Cybersecurity and Cyberwar

Subscribe to Cybersecurity and Cyberwar

According to media reports, Russian government hackers have penetrated the systems of thousands of companies across a variety of industries, as well numerous US government agencies. Moreover, what has been publicly reported may be only the tip of the iceberg in terms of both the scope of the attacks’ victims and the attackers’ methodologies. The most recent reporting also suggests that victim companies are not just those that would be of obvious interest to Russian intelligence services. Accordingly, all companies should assess whether they have been affected by this attack, what steps they need to take to remediate those effects, and what legal and contractual obligations they may have to notify government agencies, business partners, customers, and individuals.
Continue Reading The Urgent Need to Assess and Respond to Russian Supply Chain Attacks

Did you ever wonder where all that tech money came from all of a sudden? Turns out, a lot of it comes from online programmatic ads, an industry that gets little attention even from the companies, such as Google, that it made wealthy. That lack of attention is pretty ironic, because lack of attention

Our interview in this episode is with Michael Daniel, formerly the top cybersecurity adviser in the Obama NSC and currently the CEO of the Cyber Threat Alliance.  Michael lays out CTA’s mission. Along the way he also offers advice to the Biden cyber team – drawing in part on the wisdom of Henry

Another week, another Trump administration initiative to hasten the decoupling from China. As with MIRV warheads, the theory seems to be that the next administration can’t shoot them all down.  Brian Egan lays out this week’s initiative, which lifts from obscurity a DoD list of Chinese military companies and excludes them from U.S. capital

This episode’s interview with Dr. Peter Pry of the EMP Commission raises an awkward question: Is it possible that North Korea has already developed nuclear weapons that could cause the deaths of hundreds of millions of Americans by permanently frying the entire electrical infrastructure with a single high-altitude blast?  And if he doesn’t, could

On October 5, the US Department of Energy’s Office of Cybersecurity, Energy Security and Emergency Response (CESER) reached a $3 million partnership agreement with the National Institute of Standards and Technology (NIST) in order to “research and develop tools and practices that will strengthen the cybersecurity of the nation’s energy sector and maritime transportation system.”

According to CESER, 40% of all maritime traffic is comprised of energy products, which highlights the importance of addressing cybersecurity risks at seaports and in maritime transportation to safeguard US energy security. In the past several years, the incidence of cyber-intrusions, malware attacks and other dangerous lapses in cybersecurity impacting the maritime and energy sectors has increased tremendously across the globe.


Continue Reading US DOE and NIST Partner to Improve Cybersecurity in Energy, Maritime Transportation Industries

In this week’s episode I interview David Ignatius about the technology in his latest spy novel, The Paladin. Actually, while we do cover such tech issues as deepfakes, hacking back, Wikileaks, and internet journalism, the interview ranges more widely, from the steel industry of the 1970s, the roots of Donald Trump’s political worldview,

In this episode, Jamil Jaffer, Bruce Schneier, and I mull over the Treasury announcement that really raises the stakes even higher for ransomware victim.  The message from Treasury seems to be that if the ransomware gang is the subject of OFAC sanctions, as many are, the victim needs to call Treasury

John Yoo, Mark MacCarthy, and I kick off episode 329 of the Cyberlaw Podcast diving deep into what I call the cyberspace equivalent of a dumpster fire. There is probably a pretty good national security case for banning TikTok. In fact, China did a lot better than the Trump administration when it 

In our 327th episode of the Cyberlaw Podcast, Stewart is joined by Nick Weaver (@ncweaver), David Kris (@DavidKris), and Dave Aitel (@daveaitel). We are back from hiatus, with a one-hour news roundup to cover the big stories of the last month.  Pride of place goes to the WeChat/Tiktok mess, which just gets messier