Alan W. Dowd is a Senior Fellow with the American Security Council Foundation, where he writes on the full range of topics relating to national defense, foreign policy and international security. Dowd’s commentaries and essays have appeared in Policy Review, Parameters, Military Officer, The American Legion Magazine, The Journal of Diplomacy and International Relations, The Claremont Review of Books, World Politics Review, The Wall Street Journal Europe, The Jerusalem Post, The Financial Times Deutschland, The Washington Times, The Baltimore Sun, The Washington Examiner, The Detroit News, The Sacramento Bee, The Vancouver Sun, The National Post, The Landing Zone, Current, The World & I, The American Enterprise, Fraser Forum, American Outlook, The American and the online editions of Weekly Standard, National Review and American Interest. Beyond his work in opinion journalism, Dowd has served as an adjunct professor and university lecturer; congressional aide; and administrator, researcher and writer at leading think tanks, including the Hudson Institute, Sagamore Institute and Fraser Institute. An award-winning writer, Dowd has been interviewed by Fox News Channel, Cox News Service, The Washington Times, The National Post, the Australian Broadcasting Corporation and numerous radio programs across North America. In addition, his work has been quoted by and/or reprinted in The Guardian, CBS News, BBC News and the Council on Foreign Relations. Dowd holds degrees from Butler University and Indiana University. Follow him at twitter.com/alanwdowd.

ASCF News

Scott Tilley is a Senior Fellow at the American Security Council Foundation, where he writes the “Technical Power” column, focusing on the societal and national security implications of advanced technology in cybersecurity, space, and foreign relations.

He is an emeritus professor at the Florida Institute of Technology. Previously, he was with the University of California, Riverside, Carnegie Mellon University’s Software Engineering Institute, and IBM. His research and teaching were in the areas of computer science, software & systems engineering, educational technology, the design of communication, and business information systems.

He is president and founder of the Center for Technology & Society, president and co-founder of Big Data Florida, past president of INCOSE Space Coast, and a Space Coast Writers’ Guild Fellow.

He has authored over 150 academic papers and has published 28 books (technical and non-technical), most recently Systems Analysis & Design (Cengage, 2020), SPACE (Anthology Alliance, 2019), and Technical Justice (CTS Press, 2019). He wrote the “Technology Today” column for FLORIDA TODAY from 2010 to 2018.

He is a popular public speaker, having delivered numerous keynote presentations and “Tech Talks” for a general audience. Recent examples include the role of big data in the space program, a four-part series on machine learning, and a four-part series on fake news.

He holds a Ph.D. in computer science from the University of Victoria (1995).

Contact him at stilley@cts.today.

DoD official credits private sector with helping more quickly mitigate SolarWinds intrusion

Friday, October 8, 2021

Categories: ASCF News Cyber Security

Comments: 0

Source: DoD official credits private sector with helping more quickly mitigate SolarWinds intrusion

A tip from a private actor allowed the NSA and Cyber Command to end adversary access to networks. (Marine Corps)

WASHINGTON — Critical information from a cybersecurity company allowed the Department of Defense to move fast to mitigate potential damage to its networks from an intrusion perpetrated by the Russian government last year, according to a top official.

The so-called SolarWinds incident involved Russian intelligence personnel planting malicious code in software updates provided by government supplier SolarWinds, allowing unprecedented access for months across federal networks.

Gen. Paul Nakasone, commander of U.S. Cyber Command and director of the National Security Agency, said Tuesday threat intelligence firm FireEye was key to exposing the threat, in a story not previously told.

A few days before Thanksgiving last year, Kevin Mandia, the chief executive of FireEye, went to the NSA with strong indicators a hostile foreign adversary was in FireEye’s corporate system, Nakasone said during a speech at the Mandiant Cyber Defense Summit.

NSA’s signals intelligence personnel corroborated that threat and worked to better understand it. A a so-called hunt team from Cyber Command deployed to survey potential network intrusion and uncovered the same actor. The team was able to block the adversary from harming networks and exploiting targets.

“Partnerships across the U.S government and industry allowed us to uncover the scope and scale of a foreign intelligence operation that leveraged private infrastructure and caused immense private sector harm,” Nakasone said. “Partnerships across the industry allowed for shared solutions. How do we rapidly mitigate this operation and prevent similar future attempts?”

The SolarWinds intrusion was “a significant incident for both the U.S. private sector and the U.S. government” and a turning point for the nation, Nakasone. However, he echoed DoD assurances that Pentagon networks were not compromised.

“Instead of decades long access to the U.S. government, the power of partnerships was able to expose our adversaries before they burrowed into our networks, our data or our weapon systems,” Nakasone said.

Ransomware
Nakasone also addressed the threat of ransomware, noting it’s a continuing threat.

He said Cyber Command is “surging” to respond to the preponderance of events. Some of the recent targets, which include critical infrastructure, create a national security threat.

“When ransomware starts impacting our critical infrastructure, it’s significant,” he said.

This reflects a shift in recent years. Previously, ransomware was considered a criminal act under the purview of the FBI, not Cyber Command or DoD, which typically focuses on activities and enemies outside U.S. borders.

“If [ransomware] isn’t important to U.S. Cyber Command and the National Security Agency, who are built for the express purpose of defending the nation, there’s something wrong there,” he said. “We have a surge going on right now both across the agency and the command in terms of understanding the threats that ransom provide.

“Understanding the tactics, understanding how we get after the adversary, how do we partner better. That’s what we do really effectively. We can put our best people on it and come up with new and innovative solutions,” Nakasone continued.

The Pentagon is also devoting attention to the ransomware challenge.

“The criminal, especially the ransomware actors, have risen in priority for the Department of Defense in a way that we actually spend a fair amount of resources focusing on this threat,” Mieke Eoyang, deputy assistant secretary of defense for cyber policy, said during an event hosted by the Aspen Institute Sept. 29.

Comments RSS feed for comments on this page

There are no comments yet. Be the first to add a comment by using the form below.

Search