Cybersecurity

Op-Ed

2014: The Year in Cyberattacks

Author: Sharone Tobias
Newsweek

While Sony may have dominated the news toward the end of 2014, three major cyberattacks against U.S. companies shook the corporate world earlier this year: Target opened the year by announcing in January that hackers had stolen personal information from an estimated 110 million accounts; hackers accessed approximately 83 million J.P. Morgan Chase accounts in August; and Home Depot confirmed that its payment system was breached in September, compromising an estimated 56 million accounts. Here’s a look back at the details of each of those attacks, and how they affected the conversation about cybersecurity in the United States and the corporate sector.

See more in United States; Cybersecurity

Audio

Media Conference Call: North Korean Cyberattack on Sony Pictures (Audio)

Speakers: Adam Segal and Scott A. Snyder
Presider: Robert McMahon

Adam Segal, CFR senior fellow for China studies, and Scott A. Snyder, CFR senior fellow for Korea studies, discussed the cyberattack on Sony Pictures and the studio's decision to cancel its release of The Interview, a comedy that reportedly depicts the assassination of North Korean leader Kim Jong-un.

See more in North Korea; Cybersecurity; Homeland Security

Transcript

Media Conference Call: North Korean Cyberattack on Sony Pictures

Speakers: Adam Segal and Scott A. Snyder
Presider: Robert McMahon

Adam Segal, CFR senior fellow for China studies, and Scott A. Snyder, CFR senior fellow for Korea studies, discussed the cyberattack on Sony Pictures and the studio's decision to cancel its release of The Interview, a comedy that reportedly depicts the assassination of North Korean leader Kim Jong-un.

See more in North Korea; Cybersecurity; Homeland Security

Op-Ed

Beyond Borders: Fighting Data Protectionism

Author: Karen Kornbluh
Democracy: A Journal of Ideas

The free flow of information across borders is essential for the modern economy, but a growing number of countries have erected restrictions curtailing a free and open Internet. Karen Kornbluh discusses what diplomatic and policy steps the United States can take to safeguard the free flow of information worldwide.

See more in United States; Cybersecurity

Primary Sources

United States of America v. Members of China's People's Liberation Army

The U.S. Department of Justice announced the indictment of five Chinese military hackers on May 19, 2014. Wang Dong, Sun Kailiang, Wen Xinyu, Huang Zhenyu, and Gu Chunhui were charged with computer hacking, economic espionage and other offenses directed at Americans in the nuclear power, metals, and solar products industries.

See more in United States; China; Cybersecurity; Intellectual Property

Foreign Affairs Article

Is Cyberwar Real?

Authors: Jarno Limnell and Thomas Rid

Thomas Rid ("Cyberwar and Peace," November/December 2013) describes cyberattacks as somehow separate from conventional warfare because they fail to meet all three of Clausewitz's definitions of war as violent, instrumental, and attributable to one side as an action taken for a political goal.

See more in United States; Cybersecurity

Primary Sources

Executive Order and Framework: Improving Critical Infrastructure Cybersecurity

President Barack Obama ordered on February 12, 2013 that the U.S. government work with "owners and operators of critical infrastructure" to share information about cyber threats and attacks and to implement common cybersecurity standards. A year later, on February 12, 2014, the National Institute for Standards and Technology issued the framework for improving cybersecurity.

See more in United States; Cybersecurity; Digital Infrastructure

Primary Sources

Worldwide Threat Assessment of the U.S. Intelligence Community

Annually, the Director of National Intelligence testifies before the Senate Select Committee on Intelligence and before the House Permanent Select Committee on Intelligence to discuss the current and potential threats to United States' security and priorities for the Department of Defense budget. The assessment usually covers terrorism threats, cyber attacks, counterintelligence, proliferation, mass atrocities, regional and country-by-country threats, and other state and non state intelligence threats such as health threats, water security and transnational crime.

See more in United States; Cybersecurity; Intelligence

Research Links

Cybersecurity Policy

How can the United States protect cyberspace "control system of our country," without restricting the open "flow of information on the Internet"? What should countries consider when developing international cybersecurity standards and protocol? What should their citizens know to protect their information and their rights? Cybersecurity Policy Research Links provide news, background information, legislation, analysis, and international efforts to protect government and the public's information.

See more in United States; Cybersecurity; Internet Policy

Foreign Affairs Article

Cyberwar and Peace

Author: Thomas Rid

Cyberwar Is Coming!" declared the title of a seminal 1993 article by the RAND Corporation analysts John Arquilla and David Ronfeldt, who argued that the nascent Internet would fundamentally transform warfare.

See more in United States; Cybersecurity

Article

Self-Defensive Force Against Cyber Attacks: Legal, Strategic and Political Dimensions

Author: Matthew C. Waxman
International Law Studies

When does a cyber-attack (or threat of cyber-attack) give rise to a right of self-defense – including armed self-defense – and when should it? This essay examines these questions through three lenses: (1) a legal perspective, to examine the range of reasonable interpretations of self-defense rights as applied to cyber-attacks, and the relative merits of interpretations within that range; (2) a strategic perspective, to link a purported right of armed self-defense to long-term policy interests including security and stability; and (3) a political perspective, to consider the situational context in which government decision-makers will face these issues and predictive judgments about the reactions to cyber-crises of influential actors in the international system.

See more in Global; Cybersecurity