Highlighted content

In-Depth Research & Reports

In-Depth Research & Reports Oct 4, 2021

A system of systems: Cooperation on maritime cybersecurity

By William Loomis, Virpratap Vikram Singh, Dr. Gary C. Kessler, Dr. Xavier Bellekens

The MTS is not monolithic; it is a markedly complex “system of systems.” This section segments the MTS into three discrete systems—ships, ports, and cargo—each with its own life cycle, in order to highlight areas of risk and leverage for policy makers and the industry.
Cybersecurity Maritime Security
In-Depth Research & Reports

Report Mar 29, 2021

Broken trust: Lessons from Sunburst

By Trey Herr, Will Loomis, Emma Schroeder, Stewart Scott, Simon Handler, and Tianjiu Zuo

The story of trust is an old one, but the Sunburst cyber-espionage campaign was a startling reminder of the United States’ collective cyber insecurity and the inadequacy of current US strategy to compete in a dynamic intelligence contest in cyberspace.
Cybersecurity Intelligence
In-Depth Research & Reports

Report Aug 31, 2020

Four myths about the cloud: The geopolitics of cloud computing

By Trey Herr

Cloud computing providers are more than companies—they govern vast utility infrastructure, play host to digital battlefields, and are magnificent engines of complexity. Cloud computing is embedded in contemporary geopolitics; the choices providers make are influenced by, and influential on, the behavior of states. In competition and cooperation, cloud computing is the canvas on which states conduct significant political, security, and economic activity.
Cybersecurity Internet

All in-depth research & reports

Report

Sep 6, 2023

Sleight of hand: How China weaponizes software vulnerabilities

By Dakota Cary and Kristin Del Rosso

China’s new vulnerability management system mandates reporting to MIIT within 48 hours, restricting pre-patch publication and POC code. This centralized approach contrasts with the US voluntary system, potentially aiding Chinese intelligence. MIIT shares data with the MSS, affecting voluntary databases as well. MSS also fund firms to provide vulnerabilities for their offensive potential.

China Cybersecurity

Issue Brief

Apr 19, 2023

Critical infrastructure cybersecurity prioritization: A cross-sector methodology for ranking operational technology cyber scenarios and critical entities

By Danielle Jablanski

As critical infrastructure becomes increasingly targeted by malicious adversaries, how can we effectively prioritize criticality?

Cybersecurity
Russian bombardment of telecommunications antennas in Kiev

Report

Feb 27, 2023

A parallel terrain: Public-private defense of the Ukrainian information environment

By Emma Schroeder and Sean Dack

The report analyzes Russia’s continuous assaults against the Ukrainian information environment, and examines how Russian offensives and Ukrainian defense both move through this largely privately owned and operated environment. The report highlights key questions that must emerge around the growing role that private companies play in conflict.

Conflict Cybersecurity

Report

Feb 8, 2023

Avoiding the success trap: Toward policy for open-source software as infrastructure

By Stewart Scott, Sara Ann Brackett, Trey Herr, Maia Hamin with the Open Source Policy Network

Open-source software (OSS) sits at the center of almost every digital technology moving the world since the early 1980s—laptops, cellphones, widespread internet connectivity, cloud computing, social media, automation, all the rainbow flavors of e-commerce, and even secure communications and anti-censorship tools.

Cybersecurity

Issue Brief

Dec 12, 2022

Wargaming to find a safe port in a cyber storm

By Daniel Grobarcik, William Loomis, Michael Poznansky, Frank Smith

With the Maritime Transportation System increasingly reliant on cyberspace, how can cybersecurity be improved within key nodes of this critical infrastructure, particularly cargo ports?

Cybersecurity Maritime Security

Issue Brief

Nov 22, 2022

The cases for using the SBOMs we build

By Amelie Koran, Wendy Nather, Stewart Scott, and Sara Ann Brackett

Software bills of materials (SBOMs) provide key data suit for many uses. Industry and government can continue to sharpen their demand signals, shape implementation, and continue driving development and adoption.

Cybersecurity Technology & Innovation

Report

Nov 7, 2022

The cyber strategy and operations of Hamas: Green flags and green hats

By Simon Handler

This report seeks to highlight Hamas as an emerging and capable cyber actor, and help the policy community understand how similar non-state groups may leverage the cyber domain in the future.

Conflict Cybersecurity

Issue Brief

Oct 17, 2022

China’s surveillance ecosystem and the global spread of its tools

By Bulelani Jili

This paper seeks to offer insights into how China’s domestic surveillance market and cyber capability ecosystem operate, especially given the limited number of systematic studies that have analyzed its industry objectives.

Cybersecurity

Report

Sep 26, 2022

Security in the billions: Toward a multinational strategy to better secure the IoT ecosystem

By Patrick Mitchell, Liv Rowley, and Justin Sherman with Nima Agah, Gabrielle Young, and Tianjiu Zuo

The explosion of Internet of Things (IoT) devices and services worldwide has amplified a range of cybersecurity risks to individuals’ data, company networks, critical infrastructure, and the internet ecosystem writ large. In light of this systemic risk, this report offers a multinational strategy to enhance the security of the IoT ecosystem. It provides a framework for a clearer understanding of the IoT security landscape and its needs, looks to reduce fragmentation between policy approaches, and seeks to better situate technical and process guidance into cybersecurity policy.

Cybersecurity Internet of Things

Issue Brief

Sep 19, 2022

Untangling the Russian web: Spies, proxies, and spectrums of Russian cyber behavior 

By Justin Sherman

This issue brief analyzes the range of Russian government’s involvement with different actors in the large, complex, and often opaque cyber web, as well as the risks and benefits the Kremlin perceives or gets from leveraging actors in this group. The issue brief concludes with three takeaways and actions for policymakers in the United States, as well as in allied and partner countries.

Cybersecurity Russia
Load More

The Atlantic Council’s Cyber Statecraft Initiative, under the Digital Forensic Research Lab (DFRLab), works at the nexus of geopolitics and cybersecurity to craft strategies to help shape the conduct of statecraft and to better inform and secure users of technology.

learn more