Loading...

Follow The Cipher Brief on Feedspot

Continue with Google
Continue with Facebook
or

Valid

New audio of the seizure of a British-flagged tanker indicates the vessel was too far away from help to avoid being forced to change course by Iranian Paramilitary forces last week.  In audio released on Sunday by a maritime security firm, a British officer unsuccessfully demanded freedom to sail through the Strait of Hormuz. 

Ships are getting caught in the middle of the rising tensions between the U.S. and Iran and the latest ongoing incident is casting new and broader perspective on the possibility of a modern-day ‘Tanker War’ in the Gulf.

Cipher Brief expert and former CIA senior Intelligence Officer Steven Ward provides insights and an important historical reminder of what we can likely expect.

This is Cipher Brief Level I Member Only content. It can be accessed via login or by signing up to become a Cipher Brief Member.  Joining this high-level, security-focused community is only $10/month (for an annual $120/yr membership). What a great and inexpensive way to Feed Your Need to Know….

 

 

The post Iran, Tankers and the Threat of Greater Destruction appeared first on The Cipher Brief.

  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 
The Cipher Brief by Suzanne Kelly - 6d ago

Tensions remain high between Iran and several EU countries, even after some of the primary signatories to the 2015 nuclear agreement vowed their continued support this week, offering Iran an opportunity to reverse its recent, deliberate violations of the JCPOA. 

In play right now:

This is Cipher Brief Level I Member Only content. It can be accessed via login or by signing up to become a Cipher Brief Member.  Joining this high-level, security-focused community is only $10/month (for an annual $120/yr membership). What a great and inexpensive way to Feed Your Need to Know….

The post Iran’s State of Play appeared first on The Cipher Brief.

  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 

Few today would argue that the threat surface in cyberspace has expanded significantly in the past decade.  Just ask your fridge.  From the new risks we’ve brought into our own kitchens, to the increased capabilities of nation states to disrupt everything from electricity to elections, there is an even greater (panic) questioning of what to do about it.

In The Fifth Domain: Defending Our Country, Our Companies, and Ourselves in the Age of Cyber Threats, (released on Tuesday) authors Richard Clarke, who served as the first U.S. official in charge of U.S. cybersecurity policy and Rob Knake, who served from 2011-2015 in the White House as director for cybersecurity policy at the National Security Council, try to tackle some of those questions.

While the authors also chillingly predict that “America’s next major war is likely to be provoked by a cyber attack,” they argue that we also know much more than we did a decade ago about defending the nation, our businesses, and ourselves.

The Cipher Brief’s State Secrets podcast caught up with Clarke to talk about today’s cyberthreats posed by nation states, and what we need to be doing about them right now.

LAUNCHING THIS MONTH:  The Cyber Initiatives Group, powered by The Cipher Brief.  The CIG is a public-private sector group of cyber professionals who share high-level thought and expert perspective on cyber issues impacting today’s businesses.

With a team of principals including Former CIA and NSA Director, General Mike Hayden (Ret.), former NSA Director, General Keith Alexander (Ret.), former Deputy NSA Director Rick Ledgett, former NCTC Director Matt Olsen, former Vice Chairman of the Joint Chiefs of Staff, Adm. Sandy Winnefeld and former DHS Deputy Undersecretary for Cybersecurity, Mark Weatherford, the new Cyber Initiatives Group will focus on connecting experts in ways that share best practices on cybersecurity. 

If you’re interested in becoming an inaugural member or sponsor of this thought leadership group, please send an email to CIG@thecipherbrief.com.

‘I’m excited to facilitate this critical cyber conversation and to be working with leaders from across the private sector as they tackle the very difficult cyber issues that impact every company doing business today.’  – Michael V. Hayden

This is Cipher Brief Level I Member Only content. It can be accessed via login or by signing up to become a Cipher Brief Member.  Joining this high-level, security-focused community is only $10/month (for an annual $120/yr membership). What a great and inexpensive way to Feed Your Need to Know….

The post Avoiding War in the Fifth Domain appeared first on The Cipher Brief.

  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 

Tim Willasey-Wilsey is a former senior member of the British Foreign Office and a Cipher Brief expert. He is currently a Senior Visiting Research Fellow at Kings College London’s Department of War Studies.

President Trump’s short walk inside North Korea on 30th June was great theatre; perfect for a politician launching his bid for re-election. It also had value in providing fresh evidence for Kim Jong-un of their “special friendship” at a time when Kim might be forgiven for wondering whether he had been forgotten as Washington’s foreign policy focus had shifted to Iran. Xi Jinping’s visit to Pyongyang on 20th June (the first by a Chinese leader to North Korea for 14 years) might have been an additional motive for Trump’s visit just in case Beijing was hoping to fill the vacuum left by the collapse of the Hanoi Summit.
The failure of the Hanoi meetings of 27th and 28th February has had significant effects in both Koreas. We know why it failed; because North Korea offered too little too late, to dismantle Yongbyon, and expected too much in the way of sanctions relief. What is less well understood is why Kim Jong-un misread the situation so disastrously.

This is Cipher Brief Level I Member Only content. It can be accessed via login or by signing up to become a Cipher Brief Member.  Joining this high-level, security-focused community is only $10/month (for an annual $120/yr membership). What a great and inexpensive way to Feed Your Need to Know….

The post Reading the Clues on North Korea appeared first on The Cipher Brief.

  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 

The Cipher Brief is taking a look this week at the national security situation along the southern border.  On Sunday, Congressman Will Hurd told NBC, “We need to make sure that countering human smuggling is a national intelligence priority so that we have CIA, the NSA, the FBI working with our allies in those countries to stop root causes there”.

Mexican officials have taken recent steps to help curb the flow of illegal immigrants in light of the overwhelming numbers of refugees that have been crossing into the U.S. in recent months by reinforcing their southern and northern borders and sending additional troops to support U.S. efforts to stop the flow of illegal immigrants. In the meantime, experts tell us that criminals, gang members, narcotics traffickers and human smugglers are exploiting the weaknesses within Customs and Border Protection due to a manpower diversion.  CBP reports apprehending more than 99,000 in April and more 132,887 in May. 

The Cipher Brief tapped expert Michael J. Fisher, former Chief of the U.S. Border Patrol and member of the Senior Executive Service to talk about the actual threats to national security and whether Mexico is doing enough to help.

This is Cipher Brief Level I Member Only content. It can be accessed via login or by signing up to become a Cipher Brief Member.  Joining this high-level, security-focused community is only $10/month (for an annual $120/yr membership). What a great and inexpensive way to Feed Your Need to Know….

The post Mexico’s Role in Border Security appeared first on The Cipher Brief.

  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 

The Cipher Brief is taking a look this week at the national security situation along the southern border.

On NBC, the only Congressional Republican who represents a district along that border said on Sunday that officials aren’t focused enough on the issue of human smuggling.  Congressman Will Hurd said he believes the issue should be a national intelligence priority. “We need to make sure that countering human smuggling is a national intelligence priority so that we have CIA, the NSA, the FBI working with our allies in those countries to stop root causes there” the Congressman told Meet the Press.

The Cipher Brief tapped experts Michael J. Fisher, former Chief of the U.S. Border Patrol and member of the Senior Executive Service and Rowdy Adams, former Senior Executive Service member in the DHS, CBP Office of Border Patrol specializing in border security operations to talk with us about the issues that are affecting security at the border and whether there is a conflagration issue when it comes to security and immigration. 

We started with the numbers.  In April 2019, CBP apprehended over 99,000 people attempting to cross illegally into the U.S.  In May 2019, the number jumped to 132,887 people attempting to cross illegally into the U.S.  They are numbers that gangs, human smugglers and narcotics traffickers and watching closely and exploiting.

Over the next two days, The Cipher Brief will be focused on how these numbers are or are not impacting broader national security, about how they are creating a different dynamic than we’ve seen in recent years and the role of technology and the media in understanding the depth of the threat.

This is Cipher Brief Level I Member Only content. It can be accessed via login or by signing up to become a Cipher Brief Member.  Joining this high-level, security-focused community is only $10/month (for an annual $120/yr membership). What a great and inexpensive way to Feed Your Need to Know….

The post The Real National Security Challenges at the Border appeared first on The Cipher Brief.

  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 
The Cipher Brief by Suzanne Kelly - 3w ago

Iran’s Foreign Minister Javad Zarif confirmed Monday that Tehran has violated the limits imposed on uranium enrichment that were a key part of the 2015 nuclear deal. 

The U.S. withdrew its support for the deal last year.  The Trump Administration on Monday responded to the confirmation of increased uranium enrichment, vowing ‘maximum pressure on the Iranian regime”.  A statement from the White House press secretary said “We must restore the longstanding nonproliferation standard of no enrichment for Iran.  The United States and its allies will never allow Iran to develop nuclear weapons.”

Experts who have followed escalating tensions between Iran and the U.S. over the past several weeks have looked at the likelihood of retaliation and what form it might take.

The Cipher Brief asked our new expert, Lieutenant General Vincent Stewart (Ret.), who just retired as Deputy Commander of U.S. Cyber Command, for his thoughts.

Iran has known for some time that they can’t match the U.S. or its allies in a straight up conventional military conflict, so they have invested in asymmetric responses that include naval swarming techniques and tactics, missiles with ranges that can hit all of our advanced staging bases, air defense to counter our air advantages and the use of militia and special units that are capable of targeting U.S. and Western interests around the world.

In a conflict with the United States, the Iranian strategy would be to avoid where possible, direct conventional force on force operations. They would attempt to impose cost on a global scale, striking at U.S. interests through cyber-operations and targeted terrorism with the intent of expanding the conflict, while encouraging the international community to restrain America’s actions.

Every attempt will be made to avoid a repeat of Desert Storm, where the conflict was largely resolved in 100 hours. The underlying element of the strategy being, Americans lack the will for another protracted conflict in the Middle East.  Iran views the U.S.’ center of gravity as the will of the American people to avoid another protracted Middle East conflict. In light of our connectedness, the most effective cost imposing asymmetric elements of the Iran strategy with global effects would likely occur in cyberspace in actions focused on our critical infrastructure with an emphasis on the financial elements that impact our economy.

Lt. General Vincent Stewart (Ret.), Former Dep. Commander, U.S. Cyber Command

“The war fighting event that will get American’s attention is a war that directly impacts the American economy.  This is where offensive cyber operations begin to play a central role in Iran’s strategy.”

Iran has demonstrated and continues to refine its capabilities against its enemies in the region.  It’s 2012 attack against Saudi Aramco is an excellent example.  Iran knows how to conduct the necessary reconnaissance and deliver destructive payloads.  I would expect them to have begun selected targeting through socially-engineered phishing activities focused on the oil and gas sector, the financial sector and the electric power grid in that order.  There may be instances now where they already have some persistent access.  If they do, I expect they would use it, or risk losing the access and employ that capability early in the escalation of the crisis.

If I had a business in the sectors mentioned, I would not assume that my firewall has not been penetrated, or that my antivirus and malware tools are fully deployed and protecting my networks.  I would ensure that I have an integrated threat intelligence picture that provides global insights before it reaches my moat; I would be focused on countering phishing or whaling attempts; and I would deploy my red teams to hunt for persistent threats inside my networks.

Meanwhile, CYBERCOM and its partners are tasked with defending and disrupting forward.  Traditional military activities (TMA), to include reconnaissance, shaping, pre-positioning, preemptive deception etc. should all be in play at this point.  CYBERCOM by way of the NDAA now has all the authority needed for conducting TMA. Our increased authorities combined with our approach to defend forward allows us to be more disruptive and could reduce the threat vectors that the private sector would be required to address.

Defending forward and engaging persistently will not eliminate all threats though it does allow us to be more pro-active in reducing the threat, placing our adversary on the defensive and positions us to impose cost when approved.

Lt. General Vincent Stewart (Ret.), Former Dep. Commander, U.S. Cyber Command

“The private sector must continue their defensive diligence built around high-quality threat intelligence and a well-established sharing construct at a minimum within their sector, and continue to defend inside their network, not forgetting about insider threat. Sharing insights on known malware and reporting incidents of compromise at network speed is critical.”

Private sector leaders should be asking the key questions and dusting off the crisis management plan. They should assume compromise and ask themselves what actions they will take in the first minute, the first ten minutes, the first sixty minutes.  Do they have a playbook ready to go at time of compromise and who executes the playbook?  Who are the key members of the team and what decisions are they authorized to make?  The playbook for success in a situation like this sits in the company’s strategic communication plan.  It might be time to make sure it’s ready.

Read also Iran’s Next Surprise by former CIA Senior Analyst Steven Ward, only in The Cipher Brief.

LAUNCHING THIS MONTH:  The Cyber Initiatives Group, powered by The Cipher Brief.  The CIG is a public-private sector group of cyber professionals who share high-level thought and expert perspective on cyber issues impacting today’s businesses.

With a team of principals including Former CIA and NSA Director, General Mike Hayden (Ret.), former NSA Director, General Keith Alexander (Ret.), former Deputy NSA Director Rick Ledgett, former NCTC Director Matt Olsen, former Vice Chairman of the Joint Chiefs of Staff, Adm. Sandy Winnefeld and former DHS Deputy Undersecretary for Cybersecurity, Mark Weatherford, the new Cyber Initiatives Group will focus on connecting experts in ways that share best practices on cybersecurity. 

If you’re interested in becoming an inaugural member or sponsor of this thought leadership group, please send an email to CIG@thecipherbrief.com and we will send you an invitation to join us. 

‘I’m excited to facilitate this critical cyber conversation and to be working with leaders from across the private sector as they tackle the very difficult cyber issues that impact every company doing business today.’  – Michael V. Hayden

The post Iran Strikes Back appeared first on The Cipher Brief.

  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 

The significant weekend visit between U.S. President Donald Trump and North Korean leader Kim Jong Un started with a Tweet last Thursday as President Trump was getting ready to depart the G20 conference in Osaka, Japan.

“After some very important meetings, including my meeting with President Xi of China, I will be leaving Japan for South Korea (with President Moon.) While there, if Chairman Kim of North Korea sees this, I would meet him at the Border/DMZ just to shake his hand and say Hello(?)!”

The impromptu meeting served as the first time a sitting U.S. President has crossed the DMZ and stepped foot into North Korea.  Now experts are asking whether it was a fantastic weekend photo op, or whether the meeting may in fact lead to the re-establishment of serious talks, as the President said it would. 

The Cipher Brief tapped expert Ambassador Joseph DeTrani, who formerly served as Special envoy for Six Party Talks with North Korea and as the U.S. Special Representative to the Korea Energy Development Organization for his take on the meaning of the President’s weekend visit.

This is Cipher Brief Level I Member Only content. It can be accessed via login or by signing up to become a Cipher Brief Member.  Joining this high-level, security-focused community is only $10/month (for an annual $120/yr membership). What a great and inexpensive way to Feed Your Need to Know.

The post Twitter Diplomacy and North Korea appeared first on The Cipher Brief.

  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 

U.S. businesses are being warned to harden their defenses in anticipation of potential cyberattacks as tensions between the U.S. and Iran continue to escalate. 

President Donald Trump posted to Twitter on Tuesday that “Any attack by Iran on anything American will be met with great and overwhelming force.  In some areas, overwhelming will mean obliteration.”  

That comment appeared to be in response to a statement by Iran’s President Hassan Rouhani that his country would not be intimidated by U.S. sanctions.

Cipher Brief expert and former National Intelligence Manager for Iran, Norm Roule, told us this week that his regional contacts “…have seen a spike in Iranian cyberattacks over recent months.  I expect this to continue until Iran’s Supreme Leader believes that the regime will be punished for such operations.”  

Christopher Krebs, director of DHS’ Cybersecurity and Infrastructure Security Agency issued a warning over the weekend that “malicious cyberactivity” was on the rise. “Iranian regime actors and proxies are increasingly using destructive ‘wiper’ attacks, looking to so much more than just steal data and money,” said Krebs in a statement posted to Twitter.  “These efforts are often enabled through common tactics like spear phishing, password spraying and credential stuffing.  What might start as an account compromise, where you think you might just lose data, can quickly become a situation where you’ve lost your whole network.” 

Back in 2011 and running through 2013, Iran conducted distributed denial of service attacks, or DDoS attacks (Distributed Denial of Service) against a large number of U.S. banks, including some of the largest banks in New York City.

In 2016, The Justice Department handed down an indictment on seven Iranian hackers who they believed were acting on behalf of the Iranian government.

“I know that the perception is that Iran attacked U.S. banks because of the sanctions that Treasury had implemented as part of a broader U.S. international policy to address Iran’s nuclear weapons programs,” says Leslie Ireland, a Cipher Brief expert and former Assistant Secretary of the Treasury for Intelligence and Analysis. “I wouldn’t be surprised if U.S. banks were again subject to cyberattack, but I’d also point out that when the U.S. has sanctioned Iran, the sanctions were against a range of industries. It wasn’t just against the financial sector, but the airline sector, the Iranian shipping line, IRISL, was targeted. I think if you think this through from an Iranian perspective of trying to understand what they would consider to be a proportionate attack, I would encourage other industries, parts of our critical infrastructure, to consider the possibility that Iranian cyber actors could come after them as well.”

When it comes to how U.S. businesses should be thinking about the threat in light of the latest warnings, FBI Deputy Assistant Director Tonya Ugoretz told The Cipher Brief that “Cyber is a means for nation-states to achieve their strategic objectives, so it’s important to consider the geopolitical environment when assessing risk and network defenses. As Department of Justice indictments have shown, Iran has a history of both cyber espionage and disruptive and destructive cyberattacks. In addition to employing cyber hygiene best practices, we are all safer when we are forward-leaning in sharing information about suspicious activity – both across and between the government and private sector.”

The Cipher Brief tapped a number of other cyber experts with government and private sector backgrounds, to get a well-rounded take on today’s increased threat to U.S. businesses. We asked them what the latest provocations mean for business and which sectors are most likely to be targeted, as well as their advice on the top three things businesses should be doing right now to harden their defenses.

This is Cipher Brief Level I Member Only content. It can be accessed via login or by signing up to become a Cipher Brief Member.  Joining this high-level, security-focused community is only $10/month (for an annual $120/yr membership). What a great and inexpensive way to Feed Your Need to Know.

LAUNCHING IN JULY:  The Cyber Initiatives Group, powered by The Cipher Brief.  The CIG is a public-private sector group of cyber professionals who share observations, high-level thought and expert perspective on cyber issues impacting all of today’s businesses.

With a team of principals including Former CIA and NSA Director, General Mike Hayden (Ret.), former NSA Director, General Keith Alexander (Ret.), former Deputy NSA Director Rick Ledgett, former NCTC Director Matt Olsen, former Vice Chairman of the Joint Chiefs of Staff, Adm. Sandy Winnefeld and former DHS Deputy Undersecretary for Cybersecurity, Mark Weatherford, the new Cyber Initiatives Group will focus on connecting experts in ways that share best practices on cybersecurity. 

If you’re interested in becoming an inaugural member or sponsor of this thought leadership group, please send an email to Editor@thecipherbrief.com and we will send you an invitation to join the conversation. 

‘I’m excited to facilitate this critical cyber conversation and to be working with leaders from across the private sector as they tackle the very difficult cyber issues that impact every company doing business today.’  – Michael V. Hayden

The post How Iran Targets U.S. Businesses appeared first on The Cipher Brief.

  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 

Last week, the U.S. nearly launched retaliatory attacks against Iran for the shooting down of a U.S. military drone that was operating in the region.  While the Trump Administration has been casting some doubt in recent days as to whether the downing of the aircraft was authorized at the highest levels in Iran, the incident highlights the use of unmanned aerial vehicles in conflict zones and just how quickly incidents involving drones can lead to escalation.  And it’s not just the military that is affected by this fast-developing technology that’s giving a lot more power to the person holding the controls. 

Singapore’s Changi airport was forced to close multiple runways recently after unauthorized drones were spotted operating nearby.

On May 14th, Saudi Arabia was forced to halt pumping on a major oil pipeline, after the pipeline was attacked using armed drones. Houthis operating in Yemen and supported via Iranian arms and training, claimed responsibility for that attack.  

In January of this year, flights at London’s Heathrow Airport were temporarily halted after a drone was spotted operating in the vicinity.

The threat of drones is prolific, from the military’s reliance on them, to an adversary’s ability to easily create panic and disrupt society, to their use by Nation States looking to further regional interests via proxy groups, as Iran is often accused of doing.  

This is Cipher Brief Level I Member Only content. It can be accessed via login or by signing up to become a Cipher Brief Member.  Joining this high-level, security-focused community is only $10/month (for an annual $120/yr membership). What a great and inexpensive way to Feed Your Need to Know….

The post Deadlier Skies: Risks and Benefits of Drone Technology appeared first on The Cipher Brief.

Read for later

Articles marked as Favorite are saved for later viewing.
close
  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 

Separate tags by commas
To access this feature, please upgrade your account.
Start your free month
Free Preview