Highlighted content

All in-depth research & reports


Sep 14, 2022

Dragon tails: Preserving international cybersecurity research

By Stewart Scott, Sara Ann Brackett, Yumi Gambrill, Emmeline Nettles, Trey Herr

A quantitative study on whether legal context can impact the supply of vulnerability research with detrimental effects for cybersecurity writ large through the coordinated vulnerability disclosure process (CVD), using recent regulations in China as a case study.

China Cybersecurity

Issue Brief

Aug 2, 2022

Behind the rise of ransomware

By John Sakellariadis

Between 2016 and 2019, cybercriminals shifted from automated ransomware campaigns that emphasized scale to targeted extortion operations against organizations. This adaption made ransomware more disruptive and more profitable, culminating in the 2021 surge in ransomware. Though the US government has devoted more attention to ransomware since 2021, ransomware remains a significant and long-term threat to the US economy.


Issue Brief

Jul 25, 2022

Hackers, Hoodies, and Helmets: Technology and the changing face of Russian private military contractors

By Emma Schroeder, Gavin Wilde, Justin Sherman, and Trey Herr

This issue brief explores the technological capabilities of Russian private military companies and how they are used across various types of missions in support of and in parallel with Russian policy.

Africa Cybersecurity

Issue Brief

Jun 14, 2022

Victory reimagined: Toward a more cohesive US cyber strategy

By Emma Schroeder, Stewart Scott, Trey Herr

US policy is on two potentially divergent paths: one that prioritizes the protection of American infrastructure through the pursuit of US cyber superiority, and one that seeks an open, secure cyber ecosystem.

Cybersecurity Security & Defense

In-Depth Research & Reports

Apr 18, 2022

America the Unready: Viking Age lessons for ransomware

By Emma Schroeder

“America the Unready: Viking Age lessons for ransomware” explores the rising tide of ransomware and presents three lessons that the US Government can learn from the English Viking Age about combating persistent, distributed threats through strengthening collective resilience and defense.


Issue Brief

Mar 30, 2022

Preparing the next phase of US cyber strategy

By Jenny Jun

This paper considers tensions in the current US cyber strategy for the Defense Department and the broader cyber policy community in the Biden-Harris administration as they form the next phase of the strategy and determine how, when, and under what conditions Defend Forward can best serve as a means to the goal of achieving superiority in cyberspace.


In-Depth Research & Reports

Mar 14, 2022

Targeting Ukraine through Washington: Russian election interference, Ukraine, and the 2024 US election 

By Gavin Wilde and Justin Sherman

US officials should recognize that Ukraine’s trajectory has always been a centerpiece of Russian interference in US elections. Doing so should guide US policymakers’ observations of what is happening now in Ukraine—and their preparations for what promises to be a climactic 2024 US election cycle.

Cybersecurity Disinformation

Issue Brief

Jan 31, 2022

What do we know about cyber operations during militarized crises?

By Michael Fischerkeller

This essay focuses on how cyber operations employed during militarized crises are likely to impact escalation management. Cyber operations intended as offramps in a crisis could have an outcome opposite than that intended. Given the absence of direct experience, policymakers must critically examine assumptions and claims that cyber operations can serve as de-escalatory crisis offramps.



Jan 25, 2022

Cybersecurity for innovative small and medium enterprises and academia

By Franklin D. Kramer, Melanie J. Teplinsky, and Robert J. Butler

Innovation is fundamental to United States global leadership, critical both for the economy and for national security. Yet the resilience of the US innovation ecosystem against adversary cyber espionage and attack—most specifically from China—has not received the attention required, particularly given the essential innovation roles played by small and medium-sized enterprises (SMEs) and by academia.

China Cybersecurity

Issue Brief

Dec 6, 2021

Cybersecurity concerns for the energy sector in the maritime domain

By Andy Bochman, Ian Ralby

As a wide spectrum of energy companies continue to rely on the maritime domain or even increase that reliance, they must be mindful that traditional maritime threats—like piracy, theft, and weather events—are not the only threats they face today. Maritime cybersecurity concerns are among the most potentially disruptive to energy-sector interests, and yet are among the least understood and addressed.

Cybersecurity Energy Transitions

The Atlantic Council’s Cyber Statecraft Initiative, under the Digital Forensic Research Lab (DFRLab), works at the nexus of geopolitics and cybersecurity to craft strategies to help shape the conduct of statecraft and to better inform and secure users of technology.