Critical infrastructure—from the electric grid to public transportation—is under assault as cyber attackers gain a foothold in the United States.

When the US Department of Homeland Security (DHS) released its cybersecurity strategy in May, it laid out seven goals to help the government better defend the United States and its infrastructure against the constant onslaught of sophisticated cyber threats.
Despite US Congressional efforts to modernize and secure election system infrastructure across the country, beginning in 2002 with the Help America Vote Act (HAVA) and emergence of the Election Assistance Commission (EAC), Russian government hackers have gained access to systems that represent America’s most cherished institution – the democratic vote. Within a campaign of disinformation, fake social media accounts, and state-run media narratives, Russia continues to target the US electoral process, according to US intelligence officials during a press conference at the beginning of August. These stark warnings come just after the Justice Department’s indictment of twelve officers of Russia’s military intelligence apparatus, the Glavnoe Razvedyvatelnoe Upravlenie (GRU), who hacked the Democratic National Committee (DNC), the Democratic Congressional Campaign Committee (DCCC), and election voter registration databases beginning in April of 2016.

How can lawmakers better secure the US election system as the 2018 midterms loom? Though progress has been made in election funding and assistance to states, the keys to election security are mandatory cybersecurity standards for election system vendors and for state and local election sites, in tandem with adequate state funding.

How do you respond to a cyberattack on a European airport, manipulation of UK aviation financial markets, and two emerging botnets? Team CDT had the winning response.

Our approach included confirming attribution for the attacks, collating intelligence research, employing law enforcement in digital control towers, and utilizing an apolitical spokesperson from the National Cyber Security Center (NCSC) to disseminate information about the evolving scenario.
The United States should strengthen cooperation with its allies and partners while recognizing that cybersecurity is inextricably linked to tackling shared threats, according to recommendations made in two recent State Department reports.

The reports, published by the State Department on May 31, come in response to US President Donald J. Trump’s May 2017 Executive Order 13800 on “Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure.”
After testifying to lawmakers in the US House of Representatives and the Senate for more than ten hours on April 10 and 11, Facebook Chief Executive Officer Mark Zuckerberg appears to have weathered the worst of storm over news that consulting firm Cambridge Analytica harvested data of 87 million Facebook users.

Here are some issues that came up in Zuckerberg’s testimony—and some that did not.
When asked about her country’s establishment of overseas “data embassies” to back up its data, Estonian President Kersti Kaljulaid replied: “There’s nothing about the technology that’s interesting.” In a country known for making policy leaps and bounds in the digital realm, progress can easily be mistaken for technical know-how. However, important as technological innovation is, it is not the whole story.
In the coming week, Congress will turn its attention to someone who has until now managed to fly under its radar—Mark Zuckerberg, founder and chief executive officer of Facebook. On April 10, Zuckerberg will appear as the sole witness before a joint hearing of two Senate committees—the Judiciary Committee and the Commerce, Science, and Transportation Committee. On April 11, he will then go on to testify (again as sole witness) before the House Energy and Commerce Committee.

Both hearings will focus on transparency, privacy, and Facebook’s use and protection of consumer data. In his statement, Sen. Charles E. Grassley (R-IA), chairman of the Senate Judiciary Committee, underscored that “users deserve to know how their information is shared and secured.” Sen. John Thune (R-SD), chairman of the Senate Commerce Committee, highlighted the existence of “significant concern about Facebook’s role in our democracy, bad actors using the platform, and user privacy.”
State and non-state actors are increasingly engaging in cyber conflict through a range of disruptive and destructive influence and interference operations. Among their targets? Elections.

While election interference does not equal the existential threat of disintegration of nuclear nonproliferation regimes or the perils of climate change, together these challenges all contribute to what was the key theme of the 2018 Munich Security Conference (MSC)—the crisis of the liberal international order.
The most effective solutions to persistent threats from cyberspace will come from international alliances such as the European Union (EU) and NATO, both of which have begun to take steps to bolster members’ resistance to cyberattacks from governments and non-state actors, a complex issue with a long history. 

Last week, on November 10, NATO defense ministers endorsed a set of principles outlining how the Alliance can integrate the cyber capabilities of its member states into Alliance military operations. Most significantly, NATO Secretary General Jens Stoltenberg announced the creation of a new Cyber Operations Centre to help NATO defend cyberspace as a military domain as it has defended allies on land, sea, and in the air since the beginning of the Cold War.
The political instability that has resulted from Russian meddling in the 2016 US presidential elections has put the focus on voting machines as a national security vulnerability, Douglas Lute, a former US permanent representative to NATO, said at the Atlantic Council on October 10.

“I don’t think I’ve seen a more severe threat to American national security than the election hacking experience of 2016,” said Lute. There is a “fundamental democratic connection between the individual voter and the democratic outcome” of an election, he said, adding: “If you can undermine that, you don’t need to attack America with planes and ships. You can attack democracy from the inside.”

Russian President Vladimir Putin “added to the political gridlock in Washington today, all at very low cost to him,” said Lute. “In military terms, this is the classic definition of a threat.”