In February 2020, the U.S. Department of Justice (DoJ) issued indictments against four Chinese individuals suspected in conducting the 2017 intrusion into Equifax, a global information solutions company that organizes, assimilates, and analyzes data on consumers and businesses worldwide. The personal data of approximately 145 million U.S. citizens was stolen in the breach. The four suspects are alleged to be members of the People’s Liberation Army’s (PLA) 54th Research Institute.
In this OODAcast, OODA LLC CEO Matt Devost interviews Congressman Will Hurd in a wide ranging discussion that touches on issues of geopolitical risk, cybersecurity, cyber risk and ways to help ensure our nation is prepared to compete and win in an age of rapid technological innovation. Quantum Computing, Artificial Intelligence, Advanced Communications (5G) and other mega-trends of technology are examined, as well as insights into leadership in the modern world.
Cyberwar Was Coming: A Reflection on the 25 Year Old Thesis that Predicted a Generation of Cyberconflict
“You’ve got to read what this kid is writing out of his basement at the University of Vermont…” – recently retired CIA officer to intelligence and military colleagues in 1994. A candid 25 year retrospective on a thesis that launched a tremendous amount of dialogue and action on the issues of information warfare, cyberterrorism, and cybersecurity.
The Department of Homeland Security has issued a series of intelligence advisories associated with threat actors exploiting COVID-19 to engage in conventional and cyber attacks. The three separate warnings range from ISIS exploiting the global crisis for violence to extremists intentionally trying to spread COVID-19 through minority populations to cyber attackers exploiting work from home technologies. All decisions-makers need to be aware of these threats regardless of their organization size or sector. Here are the details
On Sunday, the US Department of Health and Human Services was hit by a cyber attack intended to disrupt its response to the COVID-19 virus. The ‘disruption and disinformation’ attack has illustrated an intent to target a renewed dependency on IT systems during this pandemic. Businesses, universities, and governments around the world are rapidly deploying remote capabilities to allow work from home during self-isolation to flatten the curve. This solution however, has hyperextended existing IT infrastructure and while defenders struggle to adapt to this new perimeter, adversaries are sure to discover more points of impact.
Over the next three months the Covid19 virus may cause dramatic changes on the international scene that will impact decision-making in government and industry. We have no special insights into what they could be, but through thirty years of close observations of national security topics we can say this, we should be prepared for surprises. The impact of surprises can be mitigated by collecting information, and that collection can be optimized by starting with good questions.
I don’t consider myself a futurist, but thinking about the future has been an essential component of my career and supports a broad range of strategic thinking in the domains of cyber and geopolitical risk, threat intelligence, and business planning. I’ve taken to calling these future brainstorming mental models “living in the future” and the approach has been adapted into our HACKthink methodology as well to help organizations derive the essential actions needed to arrive at a future outcome.
The focus for our conference this year is “Future Proof”, so I thought it would be interesting to take a retrospective look at a blog post I wrote over 10 years ago called “We all live in the future now” to see how well the analysis stood the test of time.
On January 3, 2020, Iran’s Qassem Suleimani, head of the Islamic Revolutionary Guard Corps Quds Force (IRCG-QF) was killed by a US drone strike. Iran’s Supreme Leader Ali Khamenei declared that “harsh revenge” awaits those who led the strike against Suleimani. The military advisor to Khamenei stated that Iran’s response would “for sure be military” and directed against US military sites. It is hard to tell what the full nature of Iran’s response will be, history has shown they have an ability to surprise. However, we assess the most likely response will be state sponsored destructive cyber attacks done in a way that implies they were launched by Iran but still offer some level of ambiguity over source. We also assess increased attacks by hacktivist supporters of Iran.
The top stories on OODA Loop provide good insight into what issues will be top of mind for executives and experts going into 2020. Here are the 20 most popular posts of the year.
Two US senators asked the Department of Homeland Security for their support on a recent bill, the K-12 Cybersecurity Act of 2019, which aims to effectively manage the threat of ransomware and cyberattacks. The bill would establish guidelines that improve school cybersecurity systems. The senators stated that school systems are