The use of deniable actors is hardly unique to Russia, but the state’s complicity and even outright involvement in organized crime is. OODA’s reports “The Russian Threat” suggests that “Russia should be considered a kleptocracy, where the rule of law exists as long as it supports the objectives of the state and the ruling oligarchs.” The report further notes that because the law is subject to the state’s whims, Putin is able “to act decisively to defend Russian interests and to pursue opportunities he views as enhancing Russian prestige and power abroad.” The coopting of cyber criminals represents just such an example of kleptocracy enabling the Russian state to seize controversial opportunities that would be waylaid by opposition from “checks and balances” in true democracies.
Putin’s Russia has demonstrated a penchant for relying on proxies to provide a degree of deniability while pursuing its military objectives. As noted in Christoph Zürcher’s book The post-Soviet wars: Rebellion, ethnic conflict and nationhood in the Caucasus, Putin’s popularity emerged in large part due to his successful resolution of the conflict with Chechnya, which he achieved by co-opting the Kadyrov warlords. More recently, Putin has relied on not only deniable Russian forces, but also proxies within Ukraine. Still, blunders by Russian private military companies like the Wagner Group and Slavonic Corps in Syria have demonstrated how this deniability can backfire.
OODA is pleased to announce that our Future Proof conference will be held on March 19, 2020 in Tysons Corner, Virginia.
The Future Proof conference brings together the hackers, thinkers, strategists, disruptors, leaders, technologists, and creators with one foot in the future to discuss the most pressing issues of the day and provide insight into the ways technology is evolving. Future Proof is not just about understanding the future, but developing the resiliency to thrive and survive in an age of exponential disruption.
The space domain is transforming into an increasingly contested and congested environment. The President has referred to it as a critical warfighting domain and in response, the Department of Defense has recently established U.S. Space Command as a unified combatant command to employ space capabilities and lead space operations. In the private sector, we have seen investments in commercial space grow exponentially as advances in technology have sparked a renewed global interest in the final frontier. In the last decade alone an estimated 500 venture capital firms have invested in space, with approximately 20% making their first investments in 2018. A recent report by Morgan Stanley also cites, “the revenue generated by the global space industry may increase to more than $1 trillion by 2040.”
An FBI bulletin provides an overview and detailed recommendations on how cyberattackers are targeting audio/visual systems to compromise corporate networks along with recommendations on how to prevent such attacks.
The newly formed Cybersecurity and Infrastructure Security Agency (CISA)has released a strategic intent document outlining the agencies role in protecting U.S. critical infrastructure and cyberspace. It is important for OODA Network Members to track the emergent roles and responsibilities of this agency as it will be a critical component of cyber and infrastructure security moving forward.
There are literally hundreds of cybersecurity conferences hosted around the world each year and as a result it can be difficult to determine which conferences provided the highest value in the domain.
While each of these events bring community value in their own unique way, Def Con is the most valuable event of the year for the community. Here’s why.
The proliferation of cyber physical systems (CPS) has increasingly enabled cyber actions to have direct kinetic effects on tangible infrastructure, even as cyberspace itself depends on tangible infrastructure vulnerable to kinetic damage.
This report focuses on Russia, a particularly important threat actor to track given their track record of brazen infrastructure attacks. It is almost certain that we will see further attacks from Russia against the infrastructure of other nations. The only uncertainty remaining pertains to what sort of attacks they might be motivated to initiate under what circumstances, and whether we would even know if they had already been accomplished.
In Part Two of this series on Cyber Sensemaking, OODA CEO Matt Devost steps through the top management lessons learned and actions that can be taking to drive your cyber risk management program.
Distilling over 25 years working in the fields of cybersecurity and cyberconflict across a multitude of domains including government, corporate, think tank, and academic this article serves as a foundational distillation of observations that can be applied in any organization. In Part Two of the series, we will look at lessons learned and actions that can be executed by management teams to help manage cyber risk.