Cybersecurity and Cyberwarfare

A new technique that abuses poorly secured servers is fueling record-breaking denial-of-service attacks, along with notes demanding the targets pay hefty ransoms for the debilitating flood of junk traffic to stop. Memcached, a database caching system for speeding up websites and networks, lets DDoS vandals amplify their attacks by an unprecedented factor of 51,000. That means a single home computer with a 100 megabit-per-second upload capacity from its ISP is capable of bombarding a target with a once-unimaginable 5 terabits per second of traffic, at least in theory.

National Security Agency Director Mike Rogers said that the United States hasn’t done enough to deter Russian meddling in national politics, even as he acknowledged that President Donald Trump hasn’t directed cybersecurity officials to take more aggressive offensive actions against Moscow.  “I believe that President Putin has clearly come to the conclusion that, there’s little price to pay here and therefore I can continue this activity,” Rogers told the Senate Armed Services Committee.  Rogers’ testimony was a reminder of the gap between the president, who has downplayed Russian interferen

Russian military spies hacked several hundred computers used by authorities at the 2018 Winter Olympic Games in South Korea, according to US intelligence. They did so while trying to make it appear as though the intrusion was conducted by North Korea, what is known as a “false-flag” operation. Analysts surmise the disruption was retaliation against the International Olympic Committee for banning the Russian team from the Winter Games due to doping violations. As of early February, the Russian military agency GRU had access to as many as 300 Olympic-related computers, according to an intelli

In recent weeks, former Federal Communications Commission Chairman Tom Wheeler has pontificated about the current Commission’s lack of action on the issue of Internet network security. At the risk of engaging, I find it necessary to call out the gibberish in his recent writings.

Attorney General Jeff Sessions wants a report by June on the best way for Department of Justice to confront the cybersecurity threats from terrorists, criminals and enemy governments, with efforts to interfere with elections a top priority. Top intelligence and law enforcement officials, including from the DOJ, told a congressional hearing panel recently that Russia will almost certainly try to interfere with the midterms, as they did the 2016 presidential elections, and that the country was not adequately prepared to combat the threat.

This report examines the substantial economic costs that malicious cyber activity imposes on the US economy. Successful protection against cyber threats requires cooperation across firms and between private and public sectors. 

[Commentary] Four years ago, the Obama Administration rolled out the Cybersecurity Framework from the National Institute of Standards and Technology (NIST). It has proven to be an essential and indispensable roadmap for companies to review their cybersecurity risk and preparedness. Recently, NIST updated the document to reflect supply chain risk and additional security insights. The anniversary of the NIST Framework should be a time to celebrate the federal government’s preparation for the cyber threats to the critical infrastructure of our communications networks.

The Senate Commerce Committee convened a hearing for the president’s nominees to serve as Federal Trade Commissioners:

As everyday consumer appliances and devices like televisions are increasingly connected to the internet, concerns about privacy and security are mounting.

The nation’s top intelligence chiefs testified Feb 13 that they fully expect Russia to seek to disrupt the 2018 midterm elections. Appearing before the Senate Intelligence Committee, Director of National Intelligence Daniel Coats said that Russia will continue using propaganda, false personas and social media to undermine the upcoming elections.