“The magnitude of this ongoing attack is hard to overstate.”

“The logical conclusion is that we must act as if the Russian government has control of all the networks it has penetrated.”

By @TomBossert

nytimes.com/2020/12/16/opi…
“The actual and perceived control...could easily be used to undermine public and consumer trust in data, written communications and services. In the networks that the Russians control, they have the power to destroy or alter data, and impersonate legitimate people.”
“According to SolarWinds SEC filings, the malware was on the software from March to June. The number of orgs. that downloaded the corrupted update could be as many as 18,000, which includes most federal government unclassified networks and more than 425 Fortune 500 companies.”
Russia “will surely have used its access to further exploit and gain administrative control over the networks it considered priority targets...gained what experts call ‘persistent access,’ meaning the ability to infiltrate and control networks...that is hard to detect or remove.”

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Ryan Goodman

Ryan Goodman Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @rgoodlaw

18 Dec
Good piece by @jacklgoldsmith on #SolarWindsHack

I agree with his main points.

But I disagree with some of his analysis, which conflates espionage with far more malicious cyber operations. Vital distinctions in thinking about reciprocity and deterrence in cyberspace.

<thread>
2. My agreement with Jack:

a) It's wrong to suggest this hack is like an act of war.

b) It's wrong to suggest USG could lawfully use military force in response.

c) Public officials/commentators should react with awareness that USG hacks foreign govts' networks on a huge scale.
3. On reciprocity: Jack argues that USG's aggressive disruption of Russia’s Internet Research Agency (IRA) in 2018 opens door to other countries' engaging in similar disruptive actions against US for espionage.👇

But that erroneously conflates IRA’s actions with espionage. Image
Read 8 tweets
4 Dec
With news: 8 former US troops/Blackwater guards convicted of war crimes petition for #pardons...

Read this timely analysis.👇

Brian Finucane writes on LONG-held U.S. legal position that a Commander's failure to punish war crimes can itself be a #WarCrime
justsecurity.org/72915/a-comman…
2. News via @Militarydotcom: "At least eight former service members and Blackwater security guards convicted of war crimes have filed petitions seeking pardons...including a former Army staff sergeant [Robert Bales] who pleaded guilty to killing 16 Afghan men, women and children"
3. Link to the news report (h/t @HopeSeck)

military.com/daily-news/202…
Read 4 tweets
26 Nov
I'm thankful to work with professionals at @just_security who have such excellence in judgment, analysis, and intellect and who also happen to be wonderful people:

Co-Editor-in-Chief @bridgewriter
Editorial Director @K8brannen
Washington editor @violagienger

Plus ...
Plus countless reasons to be thankful for our extraordinary Just Security team.

Senior Fellow and Executive Editors:

@steve_vladeck
@jgeltzer
@JameelJaffer
@NiAolainF
@BethVanSchaack
@AndyMcCanse

Editors:

Tendayi Achiume
@DavidColeACLU
@jendaskal
Brian Egan

...
Read 4 tweets
23 Nov
#Michigan update

Republican member of Board of State Canvassers–Aaron Van Langevelde–opening remarks indicate he knows his legal obligation is to certify.👇

Caution: He might well change after public remarks, or shift to delay. But a positive sign for #democracy and rule of law
2. #Michigan - another positive development:

Republican member of the Board, Aaron Van Langevelde, appears to have equipped himself well.

Excellent Q&A with Chris Thomas, former MI election director, walking through in agreement that Board has no authority here but to certify.
3. Other Republican member of Board, Norman Shinkle, looks outgunned by legal analysis by Chris Thomas.

Shinkle probed if there are ways to read law to allow delay, but Thomas is impressive in explaining why MI law does not allow it.

Board just needs 3 of 4 votes to certify.
Read 9 tweets
23 Nov
Two issues with @GSAEmily deserve attention NOW.

Issue-1: With @Transition46 announcing senior official posts, a key part of Presidential Transition Act comes to head.

Need for expedited background investigations/clearances. THAT is what 9/11 Commission warned about.

<thread>
2. @kateashaw1 and I wrote about 9/11 Commission warnings and Presidential Transition Act provisions here👇

It's grossly unacceptable to delay with very significant risk to national security.

Senators should be asked about this, not just intel briefings

justsecurity.org/73317/the-gsas…
3. Presidential Transition Act:

"The President-elect should submit...the names of candidates for high level national security positions...AS SOON AS POSSIBLE after the date of the general elections"

Biden has done and is doing that.
Read 8 tweets
22 Nov
#CoupUpdate #Michigan

This is their play: Michigan Senate Majority Leader
@SenMikeShirkey who met with Trump now opening door to Board not certifying on Monday.👇

Despite law requiring certification, absence of fraud, and frivolous number of votes truly at issue in Detroit.
2. On the law.

"The board’s legal duty is clear and unequivocal once it has received the certified vote totals from the counties."

- top election law expert, Professor Richard Pildes

nytimes.com/2020/11/20/opi…
3. "On Friday, the State Bureau of Elections submitted its formal report recommending that the canvassing board affirm Mr. Biden’s win. Errors in some vote tabulations, which Mr. Trump has seized upon, ... 'did not affect the actual tabulation of votes.'”
nytimes.com/2020/11/21/us/…
Read 5 tweets

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!

Follow Us on Twitter!