ON 8 NOVEMBER 2021, the US Justice Department announced the arrest of several members of the Russian-speaking REvil ransomware group, in a large-scale operation involving US allies in Europe and around the globe. The REvil group, who have since been charged, have been deploying ransomware attacks against American targets including the software provider Kaseya in July 2021. Furthermore, the State Department added REvil to a bounty programme that offers up to US$10 million for information on the REvil leaders.

These efforts followed the two-day virtual international summit on ransomware hosted by the Biden administration on 13-14 October. This summit included 30 countries and was a decisive step towards building a coalition against ransomware attacks. It was acknowledged by all countries that ransomware posed a global and national security threat. Russia ─ as well as China, Iran, and North Korea ─ was not invited.

Read the rest at RSIS

The nation spends billions of dollars on cybersecurity measures, and yet we seem unable to get ahead of this problem. Why are our computers so hard to protect? An experience with a house cat provided insights. I am allergic to cats. My daughter came home, cat in hand, and I had to find a way of confining Pounce to a limited area. Everything I tried to confine Pounce worked for a little while but eventually failed as he found a way past my newest security barrier — just as hackers eventually find their way through the cybersecurity barriers erected to stop them.

Read the rest at Los Angeles Times

Herbert Lin, a senior research scholar for cyber policy and security at Stanford University, told RFE/RL that conference participants need to focus on how to interfere with cryptocurrency payments.

Ransomware will become less attractive if cybercriminals can't turn the cryptocurrency payments into cash, he said.

Read the rest at RadioFreeEurope

Read the rest at The Jerusalem Press Club

“I’m a believer in the virtues of public service and what it means to our country,” Burns told the audience.

He recognized that this moment in American policy at home and around the world is one of transition and uncertainty and that the current climate of distrust between the American public and government has had a tremendous impact on domestic politics. Abroad, the rise of China cuts across all sectors of U.S. geopolitics, while even larger, non-state challenges such as climate change, global health insecurity, and the rapid advancement of technology pose even greater existential challenges.

Still, Burns has faith in the unique relationship that the United States has to its public service institutions.

“It’s my obligation as a leader, and your opportunity [as potential future public servants] to demonstrate that we can produce institutions in this country that are professional, apolitical, and devoted to the national interest and doing things in accordance with American values,” he emphasized.

In his jurisdiction over the C.I.A, Burns has already set benchmarks to ensure the agency remains competitive and serves its purpose of providing policymakers with high-quality, timely intelligence which supports their decision-making process. He is committed to streamlining the hiring process at the C.I.A. and making it more attractive to top talent, as well as diversifying the workforce and drawing on expertise from across all types of professional backgrounds and abilities. “We’re not going to be an effective intelligence organization if everyone at the C.I.A. looks like me,” he quipped.

Keeping the bigger picture in mind, Director Burns reiterated one of the underlying principles that has guided his approach to public service. “Both [diplomacy and intelligence] require a sense of humility. There are perspectives in the world that are not identical to ours. You don’t have to accept or indulge those perspectives, but understanding them is the starting point of effective intelligence work and effective diplomacy.”

The oldest information system the government operates might also be the most crucial one. No, not the IRS master file system. It’s the technology that controls nuclear weapons. It dates to the 1950s. Yet imagine if the control systems were online in the age of ransomware. Our guest has thought about exactly that. A long time scholar and researcher in cybersecurity, he’s written a book called Cyber Threats and Nuclear Weapons. Stanford University Fellow Dr. Herb Lin joined Federal Drive with Tom Temin.

Read the rest at Federal News Network

In 2018, U.S. Cyber Command (USCC) released its Command Vision statement for the organization, advancing officially for the first time “defend forward” and “persistent engagement” as new elements in the United States’ approach to advancing its security interests in and through cyberspace. Since then, much debate has ensued about the pros and cons of these concepts. But this debate has not included much discussion of one key aspect—what would be the impact of other cyber powers adopting these concepts in pursuing their own security interests?

Read the rest at Lawfare

Emerging and disruptive technologies spell an uncertain future for second-strike retaliatory forces. New sensors and big data analysis may render mobile missiles and submarines vulnerable to detection. I call this development the “standstill conundrum”: States will no longer be able to assure a nuclear response should they be hit by a nuclear first strike. If the nuclear weapons states can manage this vulnerability, however, they might be able to escape its worst effects. “Managing” could mean shoring up nuclear deterrence; it could mean focusing more on defenses; or it could mean negotiating to ensure continued viability of second-strike deterrent forces.

Read the rest at Texas National Security Review