07 Jun 2016

The Ultimate Targeted Attack: Malvertisments

I’ve been in evil genius mode with Lou a few times on this. The advertising networks provide a tremendous amount of granularity that can be used for very focused attacks. For network defenders, they can also be very useful for attribution operations as well.

Read More
22 Oct 2015

10 Red Teaming Lessons Learned Over 20 Years

I’ve been a red teamer for twenty years now, perhaps even longer, but I didn’t know what to call it until 1995 when I started working with the Department of Defense. I’ve also been fortunate to participate in or lead hundreds of red teams within many divergent disciplines ranging from

Read More
19 Feb 2015

Every Cyber Attacker is an Insider

I recently witnessed the CIO of a publicly traded company dismissing the results of a successful red team to the Board of Directors by stating that the “the test wasn’t realistic as the red team had insider access.” The “insider” access in this instance was a network connection with no

Read More
12 Dec 2014

Terrorism Reference CDROM

This CDROM was created as an academic research resource for those with an interest in terrorism and counterterrorism issues. This edition was developed in collaboration with the American Society for Industrial Security’s (ASIS) National Capital Region for exclusive distribution to the attendees of the 2002 Countering Terrorism Seminar on June

Read More
15 Dec 2013

InfoWar 1992-2012

Matt Devost and Winn Schwartau talk discuss what has happened in the information warfare and cyberconflict space over the past twenty years.

Read More
26 Aug 2013

Destruction and Creation

To comprehend and cope with our environment we develop mental patterns or concepts of meaning. The purpose of this paper is to sketch out how we destroy and create these patterns to permit us to both shape and be shaped by a changing environment. In this sense, the discussion also

Read More
12 Apr 2013

When Armies Divide: The Security of Nuclear Arsenals During Revolts, Coups, and Civil Wars

In this brief volume Jenkins takes a detailed look at the General’s putsch, which was a 1961 coup attempt by a group of retired French Generals against President Charles de Gaulle. However, it is not the putsch itself that attracts Jenkins’ analytical attention, but the chaos surrounding the status of

Read More
27 Mar 2013

Quantified self devices create unique data signatures for each user

This fascinating story on GigaOm discusses the implications of big data and personal privacy. What was uniquely interesting was this quote from CIA Chief Technology Officer Gus Hunt in describing how your FitBit health tracker collects enough data about how you move to uniquely identify you with 100 percent accuracy.

Read More
27 Sep 2012

State Sponsored Cyber Threats – The Long View

Thinking about state-sponsored cyber threats over the long term doesn’t come easy to Western strategists. This essay takes a look at at the strategic implications of thinking only in the short-term.

Read More
01 Jun 2012

Private Sector Implications of Operation Olympic Games

The New York Times revealed today what many experts had already asserted regarding the United States role in the Stuxnet attack. While speculation of U.S. involvement complicated international relations on cyber conflict, an acknowledgement of U.S. involvement in a forum such as the New York Times heralds in a brave

Read More