examines the code of other programs, in- mid-July of last year, the ranks of these sudden draftees grew, as cluding viruses. The men realized that the virus was infecting software analysts and experts in industrial-control systems gath- Microsoft’s Windows operating systems using a vulnerability eredA in makeshift war rooms in assorted NATO countries. Gov- that had never been detected before. A vulnerability that has ernment o"cials at the highest levels monitored their work. They not been detected before, and that a program’s creator does faced a crisis which did not yet have a name, but which seemed, not know exists, is called a “zero day.” In the world of com- at #rst, to have the potential to bring industrial society to a halt. puter security, a Windows zero-day vulnerability signals that A self-replicating computer virus, called a worm, was mak- the author is a pro, and discovering one is a big event. Such ing its way through thousands of computers around the world, $aws can be exploited for a variety of nefarious purposes, and searching for small gray plastic boxes called programmable-logic they can sell on the black market for as much as $100,000. controllers—tiny computers about the size of a pack of crayons, The virus discovered by Ulasen was especially exotic, because it IF THE FACTORIES SHUT DOWN, IF THE POWER PLANTS WENT DARK, HOW LONG COULD SOCIAL ORDER BE MAINTAINED? WHO WOULD WRITE A PROGRAM THAT COULD POTENTIALLY DO SUCH THINGS? which regulate the machinery in factories, power plants, and con- had a previously unknown way of spreading. Stick a $ash drive with struction and engineering proj ects. These controllers, or P.L.C.’s, the virus into a laptop and it enters the machine surreptitiously,, up- perform the critical scut work of modern life. They open and shut loading two #les: a rootkit dropper (which lets the virus do whatev- valves in water pipes, speed and slow the spinning of uranium er it wants on the computer—as one hacker explains, “ ‘Root’ means centrifuges, mete out the dollop of cream in each Oreo cookie, you’re God”) and an injector for a payload of malicious code that and time the change of tra"c lights from red to green. was so heavily encrypted as to be, to Ulasen, inscrutable. The most Although controllers are ubiquitous, knowledge of them is so unsettling thing about the virus was that its components hid them- rare that many top government o"cials did not even know they selves as soon as they got into the host. To do this, the virus used a existed until that week in July. Several major Western powers ini- digital signature, an encrypted string of bits that legitimate software tially feared the worm might represent a generalized attack on all programs carry to show that they come in peace. Digital signatures controllers. If the factories shut down, if the power plants went are like passports for software: proof of identity for programs dark, how long could social order be maintained? Who would crossing the border between one machine and the next. Viruses write a program that could potentially do such things? And why? sometimes use forged digital signatures to get access to computers, As long as the lights were still on, though, the geek squads stayed like teenagers using fake IDs to get into bars. Security consultants focused on trying to #gure out exactly what this worm intended to have for several years expected malware writers to make the leap do. They were joined by a small citizen militia of amateur and pro- from forged signatures to genuine, stolen ones. This was the #rst fessional analysts scattered across several continents, after private time it was known to have actually happened, and it was a doozy FOR DETAILS, GO TOmailing VF.COM/CREDITS lists for experts on malicious software posted copies of the of a job. With a signature somehow obtained from Realtek, one APRIL 2011 www.vanityfair.com VANITY FAIR 155 of the most trusted names in the business, the new virus Ulasen the #rst known acts of cyber-warfare was a DDoS attack on Estonia, was looking at might as well have been carrying a cop’s badge. in 2007, when the whole country’s Internet access was massively dis- What was this thing after that its creators would go to such ex- rupted. The source of such attacks can never be identi#ed with abso- travagant lengths? Ulasen couldn’t #gure that part out—what the lute certainty, but the overwhelming suspicion is that the culprit, in payload was for. What he did understand was the basic injection that instance, was Russia. It is not known who instigated the DDoS system—how the virus propagated itself—which alone demanded attacks on the industrial-control-security Web sites. Though one of an alert. Ulasen and Kupreev wrote up their #ndings, and on the sites managed to weather the attack, the other was overloaded July 5, through a colleague in Germany they sent a warning to with requests for service from a botnet that knocked out its mail the Microsoft Security Response Center, in Redmond, Washing- server, interrupting a main line of communication for power plants ton. Microsoft #rst acknowledged the vulnerability the next day. and factories wanting information on the new threat. Ulasen also wrote to Realtek, in Taiwan, to let them know about The secret of Stuxnet’s existence may have been blown, but clear- the stolen digital signature. Finally, on July 12, Ulasen posted ly someone—someone whose timing was either spectacularly lucky a report on the malware to a security message board. Within or remarkably well informed—was sparing no e!ort to #ght back. 48 hours, Frank Boldewin, an independent security analyst in Muenster, Germany, had decrypted almost all of the virus’s Omens of Doomsday payload and discovered what the target was: P.L.C.’s. Boldewin he volcanoes of Kamchatka were calling to Eugene posted his #ndings to the same security message board, trigger- Kaspersky. In the #rst week of July, the 45-year- ing the all-points bulletin among Western governments. old C.E.O. and co-founder of Kaspersky Lab, the world’s fourth-largest computer-security company, he next day, July 15, a tech reporter named Brian had been in his Moscow o"ce, counting the min- Krebs broke the news of the virus on his blog.
Recommended publications
  • Prints and Johan Wittert Van Der Aa in the Rijksmuseum in Amsterdam.[7] Drawings, Inv
    Esther before Ahasuerus ca. 1640–45 oil on panel Jan Adriaensz van Staveren 86.7 x 75.2 cm (Leiden 1613/14 – 1669 Leiden) signed in light paint along angel’s shield on armrest of king’s throne: “JOHANNES STAVEREN 1(6?)(??)” JvS-100 © 2021 The Leiden Collection Esther before Ahasuerus Page 2 of 9 How to cite Van Tuinen, Ilona. “Esther before Ahasuerus” (2017). In The Leiden Collection Catalogue, 3rd ed. Edited by Arthur K. Wheelock Jr. and Lara Yeager-Crasselt. New York, 2020–. https://theleidencollection.com/artwork/esther-before-ahasuerus/ (accessed October 02, 2021). A PDF of every version of this entry is available in this Online Catalogue's Archive, and the Archive is managed by a permanent URL. New versions are added only when a substantive change to the narrative occurs. © 2021 The Leiden Collection Powered by TCPDF (www.tcpdf.org) Esther before Ahasuerus Page 3 of 9 During the Babylonian captivity of the Jews, the beautiful Jewish orphan Comparative Figures Esther, heroine of the Old Testament Book of Esther, won the heart of the austere Persian king Ahasuerus and became his wife (Esther 2:17). Esther had been raised by her cousin Mordecai, who made Esther swear that she would keep her Jewish identity a secret from her husband. However, when Ahasuerus appointed as his minister the anti-Semite Haman, who issued a decree to kill all Jews, Mordecai begged Esther to reveal her Jewish heritage to Ahasuerus and plead for the lives of her people. Esther agreed, saying to Mordecai: “I will go to the king, even though it is against the law.
    [Show full text]
  • Esther Nelson, Stanford Calderwood General
    ESTHER NELSON, STANFORD CALDERWOOD GENERAL & ARTISTIC DIRECTOR | DAVID ANGUS, MUSIC DIRECTOR | JOHN CONKLIN, ARTISTIC ADVISOR THE MISSION OF BOSTON LYRIC OPERA IS TO BUILD CURIOSITY, ENTHUSIASM AND SUPPORT FOR OPERA BY CREATING MUSICALLY AND THEATRICALLY COMPELLING PRODUCTIONS, EVENTS, AND EDUCATIONAL RESOURCES FOR THE BOSTON COMMUNITY AND BEYOND. B | BOSTON LYRIC OPERA OVERVIEW: ANNUAL REPORT 2017 WELCOME Dear Patrons, Art is often inspired by the idea of a journey. Boston Lyric Opera’s 40TH Anniversary Season was a journey from Season opener to Season closer, with surprising and enlightening stories along the way, lessons learned, and strengths found. Together with you, we embraced the unexpected, and our organization was left stronger as a result. Our first year of producing works in multiple theaters was thrilling and eye-opening. REPORT Operas were staged in several of Boston’s best houses and uniformly received blockbuster reviews. We made an asset of being nimble, seizing upon the opportunity CONTENTS of our Anniversary Season to create and celebrate opera across our community. Best of all, our journey brought us closer than ever to our audiences. Welcome 1 It’s no coincidence that the 2016/17 Season opened with Calixto Bieito’s renowned 2016/17 Season: By the Numbers 2 staging of Carmen, in co-production with San Francisco Opera. The strong-willed gypsy Leadership & Staff 3 woman and the itinerant community she adopted was a perfect metaphor for our first production on the road. Bringing opera back to the Boston Opera House was an iconic 40TH Anniversary Kickoff 4 moment. Not only did Carmen become the Company’s biggest-selling show ever, it also Carmen 6 ignited a buzz around the community that drew a younger, more diverse audience.
    [Show full text]
  • Kaspersky Lab, Inc. V. United States, No
    United States Court of Appeals FOR THE DISTRICT OF COLUMBIA CIRCUIT Argued September 14, 2018 Decided November 30, 2018 No. 18-5176 KASPERSKY LAB, INC. AND KASPERSKY LABS LIMITED, APPELLANTS v. UNITED STATES DEPARTMENT OF HOMELAND SECURITY AND KIRSTJEN M. NIELSEN, IN HER OFFICIAL CAPACITY AS SECRETARY OF HOMELAND SECURITY, APPELLEES Consolidated with 18-5177 Appeals from the United States District Court for the District of Columbia (No. 1:17-cv-02697) (No. 1:18-cv-00325) Scott H. Christensen argued the cause for appellants. With him on the briefs were Ryan P. Fayhee and Stephen R. Halpin III. Lewis S. Yelin, Attorney, U.S. Department of Justice, argued the cause for appellees. With him on the brief was H. Thomas Byron, III. 2 Before: TATEL, Circuit Judge, and EDWARDS and GINSBURG, Senior Circuit Judges. Opinion for the Court filed by Circuit Judge TATEL. TATEL, Circuit Judge: Kaspersky Lab is a Russian-based cybersecurity company that provides products and services to customers around the world. Recently, however, Kaspersky lost an important client: the United States government. In September 2017, based on concerns that the Russian government could exploit Kaspersky’s access to federal computers for ill, the Acting Secretary of Homeland Security directed federal agencies to remove the company’s products from government information systems. And a few months later, Congress broadened and codified that prohibition in the National Defense Authorization Act. Kaspersky sued, arguing that the prohibition constitutes an impermissible legislative punishment—what the Constitution calls a bill of attainder. The government responded that the prohibition is not a punishment but a prophylaxis necessary to protect federal computer systems from Russian cyber-threats.
    [Show full text]
  • Bible Grade 3 Esther Curriculum Review Sheets Teacher
    Name Date Esther Look at the underlined word to determine if the statement is true or True–False false. If the statement is true, write true in the blank. If the statement is false, write false in the blank. true 1. Haman wanted to kill Mordecai because Mordecai refused to bow down to him. false 2. Haman was rewarded for saving the king’s life. (Mordecai) true 3. Mordecai sent a message to Esther that she should ask the king to save the lives of the Jews. false 4. Mordecai, Esther, and their friends fasted ten days and nights. (three) true 5. Esther risked her life by going before the king when he had not sent for her. false 6. Esther invited the king and Haman to three banquets. (two) true 7. Haman had to lead Mordecai through the city and proclaim that he was being honored by the king. true 8. Although the name of God is not mentioned in the book of Esther, the book tells of God’s protection for His people. Discuss: Explain why the false answers are incorrect statements. Short Answer Read each question carefully, and write your answer in the blank. 1. How did Haman trick King Ahasuerus into sending out a decree to kill all the Jews? He pretended to be concerned about the entire kingdom and told the king that the kingdom would be better off without the Jews. over Copyright © mmxviii Pensacola Christian College • Not to be reproduced. Esther • Lesson 125 231 Esther • page 2 2. What should King Ahasuerus have done before allowing the decree to be sent out? Answers vary.
    [Show full text]
  • What You Should Know About Kaspersky
    What you should know Proven. Transparent. about Kaspersky Lab Independent. Fighting for your digital freedom Your data and privacy are under attack by cybercriminals and spy agencies, so you need a partner who is not afraid of standing beside you to protect what matters to you most. For over 20 years, Kaspersky Lab has been catching all kinds of cyberthreats. No matter whether they come from script kiddies, cybercriminals or governments, or from the north, south, east or west. We believe the online world should be free from attack and state-sponsored espionage, and will continue fighting for a truly free and safe digital world. Proven Transparent Independent Kaspersky Lab routinely scores the highest We are totally transparent and are making As a private company, we are independent marks in independent ratings and surveys. it even easier to understand what we do: from short term business considerations and institutional influence. • Measured alongside more than 100 other • Independent review of the company’s well-known vendors in the industry source code, software updates and We share our expertise, knowledge • 72 first places in 86 tests in 2017 threat detection rules and technical findings with the world’s • Top 3 ranking* in 91% of all product tests • Independent review of internal security community, IT security vendors, • In 2017, Kaspersky Lab received processes international organizations, and law Platinum Status for Gartner’s Peer • Three transparency centers by 2020 enforcement agencies. Insight** Customer Choice Award 2017, • Increased bug bounty rewards with up in the Endpoint Protection Platforms to $100K per discovered vulnerability Our research team is spread across the market world and includes some of the most renowned security experts in the world.
    [Show full text]
  • The Bible in Opera Trivia Quiz
    The Bible in Opera Trivia Quiz With endless stories full of love, violence and drama, the Bible has often been a source of inspiration and subject matter for composers and librettists. Take our quiz to see how much you know about these Bible-inspired operas. Scroll down for the answer key. 1. Although Salome was a minor character in the Bible, Oscar Wilde found her character irresistible and greatly expanded on the original tale to craft his dramatic play, the basis for Strauss’ opera. In Salome , Jokanaan the prophet is based on which major biblical figure? a) St. Joseph b) St. John the Baptist c) St. John the Dwarf d) St. Julian 2. Samson and Delilah ( Samson et Dalila ) is a grand opera in three acts and four scenes by Camille Saint-Saëns to a French libretto by Ferdinand Lemaire. In this Biblical tale, what is the source of Samson’s strength? a) His hair b) His love c) His sword d) His purity 3. Like Salome , Herodiade , by Jules Massenet, is an opera about the tale of John the Baptist, Salome, Herod, and Herodias. Although it opened years before Salome , it is considered to be much less of a success and, in fact, the Paris Opera House refused to stage the work. In Massenet’s opera, how does Salome die? a) She kills herself b) Herodias, her mother, kills her c) She dies accidentally d) Like in Strauss’ opera, Herod orders her death 4. Moses in Egypt is a three-act opera by Gioachino Rossini that premiered in 1818.
    [Show full text]
  • 1 United States District Court for the District Of
    Case 1:17-cv-02697-CKK Document 26 Filed 05/30/18 Page 1 of 55 UNITED STATES DISTRICT COURT FOR THE DISTRICT OF COLUMBIA KASPERSKY LAB, INC., et al., Plaintiffs v. Civil Action No. 17-2697 (CKK) UNITED STATES DEPARTMENT OF HOMELAND SECURITY, et al., Defendants KASPERSKY LAB, INC., et al., Plaintiffs v. Civil Action No. 18-325 (CKK) UNITED STATES OF AMERICA, Defendant MEMORANDUM OPINION (May 30, 2018) The United States government’s networks and computer systems are extremely important strategic national assets. Threats to these systems are constantly expanding and evolving. Their security depends on the government’s ability to act swiftly against perceived threats and to take preventive action to minimize vulnerabilities. These defensive actions may very well have adverse consequences for some third-parties. But that does not make them unconstitutional. Plaintiffs in the two lawsuits discussed in this Opinion represent Kaspersky Lab, a large multinational cybersecurity company headquartered in Russia. At least until 2017, Kaspersky Lab’s cybersecurity products were used to defend the networks and computer systems of a number of United States federal government agencies. Amid growing concerns in early 2017 about malicious Russian cyber activity against the United States, government officials and members of Congress began asking questions, and voicing concerns, about the presence of these products on government systems. These concerns were based on the risk that the use of 1 Case 1:17-cv-02697-CKK Document 26 Filed 05/30/18 Page 2 of 55 Kaspersky Lab products to defend United States government computer systems could be exploited by Russia, either with or without Kaspersky Lab’s consent, cooperation, or knowledge.
    [Show full text]
  • Jmaddalena 14
    James Maddalena Baritone (Updated February 2014. Please discard previous materials.) The renowned baritone James Maddalena commands a large and varied repertoire ranging from Monteverdi to contemporary opera. He first gained international recognition for his notable portrayal of the title role in the world premier of John Adams’ Nixon in China, directed by Peter Sellars with Houston Grand Opera followed by performances at Netherland Opera, the Edinburgh Festival, Brooklyn Academy of Music, Washington Opera, Frankfurt Opera, Australia’s Adelaide Festival, the Chatelet in Paris, English National Opera, the Greek National Opera and most recently for his debut with the Metropolitan Opera. His association with John Adams continued in two more recent roles: the Captain in Adams’s The Death of Klinghoffer, which premiered at the Théâtre de la Monnaie in Brussels and received performances at the Opera de Lyon, the Brooklyn Academy of Music, San Francisco Opera, and at the Vienna Festival prior to being recorded by Nonesuch under Kent Nagano; and Jack Hubbard in Doctor Atomic for San Francisco Opera. Mr. Maddalena has appeared with many other leading international opera companies: New York City Opera, San Francisco Opera, Atlanta Opera, Santa Fe Opera, Opera Theatre of St. Louis, Opera Boston, the Lyric Opera of Kansas City, Frankfurt Opera, and Glyndebourne Festival Opera, as well as with the Chicago Symphony, Los Angeles Philharmonic, Boston Symphony, San Francisco Symphony, Brooklyn Philharmonic, the Royal Scottish Orchestra, Orchestra of the Accademia di Santa Cecilia in Rome and the London Symphony Orchestra. He is a frequent collaborator with director Peter Sellars and sang major roles in Sellars’ stagings of the Mozart/Da Ponte operas (the Count in Le nozze di Figaro and Guglielmo in Così fan tutte), as well as his productions of operas by Haydn, Handel and John Adams.
    [Show full text]
  • What You Should Know
    Kaspersky For Business What You Should Know About Kaspersky Lab Kaspersky Lab is a private, international company that operates in almost 200 countries and territories, protecting over 400 million people and 270,000 companies worldwide. The company has R&D centers and anti-malware experts around the world, including the United States, Europe, Japan, Israel, China, Russia and Latin America. More than 80 percent of its sales and operations are outside of Russia. The company’s North American headquarters is located in Woburn, Massachusetts. Kaspersky Lab employs more than 300 people in North America, including cyber experts from the company’s renowned Global Research and Analysis Team (GReAT). With more than 20 years of experience, Kaspersky Lab is the world’s largest privately owned cybersecurity company, and it consistently ranks among the world’s top four vendors of security solutions for endpoint users (IDC, 2017).1 In addition to leading endpoint protection, the company’s comprehensive security portfolio includes a number of specialized solutions and services to fight sophisticated and evolving digital threats. 1. IDC, Worldwide Endpoint Security Market Shares, 2016: Competition Gets Fierce, # US42553717, May 2017 2 What You Should Know Kaspersky Lab Principles for Fighting Cyberthreats As an IT security company, Kaspersky Lab is determined to detect and neutralize all forms of malicious programs, regardless of their origin or purpose. One of Kaspersky Lab’s most important assets in fighting cybercrime is its Global Research & Analysis Team (GReAT), comprised of elite security researchers located in every major region across the world. The company’s research team is actively involved in the discovery and disclosure of a significant proportion of the world’s major malware attacks.
    [Show full text]
  • The Sacred in Opera December 2009
    The Sacred in Opera December 2009 In This Issue In this newsletter, the SIO continues with the The SIO welcomes contributions from any NOA topic of staged oratorio, with interesting contributions members who have had experience producing, present- about the staging of the St. John and St. Matthew Pas- ing, performing, composing, or conducting sacred dra- sions from Dr. Mozelle Clark Sherman and from con- ma. Plans for the future include setting up an SIO blog. ductor Dr. Keith Clark. We are also pleased to mention Please send your articles and ideas directly to Ruth Dob- the performances of three sacred dramas recently pre- son, Chair of the Sacred in Opera project, at dobsonr@ sented in the US, Esther, by Hugo Weisgall, at New York pdx.edu. City Opera, Ruth, by Philip Hagemann, also presented in New York City, and Unfinished Sermons by Maurice Say- lor, premiered in Arlington, Virginia. In This Issue Our previous newsletters can be accessed on the NOA website under the Sacred in Opera initiative. Re- SIO Lifetime Achievement Award............................2 cent contributors to the newsletter are Allen Henderson, G. William Bugg, Carl Gerbrandt, Bruce Trinkley, and Su- san Boardman. Topics have included discussions about Staging Oratorio: Should Bach’s Passions Be Staged performances and production requirements of several Today?....................................................................3 operas, including Eve’s Odds (Bruce Trinkley and J. Ja- son Charnesky), Only a Miracle (Seymour Barab), The Shepherd’s Play, St. Nicholas, and Good King Wenceslas Staging Oratorio.....................................................6 (Richard James Shepherd), A Gift of Song and The Night of the Star (Mary Elizabeth Caldwell), The Greenfield Christ- mas Tree (Douglas Moore), The Christmas Rose (Frank Recent Performances Of Sacred Drama In The US : Bridge), and in the last issue, the staging of oratorio, Ruth.......................................................................8 with special emphasis on Mendelssohn’s Elijah.
    [Show full text]
  • Cyber Threats Facing America: an Overview of the Cybersecurity Threat Landscape
    S. Hrg. 115–298 CYBER THREATS FACING AMERICA: AN OVERVIEW OF THE CYBERSECURITY THREAT LANDSCAPE HEARING BEFORE THE COMMITTEE ON HOMELAND SECURITY AND GOVERNMENTAL AFFAIRS UNITED STATES SENATE ONE HUNDRED FIFTEENTH CONGRESS FIRST SESSION MAY 10, 2017 Available via the World Wide Web: http://www.fdsys.gov/ Printed for the use of the Committee on Homeland Security and Governmental Affairs ( U.S. GOVERNMENT PUBLISHING OFFICE 27–390 PDF WASHINGTON : 2018 COMMITTEE ON HOMELAND SECURITY AND GOVERNMENTAL AFFAIRS RON JOHNSON, Wisconsin, Chairman JOHN MCCAIN, Arizona CLAIRE MCCASKILL, Missouri ROB PORTMAN, Ohio THOMAS R. CARPER, Delaware RAND PAUL, Kentucky JON TESTER, Montana JAMES LANKFORD, Oklahoma HEIDI HEITKAMP, North Dakota MICHAEL B. ENZI, Wyoming GARY C. PETERS, Michigan JOHN HOEVEN, North Dakota MAGGIE HASSAN, New Hampshire STEVE DAINES, Montana KAMALA D. HARRIS, California CHRISTOPHER R. HIXON, Staff Director GABRIELLE D’ADAMO SINGER, Chief Counsel COLLEEN BERNY, Professional Staff Member MARGARET E. DAUM, Minority Staff Director JULIE KLEIN, Minority Professional Staff Member LAURA W. KILBRIDE, Chief Clerk BONNI DINERSTEIN, Hearing Clerk (II) C O N T E N T S Opening statements: Page Senator Johnson ............................................................................................... 1 Senator McCaskill ............................................................................................ 2 Senator Lankford .............................................................................................. 15 Senator Daines
    [Show full text]
  • Offense-Defense Theory Analysis of Russian Cyber Capability
    Calhoun: The NPS Institutional Archive Theses and Dissertations Thesis Collection 2015-03 Offense-defense theory analysis of Russian cyber capability Medvedev, Sergei A. Monterey, California: Naval Postgraduate School http://hdl.handle.net/10945/45225 NAVAL POSTGRADUATE SCHOOL MONTEREY, CALIFORNIA THESIS OFFENSE-DEFENSE THEORY ANALYSIS OF RUSSIAN CYBER CAPABILITY by Sergei A. Medvedev March 2015 Thesis Advisor: Wade L. Huntley Co-Advisor: Mikhail Tsypkin Approved for public release; distribution is unlimited THIS PAGE INTENTIONALLY LEFT BLANK REPORT DOCUMENTATION PAGE Form Approved OMB No. 0704–0188 Public reporting burden for this collection of information is estimated to average 1 hour per response, including the time for reviewing instruction, searching existing data sources, gathering and maintaining the data needed, and completing and reviewing the collection of information. Send comments regarding this burden estimate or any other aspect of this collection of information, including suggestions for reducing this burden, to Washington headquarters Services, Directorate for Information Operations and Reports, 1215 Jefferson Davis Highway, Suite 1204, Arlington, VA 22202-4302, and to the Office of Management and Budget, Paperwork Reduction Project (0704-0188) Washington, DC 20503. 1. AGENCY USE ONLY (Leave blank) 2. REPORT DATE 3. REPORT TYPE AND DATES COVERED March 2015 Master’s Thesis 4. TITLE AND SUBTITLE 5. FUNDING NUMBERS OFFENSE-DEFENSE THEORY ANALYSIS OF RUSSIAN CYBER CAPABILITY 6. AUTHOR(S) Sergei A. Medvedev 7. PERFORMING ORGANIZATION NAME(S) AND ADDRESS(ES) 8. PERFORMING ORGANIZATION Naval Postgraduate School REPORT NUMBER Monterey, CA 93943-5000 9. SPONSORING /MONITORING AGENCY NAME(S) AND ADDRESS(ES) 10. SPONSORING/MONITORING N/A AGENCY REPORT NUMBER 11.
    [Show full text]