‘[We’re] less vulnerable against the threats of five years ago. But I see no evidence that the threat has stood still, and in fact, it is likely that it has grown at a faster rate than our defenses,” said Herb Lin, senior research scholar for cyber policy and security at Stanford University.

Read the rest at The Washington Post

On February 24, the first day of the Russian invasion of Ukraine, large parts of American satellite company Viasat’s KA-SAT network of high speed satellite services experienced disruptions resulting in partial network outages throughout Ukraine and several European countries. Tens of thousands of terminals suffered permanent damage and many were still offline more than two weeks later. Viktor Zhora, deputy chief of Ukraine’s State Service of Special Communication and Information Protection, described the satellite outage as “a really huge loss in communications in the very beginning of war.” Among others relying on KA-SAT are Ukraine’s military, intelligence, and police units.

Read the rest at The National Interest

Herb Lin, author of “Cyber Threats and Nuclear Weapons,” fellow at the Hoover Institution and senior research scholar at the Center for International Security and Cooperation at Stanford University, said there are a few possible reasons: the United States has been helping Ukraine strengthen its cyber infrastructure, U.S. cyber offensive forces may have been disrupting Russian attacks against Ukraine, and the Russians may not be capable of conducting such a large-scale attack.

Read more at Security Matters

In 2010, the world was introduced to Stuxnet, a sophisticated malware developed by Israel and the United States that successfully targeted and damaged the Iranian uranium enrichment plant in Natanz. Named “the world's first digital weapon,” Stuxnet changed the way the global security and cybersecurity communities—in government, academia, and industry—perceived the range of cyber threats and types of damage that offensive cyber capabilities can deliver.   

While the offensive cyber capabilities of both Iran and Israel have evolved significantly over the past decade, one thing about the Iran-Israel cyber conflict remained consistent: its covert characteristics. 

Read the rest at The National Interest

Despite a proliferation of spy-themed entertainment, many Americans, including some of the country’s top policymakers, know little about the U.S intelligence community and often get much of it wrong, says Stanford scholar Amy Zegart.

In a new book, Zegart examines what is at risk when intelligence is grossly misunderstood. “Spy-themed entertainment has become adult education and appears to be influencing how Americans think about hot-button intelligence issues,” said Zegart, a senior scholar at the Freeman Spogli Institute for International Studies (FSI) and the Morris Arnold and Nona Jean Cox Senior Fellow at the Hoover Institution.

Read the rest at Stanford News

In 2011, a former Pentagon strategist named Phillip Karber who was teaching at Georgetown University asked his students to study the Chinese tunnel system known as the “underground great wall.” The tunnel’s existence was well-known, but its purpose was not. Karber’s students turned to commercial imagery, blogs, military journals, even a fictional Chinese television drama to get answers. They concluded the tunnels were probably being used to hide 3,000 nuclear weapons. This was an astronomical number, about 10 times higher than declassified intelligence estimates and other forecasts of China’s nuclear arsenal.

The shocking findings were featured in the Washington Post, circulated among top officials in the Pentagon, and led to a congressional hearing. They were also incorrect.

Read the rest at Politico

Herbert Lin is the Hank J. Holland Fellow in Cyber Policy and Security at the Hoover Institution.

In this Q&A, Lin discusses his recently released book Cyber Threats and Nuclear Weapons. He explains that until this publication, the literature about cyber technology’s impact on the nuclear enterprise has been relatively sparse.

Lin asserts that although policy makers have made incredible achievements in the reduction of nuclear weapons around the world, these inventions nevertheless still represent an existential threat to humanity today. This threat is further compounded by the reality that computers are intimately involved in every step of the operation of weapons systems. As computing technology has advanced, nuclear weapons systems have become more complex and thus more vulnerable to cyberattacks from America’s adversaries, who can disrupt the decision-making process on the use of nuclear weapons. Ultimately, Lin ponders how to best manage the trade-off between technologically advanced systems with numerous capabilities and simplified systems that can provide a higher level of security in the nuclear enterprise.

Read the rest at The Hoover Institution 

On Dec. 2, Twitter announced the removal of two Chinese state-linked influence operations: 2,048 accounts that boosted Chinese Communist Party (CCP) narratives about the Xinjiang region and Uyghur population there, and 112 accounts attributed to Changyu Culture, a private company acting on behalf of the Xinjiang regional government.

Our team at the Stanford Internet Observatory analyzed these two networks. We found that both networks amplified pro-CCP narratives about the treatment of Uyghurs in Xinjiang, often posting content from Chinese state media or sharing first-person Uyghur testimonial videos about how great their life is in the province.

Read the rest at Foreign Policy

As the United States modernizes its nuclear forces in coming decades, it will upgrade the computer and communications technology associated with them. Much of such technology now controlling US nuclear weapons was produced before the rise of the Internet. Newer technology will improve aspects of command, control, and communications related to the US nuclear arsenal. But if not carefully planned, the updating of nuclear technology could also increase risk in distinct ways that cyber policy expert and Bulletin Science and Security board member Herbert Lin explains in the following interview.

Read the rest at the Bulletin of the Atomic Scientists

I have struggled to find something with which I disagree in Michael Fischerkeller’s response to my thought experiment adopting the 2018 U.S. Cyber Command (USCC) Command Vision. A couple of such points are addressed below, but for the most part I agree with him. He does make one claim that I find surprising. He writes: 

Read the rest at Lawfare Blog