Happening right now -- already deeply pleased to hear Sue Gordon advocate greater intelligence sharing w/r/t the intent of hostile cyber actors and the necessity of "ruthlessly bringing [malicious activity] into the light."
Grateful to hear @C_C_Krebs emphasize "the increasingly blurring line between state and non-state actors" stoked by foreign states' use of contractors and other third-parties within their cyber operations enterprises. PIONEER KITTEN is the leading example IMHO.
Excellent perspective from @DAlperovitch on the possible reorientation of SVR strategic approach to cyber operations following the events of 2014-2015 (screengrab is from his written testimony, which is available in the original link at the top of this thread)
Re: a question on deterrence of cyber espionage, I was relived to hear Sue Gordon emphasize raising the amount of effort required by adversaries to reduce "nuisance activity" and @C_C_Krebs acknowledge that whether we like it or not, cyber espionage is the state of play.
We need authoritative voices, like the individuals testifying at this hearing, affirming the gospel that cyber espionage is essentially here to stay as it has become as entrenched an intelligence collection method as HUMINT, SIGINT, etc. - lest we risk hypocrisy given USG ops.
If you say foreign cyber operations that do *NOT* manifest physical disruption, denial, degradation, or destruction impacts "should constitute a declaration of war on the United States" -- here is my response to you:
Damnit someone said "cyber Pearl Harbor".
Solid take: @CyAlliancePrez notes that responses to cyber espionage must be constrained by the reality that USG itself engages in such activity, and recommends that we look to the Cold War for examples of how to demonstrate displeasure at perceived overreach by foreign intel.

• • •

Missing some Tweet in this thread? You can try to force a refresh

Keep Current with Horkos @ the Centre for Unilateral Analysis

Horkos @ the Centre for Unilateral Analysis Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!


Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @WylieNewmark

7 Jan
This kind of thing is not going to fly. A demonstrable intelligence failure - especially when social media tracking published by outlets like Bellingcat and BuzzFeed News make clear that if you wanted to collect on this via those platforms, you could just open wide and scoop....
Read 8 tweets
22 Dec 20
While the first installment of this series focused on how China identified and redressed core issues in its counterintelligence posture, the second primarily shows the consequences of that reversal: namely, a reduction in insight available from intelligence for USG. (1/5)
Proper counterintelligence isn't just about the threats posed to your own intel or military services. It's not just OPSEC or force protection. If you can carry it off coherently and strategically, CI oriented around an "offensive defense" can handicap foreign policymakers. (2/5)
This article provides an excellent summary for the layperson of the scale and scope of China's bulk PII targeting and supplementary collection against targets associated with the travel sector (as @JohnHultquist noted earlier this week). A very useful little graphic here. (3/5) ImageImage
Read 6 tweets
22 Aug 20
Given that Debbins appears to be a "true believer" in the cause of Russian nationalism, his public commentaries on security matters offer a unique pool of data against which to evaluate his thinking and actions.
So far, I've found 6 pieces of such content related to Debbins - between 2015 and 2020. The first is a 2015 opinion piece advocating for the US stop trying to "Westernize" Ukraine and instead attempt "to foster an ethnic Russian civil society" there. (1/x)
Second, from 2017, is Debbins' appearance on a security podcast. He offers insight into his ethnic Russian family and presents a (retrospectively) sympathetic account of Russia's strategic perspective. -10 points for parroting "Gerasimov Doctrine" BS (2/x)
Read 13 tweets
30 Jul 20
"espionage norms are such a weird nuanced place, that, it amazes me that people think cyber espionage can have a regular old norms framework" - @jckichen

let's talk about this *absolute unit* of wisdom for just a minute. we'll only scratch the surface, but that's ok (1/7)
During the Cold War, the major espionage norm that held between states was "We don't kill each other's intelligence officers". Now, this wasn't uniformly held but it was generally consistent across the big players for most of the conflict. But...that was kinda it. (2/7)
I am sitting next to five bookshelves worth of examples showing how everyone pretty much spied on, sabotaged, and manipulated everyone else when they felt it was in their national interest during the Cold War...but they tried hard to avoid killing each other's officers. (3/7)
Read 7 tweets
24 Mar 20
Tonight I found myself thinking about how it's been awhile since I submerged myself in the sort of academic works on intelligence that were essentially my professional incubator. So I read this piece comparing "APTs" and Russian illegals. (1/7) academia.edu/37636326/Human…
The authors are U.S. counterintelligence professionals with significant experience on Russia and some experience in teh cyberz. And while I very much want to find compelling parallels between cyber actors and illegals, I find the overall argument comparatively weak. (2/7)
The argument's Achilles' heel IMHO is that it attempts to too thoroughly align the phases of an illegals operation to the general stages of the cyber kill chain. Relatively weak points of similarity are used to justify broad alignments, which I feel dilutes the argument. (3/7)
Read 7 tweets
26 Jul 19
Deeply tired of how little the SVR gets covered as a threat so let's rant about it. First and foremost, it's the successor to the First Chief Directorate (PGU) of the KGB. PGU was responsible for KGB foreign operations and was -no joke-. (1/9)
All those accounts you've read about the KGB manipulating governments, running major penetrations, conducting massive influence operations and other active measures abroad? All KGB PGU. Those assholes did not play. (2/9)
And they descended (mostly organizationally but sometimes genetically) from the people who ran the Trust op and all of whom bought/buy into Chekist humanism, a perverse moral structure that justifies just about any horrible act in the name of the state. (3/9)
Read 9 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!

Follow Us on Twitter!