A great piece by @BobbyChesney on @lawfareblog. https://www.lawfareblog.com/ending-dual-hat-arrangement-nsa-and-cyber-command
âThe U.S. needs to respond in a smart, considered manner. Shutting off the lights in Moscow isnât an appropriate or proportional response. Disrupting the networks of the SVR or GRUâRussian military intelligenceâmay well be.â https://www.wsj.com/articles/the-cyber-threat-is-real-and-growing-11608484291
âHowever, when pressed by host Jake Tapper about whether the US should retaliate against Russia, Krebs cautioned he would âbe very careful about escalating this.ââ https://www.businessinsider.com/krebs-solarwinds-cybersecurity-hack-more-broad-2020-12
âGregory F. Treverton, a former chairman of the National Intelligence Council, the governmentâs senior-most provider of intelligence analysis, said that Trump âbehaves so much like a paid Russian agent.ââ
If it quacks like an RIS asset... https://www.washingtonpost.com/national-security/russia-is-behind-the-broad-ongoing-cyber-spy-campaign-against-the-us-government-and-private-sector-pompeo-says/2020/12/19/8c850cf0-41b3-11eb-8bc0-ae155bee4aff_story.html
If it quacks like an RIS asset... https://www.washingtonpost.com/national-security/russia-is-behind-the-broad-ongoing-cyber-spy-campaign-against-the-us-government-and-private-sector-pompeo-says/2020/12/19/8c850cf0-41b3-11eb-8bc0-ae155bee4aff_story.html
âKevin Mandia, CEO of FireEye, said that while some 18,000 organisations had the malicious code in their networks, it was the 50 who suffered major breaches.â https://www.bbc.co.uk/news/world-us-canada-55386947
From @just_security. https://www.justsecurity.org/73946/russias-solarwinds-operation-and-international-law/
âFor the time being, the Russian effort seems limited to intelligence collection. But to move from the intelligence collection mode to an attack mode would only require flipping a couple of switches...â
Cyberwar fail-safe? https://bit.ly/2WGlkOR
Cyberwar fail-safe? https://bit.ly/2WGlkOR
As @RGB_Lights famously said: âCloud computing is really just a fancy name for someone elseâs computer.â https://www.geekwire.com/2020/solarwinds-hackers-targeting-cloud-services-unprecedented-cyberattack/
A FVEY conference call. https://www.cnn.com/2020/12/23/politics/us-five-eyes-russian-hack/index.html
A very perceptive @Slate piece from @fmkaplan. https://slate.com/news-and-politics/2020/12/solarwinds-hack-retaliation-options-cyberwar-russia.html
âBut the key point, as it pertains to responses to SolarWinds, is that the best NSA tools are both deniable and redundant.â
Letâs not forget CIA, which, unlike NSA, actually has the authority to conduct a deniable Title 50 covert action, via CCI. https://www.washingtonexaminer.com/opinion/inside-the-nsas-means-to-retaliate-against-russia-for-solarwinds-hack
Letâs not forget CIA, which, unlike NSA, actually has the authority to conduct a deniable Title 50 covert action, via CCI. https://www.washingtonexaminer.com/opinion/inside-the-nsas-means-to-retaliate-against-russia-for-solarwinds-hack
â...the United States must relentlessly counter our adversariesâ cyberoperations by penetrating their most sensitive systems. There is a saying in counterespionage that only spies catch spies.â https://www.nytimes.com/2020/12/23/opinion/russia-united-states-hack.html
"Ed Loomis, a former NSA technical director, and member of VIPS â Veteran Intelligence Professionals for Sanity â believes the list of suspects should also include China, North Korea, and Iran."
Veteran Intelligence Professionals for Sanity?? https://www.concordmonitor.com/Blaming-the-Russians-37960845
Veteran Intelligence Professionals for Sanity?? https://www.concordmonitor.com/Blaming-the-Russians-37960845
âThe only thing universal about deterrence is the misguided faith in its applicability. In reality, deterrence works in very limited circumstances...â
A perceptive @TheAtlantic piece from @AmyZegart. https://www.theatlantic.com/ideas/archive/2020/12/everybody-spies-cyberspace-us-must-plan-accordingly/617522/
A perceptive @TheAtlantic piece from @AmyZegart. https://www.theatlantic.com/ideas/archive/2020/12/everybody-spies-cyberspace-us-must-plan-accordingly/617522/
The initial news always gets worse before it gets better, if ever. https://www.reuters.com/article/us-global-cyber-microsoft-idUSKBN2951M9
There should be a hacking disclosure parallel to Rusherâs Gap. https://www.techrepublic.com/article/managing-client-expectations-the-difference-between-sticker-shock-and-rushers-gap/
âSolarWinds moved much of its engineering to satellite offices in the Czech Republic, Poland and Belarus, where engineers had broad access to the Orion network management software that Russiaâs agents compromised.â https://www.nytimes.com/2021/01/02/us/politics/russian-hacking-government.html
âThe hackers managed their intrusion from servers inside the United States, exploiting legal prohibitions on the National Security Agency from engaging in domestic surveillance and eluding cyberdefenses deployed by the Department of Homeland Security.â
Avoiding forward deployed beacons on foreign networks by positioning their C2 servers and channels inside the US leveraged the âwedgeâ in US foreign and domestic intelligence gathering. All they had to worry about was DHS, which would represent a bug on their windshield.