Cyber Strategies for a World at War


Attorney General Eric Holder Speaks at the Administration Trade Secret Strategy Rollout

Department of Justice
February 20, 2013

Thank you, Victoria, for those kind words – and thank you all for being here. It’s a pleasure to welcome you to the White House today – and a privilege to stand with so many friends, key partners, and indispensable allies in introducing the Administration’s strategy for combating the theft of trade secrets.

As Victoria just mentioned, this work is a top priority for President Obama, for the entire Administration – and of course for the dedicated men and women at the Department of Justice. I’m deeply proud of the contributions that my colleagues have made in developing this strategy – and the pivotal role that the Department will play in its implementation. And I’m confident that – as we bring government agencies and additional private sector partners together to put these plans into action – we’ll continue strengthening national efforts to protect the rights, safety, and best interests of American consumers, innovators, and entrepreneurs.

Particularly in this time of ongoing economic recovery, this work is more important than ever. Despite the challenges of recent years, American companies remain the most innovative in the world. They are responsible for many of the most important technological advances the world has ever seen, an overwhelming number of the 100 most valuable brands, and almost 30 percent of global research and development spending.

This level of innovation and the investments that make it possible benefit consumers, create jobs, and support our economy. For instance, in 2011, companies in Silicon Valley added over 42,000 jobs and recorded a growth rate more than three times that of the U.S. economy as a whole. But, as any of the corporate leaders in this crowd can attest, this prosperity is a double-edged sword. And it inevitably attracts global rivals – including individuals, companies, and even countries – eager to tilt the playing field to their advantage.

By corrupting insiders, hiring hackers, and engaging in other unscrupulous and illegal activities, these entities can inflict devastating harm on individual creators, start-ups, and major companies. As one private security expert has said of the largest U.S. corporations, there are only “two categories” of companies affected by trade secret theft – “[T]hose that know they’ve been compromised and those that don’t know yet.”

This is because, as new technologies have torn down traditional barriers to international business and global commerce, they’ve also made it easier for criminals to steal trade secrets – and to do so from anywhere in the world. A hacker in China can acquire source code from a software company in Virginia without leaving his or her desk. With a few keystrokes, a terminated or simply unhappy employee of a defense contractor can misappropriate designs, processes, and formulas worth billions of dollars.

Some of these criminals exploit pilfered secrets themselves – often by extorting the victim company or starting their own enterprise. Others try to sell the illicit information to a rival company, or obtain a bounty from a country interested in encouraging such theft. And all represent a significant and steadily increasing threat to America’s economic and national security interests.

Fortunately, the women and men of the Justice Department are working tirelessly to prevent, combat, and punish these serious crimes. Thanks to the efforts of 40 prosecutors and four computer forensic experts serving in the Computer Crime and Intellectual Property Section, and more than 230 specially-trained prosecutors stationed at U.S. Attorneys’ Offices around the country, including 25 Computer Hacking and Intellectual Property – or “CHIP” – units, I’m pleased to report that we’re fighting back more aggressively, and collaboratively, than ever before. And with approximately 240 FBI agents in the field dedicated to investigating IP crime, along with officials from U.S. Immigration and Customs Enforcement, and 20 additional state, federal, and international law enforcement agencies that are partners at the IPR Center, we are poised to build on our recent successes.

I’m proud of the outstanding work that these professionals are leading every day, in offices all across the country. But I also recognize – as I know you all do – that the Justice Department won’t be able to continue making the progress we need, and that our citizens and companies deserve, on its own.

We need to increase cooperation and coordination between partners at every level of government. We need to improve engagement with the corporations represented in the room today. We need to find ways to work together more efficiently and effectively – by following the road map set forth in the Administration’s new, comprehensive strategy. And we need to do so starting immediately – because continuing technological expansion and accelerating globalization will lead to a dramatic increase in the threat posed by trade secret theft in the years ahead.

In fact, by 2015, experts believe that the number of smart phones, tablets, laptops, and other internet-access devices in use will be roughly double the total that existed in 2010. In the same period, the proliferation of cloud-based computing will significantly enhance flexibility and productivity for workers around the world. But these same forces will also create more access points and vulnerabilities that allow criminals to steal confidential information.

Just as increasing globalization will enable American companies of all sizes to benefit from foreign technical experts and research and development activities in other countries, the sharing of trade secrets with entities operating in nations with weak rule of law may expose them to intellectual property losses. Any resulting cost advantages will likely be more than offset by losses in proprietary company information.

Unfortunately, these projections aren’t merely hypothetical. We’ve seen this phenomenon before – including in the late 1990s, when I had the privilege of serving as Deputy Attorney General. Between 1997 and 2000, internet usage in the United States more than doubled – and this massive technological shift also brought about major changes in the nature of crime. For instance, in 1999 alone, we saw a 30-percent spike in intellectual property cases over the previous year. In order to fight back, in July of that year I announced the Department’s first major IP Strategy, known as the Intellectual Property Rights Initiative.

Of course, we’ve all come a long way since then. As critical technologies have advanced, criminals have adapted accordingly. Our need to keep pace with these changes remains imperative. And the stakes have never been higher.

In some industries, a single trade secret can be worth millions – or even billions – of dollars. Trade secret theft can require companies to lay off employees, to close factories, to lose sales and profits, to experience a decline in competitive position and advantage – or even to go out of business. And this type of crime can have significant impacts not only on our country’s economic well-being, but on our national security – allowing hostile states to obtain data and technology that could endanger American lives; expose our energy, financial, or other sensitive sectors to massive losses; or make our infrastructure vulnerable to attack.

In response, the Justice Department has made the investigation and prosecution of trade secret theft a top priority. This is why the National Security Division’s Counterespionage Section has taken a leading role in economic espionage cases – and others affecting national security and the export of military and strategic commodities or technology. It’s also why, in 2010, I established an internal Task Force on Intellectual Property – led by Deputy Attorney General Jim Cole and other senior Department leaders – to improve and expand our enforcement efforts in this area. And it’s why the FBI has increased its focus on trade secret theft and its use of sophisticated tools and techniques in conducting national security and criminal investigations.

Of course, most trade secret matters are dealt with in civil court. But when the Justice Department receives referrals, we investigate and, when appropriate, prosecute those matters fairly and completely. And, although the primary legislation creating criminal liability for these acts is less than 20 years old, federal law enforcement officials have established a remarkable record of success in this area.

In the decade between 2001 and 2011, we secured well over 100 convictions in cases involving criminal trade secret thefts, and 6 convictions in economic espionage cases. For instance, in December 2011, a federal court in Indiana sentenced a man from China to more than 7 years in prison – after his conviction on charges of economic espionage on behalf of a foreign university tied to the Chinese government. Last September – in New Jersey – a jury convicted another Chinese native of trade secret theft and other charges for stealing information from a defense contractor about the performance and guidance systems for missiles and other military hardware. And last November – in Michigan – a former General Motors engineer and her husband were convicted of conspiring to steal more than $40 million worth of trade secrets from GM, with intent to use them in a joint venture with an automotive competitor in China.

In these and many other cases – as we’ve refined our approach and increased our understanding of these crimes and those who commit them – the Department has also gathered valuable intelligence about foreign-based economic espionage. We’ve forged strong relationships with law enforcement partners, private sector experts, and international allies. And we’ve begun to raise awareness about the devastating impact of these crimes – and to encourage companies to report suspected breaches to law enforcement – so violators can be caught, brought to justice, and kept from striking again.

As we carry this work into the future – thanks to the support and assistance of everyone here today, and the cutting-edge strategy we’re committed to implementing – I’m confident that we’ll continue to make great strides in the fight against trade secret theft. We’ll keep improving our ability to crack down on intellectual property infringement and economic espionage. And together we’ll ensure that the United States is, and always will be, the world leader in innovation.


Attendees of the Justice Department announcement received copies of the following report:




Filed under: Business, China, cyber security, Doctrine, government, Internet, News, Policy, Politics, Strategy, Technology, Threats, , , , , , , , , , , , , , ,

Former CIA Director Talks Cyber Security

Michael_Hayden,_CIA_official_portraitFormer National Security Agency and Central Intelligence Agency Director General Michael Hayden discusses life as the nation’s premier spy, as well the pressing cyber and national security issues of the day, with Frank Sesno, Director of George Washington University‘s School of Media and Public Affairs. This event took place February 19, 2013, and was recorded by CSPAN.

One of the first topics they discuss is the huge load of evidential data the information security company Mandiant recently released that alleges the Chinese government, through its military, is complicit in persistent cyber espionage against the United States government and corporations.

Not-so breaking news, folks: According to General Hayden, the United States steals China‘s secrets, too. However, he goes on to differentiate the type of espionage between the two nations. He regards the United States’s spying against the Chinese government as being done only to protect the United States’s citizens’s liberty and security; whereas the Chinese spying is being done against the United States primarily to steal its corporate and national secrets to improve China’s industrial and technological capacity and strength.

Unfortunately, CSPAN offers no embeddable file for the event so you will need to watch it at

Filed under: Analysis, cyber security, cyber war, Doctrine, government, Intelligence Community, Internet, Military, News, Terrorism, Threats, , , , , , , , , ,

Executive Order — Improving Critical Infrastructure Cybersecurity

White House
February 12, 2013


– – – – – – –


By the authority vested in me as President by the Constitution and the laws of the United States of America, it is hereby ordered as follows:

Section 1Policy. Repeated cyber intrusions into critical infrastructure demonstrate the need for improved cybersecurity. The cyber threat to critical infrastructure continues to grow and represents one of the most serious national security challenges we must confront. The national and economic security of the United States depends on the reliable functioning of the Nation’s critical infrastructure in the face of such threats. It is the policy of the United States to enhance the security and resilience of the Nation’s critical infrastructure and to maintain a cyber environment that encourages efficiency, innovation, and economic prosperity while promoting safety, security, business confidentiality, privacy, and civil liberties. We can achieve these goals through a partnership with the owners and operators of critical infrastructure to improve cybersecurity information sharing and collaboratively develop and implement risk-based standards.

Sec2Critical Infrastructure. As used in this order, the term critical infrastructure means systems and assets, whether physical or virtual, so vital to the United States that the incapacity or destruction of such systems and assets would have a debilitating impact on security, national economic security, national public health or safety, or any combination of those matters.

Sec3Policy Coordination. Policy coordination, guidance, dispute resolution, and periodic in-progress reviews for the functions and programs described and assigned herein shall be provided through the interagency process established in Presidential Policy Directive-1 of February 13, 2009 (Organization of the National Security Council System), or any successor.

Sec4Cybersecurity Information Sharing. (a) It is the policy of the United States Government to increase the volume, timeliness, and quality of cyber threat information shared with U.S. private sector entities so that these entities may better protect and defend themselves against cyber threats. Within 120 days of the date of this order, the Attorney General, the Secretary of Homeland Security (the “Secretary”), and the Director of National Intelligence shall each issue instructions consistent with their authorities and with the requirements of section 12(c) of this order to ensure the timely production of unclassified reports of cyber threats to the U.S. homeland that identify a specific targeted entity. The instructions shall address the need to protect intelligence and law enforcement sources, methods, operations, and investigations.

(b) The Secretary and the Attorney General, in coordination with the Director of National Intelligence, shall establish a process that rapidly disseminates the reports produced pursuant to section 4(a) of this order to the targeted entity. Such process shall also, consistent with the need to protect national security information, include the dissemination of classified reports to critical infrastructure entities authorized to receive them. The Secretary and the Attorney General, in coordination with the Director of National Intelligence, shall establish a system for tracking the production, dissemination, and disposition of these reports.

(c) To assist the owners and operators of critical infrastructure in protecting their systems from unauthorized access, exploitation, or harm, the Secretary, consistent with 6 U.S.C. 143 and in collaboration with the Secretary of Defense, shall, within 120 days of the date of this order, establish procedures to expand the Enhanced Cybersecurity Services program to all critical infrastructure sectors. This voluntary information sharing program will provide classified cyber threat and technical information from the Government to eligible critical infrastructure companies or commercial service providers that offer security services to critical infrastructure.

(d) The Secretary, as the Executive Agent for the Classified National Security Information Program created under Executive Order 13549 of August 18, 2010 (Classified National Security Information Program for State, Local, Tribal, and Private Sector Entities), shall expedite the processing of security clearances to appropriate personnel employed by critical infrastructure owners and operators, prioritizing the critical infrastructure identified in section 9 of this order.

(e) In order to maximize the utility of cyber threat information sharing with the private sector, the Secretary shall expand the use of programs that bring private sector subject-matter experts into Federal service on a temporary basis. These subject matter experts should provide advice regarding the content, structure, and types of information most useful to critical infrastructure owners and operators in reducing and mitigating cyber risks.

Sec5Privacy and Civil Liberties Protections. (a) Agencies shall coordinate their activities under this order with their senior agency officials for privacy and civil liberties and ensure that privacy and civil liberties protections are incorporated into such activities. Such protections shall be based upon the Fair Information Practice Principles and other privacy and civil liberties policies, principles, and frameworks as they apply to each agency’s activities.

(b) The Chief Privacy Officer and the Officer for Civil Rights and Civil Liberties of the Department of Homeland Security (DHS) shall assess the privacy and civil liberties risks of the functions and programs undertaken by DHS as called for in this order and shall recommend to the Secretary ways to minimize or mitigate such risks, in a publicly available report, to be released within 1 year of the date of this order. Senior agency privacy and civil liberties officials for other agencies engaged in activities under this order shall conduct assessments of their agency activities and provide those assessments to DHS for consideration and inclusion in the report. The report shall be reviewed on an annual basis and revised as necessary. The report may contain a classified annex if necessary. Assessments shall include evaluation of activities against the Fair Information Practice Principles and other applicable privacy and civil liberties policies, principles, and frameworks. Agencies shall consider the assessments and recommendations of the report in implementing privacy and civil liberties protections for agency activities.

(c) In producing the report required under subsection (b) of this section, the Chief Privacy Officer and the Officer for Civil Rights and Civil Liberties of DHS shall consult with the Privacy and Civil Liberties Oversight Board and coordinate with the Office of Management and Budget (OMB).

(d) Information submitted voluntarily in accordance with 6 U.S.C. 133 by private entities under this order shall be protected from disclosure to the fullest extent permitted by law.

Sec6Consultative Process. The Secretary shall establish a consultative process to coordinate improvements to the cybersecurity of critical infrastructure. As part of the consultative process, the Secretary shall engage and consider the advice, on matters set forth in this order, of the Critical Infrastructure Partnership Advisory Council; Sector Coordinating Councils; critical infrastructure owners and operators; Sector-Specific Agencies; other relevant agencies; independent regulatory agencies; State, local, territorial, and tribal governments; universities; and outside experts.

Sec7Baseline Framework to Reduce Cyber Risk to Critical Infrastructure. (a) The Secretary of Commerce shall direct the Director of the National Institute of Standards and Technology (the “Director”) to lead the development of a framework to reduce cyber risks to critical infrastructure (the “Cybersecurity Framework”). The Cybersecurity Framework shall include a set of standards, methodologies, procedures, and processes that align policy, business, and technological approaches to address cyber risks. The Cybersecurity Framework shall incorporate voluntary consensus standards and industry best practices to the fullest extent possible. The Cybersecurity Framework shall be consistent with voluntary international standards when such international standards will advance the objectives of this order, and shall meet the requirements of the National Institute of Standards and Technology Act, as amended (15 U.S.C. 271 et seq.), the National Technology Transfer and Advancement Act of 1995 (Public Law 104-113), and OMB Circular A-119, as revised.

(b) The Cybersecurity Framework shall provide a prioritized, flexible, repeatable, performance-based, and cost-effective approach, including information security measures and controls, to help owners and operators of critical infrastructure identify, assess, and manage cyber risk. The Cybersecurity Framework shall focus on identifying cross-sector security standards and guidelines applicable to critical infrastructure. The Cybersecurity Framework will also identify areas for improvement that should be addressed through future collaboration with particular sectors and standards-developing organizations. To enable technical innovation and account for organizational differences, the Cybersecurity Framework will provide guidance that is technology neutral and that enables critical infrastructure sectors to benefit from a competitive market for products and services that meet the standards, methodologies, procedures, and processes developed to address cyber risks. The Cybersecurity Framework shall include guidance for measuring the performance of an entity in implementing the Cybersecurity Framework.

(c) The Cybersecurity Framework shall include methodologies to identify and mitigate impacts of the Cybersecurity Framework and associated information security measures or controls on business confidentiality, and to protect individual privacy and civil liberties.

(d) In developing the Cybersecurity Framework, the Director shall engage in an open public review and comment process. The Director shall also consult with the Secretary, the National Security Agency, Sector-Specific Agencies and other interested agencies including OMB, owners and operators of critical infrastructure, and other stakeholders through the consultative process established in section 6 of this order. The Secretary, the Director of National Intelligence, and the heads of other relevant agencies shall provide threat and vulnerability information and technical expertise to inform the development of the Cybersecurity Framework. The Secretary shall provide performance goals for the Cybersecurity Framework informed by work under section 9 of this order.

(e) Within 240 days of the date of this order, the Director shall publish a preliminary version of the Cybersecurity Framework (the “preliminary Framework”). Within 1 year of the date of this order, and after coordination with the Secretary to ensure suitability under section 8 of this order, the Director shall publish a final version of the Cybersecurity Framework (the “final Framework”).

(f) Consistent with statutory responsibilities, the Director will ensure the Cybersecurity Framework and related guidance is reviewed and updated as necessary, taking into consideration technological changes, changes in cyber risks, operational feedback from owners and operators of critical infrastructure, experience from the implementation of section 8 of this order, and any other relevant factors.

Sec8Voluntary Critical Infrastructure Cybersecurity Program. (a) The Secretary, in coordination with Sector-Specific Agencies, shall establish a voluntary program to support the adoption of the Cybersecurity Framework by owners and operators of critical infrastructure and any other interested entities (the “Program”).

(b) Sector-Specific Agencies, in consultation with the Secretary and other interested agencies, shall coordinate with the Sector Coordinating Councils to review the Cybersecurity Framework and, if necessary, develop implementation guidance or supplemental materials to address sector-specific risks and operating environments.

(c) Sector-Specific Agencies shall report annually to the President, through the Secretary, on the extent to which owners and operators notified under section 9 of this order are participating in the Program.

(d) The Secretary shall coordinate establishment of a set of incentives designed to promote participation in the Program. Within 120 days of the date of this order, the Secretary and the Secretaries of the Treasury and Commerce each shall make recommendations separately to the President, through the Assistant to the President for Homeland Security and Counterterrorism and the Assistant to the President for Economic Affairs, that shall include analysis of the benefits and relative effectiveness of such incentives, and whether the incentives would require legislation or can be provided under existing law and authorities to participants in the Program.

(e) Within 120 days of the date of this order, the Secretary of Defense and the Administrator of General Services, in consultation with the Secretary and the Federal Acquisition Regulatory Council, shall make recommendations to the President, through the Assistant to the President for Homeland Security and Counterterrorism and the Assistant to the President for Economic Affairs, on the feasibility, security benefits, and relative merits of incorporating security standards into acquisition planning and contract administration. The report shall address what steps can be taken to harmonize and make consistent existing procurement requirements related to cybersecurity.

Sec9Identification of Critical Infrastructure at Greatest Risk. (a) Within 150 days of the date of this order, the Secretary shall use a risk-based approach to identify critical infrastructure where a cybersecurity incident could reasonably result in catastrophic regional or national effects on public health or safety, economic security, or national security. In identifying critical infrastructure for this purpose, the Secretary shall use the consultative process established in section 6 of this order and draw upon the expertise of Sector-Specific Agencies. The Secretary shall apply consistent, objective criteria in identifying such critical infrastructure. The Secretary shall not identify any commercial information technology products or consumer information technology services under this section. The Secretary shall review and update the list of identified critical infrastructure under this section on an annual basis, and provide such list to the President, through the Assistant to the President for Homeland Security and Counterterrorism and the Assistant to the President for Economic Affairs.

(b) Heads of Sector-Specific Agencies and other relevant agencies shall provide the Secretary with information necessary to carry out the responsibilities under this section. The Secretary shall develop a process for other relevant stakeholders to submit information to assist in making the identifications required in subsection (a) of this section.

(c) The Secretary, in coordination with Sector-Specific Agencies, shall confidentially notify owners and operators of critical infrastructure identified under subsection (a) of this section that they have been so identified, and ensure identified owners and operators are provided the basis for the determination. The Secretary shall establish a process through which owners and operators of critical infrastructure may submit relevant information and request reconsideration of identifications under subsection (a) of this section.

Sec10Adoption of Framework. (a) Agencies with responsibility for regulating the security of critical infrastructure shall engage in a consultative process with DHS, OMB, and the National Security Staff to review the preliminary Cybersecurity Framework and determine if current cybersecurity regulatory requirements are sufficient given current and projected risks. In making such determination, these agencies shall consider the identification of critical infrastructure required under section 9 of this order. Within 90 days of the publication of the preliminary Framework, these agencies shall submit a report to the President, through the Assistant to the President for Homeland Security and Counterterrorism, the Director of OMB, and the Assistant to the President for Economic Affairs, that states whether or not the agency has clear authority to establish requirements based upon the Cybersecurity Framework to sufficiently address current and projected cyber risks to critical infrastructure, the existing authorities identified, and any additional authority required.

(b) If current regulatory requirements are deemed to be insufficient, within 90 days of publication of the final Framework, agencies identified in subsection (a) of this section shall propose prioritized, risk-based, efficient, and coordinated actions, consistent with Executive Order 12866 of September 30, 1993 (Regulatory Planning and Review), Executive Order 13563 of January 18, 2011 (Improving Regulation and Regulatory Review), and Executive Order 13609 of May 1, 2012 (Promoting International Regulatory Cooperation), to mitigate cyber risk.

(c) Within 2 years after publication of the final Framework, consistent with Executive Order 13563 and Executive Order 13610 of May 10, 2012 (Identifying and Reducing Regulatory Burdens), agencies identified in subsection (a) of this section shall, in consultation with owners and operators of critical infrastructure, report to OMB on any critical infrastructure subject to ineffective, conflicting, or excessively burdensome cybersecurity requirements. This report shall describe efforts made by agencies, and make recommendations for further actions, to minimize or eliminate such requirements.

(d) The Secretary shall coordinate the provision of technical assistance to agencies identified in subsection (a) of this section on the development of their cybersecurity workforce and programs.

(e) Independent regulatory agencies with responsibility for regulating the security of critical infrastructure are encouraged to engage in a consultative process with the Secretary, relevant Sector-Specific Agencies, and other affected parties to consider prioritized actions to mitigate cyber risks for critical infrastructure consistent with their authorities.

Sec11Definitions. (a) “Agency” means any authority of the United States that is an “agency” under 44 U.S.C. 3502(1), other than those considered to be independent regulatory agencies, as defined in 44 U.S.C. 3502(5).

(b) “Critical Infrastructure Partnership Advisory Council” means the council established by DHS under 6 U.S.C. 451 to facilitate effective interaction and coordination of critical infrastructure protection activities among the Federal Government; the private sector; and State, local, territorial, and tribal governments.

(c) “Fair Information Practice Principles” means the eight principles set forth in Appendix A of the National Strategy for Trusted Identities in Cyberspace.

(d) “Independent regulatory agency” has the meaning given the term in 44 U.S.C. 3502(5).

(e) “Sector Coordinating Council” means a private sector coordinating council composed of representatives of owners and operators within a particular sector of critical infrastructure established by the National Infrastructure Protection Plan or any successor.

(f) “Sector-Specific Agency” has the meaning given the term in Presidential Policy Directive-21 of February 12, 2013 (Critical Infrastructure Security and Resilience), or any successor.

Sec12General Provisions. (a) This order shall be implemented consistent with applicable law and subject to the availability of appropriations. Nothing in this order shall be construed to provide an agency with authority for regulating the security of critical infrastructure in addition to or to a greater extent than the authority the agency has under existing law. Nothing in this order shall be construed to alter or limit any authority or responsibility of an agency under existing law.

(b) Nothing in this order shall be construed to impair or otherwise affect the functions of the Director of OMB relating to budgetary, administrative, or legislative proposals.

(c) All actions taken pursuant to this order shall be consistent with requirements and authorities to protect intelligence and law enforcement sources and methods. Nothing in this order shall be interpreted to supersede measures established under authority of law to protect the security and integrity of specific activities and associations that are in direct support of intelligence and law enforcement operations.

(d) This order shall be implemented consistent with U.S. international obligations.

(e) This order is not intended to, and does not, create any right or benefit, substantive or procedural, enforceable at law or in equity by any party against the United States, its departments, agencies, or entities, its officers, employees, or agents, or any other person.


Filed under: cyber security, Doctrine, government, SCADA, , ,

Department of Defense Cyber Strategy

U.S. Department of Defense
July 14, 2011

It should come as no surprise that the United States is prepared to defend itself. It would be irresponsible, and a failure of the Defense Department’s mission, to leave the nation vulnerable to a known threat. Just as our military organizes to defend against hostile acts from land, air, and sea, we must also be prepared to respond to hostile acts in cyberspace. Accordingly, the United States reserves the right, under the laws of armed conflict, to respond to serious cyber attacks with a proportional and justified military response at the time and place of our choosing.

Deputy Secretary of Defense William J. Lynn, III, National Defense University, Washington, D.C.,

Read the speech at

Filed under: cyber security, Doctrine, Intelligence Community, Internet, Military, Policy, , , , , , , , , , , , ,

President Obama Names Vivek Kundra Chief Information Officer

The White House
March 5, 2009

WASHINGTON, DC – Today, President Barack Obama named Vivek Kundra the Federal Chief Information Officer (CIO) at the White House.

The Federal Chief Information Officer directs the policy and strategic planning of federal information technology investments and is responsible for oversight of federal technology spending. The Federal CIO establishes and oversees enterprise architecture to ensure system interoperability and information sharing and ensure information security and privacy across the federal government. The CIO will also work closely with the Chief Technology Officer to advance the President’s technology agenda.

President Obama said, “Vivek Kundra will bring a depth of experience in the technology arena and a commitment to lowering the cost of government operations to this position. I have directed him to work to ensure that we are using the spirit of American innovation and the power of technology to improve performance and lower the cost of government operations. As Chief Information Officer, he will play a key role in making sure our government is running in the most secure, open, and efficient way possible.”

The following announcement was made today:

Vivek Kundra, Federal Chief Information Officer
Vivek Kundra formerly served in Mayor Fenty’s cabinet as the Chief Technology Officer (CTO) for the District of Columbia, responsible for technology operations and strategy for 86 agencies. He has been recognized among the top 25 CTO’s in the country and as the 2008 IT Executive of the Year for his pioneering work to drive transparency, engage citizens and lower the cost of government operations. Kundra is also recognized for his leadership in public safety communications, cyber security and IT portfolio management. Before Kundra came to the District, Governor Timothy M. Kaine appointed him Assistant Secretary of Commerce and Technology for the Commonwealth of Virginia, the first dual cabinet role in the state’s history. Kundra’s diverse record also includes technology and public policy experience in private industry and academia. He is a graduate of the University of Virginia’s Sorensen Institute for Political Leadership and holds a MS in Information Technology from the University of Maryland.

Filed under: Analysis, Biography, Business, cyber security, cyber war, Doctrine, government, History, Intelligence Community, Internet, Life, Military, News, Policy, Politics, Strategy, Technology, Terrorism, Training, War, , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

The Highlighter: Securing Cyberspace for the 44th Presidency – Part V

A Report of the CSIS Commission on Cybersecurity for the 44th Presidency

Part V includes highlights of:

  • Section 4 – Regulate for Cybersecurity

CSWW is not affiliated with CSIS or the commission that produced this report. The use of “we,” “our,” “us,” etc., throughout the highlights of this report refers to the members of the CSIS Commission and not to CSWW.

The Highlights:

Regulate for Cybersecurity


  • The president should task the NOC to work with appropriate regulatory agencies to develop and issue standards and guidance for securing critical cyber infrastructure, which those agencies would then apply in their own regulations.
  • The NOC should work with the appropriate regulatory agencies and with the National Institute of Standards and Technology (NIST) to develop regulations for industrial control systems (ICS). The government could reinforce regulation by making the development of secure control systems an element of any economic stimulus package…
  • The NOC should immediately determine the extent to which government-owned critical infrastructures are secure from cyber attack…
  • The president should direct the NOC and the federal Chief Information Officers Council, working with industry, to develop and implement security guidelines for the procurement of IT products (with software as the first priority).
  • The president should task the National Security Agency (NSA) and NIST, working with international partners, to reform the National Information Assurance Partnership (NIAP).
  • The president should take steps to increase the use of secure Internet protocols. The president should direct OMB and the NOC to develop mandatory requirements for agencies to contract only with telecommunications carriers that use secure Internet protocols.

Read the rest of this entry »

Filed under: Analysis, Biography, Business, cyber security, cyber war, Doctrine, government, History, Intelligence Community, Internet, Life, Military, News, Policy, Politics, Strategy, Technology, Terrorism, The Highlighter, Training, War, , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Cyber review underway

The White House Blog
March 2, 2009

John Brennan, Assistant to the President for Homeland Security and Counterterrorism, passed along this update about the ongoing review of our nation’s communications and information infrastructure.

In response to President Obama’s direction, the National Security Council and Homeland Security Council are presently conducting a 60-day review of the plans, programs, and activities underway throughout the government that address our communications and information infrastructure (i.e., cyberspace). The purpose of the review is to develop a strategic framework to ensure that our initiatives in this area are appropriately integrated, resourced and coordinated both within the Executive Branch and with Congress and the private sector.

Our nation’s security and economic prosperity depend on the security, stability, and integrity of communications and information infrastructure that are largely privately-owned and globally-operated. Safeguarding these important interests will require balanced decision making that integrates and harmonizes our national and economic security objectives with enduring respect for the rule of law. Guided by this principle, the review will build upon existing policies and structures to formulate a new vision for a national public-private partnership and an action plan to: enhance economic prosperity and facilitate market leadership for the U.S. information and communications industry; deter, prevent, detect, defend against, respond to, and remediate disruptions and damage to U.S. communications and information infrastructure; ensure U.S. capabilities to operate in cyberspace in support of national goals; and safeguard the privacy rights and civil liberties of our citizens.

The review will be completed by the end of April 2009. At that time, the review team will present its recommendations to the President regarding an optimal White House organizational construct to address issues related to U.S. and global information and communications infrastructure and capabilities. The recommendations also will include an action plan on identifying and prioritizing further work in this area.

Filed under: Analysis, Biography, Business, cyber security, cyber war, Doctrine, government, History, Intelligence Community, Internet, Life, Military, News, Policy, Politics, Strategy, Technology, Terrorism, Training, War, , , , , , , , , , , , , , , , , , , , , ,

National Intelligence Program Budget for 2010

Funding Highlights:

• Strengthens the capabilities of the Nation’s intelligence agencies to furnish timely, accurate, and
insightful intelligence on the capabilities and intentions of foreign powers, including international
terrorist groups.
• Enhances Federal cybersecurity capabilities.
• Prioritizes resources to support a U.S. Government-wide counterterrorism action plan.
• Improves the sharing of terrorist-related information with Federal, State, local, tribal and foreign
• Increases collection capabilities and continues transforming intelligence analysis.

The National Intelligence Program (NIP) funds intelligence activities in several Departments and the Central Intelligence Agency (CIA). NIP’s budget is classified, so the 2010 Budget does not publicly disclose funding requests for intelligence activities. However, since NIP supports key elements of America’s national security,
this chapter highlights some NIP-funded activities without detailing funding information.

To protect America’s national security, the Intelligence Community (IC) provides effective intelligence collection, the analysis of that intelligence, and the production of finished intelligence products. IC is responsible for ensuring timely and effective dissemination of intelligence to those who need it, ranging from the President, to heads of Executive Departments, military forces, and law enforcement agencies. To meet this country’s national security challenges, IC is strengthening its components’ abilities to collect intelligence, increasing the security of Federal cyber networks, and protecting against the threat of international terrorism in the United States.

The 2010 budget for NIP will support the Administration’s national security objectives. The Director of National Intelligence, the Director of the CIA, and Department Secretaries with intelligence organizations will use 2010 NIP funds to defeat terrorist networks, prevent the spread of weapons of mass destruction, penetrate and
analyze the most difficult targets of U.S. foreign policy, and anticipate developments of strategic concern.

The Administration will request funding for IC for the remainder of 2009 and for 2010 to cover the costs of global intelligence operations. The details of the 2009 supplemental appropriations request will be provided to the Congress in the next few weeks while the detailed 2010 request will be transmitted with the President’s 2010
Budget request.

Increases funding for Cybersecurity. The threat to Federal information technology networks is real, serious, and growing. To address this threat, the President’s 2010 Budget includes substantial funding for cybersecurity efforts; such activities will take an integrated and holistic approach to address current cybersecurity threats, anticipate future threats, and continue innovative public-private partnerships. These
efforts encompass the homeland security, intelligence, law enforcement, military and diplomatic mission areas of the U.S. Government.

Implements Counterterrorism Plan. The National Counterterrorism Center (NCTC) has developed a U.S. Government-wide counterterrorism action plan. This plan lays out broad strategic objectives aligned with policy objectives to guide the overall implementation of this national strategy on counterterrorism. The Administration will work with NCTC, IC, and relevant Departments such as Defense, State, and Homeland Security to direct resources in support of counterterrorism implementation objectives.

Facilitates information Sharing. The President’s 2010 Budget will support initiatives to improve the sharing of intelligence, including terrorist-related information, with Federal, State, local, tribal and foreign partners. These efforts include advancing the National Suspicious Activity reporting Initiative; establishing agency-based, outcome-oriented performance targets for information sharing; and institutionalizing the use of
effective business practices.

Improves Collection and Analysis Capabilities. The 2010 Budget provides funding to improve mission performance by increasing intelligence collection capabilities and continuing to transform intelligence analysis in IC.

Filed under: Analysis, Biography, Business, cyber security, cyber war, Doctrine, government, History, Intelligence Community, Internet, Life, Military, News, Policy, Politics, Polls, Strategy, Technology, Terrorism, Training, War, , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

NSA Should Oversee Cybersecurity, Intel Chief Says

By Kim Zetter
February 26, 2009


Despite the fact that many Americans distrust the National Security Agency for its role in the Bush Administration’s warrantless wiretapping program, the agency should be entrusted with securing the nation’s telecommunications networks and other cyber infrastructures, President Obama’s director of national intelligence told Congress on Wednesday.

Director of National Intelligence Admiral Dennis Blair told the House intelligence committee (.pdf) that the NSA, rather than the Department of Homeland Security which currently oversees cybersecurity, has the smarts and the skills to secure cyberspace.

“The National Security Agency has the greatest repository of cyber talent,” Blair said. “[T]here are some wizards out there at Fort Meade who can do stuff.”

Blair added that “because of the offensive mission that they have, they’re the ones who know best about what’s coming back at us and it’s defenses against those sorts of things that we need to be able to build into wider and wider circles.”

He acknowledged that the agency had a trust handicap to overcome due to its role in the Bush Administration’s secret domestic spying program, and therefore asked Congress to help convince the public that it’s the right agency for the task.

“I think there is a great deal of distrust of the National Security Agency and the intelligence community in general playing a role outside of the very narrowly circumscribed role because of some of the history of the FISA issue in years past. . . . So I would like the help of people like you who have studied this closely and served on commissions, the leadership of the committee and finding a way that the American people will have confidence in the supervision, in the oversight of the role of NSA so that it can help protect these wider bodies. So, to me, that’s one of the keys things that we have to work on here in the next few months.”

Blair is not without support for his view. Paul Kurtz, who led the cybersecurity group on Obama’s transition team and was part of Bush’s White House National Security Council, recently told Forbes that he supports the NSA taking a prominent role in cybersecurity.

Continue reading…

Filed under: Biography, Business, cyber security, cyber war, Doctrine, government, History, Intelligence Community, Internet, Life, Military, News, Policy, Politics, Polls, Strategy, Technology, Terrorism, The Highlighter, Training, War, , , , , , , , , , , , , , , , , , , , , , , , ,

Obama Budget Eyes Boost to Cybersecurity Funds

By Andrea Shalal-Esa

WASHINGTON (Reuters) – The budget proposed by President Barack Obama includes funding aimed at improving the security of U.S. private and public computer networks.

“The threat to federal information technology networks is real, serious and growing,” said an outline of the budget proposal for fiscal 2010 that begins October 1 and released by the Obama administration on Thursday.

The document called for $355 million in funding for the Department of Homeland Security to make private and public sector cyber infrastructure more resilient and secure.

The money would help support the operations of the National Cyber Security Division, as well as initiatives under the Comprehensive National Cybersecurity Initiative, according to the document.

In addition, the administration said it would put “substantial” funding for cybersecurity efforts into the national intelligence program, but gave no details since that funding is kept secret.

That money would be used for “an integrated and holistic approach to address current cybersecurity threats, anticipate future threats, and continue innovative public-private partnerships,” it said.


Filed under: Analysis, Biography, Business, cyber security, cyber war, Doctrine, government, History, Intelligence Community, Internet, Life, Military, News, Policy, Politics, Polls, Strategy, Technology, Terrorism, Training, War, , , , , , , , , , , , ,

U.S. must craft cyberwarfare battle strategy

By William Jackson
February 18, 2009
Government Computer News

America has to face up to the realities of cyberwarfare with tactical and strategic planning, Kurtz says

The intelligence community and the military have crucial roles to play in protecting cyber space, former presidential adviser Paul E. Kurtz said Wednesday, and a clear command and control structure is needed to ensure that our information infrastructure can survive and recover from major disruptions.

In his opening address at the Black Hat Federal security conference being held in Arlington, Va., Kurtz, who served on the National and Homeland Security councils under presidents Bill Clinton and George W. Bush, said the nation has been reluctant to consider the proper role of government in regulating and defending cyberspace. He said it is important that these decisions be made openly after public discussion rather than allowed to happen behind closed doors.

“To those who object to the militarization of cyberspace, I would say, it’s too late: We’re already there,” Kurtz said.

Kurtz, who recently served as cybersecurity adviser on President Barack Obama’s transition team, steered clear of discussing his advice to the new administration. But he praised the 60-day review of federal cybersecurity initiatives announced by the president on Feb. 9 and called Melissa Hathaway, the Bush administration official tapped to conduct it, “exceptionally capable.”

He said the United States should apply some of the lessons learned during the Cold War to cyber conflicts now simmering online. Cyber warfare is not as simple as the bipolar confrontation between the Western democracies and the Soviet bloc, Kurtz said. It is multilateral standoff involving multiple nations, shadowy organizations, and individual hackers and criminals.

“But I do think a number of concepts from the Cold War may apply, and one of these is deterrence,” he added.

A clear policy of deterrence by the United States and its allies helped to avoid the use of nuclear weapons. But no similar policy has been established for battles fought over networks. There is no definition of cyberwarfare, no policy on how and when cyber weapons should be deployed and used, and we do not have a clear idea of who our enemies are.

“We must begin by addressing the question of attribution,” Kurtz said. The ability to collect, share and analyze data in order to tailor responses to a threat is “the beginning of a deterrence policy.”

That ability will require the efforts of the intelligence community, in cooperation with law enforcement and the private sector, he said. Each of these sectors now collects large amounts of data, but the same inability to share and “connect the dots” that led to the 2001 terrorist attacks still plague our cybersecurity, he said.

Continue reading…

Filed under: Analysis, Biography, Business, cyber security, cyber war, Doctrine, government, History, Intelligence Community, Internet, Life, Military, News, Policy, Politics, Polls, Strategy, Technology, Terrorism, Training, War, , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Cyber Threats 101

By Kim Hart
February 16, 2009
The Washington Post

An Army lieutenant may be an expert at securing borders and warding off enemies in a war zone. But when it comes to making sure hackers cannot break into the military’s communications network, officers may feel pretty defenseless.

To get a better grasp on technological threats, military officers, agency heads and government contracting executives have found one of the Defense Department’s best-kept secrets: the National Defense University.

NDU is made up of four graduate-level colleges, including the National War College, the Industrial College of the Armed Forces, and the Joint Forces Staff College. But the largest college — the Information Resources Management College — has grown the fastest over the past few years because the skills it teaches are in such high demand.

Located on the District waterfront, at Fort Lesley J. McNair, the college trains mid-career workers, in the public and private sectors, how to leverage the newest consumer technologies as well as how to protect vital information. This expertise used to be reserved for an agency’s chief information officer. But as tools like thumb drives, Facebook, Twitter and voice over Internet Protocol phone services creep into offices and bases, secure digital networks are becoming essential for all employees.

“Web 2.0 and information assurance are such big deals these days, but they are in conflict,” said Robert Childs, senior director of the college. The courses are tailored for people responsible for safeguarding the networks at the National Security Administration and the Department of Homeland Security, for example. The Defense Department is the college’s primary source of funding.

Continue reading…

Filed under: Analysis, Biography, Business, cyber security, cyber war, Doctrine, government, History, Intelligence Community, Internet, Life, Military, News, Policy, Politics, Polls, Strategy, Technology, Terrorism, Training, War, , , , , , , , , , , , , , , , , , , , , , , , ,

Biography – Dennis C. Blair

Director of National Intelligence

Dennis C. Blair became the nation’s third Director of National Intelligence on January 29, 2009.

Prior to retiring in 2002, Admiral Blair served as Commander in Chief, U.S. Pacific Command, the largest of the combatant commands. During his 34-year Navy career, Admiral Blair served on guided missile destroyers in both the Atlantic and Pacific fleets and commanded the Kitty Hawk Battle Group. Ashore, he served as Director of the Joint Staff and as the first Associate Director of Central Intelligence for Military Support at the CIA. He has also served in budget and policy positions on the National Security Council and several major Navy staffs.

From 2003 to 2006, Blair was President and CEO of the Institute for Defense Analyses — one of the nation’s foremost national security analysis centers. Most recently, he served as the John M. Shalikashvili Chair in National Security Studies at the National Bureau of Asian Research, and the Deputy Director of the Project on National Security Reform, an organization that analyzes the U.S. national security structure and develops recommendations to improve its effectiveness.

A 1968 graduate of the U.S. Naval Academy, Blair earned a master’s degree in History and Languages from Oxford University as a Rhodes Scholar, and served as a White House Fellow at the Department of Housing and Urban Development. He has been awarded four Defense Distinguished Service Medals and has received decorations from the governments of Japan, Thailand, the Republic of Korea and Australia.

Filed under: Analysis, Biography, Business, cyber security, cyber war, Doctrine, government, History, Intelligence Community, Internet, Life, Military, News, Policy, Politics, Strategy, Technology, Terrorism, Training, War, , , , , , , , , , , , , , , , , , , , , ,

U.S. Interests Face Challenges in Europe, Intelligence Chief Says

By Jim Garamone
American Forces Press Service

WASHINGTON, Feb. 16, 2009 – (This is the third in a series on the intelligence community’s annual threat assessment.)

Russia’s perceived strengths and its policies, tensions in Eurasia, Caucasus and Central Asia, and instability in the Balkans all pose challenges to U.S. interests in Europe, the director of national intelligence said Feb. 12.

Dennis C. Blair, a retired Navy admiral, told the Senate Select Committee on Intelligence that Russia continues to rebuild its military and, as events in Georgia last year show, use those forces to impress on the world that the nation is still relevant.

“Russian challenges to US interests now spring more from Moscow’s perceived strengths than from the state weaknesses characteristic of the 1990s,” Blair said in prepared testimony.

“U.S. involvement in Iraq and Afghanistan and general anti-Americanism have created openings for Russia to build alternative arrangements to the US-led international political and economic institutional order,” he said.

Russia is attempting to increase its ability to influence events, he said, by “actively cultivating relations with regional powers, including China, Iran, and Venezuela.”

Blair said Russia’s energy policy is aimed at increasing the country’s importance on the European continent.

“Moscow also is trying to maintain control over energy supply and transportation networks to Europe to East Asia, and protect and further enhance its market share in Europe through new bilateral energy partnerships and organizing a gas cartel with other major exporters,” he said.

Read the rest of this entry »

Filed under: Analysis, Business, cyber security, cyber war, Doctrine, government, History, Intelligence Community, Internet, Life, Military, News, Policy, Politics, Strategy, Technology, Terrorism, Training, War, , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

The Highlighter: Securing Cyberspace for the 44th Presidency – Part IV

A Report of the CSIS Commission on Cybersecurity for the 44th Presidency

Part IV includes highlights of:

  • Section 3 – Rebuilding Partnership with the Private Sector

CSWW is not affiliated with CSIS or the commission that produced this report. The use of “we,” “our,” “us,” etc., throughout the highlights of this report refers to the members of the CSIS Commission and not to CSWW.

The Highlights:

Rebuilding Partnership with the Private Sector


The U.S. government should rebuild the public-private partnership on cybersecurity to focus on key infrastructures and coordinated preventive and responsive activities. We recommend the president direct the creation of three new groups for partnership that provide the bases for both trust and action:

  • A presidential advisory committee organized under the Federal Advisory Committee Act (FACA), with senior representatives from the key cyber infrastructures. This new body would incorporate the National Security and Telecommunications Advisory Committee (NSTAC) and National Infrastructure Advisory Council (NIAC);
  • A town hall style national stakeholders’ organization that provides a platform for education and discussion; and
  • A new operational organization, the Center for Cybersecurity Operations (CCSO), where public- and private-sector entities can collaborate and share information on critical cybersecurity in a trusted environment.

Securing cyberspace requires government and the private sector to work together.

There is a bifurcation of responsibility (the government must protect national security) and control (it does not manage the asset or provide the function that must be protected).

…the United States has a perplexing array of advisory groups with overlapping interests, inadequate resources, varying capabilities, and a lack of clarity around roles and responsibilities. To achieve real partnership, we must simplify mission and organizational structure.

In many interviews, we found almost universal recognition that the status quo is not meeting the needs of either the government or the private sector with respect to trust and operational collaboration.

Another problem for securing cyberspace is a diffusion of effort. Currently DHS identifies 18 different sectors as critical.

For us, critical means that, if the function or service is disrupted, there is immediate and serious damage to key national functions such as U.S. military capabilities or economic performance.

To focus the defense of cyberspace, we have identified four critical cyber infrastructures: energy, finance, the converging information technology and communications sectors, and government services (including state and municipal governments).

We recommend concentrating on two key problems: how to build trust between the government and company executives and how to focus efforts on what is truly critical for cyberspace.

The primary goal of the new partnership organizations should be to build action-oriented relationships rather than to share information that is either already available or that companies are reluctant to provide. This can be done by creating a simplified structure that has three parts: a new presidential advisory committee that connects the White House to the private-sector entities most important for cyberspace; a national town-hall organization that provides a dialogue for education and discussion, and a new operational organization.

The intent behind the three groups is to provide an inclusive platform for national engagement, something the United States currently lacks.

Trust is the foundation of a successful partnership between government and the private sector.

Read the rest of this entry »

Filed under: Analysis, Business, cyber security, cyber war, Doctrine, government, History, Intelligence Community, Internet, Life, Military, News, Policy, Politics, Polls, Strategy, Technology, Terrorism, The Highlighter, Training, War, , , , , , , , , , , , , , , , , , , , , , , , ,

Intelligence Community Sees Asia Rising

By Jim Garamone
American Forces Press Service

WASHINGTON, Feb. 15, 2009 – (This is the second in a three-part series on the intelligence community’s annual threat assessment.)

U.S. intelligence planners predict the 21st century will be the time for the rise of Asia, the director of national intelligence said Feb. 12.

Dennis C. Blair told the U.S. Senate Select Committee on Intelligence that “China and India are restoring positions they held in the 18th century when China produced approximately 30 percent and India 15 percent of the world’s wealth.”

While the current global economic crisis will slow growth in China and India, the two countries are likely to become the world’s third and fourth largest economies by 2025. China’s emergence as a world power is affecting the regional balance of power in Asia, Blair said in a prepared statement.

While the communist rulers of China have been successful in transforming the direction of the country, the government’s international behavior is driven by the need to maintain power. Leaders see their main missions as continuing prosperity and maintaining domestic stability, he said.

“Chinese leaders view preserving domestic stability as one of their most important internal security challenges,” Blair said.

Roughly 300 million Chinese have benefited from the current economic success, leaving 1 billion still in poverty.

Tibet and Taiwan remain problems internationally for the Chinese, but the election of a new government in Taiwan has tamped down tensions between the United States and the People’s Republic, Blair said.

From a military standpoint, China continues its modernization programs and operationally Chinese forces are prepared to move beyond the region, the admiral said. For example, a Chinese ship is cooperating with anti-pirate patrols in the Gulf of Aden, and Chinese troops may soon take part in United Nations peacekeeping operations.

On the equipment side, China continues to develop new, increasingly accurate missile capabilities that can reach U.S. forces throughout the region.

China is developing a robust anti-satellite capability, and Blair said this is among the nation’s highest military priorities. The Chinese also are modernizing their nuclear weapons capabilities.

Blair also spoke of India, which is harnessing the power of free markets after decades of trying to manage the economy.

“Like China, India’s expanding economy will lead New Delhi to pursue new trade partners, gain access to vital energy markets, and generate the other resources required to sustain rapid economic growth,” he said.

From a foreign policy and intelligence standpoint, relations with Pakistan dominate. The terror attack on Mumbai in November chilled relations between the two powers. Pakistan has vowed to crack down on extremists who used Pakistan to plan and train for the attack that crippled India’s major financial center and killed more than 130 people.

In Asia, North Korea is the odd-man out. In a region that reaped the benefits of economic growth, North Koreans are starving, and the government is pouring money into the military.

Blair said the U.S. intelligence community believes North Korea is operating a covert uranium enrichment program. While the country has nuclear weapons, Blair said he did not think North Korea would use them unless faced with a military defeat or loss of control.

North Korea continues to participate in the Six Party Talks — with South Korea, Japan, Russia, China and the United States — but progress is slow, Blair said. North Korea continues to proliferate nuclear weapons and missile technology, most notably to Iran and Syria.

“We remain concerned North Korea could again export nuclear technology,” he said.

Filed under: Analysis, Business, cyber security, cyber war, Doctrine, government, History, Intelligence Community, Internet, Life, Military, News, Policy, Politics, Strategy, Technology, Terrorism, Training, War, , , , , , , , , , , , , , , , , , , , , ,

Economic Crisis Overlays all Threats Facing U.S., Intel Chief Says

By Jim Garamone
American Forces Press Service

WASHINGTON, Feb. 14, 2009 – (Editor’s note: This is the first in a three-part series on the intelligence community’s annual threat assessment.)

The global economic crisis colors all other threats confronting the United States, the new director of national intelligence told the U.S. Senate Select Committee on Intelligence on Feb. 12.

Dennis C. Blair said the crisis raises the level of uncertainty in the world and places new areas of the globe in danger. Analysts are trying to understand the geopolitical implications of the crisis.

“The crisis has been ongoing for about a year, and economists are divided over whether and when we could hit bottom,” Blair said in prepared testimony. “Time is probably our greatest threat. The longer it takes for recovery to begin, the greater the likelihood of serious damage to U.S. strategic interests.”

The longer the crisis continues, the more likely the risk of instability in many areas of the world including Latin America, Central Asia and Africa. “Statistical modeling shows that economic crises increase the risk of regime-threatening instability if they persist over a one- to two-year period,” he said.

The overlay of the crisis makes known threats — such as al-Qaida — even more dangerous, he said. Extremist Muslim groups retain the greatest capability to threaten the United States and its interests.

Still, there has been progress countering al-Qaida, in particular. Blair said the indiscriminate attacks on fellow Muslims in Iraq and North Africa have caused many moderate Muslims to condemn the group.

Al-Qaida remains a threat in Afghanistan and Pakistan. The group portrays itself as aiding Taliban insurgents who are fighting Western imperialism, Blair said.

In Pakistan’s tribal areas, the terror group lost many of its leaders in 2008, he said. While this has weakened the group in the area, the group in Pakistan remains the most dangerous and continues to plot against the United States and U.S. interests from havens in the region.

In Iraq, al-Qaida has been severely weakened, but still retains the ability to launch occasional attacks, he said.

The terror group is re-emerging in Yemen. A terror cell launched an attack on the U.S. embassy in Sanaa in September and has launched 19 attacks on Western targets in the country in 2008.

Blair forecasts more al-Qaida activity in East Africa, specifically in Kenya and Somalia.

Al-Qaida cells may grow in the United States, Blair said. “We remain concerned about the potential for homegrown extremists inspired by the al-Qaida militant ideology to plan attacks in the United States, Europe and elsewhere without operational direction from the group itself,” he said. U.S. agencies will focus on identifying ties between U.S.-based individuals and extremist networks overseas.

There are terror groups beyond al-Qaida. Hezbollah in Lebanon remains a dangerous terrorist foe, Blair said. The group could attack U.S. targets if it perceives the United States is threatening its survival, leadership or infrastructure. Due to the terror group’s sponsorship by Iran, should Hezbollah’s leaders think the United States is a threat to its benefactor, the terror group may launch attacks on U.S. interests in the Middle East.

Iran is at the heart of what Blair calls an “arc of instability” running from the Middle East to South Asia. Blair said Iran’s goal to be a regional power drives its efforts in Iraq, Lebanon, Syria, North Africa, the Persian Gulf and beyond. It also is at the heart of the Iranian drive to develop nuclear weapons, he said.

Filed under: Analysis, Business, cyber security, cyber war, Doctrine, government, History, Intelligence Community, Internet, Life, Military, News, Policy, Strategy, Technology, Terrorism, Training, War, , , , , , , , , , , , , , , ,

CSWW Recommends – IntelFusion

If you have even the slightest of interest in intelligence matters, particularly those pertaining to cyber warfare, you should plug Jeffrey Carr’s site IntelFusion into your RSS reader.

Some very exciting work is being done there regarding open source intelligence and some very exciting opportunities and anxious times are occurring for Mr. Carr.

CSWW wishes him the best of luck and success!

Filed under: Analysis, Business, cyber security, cyber war, Doctrine, government, History, Intelligence Community, Internet, Life, Military, News, Policy, Politics, Strategy, Technology, Terrorism, Training, War, , , , , , ,


From the Chairman of the National Intelligence Council

Global Trends 2025: A Transformed World” is the fourth unclassified report prepared by the National Intelligence Council (NIC) in recent years that takes a long-term view of the future. It offers a fresh look at how key global trends might develop over the next 15 years to influence world events. Our report is not meant to be an exercise in prediction or crystal ball-gazing. Mindful that there are many possible “futures,” we offer a range of possibilities and potential discontinuities, as a way of opening our minds to developments we might otherwise miss.

Some of our preliminary assessments are highlighted below:

  • The whole international system—as constructed following WWII—will be revolutionized. Not only will new players—Brazil, Russia, India and China— have a seat at the international high table, they will bring new stakes and rules of the game.
  • The unprecedented transfer of wealth roughly from West to East now under way will continue for the foreseeable future.
  • Unprecedented economic growth, coupled with 1.5 billion more people, will put pressure on resources—particularly energy, food, and water—raising the specter of scarcities emerging as demand outstrips supply.
  • The potential for conflict will increase owing partly to political turbulence in parts of the greater Middle East.

As with the earlier NIC efforts—such as Mapping The Global Future 2020—the project’s primary goal is to provide US policymakers with a view of how world developments could evolve, identifying opportunities and potentially negative developments that might warrant policy action. We also hope this paper stimulates a broader discussion of value to educational and policy institutions at home and abroad.

Continue reading…

Filed under: Doctrine, government, Intelligence Community, Policy, Politics, Strategy, , , , ,

The Highlighter: Securing Cyberspace for the 44th Presidency – Part I

A Report of the CSIS Commission on Cybersecurity for the 44th Presidency

Part I includes highlights of the:

  • Executive Summary
  • Summary of Recommendations
  • Introduction

CSWW is not affiliated with CSIS or the commission that produced this report. The use of “we,” “our,” “us,” etc., throughout the highlights of this report refers to the members of the CSIS Commission and not to CSWW.

The Highlights:

This report makes use of a broad definition of cyberspace that goes beyond the Internet to include all forms of networked, digital activities.

Executive Summary

(1) cybersecurity is now a major national security problem
(2) decisions and actions must respect privacy and civil liberties
(3) only a comprehensive national security strategy that embraces both the domestic and international aspects of cybersecurity will make us more secure

We were encouraged in our work by senior officials in the Department of Defense, the intelligence community, and other agencies who told us that cybersecurity was one of the greatest security challenges the United States faces in a new and more competitive international environment.

Major agencies play key roles set by presidential directives and coordinated by the White House.

We propose creating a new office for cyberspace in the Executive Office of the President. This office would combine existing entities and also work with the National Security Council in managing the many aspects of securing our national networks while protecting privacy and civil liberties.

Government must recast its relationship with the private sector as well as redesign the public-private partnership to promote better cybersecurity.

The Bush administration took a major step toward improving federal cybersecurity with its Comprehensive National Cybersecurity Initiative.

…we face a long-term challenge in cyberspace from foreign intelligence agencies and militaries, criminals, and others, and that losing this struggle will wreak serious damage on the economic health and national security of the United States.

Read the rest of this entry »

Filed under: Analysis, cyber security, Doctrine, Policy, Politics, Strategy, The Highlighter, , , , , , , , , , , , , , , , , , ,

Global Trends

"The nature of conflict is changing. The risk of conflict will increase due to diverging interests among major powers, an expanding terror threat, continued instability in weak states, and the spread of lethal, disruptive technologies. Disrupting societies will become more common, with long-range precision weapons, cyber, and robotic systems to target infrastructure from afar, and more accessible technology to create weapons of mass destruction."
Global Trends and Key Implications Through 2035 from the National Intelligence Council Quadrennial Report GLOBAL TRENDS: The Paradox of Power

A World at War

The World is at War. It is a world war that is being fought right now, in real time, virtually everywhere on the planet. It is a world war that is, perhaps, more encompassing and global in nature than any other world war in history because, not only is it being fought by nations and their governments, it is also being fought by non-state actors such as terrorists, organized crime, unorganized crime, and many other known and unknown entities. It is a total world war being fought every day on the hidden and dark battle fields of the cyber domain. It is a war that, according to some intelligence estimates, has the potential to be as nearly as serious and as deadly as a nuclear war... [MORE]




Author of the #1 New York Times bestseller Against All Enemies, former presidential advisor and counter-terrorism expert Richard A. Clarke sounds a timely and chilling warning about America’s vulnerability in a terrifying new international conflict—Cyber War! Every concerned American should read this startling and explosive book that offers an insider’s view of White House ‘Situation Room’ operations and carries the reader to the frontlines of our cyber defense. Cyber War exposes a virulent threat to our nation’s security. This is no X-Files fantasy or conspiracy theory madness—this is real... [MORE]


  • An error has occurred; the feed is probably down. Try again later.


Hackers are always pushing the boundaries, investigating the unknown, and evolving their art. Even if you don't already know how to program, Hacking: The Art of Exploitation, 2nd Edition will give you a complete picture of programming, machine architecture, network communications, and existing hacking techniques. Combine this knowledge with the included Linux environment, and all you need is your own creativity... [MORE]


Web applications are the front door to most organizations, exposing them to attacks that may disclose personal information, execute fraudulent transactions, or compromise ordinary users. This practical book has been completely updated and revised to discuss the latest step-by-step techniques for attacking and defending the range of ever-evolving web applications... [MORE]



“When it comes to what government and business are doing together and separately with personal data scooped up from the ether, Mr. Schneier is as knowledgeable as it gets…. Mr. Schneier’s use of concrete examples of bad behavior with data will make even skeptics queasy and potentially push the already paranoid over the edge.” (Jonathan A. Knee - New York Times)... [MORE]


  • Happy Pi Day!
    Blog Post: CIA’s Birthday (September 18, 1947) appears in Pi. The sequence, 09181947, starts at the 67,585,570th digit and only appears once in the first 200 million digits of Pi.
  • CIA Chief Operating Officer Speaks to Annuitants at CIRA Event
    Blog Post: On Wednesday, March 7, CIA Chief Operating Officer (COO) Brian Bulatao addressed a very special audience of former CIA officers. The Central Intelligence Retiree Association (CIRA) hosted its quarterly luncheon, attended by more than 150 Agency retirees who were eager to meet Bulatao, the man who came to CIA with both a military and business backg […]
  • Remembering CIA’s Heroes: Helge Boes
    Feature Story: Helge Philipp Boes was with the Central Intelligence Agency a short time, but his entire life seemed to have pointed him towards the sense of purpose he found working for the Agency. Helge's talent, tenacity, and presence of mind under fire earned him the respect of those far senior to him in experience. On February 5, 2003, Helge – a spe […]
  • The Women Who Lived at CIA
    Feature Story: Margaret Scattergood and Florence Thorne purchased a rural farm house on 20 acres of land in 1933. Neither woman could have predicted that within 30 years of purchase, their home would be enclosed on CIA property, behind its protective barriers, while hundreds of CIA officers came to work just a stones’ throw away.
  • OSS Creates First CI Division
    Feature Story: On March 1, 1943, OSS Director William “Wild Bill” Donovan created the Counterintelligence Division in the Secret Intelligence Branch—the first centralized, national-level counterintelligence office in US intelligence history, and the predecessor of the CIA’s Counterintelligence Mission Center.


The Blue Team Handbook is a zero fluff reference guide for cyber security incident responders and InfoSec pros alike. The BTHb includes essential information in a condensed handbook format about the incident response process, how attackers work, common tools, a methodology for network analysis developed over 12 years, Windows and Linux analysis processes, tcpdump usage examples, Snort IDS usage, and numerous other topics... [MORE]

RSS Defense Advanced Research Projects Agency (DARPA)

  • 2018/03/16 Nonsurgical Neural Interfaces Could Significantly Expand Use of Neurotechnology March 16, 2018
    Over the past two decades, the international biomedical research community has demonstrated increasingly sophisticated ways to allow a person's brain to communicate with a device, allowing breakthroughs aimed at improving quality of life, such as access to computers and the internet, and more recently control of a prosthetic limb. DARPA has been at the […]
  • 2018/03/14 Making Gray-Zone Activity more Black and White March 14, 2018
    An emergent type of conflict in recent years has been coined "gray zone," because it sits in a nebulous area between peace and conventional warfare. Gray-zone action is not openly declared or defined, it's slower, and is prosecuted more subtly-using social, psychological, religious, information, cyber and other means to achieve physical or cog […]
  • 2018/03/01 Slowing Biological Time to Extend the Golden Hour for Lifesaving Treatment March 1, 2018
    When a Service member suffers a traumatic injury or acute infection, the time from event to first medical treatment is usually the single most significant factor in determining the outcome between saving a life or not. First responders must act as quickly as possible, first to ensure a patient's sheer survival and then to prevent permanent disability. T […]
  • 2018/02/22 DARPA Names Researchers Working to Halt Outbreaks in 60 Days or Less February 22, 2018
    The increasing threat of infectious diseases is intensifying the need for breakthrough technologies and capabilities to protect first responders and equip them with therapeutics that can halt the impact of infectious agents. Current approaches for recent public health emergencies due to infectious diseases have not produced effective preventive or therapeuti […]
  • 2018/02/20 DARPA Seeks to Expand Real-Time Radiological Threat Detection to Include Other Dangers February 20, 2018
    Advanced commercially available technologies-such as additive manufacturing (3-D printing), small-scale chemical reactors for pharmaceuticals, and CRISPR gene-manipulation tools-have opened wide access to scientific exploration and discovery. In the hands of terrorists and rogue nation states, however, these capabilities could be misused to concoct chemical, […]


RSS Cyber News (Google)

  • This RSS feed URL is deprecated March 23, 2018
    This RSS feed URL is deprecated, please update. New URLs can be found in the footers at
  • Atlanta officials warn cyber attack may compromise sensitive data - MyAJC March 22, 2018
    MyAJCAtlanta officials warn cyber attack may compromise sensitive dataMyAJCCity of Atlanta officials are struggling to determine how much sensitive information may have been compromised in a Thursday cyber attack. They urged employees to check their bank accounts to make sure their financial information had not been accessed ...Cyber attack hits Atlanta comp […]
  • Senators introduced revised version of election cyber bill - The Hill March 22, 2018
    The HillSenators introduced revised version of election cyber billThe HillSpecifically, the bill aims to streamline information sharing between federal and state election officials, revise the delivery of security clearances to state officials to allow them to view sensitive cyber threat information related to elections and ...
  • Mitigating Personal Cyber Risk - CSO Online March 22, 2018
    Mitigating Personal Cyber RiskCSO OnlineThe biggest security challenge facing individuals and businesses today isn't scale. It's hyperconnectivity. The various devices and applications being used in homes or at organizations have now become so intertwined that it's hard to keep them separate ...
  • ISO Says Cyber Insurance Program Now Available in 42 States - Insurance Journal March 22, 2018
    Insurance JournalISO Says Cyber Insurance Program Now Available in 42 StatesInsurance Journal“Cyber insurance needs can vary significantly by both the industry and the size of the business,” said Prashant Pai, vice president of cyber offerings at Verisk. “The program we've introduced provides insurers with versatile tools to help meet the wide ...
  • West Virginia National Guard diversifies labor force with cyber initiatives - United States Army (press release) March 22, 2018
    United States Army (press release)West Virginia National Guard diversifies labor force with cyber initiativesUnited States Army (press release)CHARLESTON, W. Va. - The West Virginia National Guard is pressing forward with out-of-the-box strategies to develop and build a cyber-trained work force able to be utilized by both the National Guard and civilian sect […]
  • 5 universities partner to combat cyber security threats - NTV March 23, 2018
    NTV5 universities partner to combat cyber security threatsNTVIndiana University, Northwestern University, Purdue University, Rutgers University and the University of Nebraska-Lincoln announced on Wednesday the launch of OmniSO, a sector-based cyber security operations center that provides cyber intelligence to ...and more »
  • Looking for a New Gig? How About Cyber Crime Spy School? - PCMag March 22, 2018
    PCMagLooking for a New Gig? How About Cyber Crime Spy School?PCMagGraduates of the University of Southern California's computer and digital forensics degree program have nabbed jobs in cyber threat intelligence at Sony Pictures, incident response at Cylance, cyber intel at Lockheed Martin, and other covert or highly ...and more »
  • The theft of tea leaves and the evolution of cyber espionage ... - CSO - CSO Online March 22, 2018
    CSO OnlineThe theft of tea leaves and the evolution of cyber espionage ... - CSOCSO OnlineAll companies, big and small, are trying to figure out how to secure important data — the trade secrets. Lucky for us, it might come down to something as simple as being human.and more »
  • Why the U.S. Should Switch from Cyber-Deterrence to Playing ... - Foreign Affairs March 22, 2018
    Foreign AffairsWhy the U.S. Should Switch from Cyber-Deterrence to Playing ...Foreign AffairsIn cyberwarfare, Washington should recognize that the best defense is a good offense.Diplomats, 'Net greybeards work to disarm USA, China and Russia's ...The Registerall 2 news articles »
  • Panel Calls for Tougher Response to Russian Cyber Tampering - USNI News March 20, 2018
    USNI NewsPanel Calls for Tougher Response to Russian Cyber TamperingUSNI NewsThe United States, its allies and partners need to make clear to President Vladimir Putin and those who support them there is a price to pay for tampering in other nations' political and social affairs and their harboring cyber criminals inside Russia ...and more »


RSS Cyber War News (Bing)

  • Looking for a New Gig? How About Cyber Crime Spy School? March 22, 2018
    Graduates of the University of Southern California's computer and digital forensics degree program have nabbed jobs in cyber threat intelligence at Sony Pictures, incident response at Cylance, cyber intel at Lockheed Martin, and other covert or highly ...
  • US anti-terror training abroad includes K-9, cyber security March 20, 2018
    AMMAN, Jordan – A German shepherd sniffed suitcases in an airport inspection drill, excitedly pausing near one bag from which a handler then pulled a satchel with plastic explosives. The exercise at the compound of the Jordanian police canine unit ...
  • U.S. spending bill to boost border and cyber security: source March 21, 2018
    WASHINGTON (Reuters) - Congress’ massive federal government spending deal includes $1.6 billion in new border security and millions of dollars in additional funding for the FBI and states to secure upcoming U.S. elections and fight Russian hacking, a ...
  • Bridging the cyber skills gap with automation March 22, 2018
    As we know all too well, cybersecurity is a field suffering from a staggering talent shortage. In fact, the Capgemini Digital Transformation Institute recently issued a report titled, “Cybersecurity Talent: The Big Gap in Cyber Protection,” which found ...
  • Senators introduced revised version of election cyber bill March 22, 2018
    A bipartisan group of senators on Thursday unveiled revised legislation to secure U.S. voting systems from cyberattack. The bill, originally introduced in December, retains its original tenets, including authorizing grants for states to replace outdated ...
  • U.S. spending bill to provide $380 million for election cyber security: sources March 22, 2018
    WASHINGTON (Reuters) - Lawmakers have included nearly $400 million in a massive federal government spending bill to help safeguard U.S. voting systems from cyber attacks, three sources familiar with negotiations said on Wednesday. The spending package ...
  • Learn details of the cyber security market is valued at USD 136 billion as on 2017 March 22, 2018
    The increasing frequency of cyber-crimes along with mandates to regulatory compliances, and development of new applications such as internet of things (IOT), cloud, mobility, Machine-to-Machine (M2M) are some of the major factors contributing towards the ...
  • Dave Wajsgras: Under the radar, reimagining cyber March 22, 2018
    Raytheon is best known as a defense contractor. In the federal IT space, however, the firm has a low profile that belies its massive role. Dave Wajsgras is working to change that. “We’re known as the largest missile maker in the world,” he told FCW.
  • XM Cyber Launches Automated APT Simulation Platform to Detect Threats March 20, 2018
    The startup led by veterans of Israel's intelligence community emerges from stealth with a cyber-security platform that aims to detect advanced persistent threats. The best hackers are able to stay hidden in a system, looking like legitimate users, and it ...
  • West Virginia National Guard diversifies labor force with cyber initiatives March 22, 2018
    CHARLESTON, W. Va. - The West Virginia National Guard is pressing forward with out-of-the-box strategies to develop and build a cyber-trained work force able to be utilized by both the National Guard and civilian sector in areas such as vulnerability ...


RSS Cyber Tag (Icerocket)

  • Social Sidekick: Your Monthly Guide to Social Holidays, Themes, and Noteworthy Events March 22, 2018
    We're now in the middle of Spring! Hopefully, you're getting more flowers rather than showers! April brings us social holidays like Earth Day, Deep Dish Pizza Day (YUM!), Find A…Read More >>>
  • Infographic: Top Contenders for Amazon HQ2 March 20, 2018
    The race is on. Once Amazon announced that they were looking for a city to build a second headquarters (HQ2) in North America, more than 200 municipalities in Canada, Mexico, and…Read More >>>
  • How Gen Z is Changing Companies’ Marketing Plans March 18, 2018
    It seems like every day I read another article about how Millennials are killing another industry. But Millennials are in their late 20’s and early 30’s, and they are no…Read More >>>
  • Your PR SEO Super Powers March 17, 2018
    While search engine optimization (SEO) and PR have been buddies for a while now, never have they been so reliant on each other. We're now moving into an era of…Read More >>>
  • 5 of the Best University Social Feeds March 15, 2018
    It's no secret that social media has become younger generations' primary form of communication. From communicating with friends and family to keeping up with the latest news, social platforms serve…Read More >>>


RSS Cyberwar Tag (Wordpress)


The Art of Attention

© 2016 PROSOCHĒ. All Rights Reserved.
Fair Use Policy ҩ Terms of Service ҩ Privacy Policy ҩ Contact

Cyber Threat Assessment



In this New York Times bestselling investigation, Ted Koppel reveals that a major cyberattack on America’s power grid is not only possible but likely, that it would be devastating, and that the United States is shockingly unprepared... [MORE]


As cyber-attacks dominate front-page news, as hackers join terrorists on the list of global threats, and as top generals warn of a coming cyber war, few books are more timely and enlightening than Dark Territory: The Secret History of Cyber War, by Slate columnist and Pulitzer Prize–winning journalist Fred Kaplan... [MORE]



Support CSWW

Please help improve CSWW by providing us with your comments, concerns, and questions at our FEEDBACK page.

Editor, CSWW

Kurt Brindley is a retired U.S. Navy Senior Chief who specialized in the fields of tele-communications and C4SRI systems Upon retirement from the navy, he spent nearly a decade as a defense industry consultant. He now writes full time... [MORE]


Now in development for film by 20th Century Fox, award-winning CyberStorm depicts, in realistic and sometimes terrifying detail, what a full scale cyber attack against present-day New York City might look like from the perspective of one family trying to survive it... [MORE]