Recent Events

On May 12, 2017, the world was shaken by a ransomware cyberattack called Wanna Crypt (also known as WannaCry) that spread like a network worm. The attack impacted over 45 National Health System (NHS) organizations across England and Scotland, forcing hospitals to cancel appointments and loose critical patient records, as well as the German S-Bahn.

The impacts did not stop there. In less than ten days, WannaCry affected approximately 200,000 systems in 150 countries, swiftly becoming one of the most impactful malware outbreaks in recent history, and dominating the news cycle for the next several days.
At what point does a cyberattack become an act of war? Should the government react to a cyber-attack on the private sector? Is cyber privateering the answer to the government’s woes? These were some of the questions students (including this author) contended with at the Atlantic Council’s 2017 Cyber 9/12 student challenge on March 17 and 18.

Held at American University’s Washington College of Law, this was the fifth and biggest iteration of the annual student competition. Forty-five teams from 32 universities from across the United States took on the roles of cyber policy experts advising the National Security Council on how to react to a fictional cyber catastrophe.
On Wednesday, February 8, Atlantic Council’s Cyber Statecraft Initiative, the NATO Cooperative Cyber Defence Centre of Excellence (CCD COE), and the Embassy of the Kingdom of the Netherlands launched the Tallinn Manual 2.0 on the International Law Applicable to Cyber Operations.
The Presidential Commission on Enhancing National Cybersecurity turned its report in to the President on December 1, 2016. Established in February 2016 by executive order, the Commission was charged with making recommendations to “address actions that can be taken over the next decade” to improve national cybersecurity. The Commission’s recommendations are expected to include information for government agencies, private companies, and other stakeholders, covering a wide range of activities in cyberspace, emerging technologies, the Internet of Things, and industry best practices.
With more cars and medical devices connecting to the internet, what happens if automakers and health care companies don't start prioritizing digital security?

Many cybersecurity experts worry that faulty code in the so-called Internet of Things (IoT) won't just cause systems to malfunction and freeze. Instead, they say, flaws inside connected cars or pacemakers could lead to serious injury or death.
Could malicious hackers or foreign operatives actually interfere with voting on Nov. 8 and influence the outcome on Election Day?

Probably not. But it's still a question many technical and election experts are asking, Washington is worried about, and both Donald Trump and Hillary Clinton are talking about in the final stages of a presidential campaign already marked by unprecedented warnings of fraud at the polls.

In a statement earlier this month, the Department of Homeland Security and the Office of the Director of National Intelligence said the US "is confident that the Russian government directed the recent compromises of emails from US persons and institutions ... to interfere with the US election process." Separately, in August, the FBI reported breaches into Illinois and Arizona's voter registration databases and cautioned other states to bolster cybersecurity protections against of Nov. 8.
Suspected Chinese hackers have spent years sifting through other Asian countries' computer networks, which often don't have basic protections against cyberattacks.
At an Atlantic Council event this week, cybersecurity researchers and experts said last week's Black Hat and DEF CON conferences showed that Washington is working harder to build better relations with the hacker community.
Can the overwhelming number of good actors in online hacking communities be creatively mobilized to combat the nefarious actors in their midst? Must we trade innovation for national security, or can they reinforce each other? And what happens when you drop military counterproliferation operators into the hacker spaces of Silicon Valley?
On June 6, 2016, the Atlantic Council’s Brent Scowcroft Center on International Security’s Cyber Statecraft Initiative hosted a roundtable with the Internet Corporation for Assigned Names and Numbers (ICANN) and RiceHadleyGates on the privatization of the Internet Assigned Numbers Authority (IANA). The discussion, moderated by Mr. Neal Pollard, Director at PwC and Nonresident Senior Fellow at the Cyber Statecraft Initiative, brought together the Hon. James Miller, Advisory Board Member at Endgame, Inc. and Atlantic Council Board Director; the Hon. Stephen  Hadley, Principal at RiceHadleyGates LLC and Atlantic Council Board Director; Mr. Steve DelBianco, Executive Director at NetChoice; Ms. Theresa Swinehart, Senior Vice President for Multistakeholder Strategy and Strategic Initiatives at ICANN; and Dr. Stephen Crocker, Chairman of ICANN; along with a group of senior experts on Internet governance.