8 January 2017

*** Cyberwar for Sale

Source Link
BY MATTATHIAS SCHWARTZ

After a maker of surveillance software was hacked, its leaked documents shed light on a shadowy global industry that has turned email theft into a terrifying — and lucrative — political weapon.

On the morning of May 18, 2014, Violeta Lagunes was perplexed by a series of strange messages that appeared in her Gmail inbox. It was Election Day to choose the leadership of Mexico’s right-wing Partido Acción Nacional, or PAN, and Lagunes, a former federal congresswoman, was holding a strategy meeting in her office in Puebla city. The emails seemed harmless, at least at first. One appeared to come from the account of a trusted colleague. It asked her to download and review a document. Lagunes clicked on the link, but it seemed to be broken, so she wrote back to her colleague and asked him to send it again. Elsewhere in her inbox was an email from Google warning her that someone had tried to log in to her account. Meanwhile, she began to receive phone calls from PAN allies, who claimed that they had received emails from Lagunes’s account that she did not remember sending.

Now Lagunes was worried. Around 1 o’clock, she called the colleague who appeared to have emailed her. She reached him at a restaurant, where he was finishing lunch with other campaign allies. “I did not send you an email,” he insisted. A consultant with the campaign — who asked to remain anonymous in order to preserve his relationships with other candidates — overheard the conversation. He knew of other campaign workers who had been receiving similar messages: emails with vague subject lines, asking the recipient to review a document or click a link. The campaign, he realized, had been hacked.

*** Chinese Information Warfare: The Panda That Eats, Shoots, and Leaves


The year is 2028. It is August and the weather is hot. People’s Liberation Army (PLA) Col. Sun Kangzhou and three highly trained special operations commandos from the Chengdu military region in southern China are sitting in two vehicles outside a Wal-Mart Supercenter in rural Pennsylvania about 115 miles northeast of Pittsburgh. Dressed in jeans, t-shirts, and work boots, the men appear to be just like any construction workers. In fact, Colonel Sun and his men are members of the elite Falcon special forces team. One of the vehicles is a heavy-duty pickup truck with a trailer carrying a large backhoe. The other is a nondescript blue sedan. The commandos’ target today is not a military base but something much more strategic.

It has been two weeks since the deadly military confrontation between a Chinese guided-missile destroyer and a U.S. Navy P-8 maritime patrol aircraft thousands of miles away in the South China Sea. The 500-foot-long Luyang II missile warship Yinchuan made a fatal error by firing one of its HHQ-9 long-range surface-to-air missiles at the P-8 as it flew some 77 miles away. The militarized Boeing 737 had been conducting a routine electronic reconnaissance mission over the sea, something the Chinese communist government in Beijing routinely denounces as a gross violation of sovereignty. The Chinese missile was tracked by the P-8’s sensors after a radar alarm signal went off, warning of the incoming attack. The advance sensor warning allowed the P-8 pilot to maneuver the jet out of range of the missile. The crew watched it fall into the sea. Fearing a second missile launch, the pilot ordered the crew to fire back. The aircraft bay doors opened and an antiship cruise missile, appropriately named SLAM-ER, for Standoff Land Attack Missile-Expanded Response, took off. Minutes later, the missile struck the ship, sinking the vessel and killing most of the crew.

** The age of analytics: Competing in a data-driven world


Big data’s potential just keeps growing. Taking full advantage means companies must incorporate analytics into their strategic vision and use it to make better, faster decisions. 

Is big data all hype? To the contrary: earlier research may have given only a partial view of the ultimate impact. A new report from the McKinsey Global Institute (MGI), The age of analytics: Competing in a data-driven world, suggests that the range of applications and opportunities has grown and will continue to expand. Given rapid technological advances, the question for companies now is how to integrate new capabilities into their operations and strategies—and position themselves in a world where analytics can upend entire industries. 

Big data continues to grow; if anything, earlier estimates understated its potential. 

A 2011 MGI report highlighted the transformational potential of big data. Five years later, we remain convinced that this potential has not been oversold. In fact, the convergence of several technology trends is accelerating progress. The volume of data continues to double every three years as information pours in from digital platforms, wireless sensors, virtual-reality applications, and billions of mobile phones. Data-storage capacity has increased, while its cost has plummeted. Data scientists now have unprecedented computing power at their disposal, and they are devising algorithms that are ever more sophisticated. 

** Israeli Military Reorganizing Its Cybersecurity Operations


Cybersecurity command to become part of army’s Teleprocessing Branch, which may now be renamed.

Israel Defense Forces Chief of Staff Gadi Eisenkot has decided to establish a command dedicated to cyberwarfare by the end of the army’s current multiyear plan ending in 2020.

Initially, it was thought that the command would bring together personnel from the IDF’s Intelligence Branch and Teleprocessing Branch, including defensive and offensive functions and intelligence gathering in the field of cybernetics.

Now, however, a senior IDF officer has said the army is still deliberating over whether to put all these operations under the responsibility of the cybersecurity command, or to leave the intelligence gathering and offensive operations in the hands of the Intelligence Branch, as is currently the case. This would maintain separation between defensive and offensive cybersecurity fields.

The biggest ever fire sale of Indian corporate assets has begun, to tide over bad loans crisis

Piyush Pandey

‘For sale’ tags on airports, roads, ports, steel plants, cement units, refineries, corporate park, among others, are visible.

We are seeing what is effectively India Inc.’s biggest ever fire sale. It’s even bigger than the government’s planned divestment target.

The Reserve Bank of India’s (RBI) has decided to clean up the balance sheets of Indian banks, which are collectively saddled with Rs five lakh crore of bad loans, by the end of this fiscal. So, the banks have started cracking the whip on Indian companies for repayment of loans. For most affected firms and groups, this will mean they will be forced to sell prized assets to repay their ballooning debts.

We are seeing ‘for sale’ tags on airports, roads, ports, steel plants, cement units, refineries, malls, corporate parks, land banks, coal mines, oil blocks, express highways, airwaves, Formula One teams, hotels, private jets, and even status symbol corporate HQs. Substantial stakes in firms, and in some cases entire companies, are on the block.

The Hindu reviewed leading corporate houses with billion-dollar loans riding on them, and the results are startling. The top 10 business house debtors alone owe Rs 5,00,000 crore to the banks. They will be forced to sell assets worth over Rs 2,00,000 crore.

Modi’s Cash Ban Brings Pain, but Corruption-Weary India Grits Its Teeth


By GEETA ANAND

MUMBAI, India — It was a bold and risky gamble by Prime Minister Narendra Modi of India that quickly seemed to backfire.

The announcement of a ban on the largest currency bills circulating in India, which came into full effect at midnight Friday, the last day for depositing the old notes at banks, set off cash shortages that have hit the country’s most vulnerable people hard and prompted worries about the economy.

But despite those concerns, as well as doubts about whether the currency ban will reduce corruption as it is designed to do, for the moment, at least, Mr. Modi’s bet appears to be paying off in the public arena.

Even as the poorest Indians have struggled, many have continued to voice support for the prime minister’s initiative to target the vast amounts of untaxed money, known as “black money,” flowing through the country’s economy, in hopes that it will combat an endemic culture of corruption. Mr. Modi, analysts say, has successfully tapped into deep frustration with the corruption that pervades almost every public interface with government.

Time To Face Up To Cyber Threats – Analysis

By Samir Saran

Crimes in cyberspace, by one estimate, now cost the global economy $445 billion a year. Cyber insecurity is now a global risk no different from the warming climate or forced displacement. Is such insecurity a business risk or a “public bad”? If the security of digital infrastructure is viewed as a business risk, who should mitigate it? Should states be responsible for the integrity of networks and data within their territories, failing which they will be classified as “risky” to do business in in the digital economy? Were cyber insecurity treated as a “public bad”, governments could justifiably conclude that vulnerabilities in one device or platform affect an entire ecosystem, and create a liability regime that shifts the burden on the private sector.

These issues are important to ponder as the Digital India programme and demonetisation encourage the rapid adoption of digital payments technologies. It is not only difficult to assess the “risk” of transacting in the digital economy, but also determine who such risks should be absorbed by. For instance, a high-end device may be able to offer security on the back of its tightly controlled supply chain, but what if an end user, by opening the door to a hidden exploit, compromised its operating system?

Pakistan Military Chief Tells Afghan Leaders He'll Work for Peace


ISLAMABAD, PAKISTAN — Pakistan's new military chief spoke to Afghan leaders Saturday and promised to work for regional peace as mutual mistrust and suspicion continued to plague bilateral ties in the outgoing year.

General Qamar Javed Bajwa telephoned Afghan President Ashraf Ghani, Chief Executive Abdullah Abdullah and Bajwa's Afghan counterpart, General Qadam Shah Shaheem, according to the Pakistan army's media wing.

It said that Bajwa "conveyed best wishes for 2017 and pledged to work for peace in the region," adding that peace in both countries was in the "greater interest of the region."

The Afghan leadership invited the Pakistan army chief for a visit to Afghanistan, the statement said, but did not mention any dates or other details for the proposed visit.

The Kabul government alleges that covert support the Taliban receives from Pakistan's military and its spy agency has enabled the insurgent group to prolong and expand its activities in Afghanistan.

U.S. Adds Lashkar-e-Taiba Student Wing to Terrorism List

By Bill Roggio

The banner for Al-Muhammadia Students’ Facebook page includes an image of Pakistani soldiers trampling an Indian flag.

The US government has added the Al-Muhammadia Students (AMS) organization, or “the student wing” of the Pakistan-based terrorist group Lashkar-e-Taiba (LeT or Army of the Pure), to its list of Foreign Terrorist Organizations. Additionally, the US added LeT leaders Muhammad Sarwar and Shahid Mahmood to the list of global terrorists. The designations highlight LeT’s role in international terrorism and its adeptness in using front organizations to skirt international sanctions.

“Founded in 2009, AMS is a subsidiary of LeT and has worked with LeT senior leaders to organize recruiting courses and other activities for youth,” the State Department designation noted.

State also noted that LeT has “repeatedly changed its name and created front organizations in an effort to avoid sanctions” since the US first added it to the list of Foreign Terrorist Organizations in 2001.

India and China's Tug of War Over Nepal

By Kamal Dev Bhattarai

In the last week of December, China’s People’s Liberation Army (PLA) announced that it is planning to hold its first-ever joint military exercise with Nepal. Though Chinese military assistance to Nepal has significantly increased in recent years, this is the first time that China has proposed a joint military exercise — and Nepal accepted.

The development came as Nepal is proposing to change some provisions of the 1950 Peace and Friendship Treaty with India. The treaty states that Nepal needs to inform or receive consent from India when it purchases military hardware from third countries.

By amending the treaty, Nepal wants to change such provisions and make independent decisions on security issues, including the purchase of military equipment. However, India is still the largest supplier of military hardware to the Nepali Army and the two armies enjoy an excellent relationship. Since 1950, it has been a custom for the two countries to confer honors on each other’s army chiefs, which signifies their close military-to-military ties.

Additional Considerations Regarding The Uyghur Issue – Analysis

By Giancarlo Elia Valori

Xinjiang is the leverage for China’s future strategic destabilization. In fact, while we can see a shift of the US strategic interest from the Middle East to East Asia, we must also note that the United States use the tension between China and Japan, in addition to using the North Korean nuclear issue in its relations with China, to isolate the Middle Kingdom and force it into a new state of insecurity.

However, both the small Asian nations and China itself, have made this US project very difficult.

Obviously this great destabilization operation regards also Xinjiang.

China views the Muslim minority of “East Turkistan” as a possible base for two major strategic operations: the start of the splitting up of the Chinese territory with subsequent ethnic “rank-and-file rebellions” and the related penetration of enemy powers into the Chinese territory through these rebellions.

For Xinjiang the “end users” would be the United States but, above all, Turkey, which is a NATO member – albeit anomalous.

Istanbul Nightclub Killer Was ‘Sneaked Into Turkey By Sophisticated ISIS Network Under A Secret Code


Jake Wallis Simons has a January 4, 2017 article in the Daily Mail Online, with the title above. Not surprisingly, he describes an adaptive, asymmetric adversary, who has learned from previous mistakes and terrorist operations– and, are improving their techniques, tactics, and procedures (TTP’s). Mr. Simons writes that “disturbing new details have emerged of a sophisticated, undercover Islamic State (ISIS) network that infiltrated the Istanbul New Year’s Eve killer into Turkey — and, used advanced special forces techniques.”

“The killer, reportedly a battle-hardened [Islamic] militant trained in Syria, was spirited into Turkey by a mysterious ISIS handler code-named, “Teacher Yusuf,’ according to leaked information published in the Turkish media Mr. Simons wrote. He adds that “the killer himself, was reportedly code-named, ‘Abu Muhammed Horasani,’ though his true identity either remains unknown, or has not been released by investigators.”

The details about the killer’s name and how he got into Turkey, etc., have not been officially verified; but, this information is being widely reported in Turkish media. “Teacher Yusuf installed the killer and his family in a safe house in the central [Turkish] town of Konya, in an apartment block where three other families were living last November,” Mr. Simons noted. “The other families, thought to be part of an ISIS cell, vanished following the atrocity; but, were detained this week by Turkish authorities 300 miles away in the Turkish town of Izmir. Mr Horasani’s wife and children, who remain under detention by Turkish police have denied any knowledge of Horasani’s connection/relationship with the Islamic State.”

Russia’s New Favorite Jihadis: The Taliban


THOMAS JOSCELYN

More than 15 years into America’s war in Afghanistan, the Russian government is openly advocating on behalf of the Taliban.

Last week, Moscow hosted Chinese and Pakistani emissaries to discuss the war. Tellingly, no Afghan officials were invited. However, the trio of nations urged the world to be “flexible” in dealing with the Taliban, which remains the Afghan government’s most dangerous foe. Russia even argued that the Taliban is a necessary bulwark in the war against the so-called Islamic State.

For its part, the American military sees Moscow’s embrace of the Taliban as yet another move intended to undermine NATO, which fights the Taliban, al Qaeda, and the Islamic State every day.

After Moscow’s conference, Russian Foreign Ministry spokeswoman Maria Zakharova spoke with reporters and noted that “the three countries expressed particular concern about the rising activity in the country of extremist groups, including the Afghan branch of IS [the Islamic State, or ISIS].”

One of America's Most Dangerous Enemies is Developing a "Poor Man's Cruise Missile"

Dave Majumdar

While non-state organizations like ISIS and Hezbollah have been using drones during their terror campaigns for some time now, such groups are starting to design and build unmanned aerial vehicles of their own design. Indeed, some of these “indigenous” designs are relatively complex machines and more sophisticated devices could soon be on their way to the battlefield.

In recent days, Iraqi forces fighting ISIS in Mosul have encountered not only the typical quadcopters that one can buy at an electronics store, but larger fixed-wing aircraft that are much more sophisticated. “There were also larger, fixed-wing craft fashioned out of corrugated plastic and duct tape, apparently made by the fighters themselves,” reports Al Jazeera’s John Beck.

Not only are the drones used for reconnaissance, the terrorists are increasingly loading the remotely operated aircraft with explosives and using them as a poor man’s cruise missile. “They also use a new tactic, where the drone itself has a bomb attached to it,” General Abdul Wahab al-Saadi, an Iraqi commander with Baghdad's counterterrorism service in eastern Mosul told Al Jazeera.

WE NEED TO TALK: THE PAST, PRESENT, AND FUTURE OF U.S. NUCLEAR WEAPONS POLICY

FRANCIS J. GAVIN

There is no graver threat to the world than nuclear war, a catastrophe some believe is less unlikely than commonly assumed. A president’s most awesome responsibility is control of America’s nuclear weapons. Most presidents, when briefed on the contents on the war plan, are stunned.

As Donald Trump prepares to assume this charge, U.S. nuclear policy finds itself at a historical crossroads. The incoming administration will be presented with at least five tensions that will force difficult choices for the future of American nuclear strategy.

First, the world is in the midst of a technological transformation that threatens to undermine both the idea and the reality of strategic stability based on mutual vulnerability between nuclear-armed states. For decades, advocates of what Robert Jervis called the “nuclear revolution” emphasized the inalterable facts of the atomic age: clean first strikes that eliminated an adversary’s ability to unleash a devastating nuclear response were next to impossible, as were perfect defenses against a nuclear attack. Once a state secured its ability to retaliate to a nuclear strike with forces of its own, there was little point in building more or better nuclear weapons. Seeking nuclear primacy, in other words, was pointless,

The U.S. Army's Biggest Fear: Getting Crushed in a Devastating Land War to Russia or China

Kris Osborn

After more than a decade of counterinsurgency warfare, the Army is now emphasizing major force-on-force mechanized warfare against Russia or Chinese weapons around the world.

The global proliferation of Russian and Chinese weapons massively increases the likelihood that US Army forces will confront tanks, drones, electronic warfare systems, precision munitions, armored vehicles and artillery made by near-peer competitors. 

Although the prospect of major-power mechanized ground war between the US and Russia or China may not seem likely, the US Army is tasked with the need to be ready for any ground-combat scenario. What this means, Army leaders expained, is that the current and future combat environment the globe is both increasingly urban and armed with Russian and Chinese-made tanks and weapons. 

Russian-built T-72 and T-90 tanks, Chinese drones, fighters and missiles are now part of Armies around the world who might wind up in conflict with the US. In particular, Pakistan is armed with Type 85-IIAP Chinese-built tanks and Iran is equipped with Russian-made T-72s. Even smaller countries, such as Bangladesh, have Chinese tanks. In addition, a far greater number of smaller countries such as Cuba, India and Libya have Russian tanks. North Korea, not suprisingly, has both Russian and Chinese tanks. 

An Australian doctrinal concept for Special Warfare: Lessons and Considerations


Army Insights Papers produced by the War Research Centre, as part of the Army Research Papers series, comprise topics of special or immediate interest to the Australian Army and international military community. These are vehicles for offering lessons learned, and providing insights on military strategy, future land operating environments and complex military modernisation. Insights Papers are intended to provide an opportunity for debate, further research and organisational change.

Recent operational experience, operating ‘through, by and with’ security partners in Afghanistan and Iraq, has yet to be codified into Australian doctrine. To develop such doctrine, the Australian Army requires a conversation, drawing on analysis of best practice, personal observation and lessons captured from over a decade of recent deployments.

The clear conclusion from the Australian (and Western) experience is that special warfare — the conduct of operations with local partners — is difficult, time-consuming and must be tailored to the subtle nuances of the cultural environment. The relevant literature presents a strong argument that specific training, development opportunities, selection criteria and career streaming should be utilised to build a mature Australian special warfare capability. This is contrary to the way in which Australia has deployed forces during recent operations, and therefore requires detailed analysis before it can be considered.

Do Leaders Need Emotional Intelligence?


Over the holiday break, I had the opportunity to catch up with with Dr. Joshua Spodek, author of the upcoming book Leadership Step by Step and discuss emotional intelligence. The term gets thrown around a lot in the military, but I don’t think a lot of us understand what exactly it means and why it’s so important to leading successful organizations. So, I hope readers get as much out of this post as I did! 

Joe: I’ve heard the term “emotional intelligence” mentioned in a lot of leadership conversations over the last couple of years, but what exactly does it mean? 
Josh: Let me start with some examples.

Has your mind ever drifted while someone told you a story and she stops and says, “Is everything alright? You look like you drifted off.”

She couldn’t read your mind. That’s a simple form of emotional intelligence: she read your body language, facial expression, and other cues that told him your emotions.

Think of a basketball coach sensing that his players aren’t playing well together and talking to each separately to figure out how to get them to gel. It’s not a matter of strength or skill. They’re just as strong and skilled as the day before. The more emotional intelligence he has, the more likely he can find the issue. If he has enough emotional skills, he’ll be able to solve it.

Perspectives on Terrorism

Perspectives on Terrorism, December 2016, v. 10, no. 6 

o Jihadi Terrorism in Europe: The IS-Effect

o Criminal Pasts, Terrorist Futures: European Jihadists and the New Crime-Terror Nexus

o With a Little Help from my Friends: an Exploration of the Tactical Use of Single-Actor Terrorism by the Islamic State

o IS and the Jihadist Information Highway – Projecting Influence and Religious Identity via Telegram

o Foreign Fighters in Syria and Iraq and the Socio-Economic Environment They Faced at Home: A Comparison of European Countries

o Terrorism and Beyond: Exploring the Fallout of the European Foreign Fighter Phenomenon in Syria and Iraq

The Post-Caliphate Counterterrorism Challenge


The Cipher Brief spoke with network member and former Acting Director of the CIA, John McLaughlin, about the current U.S. counterterrorism strategy, as well as what to expect from the terrorist threat in the coming year. According to McLaughlin, under President Barack Obama, the U.S. has been “highly successful” at eliminating terrorist leaders, but has been “less successful” at denying terrorists safe havens. Further, McLaughlin explained that as ISIS is beaten back in its self-declared caliphate in Syria and Iraq, he anticipates “the greatest post-caliphate danger is likely to be in Europe.”

The Cipher Brief: How has U.S. counterterrorism policy developed in the eight years under President Obama?

John McLaughlin: U.S. counterterrorism policy under President Obama has a mixed record tending toward positive. There are aspects of it that have been very successful and aspects of it that have been less successful and that have left problems in their wake.

TCB: What were some of the strongest elements of President Obama’s CT policy? What were the weakest?

JM: I always think of terrorism as requiring at least three things if we try to think about it systematically. In order to destroy a terrorist movement, you need first to destroy the leadership; second you need to deny it safe haven; third you need to change some of the conditions that gave rise to the phenomena that created it.

President Obama’s Pursuit of Cyber Deterrence Ends in Failure

by David Fidler

The Obama administration responded to Russia’s cyber operations against Democratic National Committee officials last week. The punitive measures seek to deter Russia, and other adversaries, from cyber-related interference with U.S. elections. This strategy connects to the importance President Obama placed on deterrence in cybersecurity. His administration tried to strengthen cyber defenses (deterrence by denial), clarify international law’s application in cyberspace and develop international cyber norms (deterrence by norms), and threaten punishment for hostile cyber operations (deterrence by punishment). However, the election hacking episode highlights how the president’s efforts to achieve deterrence for cybersecurity have failed. 

The astonishing lack of cybersecurity among the organizations and individuals targeted in the hacks reveals, again, problems with cyber defenses. This episode pairs with the infiltration of the Office of Personnel Management as embarrassing symbols of public and private failures to protect against cyber threats—years after improving cyber defenses became cybersecurity gospel. 

Cyber security in the time of demonetisation

ANUJ GOEL

The Airbus A380 has reached its optimum height and the captain has turned off the seat belt sign. I am flying back to New York via Dubai after spending two weeks in India, first catching up with my family and friends in Northern India, followed by a visit to Bengaluru, the Silicon Valley of India. The city never ceases to amaze me. In the last two years, there have been a lot of changes, but the biggest one—demonetisation—had occurred just a couple of weeks before I landed in India.

People with polarised opinions argued it out with each other, debating the pros and cons of the move. Yet, what I found more perplexing was the near-sightedness of the debate and the utter lack of understanding of the real problem. People are only bothered about the lack of currency in the banks and ATM machines but completely silent over the cashless hurricane that awaits them. During my time in India, Twitter accounts of a few celebrities were hacked and the media portrayed it as if this was the worst cyber attack that could happen. My vast experience in cyber security tells me that it was certainly done by some local actor to create media buzz or political turbulence.

A Big Cyberattack Is Inevitable In 2017

By Victor Thomson

Security analysts make dire predictions for 2017. According to them, we'll see more undetected, complex data integrity attacks this year aiming for political manipulation as well as financial gain.

According to Network World, while data integrity attacks are, of course, not entirely new, these hacks have very damaging potential consequences, as they compromise the security of digital information with the aim of gaining unauthorized access to modify data for a number of ulterior motives. This could represent the ultimate weaponization of data.

According to Venture Beat, the year 2016 has seen even more cybersecurity activity than 2015. Around 500 million accounts have been swiped from Yahoo, $81 million have been stolen from Bangladesh Bank, and about 19,000 emails have been leaked from Democratic Party officials in the run-up to the election. On top of that, we have experienced the IoT-powered botnets launching record-breaking DDoS attacks that have taken down major websites of the Internet.

The cyber-attack headlines in 2016 offer, in reality, just a glimpse of a cyber war between security experts and hackers. This digital war is being waged every day on a grand scale. And what is worse is that it is expected worse to come. Escalated challenges are predicted by security experts for 2017.

The Download on the DNC Hack


Over the past few days, several longtime readers have asked why I haven’t written about two stories that have consumed the news media of late: The alleged Russian hacking attacks against the U.S. Democratic National Committee (DNC) and, more recently, the discovery of malware on a laptop at a Vermont power utility that has been attributed to Russian hacker groups.

I’ve avoided covering these stories mainly because I don’t have any original reporting to add to them, and because I generally avoid chasing the story of the day — preferring instead to focus on producing original journalism on cybercrime and computer security.

But there is another reason for my reticence: Both of these stories are so politically fraught that to write about them means signing up for gobs of vitriolic hate mail from readers who assume I have some political axe to grind no matter what I publish on the matter.

Cybersecurity Lessons Learned for 2017

JACK HARRINGTON

Pundits will pick over the lessons of 2016 for a long time, and as they do, cyber experts are looking at the past year and finding lessons as well, with far-reaching implications for our nation’s security.

For most Americans, the 2016 election was the year cybersecurity moved from being an IT issue to one of great political significance. This was evidenced by the 20,000 hacked emails released by WikiLeaks on the eve of the Democratic National Convention to the phishing attack that gained access to Clinton Campaign Chairman John Podesta’s email. No previous election has highlighted for the American people how much we rely on the cyber domain and how much is vulnerable to attack as a result.

With 2016 now behind us, it is worth looking at some of the lessons we learned that will change the way we see cybersecurity and, as a result, our national security.

Cyber is now pervasive

The public is beginning to understand that cybersecurity is no longer solely about protecting computer networks but rather protecting how we live. The convergence of business, national defense, and personal activities on the same devices and networks create opportunities for adversaries to exploit the smallest details of our lives. The network we must now protect includes so much more than computers; it includes things like networked cars, connected appliances, and millions of sensors and processors in addition to the phones, tablets, and devices on which we now rely for information and connectivity to the rest of the world.