5 Items

Engima machine

Wikimedia

Paper - Hoover Institution Press

Nobody But Us

    Author:
  • Ben Buchanan
| Aug. 30, 2017

In the modern era, there is great convergence in the technologies used by friendly nations and by hostile ones. Signals intelligence agencies find themselves penetrating the technologies that they also at times must protect. To ease this tension, the United States and its partners have relied on an approach sometimes called Nobody But Us, or NOBUS: target communications mechanisms using unique methods accessible only to the United States. This paper examines how the NOBUS approach works, its limits, and the challenging matter of what comes next.

Server racks inside a data center at American Electrical Power headquarters in Columbus, Ohio, May 2015.

AP

Paper - Cyber Security Project, Belfer Center

The Legend of Sophistication in Cyber Operations

    Author:
  • Ben Buchanan
| January 2017

In a drumbeat of news stories and corporate press releases, one phrase has dramatically grown in use over the last decade: “sophisticated cyber attack.” These words have been used to describe specific intrusions into telecommunication providers, insurance companies, social media hubs, banks, the Pentagon, a host of security firms, government agencies, research labs, movie studios, and much more. It seems the world is awash in sophisticated network intrusions. 

But if everything is sophisticated, nothing is. This paper unpacks “sophistication” in cyber operations, exploring what it means, and what it should mean, for an operation to attain such a status. It examines the incentives for victims and observers to overstate the sophistication of other actors. Additionally, it offers a more rigorous framework for defining the term that takes into account technical and operational factors. But deploying the lens of sophistication by itself can be misleading; this paper also explores the incentives some actors have to deploy less sophisticated capabilities. 
 

Paper - Carnegie Endowment for International Peace

Russia and Cyber Operations: Challenges and Opportunities for the Next U.S. Administration

| December 13, 2016

Russian cyber operations against the United States aim to both collect information and develop offensive capabilities against future targets. Washington must strengthen its defenses in response.