Showing posts with label ICTEC. Show all posts
Showing posts with label ICTEC. Show all posts

2 December 2022

Tech Regulation Can Harm National Security

James Andrew Lewis

A nineteenth-century British song about war with Russia contains a line that is worth bearing in mind as Congress contemplates regulating big tech: “We don't want to fight but by Jingo if we do, we've got the ships, we've got the men, we've got the money too.”

That final phrase deserves attention. Not having "the money" makes it hard to provide for defense. European countries, after decades of slow growth, are discovering this as they confront Russian aggression. Thanks to its economic growth, the United States has the resources it needs for national security but proposed antitrust legislation could change that.

National security depends on more than an ability to field advanced weapons or large forces. It is based on economic strength. Economic strength creates international influence and power. Economic strength now requires a strong technology sector that includes strong tech companies. This conclusion may be uncomfortable for some, but the alternative, a weak tech sector, and weak companies, is indefensible on its face (despite appeals to pro-competition rhetoric).

It’s Finally Here: Pentagon Releases Plan To Keep Hackers Out Of Its Networks

LAUREN C. WILLIAMS

Defense agencies have until 2027 to convert their networks to architectures that continually check to make sure no one’s accessing data they shouldn’t.

This shift to zero trust principles is at the core of the Pentagon’s new five-year plan to harden its information systems against cyberattacks. The strategy and roadmap were released on Tuesday.

To get there, agencies can improve their existing environments, adopt a commercial cloud that already meets DOD’s zero trust specifications, or copy a prototype of a private cloud, David McKeown, the Pentagon’s acting principal deputy chief information officer, told reporters. And to help enforce it, the DOD chief information office will track their spending.

“We will hold them accountable by asking them to build a plan,” McKewon said. “And as a part of that capability planning guidance…they have to come back to us and show us in their budgets how much they're spending on zero trust and what they're getting for that.”

The Appliances Are Listening

Aynne Kokas

Americans’ addiction to low-cost consumer products, particularly connected (or “smart”) devices, has led to a world where data security takes a back seat to affordability. Consumer products have razor-thin profit margins, making everything from smart watches to baby monitors a potential source of data exploitation. Since firms with significant operations in China face intensive pressure to share consumer data with China’s government, affordability directly works against the safety and security of consumer data. Such pressure enables what I term “data trafficking,” or the extraction of consumer data without explicit consent to achieve an international political advantage. But this is the last thing anyone wants to think about when they are hungry.

Most people are not in the habit of monitoring whether they are consenting to data gathering when they eat, but some connected home devices even know when you open your refrigerator door. Beyond posing a conundrum for avid snackers, this kind of monitoring can also provide such data points as how many people might be at home at a given time, when mealtimes are, and which foods people eat. This issue of consumer data gathering on devices has particularly interesting data trafficking implications when companies change hands.

1 December 2022

No ‘bright-line rule’ shines on targeting commercial satellites

ZHANNA L. MALEKOS SMITH

Cyber counterspace weapons can target both space satellites and ground-based systems by intercepting and monitoring data, corrupting data with malware, or even wresting control of the space system from the space operator. During the United Nations General Assembly’s First Committee session in October, Russian foreign ministry official Konstantin Vorontsov announced that “quasi-civil infrastructure may be a legitimate target for a retaliation strike.”

In some ways, Vorontsov’s comments could be interpreted as a harbinger of increased disruption and denial methods against commercial space satellites in Ukraine, especially considering Russia’s cyberattack against Viasat Inc’s KA-SAT commercial satellites and interference with the approximately 25,000 Starlink internet terminals serving Ukraine.

Another Seminal Call to Action: Strengthening Innovation and Protecting the U.S. Technological Advantage

Daniel Pereira

As OODA CEO Matt Devost mentioned at OODAcon 2022, Razor’s Edge Ventures recently made a commitment to national security investment to enhance American competitiveness by closing on a fund dedicated to “current technology areas of interest for the firm, which are informed by strategic U.S. national security priorities, [such as] autonomous systems, space technologies, cybersecurity, artificial intelligence/machine learning, digital signal processing, and other aerospace and defense technologies.” (1)

Razor’s Edge efforts are very similar to that of America’s Frontier Fund and the Quad Investor Network. The venture capital community is focusing its efforts on this sector, which has been formatively dubbed the “defense-related technologies” or “defense capabilities” sector. Others are calling it “Hacking for Defense“.

On one level, the VC community’s pivot of its attention towards national security and innovation is the “dollars and cents” of it all. But what about the “sense” of it all – i.e. the creative ideas, strategic vision, and program management structure to succeed? It all falls under the umbrella phrase used by the USG (especially within DoD and DARPA) and what the OODA Network frames as “Deep Tech” – with the historic record of the strategic challenges of innovation in this space characterized as the Valley of Death.

The United States doubles down on its tech war with export and IP controls that target China but also hit Taiwan and South Korea

June Park, Schmidt Futures

The United States has unleashed its arsenal to go ‘full throttle’ in the chip war against China regardless of the potential consequences, including the impact on its allies. On 7 October 2022, the Bureau of Industry and Security (BIS) of the US Department of Commerce laid out high level export controls on supercomputers and semiconductors to China.

The market was shaken in September 2022 by restrictions on the sale of graphic processing units by Nvidia and Advanced Micro Devices to China. Companies had already begun to pull their staff out of China in response to new controls prohibiting US citizens from supporting the development and production of chips in Chinese firms.

The new license requirements for items destined to a chip fabrication facility in China are blocked subject to a number of thresholds. The new measures are meant to halt Chinese chip companies at their current levels of progression. Ten days after the BIS announced the reinforced export controls, the US International Trade Commission announced a Section 337 investigation into semiconductors in response to two cases filed by the non-practicing entity Daedalus Prime LLC, which holds intellectual property of US chipmaker Intel against Qualcomm, Taiwan Semiconductor Manufacturing Company and Samsung.

30 November 2022

Cyber Operations During Russia’s Invasion of Ukraine in 2022

Nurlan Aliyev

Russia has been known as a capable actor in conducting a wide range of cyber espionage and sabotage operations since the 1990s. Russia also conducted several cyber-attacks on Ukraine before the invasion in 2022. One of the most sophisticated operations was blacking out Kyiv in 2016. At midnight, a week before Christmas, hackers struck an electric transmission station north of the city of Kyiv, blacking out a portion of the Ukrainian capital equivalent to a fifth of its total power capacity. According to experts, it was the first real-world malware that attacked physical infrastructure since Stuxnet.

However, although Russia has conducted several cyber-attacks on Ukraine since the start of the invasion in 2022, it has not flagged up any strikingly successful Russian CW operations up to now. In this respect, a question is whether Russia has not used its sophisticated cyber capabilities in the war yet, or the cyber defence quality of Ukraine and its allies has helped blunt them. This commentary aims to explore these problems.

Will Crypto Survive?

KENNETH ROGOFF


SAN FRANCISCO – The epic collapse of wunderkind Sam Bankman-Fried’s $32 billion crypto empire, FTX, looks set to go down as one of the great financial debacles of all time. With a storyline full of celebrities, politicians, sex, and drugs, the future looks bright for producers of feature films and documentaries. But, to paraphrase Mark Twain, rumors of the death of crypto itself have been much exaggerated.

True, the loss of confidence in “exchanges” such as FTX – essentially crypto financial intermediaries – almost surely means a sustained steep drop in prices for the underlying assets. The vast majority of Bitcoin transactions are done “off-chain” in exchanges, not in the Bitcoin blockchain itself. These financial intermediaries are vastly more convenient, require much less sophistication to use, and do not waste nearly so much energy.1

The emergence of exchanges was a major factor fueling cryptocurrencies’ price growth, and if regulators come down hard on them, the price of the underlying tokens will fall. Accordingly, Bitcoin and Ethereum prices have plummeted.

29 November 2022

Ron Paul: Separate Tech And State

Ron Paul

Senator Ed Markey (D-MA) recently got in touch with his inner mobster and threatened Elon Musk — the new owner of Twitter and the CEO of electric car company Tesla and space ventures company SpaceX. He told Musk, “Fix your companies” or “Congress will.” As part of this threat, Markey referred to an ongoing National Highway Traffic Safety Administration (NHTSA) investigation into Tesla’s autopilot driving system and Twitter’s 2011 consent decree with the Federal Trade Commission (FTC).

Markey has done more than make threats: He is one of a group of Democratic senators who wrote to the FTC urging an investigation into whether Musk’s actions as the new owner of Twitter violated the consent decree or consumer protection laws. Since FTC Chair Lina Khan wants to investigate as many businesses as possible, it is likely she will respond favorably to the senators’ letter.

President Biden has also endorsed an investigation into the role foreign investors played in financing Musk’s Twitter purchase. Biden may be concerned that Musk is not likely to ban tweets regarding Hunter Biden’s business deals.

A Leak Details Apple’s Secret Dirt on a Trusted Security Startup

LORENZO FRANCESCHI-BICCHIERAI

CORELLIUM, A CYBERSECURITY startup that sells phone-virtualization software for catching security bugs, offered or sold its tools to controversial government spyware and hacking-tool makers in Israel, the United Arab Emirates, and Russia, and to a cybersecurity firm with potential ties to the Chinese government, according to a leaked document reviewed by WIRED that contains internal company communications.

The 507-page document, apparently prepared by Apple with the goal of using it in the company’s 2019 copyright lawsuit against Corellium, shows that the security firm, whose software lets users perform security analysis using virtual versions of Apple’s iOS and Google’s Android, has dealt with companies that have a track record of selling their tools to repressive regimes and countries with poor human rights records.

According to the leaked document, Corellium in 2019 offered a trial of its product to NSO Group, whose customers have for years been caught using its Pegasus spyware against dissidents, journalists, and human rights defenders. Similarly, Corellium’s sales staff offered to provide a quote to purchase its software to DarkMatter, a now-shuttered cybersecurity company with ties with the UAE government that hired several former US intelligence members who reportedly helped it spy on human rights activists and journalists.

General Dynamics, Amazon and more form 5G accelerator coalition


Megan Crouse

A new coalition of organizations with expertise in defense technology will push for more 5G adoption. General Dynamics Information Technology, a business unit of General Dynamics, has partnered with other industry giants to create an edge and 5G accelerator coalition.

Amazon Web Services, Cisco, Dell Technologies, Splunk and T-Mobile will make up the coalition, with which they intend to promote 5G, advanced wireless and edge technologies for government agencies.

The coalition is focused around GDIT’s Advanced Wireless Emerge Lab, which will be used for developing new 5G and edge use cases and developing prototypes and solutions. The goal will be to make these solutions customizable.

Sharper: Chips Analysis from CNAS experts on the most critical challenges for U.S. foreign policy.

Anna Pederson

The reliance on semiconductor chips, from accomplishing everyday tasks to fighting wars, has placed them at the center of geopolitical decisions by leaders around the world. Recent export controls by the U.S. Department of Commerce Bureau of Industry and Security was the latest move to limit Chinese production. CNAS experts are sharpening the conversation around control of the chips market, and how they influence foreign policy decisions. Continue reading this edition of Sharper to explore their analysis, commentary, and recommendations.

The U.S. government has played a major role in the semiconductor industry since the invention of the first integrated circuit, via funding scientific research and via military procurement, which has driven the commercialization of new technology. However, though government—and specifically, the Defense Department—has had deep connections with the chip industry, it has played only a supportive role in building America’s semiconductor industry, with the key innovations and firms emerging from private-sector expertise. Chris Miller explores lessons the U.S. could learn as it considers industrial policy for the first time in decades.

28 November 2022

Cyber Operations During Russia’s Invasion of Ukraine in 2022

Nurlan Aliyev

Russia has been known as a capable actor in conducting a wide range of cyber espionage and sabotage operations since the 1990s. Russia also conducted several cyber-attacks on Ukraine before the invasion in 2022. One of the most sophisticated operations was blacking out Kyiv in 2016. At midnight, a week before Christmas, hackers struck an electric transmission station north of the city of Kyiv, blacking out a portion of the Ukrainian capital equivalent to a fifth of its total power capacity. According to experts, it was the first real-world malware that attacked physical infrastructure since Stuxnet.

However, although Russia has conducted several cyber-attacks on Ukraine since the start of the invasion in 2022, it has not flagged up any strikingly successful Russian CW operations up to now. In this respect, a question is whether Russia has not used its sophisticated cyber capabilities in the war yet, or the cyber defence quality of Ukraine and its allies has helped blunt them. This commentary aims to explore these problems.

27 November 2022

Billionaires Won’t Save Ukraine’s Internet

Olga Boichak

On Oct. 3, tech billionaire Elon Musk tweeted a strikingly ill-informed proposal to end Russia’s war in Ukraine—one that experts called both unhelpful and straight out of the Kremlin playbook. Among other measures, Musk suggested Ukraine cede Crimea to Russia and hold elections in other Russian-occupied territories. Faced with tremendous backlash from the public, including many Ukrainians, Musk on Oct. 14 announced his intention to stop supporting Starlink operations in the country and demanded the Pentagon pick up the bill. Then, in yet another tweet on Oct. 16, he reversed this decision, writing, “The hell with it … we’ll just keep funding Ukraine govt for free.”

Musk’s flippant statements came in stark contrast to his previously constructive relationship with Ukrainian authorities. In the days following Russia’s Feb. 24 invasion, Musk agreed to supply Ukraine with Starlink satellite internet technology—built by his company SpaceX—to ensure data connectivity for the country’s armed forces and civilians in regions that had experienced Russian cyberattacks or infrastructural damage.

Lessons for Europe from China’s quest for semiconductor self-reliance

Alicia García-Herrero Pauline Weil

1 Introduction

Semiconductors are China’s main import item, ahead of oil. They are a critical input to information and communication technology production, which China dominates globally, and also to other industries which China either already dominates (solar panels) or wants to dominate (electric vehicles and 5G-ready telecommunications hardware, among others).

Chinese policymakers are fully aware of their country’s semiconductor production limitations. Since 2014, the Chinese government has supported its semiconductor industry, alongside several other strategic industries, through an industrial policy that is oriented towards reducing excessive dependence on the rest of the world (so-called ‘dual circulation’). The semiconductor industry is probably the most important of all strategic sectors because semiconductors are an essential input to many other sectors and, thus, essential to climbing up the value chain. In addition, the United States’s push to contain China’s technological development is very much centred around the semiconductor sector, which is perceived as China’s technological Achilles’s heel. In fact, the US’s so-called ‘Entity List’, or list of Chinese companies, organisations and individuals targeted by US trade restrictions imposed by the Trump Administration[1], focuses on limiting China’s access to high-end semiconductors, among other products. This US pressure has accelerated China’s quest for self-reliance, as clearly reflected in President Xi dual circulation strategy, announced on 14 May 2020 (García-Herrero, 2021).

Space and Technology Were Big Winners at China’s 20th Party Congress

Namrata Goswami

For China, investing in indigenous development of space tech as well as more general science and technology (S&T) has been a priority issue for a couple of decades now. Self-reliance in S&T implies assuming leadership positions, which, as per President Xi Jinping in a speech given in 2021 to China’s elite Chinese Academy of Sciences, the Chinese Academy of Engineering, and the National Congress of the China Association for Science and Technology, is China’s key strategic goal for the next two decades. The key aspect of this shift in prioritization is the critical strategic contribution that S&T brings to national development. In fact, Xi has made it clear that S&T is now a “core” interest for China, for which there will be no compromise.

This shift occurred during the 19th National Congress of the Chinese Communist Party (CCP) in 2017 and was reiterated in the 20th National Congress held in October of this year. Some of the areas identified as “core” now by the CCP are quantum information, stem cell research, brain science, lunar and Mars missions, artificial intelligence, satellite internet, and robotics. Reflecting back on the 20th National Congress, key S&T priority areas will guide China’s development for the next two decades.

In light of great power competition, DOD reevaluating irregular warfare and info ops

Mark Pomerleau

As the Department of Defense is still transitioning from over two decades of counterinsurgency operations and doctrine to now challenging nation-states, it is examining what irregular warfare and information operations look like against these sophisticated actors.

“What we’re struggling with right now [is] how do we evolve irregular warfare and our understanding thereof for great power competition, for challenging Beijing and Moscow, maybe differently than we were in the global wars on terror over the last couple of years,” Richard Tilley, director of the Office of Irregular Warfare and Competition, whose office is also tasked with force design updates, said during the NDIA SO/LIC Symposium Nov. 18. “We’re in a period of transition where we’re trying to figure out what is irregular warfare in this new era.”

Tilley said that the lessons from the counterinsurgency era are still valuable as the DOD continues to contend with violent extremist organizations and proxy fights will persist into the future, noting that the conflict in Ukraine is providing a “crash course” for a population to resist an invader or occupier.

26 November 2022

The Techno-Feudal Method to Musk’s Twitter Madness


YANIS VAROUFAKIS

ATHENS – Elon Musk had good reasons to feel unfulfilled enough to buy Twitter for $44 billion. He had pioneered online payments, upended the car industry, revolutionized space travel, and even experimented with ambitious brain-computer interfaces. His cutting-edge technological feats had made him the world’s richest entrepreneur. Alas, neither his achievements nor his wealth granted him entry into the
new ruling class of those harnessing the powers of cloud-based capital. Twitter offers Musk a chance to make amends.

Since capitalism’s dawn, power stemmed from owning capital goods; steam engines, Bessemer furnaces, industrial robots, and so on. Today, it is cloud-based capital, or cloud capital in short, that grants its owners hitherto unimaginable powers.

Industry Perspective: JADC2 Could Introduce Cyber Risks At Unprecedented Scale

Jason Atwell

Technology has always played a major role in military competition, and military competition has always leaned heavily on industry. The two spheres, the military and industry, overlap so much that “military-industrial complex” is common parlance.

However, the dynamic has historically been mostly one way in the sense that once technology is turned over by industry to the military, industry moves on to developing more technology while the military operates whatever is already on the shelf.

Post 9/11, most people are familiar with the growing role of contractors in supplementing the military, but joint all-domain command and control, better known as JADC2, has the potential to close this loop once and for all by creating a dynamic wherein industry will be both the progenitor and operator of the technology, with the military mostly serving in the role of providing guidance and legal authorization for use cases.

Industry Perspective: JADC2 Could Introduce Cyber Risks At Unprecedented Scale

Jason Atwell

Technology has always played a major role in military competition, and military competition has always leaned heavily on industry. The two spheres, the military and industry, overlap so much that “military-industrial complex” is common parlance.

However, the dynamic has historically been mostly one way in the sense that once technology is turned over by industry to the military, industry moves on to developing more technology while the military operates whatever is already on the shelf.

Post 9/11, most people are familiar with the growing role of contractors in supplementing the military, but joint all-domain command and control, better known as JADC2, has the potential to close this loop once and for all by creating a dynamic wherein industry will be both the progenitor and operator of the technology, with the military mostly serving in the role of providing guidance and legal authorization for use cases.