Pages

8 June 2024

India's National Elections—A New Ingredient in the Mix

Rafiq Dossani

As India's national elections enter their 7th and final phase of voting on June 1, a new influential phenomenon has emerged: the proliferation of what may be called “micro-news providers” almost entirely broadcasting through the medium of YouTube.

In contrast to the licensed channels (which also rely heavily on YouTube), which number over 300, and are either regionally or nationally focused, and are incorporated entities, the micro-news providers are small-group informal efforts that number in the thousands. They were created primarily to cover this election and will close down their activities thereafter.

Many of the founders of micro-news outlets are journalists located in small towns and villages who are eager to broadcast their coverage of the elections with a strong local flavor. A second category is the election analyst. Many erstwhile large network–based analysts have left big media over the past decade and now broadcast their own analytical discussions on YouTube.

Refusal to take promotion cadre test disentitles military personnel from financial upgradation: Armed Forces Tribunal

Shashwat Singh

The Armed Forces Tribunal (AFT) recently held that the refusal to undergo promotion cadre test disentitles defence personnel from the periodic financial upgradation under the Modified Assured Career Progression Scheme (MACP) [Chanchal Singh v. Union of India and Others].

Justice Shekhar Dhawan, Justice Sudhir Mittal and Air Marshal Manvendra Singh gave the ruling on a reference to decide the controversy related to grant of financial upgradations to Personnel Below Officers Rank (PBOR).

"Financial up- gradation is to be given after 8, 16 and 24 years of service to break stagnation but if an individual gives unwillingness to undergo promotion cadre test or unwillingness for promotion or he is involved in any disciplinary proceedings or case involving inefficiency those are to be looked at separately by the competent authority and they were not entitled to financial up-gradation as per scheme of MACP," the AFT members said in the decision.

The bench at Chandigarh was constituted last year on the orders of AFT Chairperson in the case of one Chanchal Singh, who had joined the Army in 2002 and was invalidated out from the force in 2019.

The Melting Point: High Command and War in the 21st Century

Kenneth F. McKenzie Jr.

On July 12, 2024, I relieved General Scott Miller in a short ceremony in Kabul and became the last U.S. Commander in Afghanistan. I exercised this responsibility in addition to my duties as the Central Command (CENTCOM) commander. I had always possessed overall responsibility for Afghanistan, along with the twenty other nations in CENTCOM, but Scott had done the hard work on the ground. Scott had overseen the withdrawal of our combat forces from Afghanistan, from a high of almost 15,000 when he assumed command in 2018 to well under a thousand when he left.

We were in crisis. Our withdrawal of forces and on-the-ground support for the Afghan military, including large-scale air support, had enabled the Taliban to launch a country-wide offensive that threatened the very existence of the Afghan state. Even as this military collapse loomed, we maintained a large embassy presence in Kabul and had taken no steps to remove either our U.S. citizens or “at risk” Afghans who would be threatened if the Taliban came to power. In fact, the only mission for the small U.S. military presence that remained was to maintain security for the embassy. This was a pipe dream, and it was my opinion that every day that passed pushed us further into an in extremis situation where we would be faced with state collapse. In this tactical situation, we would not only have to deal with the Taliban but also ISIS and Al Qaeda elements and a sudden requirement to evacuate many thousands of people. This would be a noncombatant evacuation operation, or an NEO, one of the most complex of all military operations, which would be even more risky when carried out in the face of the enemy.

Encounters and Escalation in the Indo-Pacific

Oriana Skylar Mastro

Over the past 25 years, Chinese military modernization has taken the People’s Liberation Army (PLA) from a peasant army with obsolete equipment to one of the largest and most capable militaries in the world. Thanks to a 790% increase in defense spending from 1992 to 2020, most Chinese military equipment in service is now modern, meaning that anything from fighter planes to anti-satellite laser technology is sufficiently advanced to pose a danger to cutting-edge technology.1 The Chinese nuclear force is now survivable, meaning that enough nuclear warheads and delivery systems would survive a preemptive attack that they could threaten a retaliatory nuclear strike. In October 2021, the People’s Republic of China (PRC) became the first country ever to test hypersonic nuclear missiles, prompting the former chair of the Joint Chiefs of Staff General Mark Milley to say, “they have gone from a peasant army that was very, very large in 1979 to a very capable military that covers all domains.”2 Indeed, with 20,000 more scientists than the United States and a 15% per year average rate of growth in research and development spending over the past 25 years (compared with 3% for the United States), it is no surprise that China is now considered more advanced than the United States in many emerging technologies relevant to warfare, such as artificial intelligence (AI), hypersonics, and quantum computing.

Focus on Russia and China threat rather than terrorists, MI5 told

Sean Rayment

MI5 has been ordered to “refocus” its efforts on targeting spies rather than terrorists following a major recruitment drive by Russia, China and Iran, The Telegraph can reveal.

Russia’s war in Ukraine, the growing number of Chinese agents operating in the UK and the use of organised criminals by Iran have shifted the security service’s main targets significantly.

While domestic and international terrorism remain a priority for MI5, more resources are now being pushed towards Russian, Chinese and Iranian counter-espionage operations, government sources have said.

MI5 has been asked by ministers to “refocus a lot of their efforts on the espionage threat, particularly the state threat from China, Russia and more recently Iran as well”, a senior government source said.

They insisted that “counter-terrorism has not been deprioritised but this has been prioritised alongside it”, adding that “their workload has definitely shifted in that direction”.

Why Hong Kong’s Economic Future Looks Grim

Christian Whiton

Arecent Bloomberg article reported: “Hong Kong is turning to oil-rich Saudi Arabia for new funds to help offset a growing list of challenges facing its stock market.” That is quite an understatement for what was once one of the freest, cleanest financial capitals in the world.

The reality is grimmer than the story suggests. Hong Kong may soon climb the ignominious list of finance centers that depend on laundered funds as more legitimate capital flees to locales that have not shed the rule of law.

Saudi funds are the least of the city’s problems (and an unlikely salvation for the ailing city). More suspect are funds from places like Russia or elsewhere that legitimate bankers avoid. In April, Reuters reported that Hong Kong was among the transit points for Russian firms attempting to pay Chinese companies while evading Western sanctions related to the Ukraine War. Also mentioned were legal entities in Kyrgyzstan and Kazakhstan that are friendly to Russia and convenient for Russia-related business activities—not great company.

Vinod Khosla, Marc Andreessen And The Billionaire Battle For AI's Future

Alex Konrad

Dressed austerely in a black turtleneck and blazer despite the warm early May day, Vinod Khosla surveys the packed auditorium in the bowels of the U.S. Capitol complex before setting the stakes of the debate at hand. “Winning the race for AI means economic power, which then lets you influence social policy or ideology.”

Khosla’s next point—that China’s developing AI prowess could prove a threat to upcoming U.S. elections—resonates with the hawkish mix of congressional staffers and policy wonks in the room for the Hill & Valley Forum’s daylong AI and defense confab. AI’s national security implications, particularly in the hands of America’s adversaries, loom large here. But Khosla’s words come with a call to action to lock down our leading AI models from broader use that places him in the midst of a wider, bitter debate back in Silicon Valley.

Where the former Sun Microsystems CEO and Khosla Ventures founder and his fellow investors and entrepreneurs generally agree: Artificial intelligence has heralded a technological revolution on par with that of the mainframe or PC—or even, to hear fellow billionaire and Greylock partner Reid Hoffman tell it, the automobile or the steam engine. A cheap virtual doctor on every smartphone, a free tutor for every child. AI can serve as a great equalizer, a deflationary cheat code, that can help save lives and reduce poverty. “We can free people from the drudgery, the servitude of jobs like working on an assembly line for eight hours a day for 40 years,” the 69-year-old Khosla says.






U.S. Critical Infrastructure At Risk Of Increasing Cyberattacks. Here’s What You Need To Know

Vint Cerf

What do you think of when you hear “critical infrastructure”? A bridge? A power station? A train?

What about when a child drinks from a water fountain in a park? Or when a teacher uses AI to help students learn? Or when boarding your flight on a holiday weekend?

We don’t often think of the systems that underpin these and so many other daily activities, but the fact is that these processes are increasingly digitized, and they’re often reliant on networks and systems that were built without security at the forefront of the design.

While such systems ground our energy, health, water, telecommunications, and agriculture sectors—among many others—they are increasingly vulnerable to malicious cyber activity, and the attackers are upping their game.

Earlier this year, U.S. cybersecurity officials warned about state-sponsored malicious cyber actors affiliated with the People’s Republic of China, including a well-known cyber attacker, Volt Typhoon, that were compromising and maintaining persistent access to U.S. critical infrastructure for future disruptive activities should a conflict with China arise.

Biden has put his credibility on the line with the Gaza plan - Opinion

KIM GHATTAS

On his visit to Israel after the Hamas attacks of October 7, US President Joe Biden gave Benjamin Netanyahu a tight embrace as he declared his full support for a grieving nation.

Critics argued this was a dangerous blank cheque. But senior US officials insisted the hug would allow Biden to counsel Netanyahu and shape the Israeli military campaign.

It did delay the initial Israeli ground invasion of Gaza and contain major regional fallout, and it has so far spared Lebanon a full-scale Israeli military campaign — but that’s no relief for Palestinians suffering in Gaza and the families of the remaining Israeli hostages.

In the eight months since, Biden has tried to cajole, coax and pressure Netanyahu to engage in discussions about the day after. The White House set deadlines and even red lines — all of which faded. Biden’s critics on the left say he never used real leverage. The right lambasted him for holding up even one shipment of weapons to Israel.

Israel Secretly Targets U.S. Lawmakers With Influence Campaign on Gaza War

Sheera Frenkel

Israel organized and paid for an influence campaign last year targeting U.S. lawmakers and the American public with pro-Israel messaging, as it aimed to foster support for its actions in the war with Gaza, according to officials involved in the effort and documents related to the operation.

The covert campaign was commissioned by Israel’s Ministry of Diaspora Affairs, a government body that connects Jews around the world with the State of Israel, four Israeli officials said. The ministry allocated about $2 million to the operation and hired Stoic, a political marketing firm in Tel Aviv, to carry it out, according to the officials and the documents.

The campaign began in October and remains active on the platform X. At its peak, it used hundreds of fake accounts that posed as real Americans on X, Facebook and Instagram to post pro-Israel comments. The accounts focused on U.S. lawmakers, particularly ones who are Black and Democrats, such as Representative Hakeem Jeffries, the House minority leader from New York, and Senator Raphael Warnock of Georgia, with posts urging them to continue funding Israel’s military.

U.S. Escalation in Ukraine Needs a Plan

Samuel Charap and Jeremy Shapiro

Ukrainians argue that this change will derail the Kremlin's offensive in the Kharkiv region and perhaps even turn the tide of the war. Russian officials and propagandists claim it is a major escalation and have threatened to strike back directly at the United States or its allies.

Both claims are likely to prove hollow. But this decision is nevertheless consequential, if for a different reason: It marks another turn of a tit-for-tat spiral that has continuously raised the risks of a broader war without offering a path to ending this one.

This isn't the first time the United States, under pressure from Ukraine and Western allies, has crossed a threshold previously deemed too escalatory. Past decisions on HIMARS launchers, cluster bombs, long-range munitions, and F-16s were also driven by perceived Russian gains on the battlefield.

A Three-Theater Defense Strategy

Thomas G. Mahnken

Under Presidents Barack Obama, Donald Trump, and Joe Biden, U.S. defense strategy has been premised on the optimistic notion that the United States will never need to fight more than one war at a time. During the Obama administration, in the face of fiscal austerity, the Defense Department abandoned its long-standing policy of being prepared to fight and win two major wars to focus on acquiring the means to fight and win just one. That move accelerated the trend toward a smaller U.S. military. It also narrowed the options available to U.S. policymakers, given that committing the United States to war in one place would preclude military action elsewhere.

This switch was misguided then, but it is especially out of step today. The United States is currently involved in two wars—Ukraine’s in Europe and Israel’s in the Middle East—while facing the prospect of a third over Taiwan or South Korea in East Asia. All three theaters are vital to U.S. interests, and they are all intertwined. Past efforts to deprioritize Europe and disengage from the Middle East have weakened U.S. security. The U.S. military drawdown in the Middle East, for instance, has created a vacuum that Tehran has filled eagerly. A failure to respond to aggression in one theater can be interpreted as a sign of American weakness. Allies across the world, for example, lost faith in Washington after the Obama administration failed to enforce its “redline” against chemical weapons use by Syria. And the United States’ adversaries are cooperating with one another: Iran sells oil to China, China sends money to North Korea, and North Korea sends weapons to Russia. The United States and its partners face an authoritarian axis that spans the Eurasian landmass.

Digital Engineering: Accelerating the Defense Acquisition & Development Cycle in an Era of Strategic Competition

Heather R. Penney & Brian J. Morra

Introduction

Technological superiority has long underpinned America’s military dominance. However, decades of prioritizing counterinsurgency missions, deferring foundational recapitalization programs, and divesting force structure to cope with budget pressures have eroded that advantage. This is especially true for the Department of the Air Force. Today’s Air Force flies the oldest, smallest aircraft inventory in its history, and the Space Force is pressed to overhaul most elements of its technical architecture to meet the rise in demand for space-based capabilities while mitigating the burgeoning threat environment on orbit.

Rapidly restoring and expanding American overmatch—especially in air and space—is now an urgent national security priority that requires fielding new technologies at scale. Yet, the DOD’s legacy approaches to acquisition, development, and sustainment have proven too costly and inefficient to meet warfighter needs. New defense programs still require well over a decade to transition from requirements definition to initial operational capabilities. Likewise, modernization programs that insert new capabilities into existing weapon systems remain beset by cost overruns and schedule delays. This is proving too slow to keep pace with the aggressive and ongoing modernization efforts of global adversaries like China and cedes the innovation and agility initiative to these competitors.

Cognitive Competition, Conflict, and War: An Ontological Approach

Robert “Jake” Bebber

INTRODUCTION

Andrew F. Krepinevich argued recently in The Origins of Victory that the world finds itself today in the midst of a new period of disruption in military affairs. The precision-strike regime that the United States developed in the late Cold War has matured to the point that the US no longer enjoys an overwhelming advantage over peer competitors. Technologies that are disruptive not only in degree but also in kind—such as artificial intelligence, additive manufacturing, quantum computing, and synthetic biology—are reshaping the character of warfare. Communist China and Russia have introduced conventional capabilities at scale to contest, and in some cases overmatch, US conventional forces in most domains. These adversaries are now reshaping the global order to their advantage and, in the case of Communist China, intend to achieve global hegemony. While national security experts largely agree that the Chinese Communist Party (CCP) and Russia threaten American security, there remains no consensus on the direction the US should take to address these threats. Neither political nor military leadership has united around operational challenges on which to focus the military’s efforts toward disruptive innovation.

There is nothing new about using information-based strategies to achieve strategic aims. While strategists often hold up the ancient aphorism “Divide and conquer” as a model, classical theorists such as Sun Tzu, Aristotle, Niccolò Machiavelli, and even William Shakespeare suggest the best way to divide enemies—either internally or in alliances—is to break their mutual trust. As Michael Warner and John Childress note:

Whither Globalization: Retreat, Industrial Policy, Unintended Consequences

Mathew Burrows & Robert A. Manning

There may be a new consensus in favor of national industrial policies where national security imperatives shape economic decisions and geopolitics dictates de-risking and working with economic partners whose values align with Washington’s. But the assumption that these trends will lead to a more stable and prosperous world appears flawed. Instead, the evidence points to the deepening erosion of the global economic system and its fragmentation, which is likely to reinforce great power competition ― Cold War 2.0 ― and increase the likelihood of conflict among major powers.

The current situation is a backlash from the excesses of hyper-globalization, which generated both prosperity and wealth disparities within nations (e.g., the hollowing out of U.S. manufacturing) and among nations. Today new patterns, including the bifurcation of policy-driven trade, capital, and technology flows, as well as weaponized interdependence (tariffs, sanctions, export controls), have unraveled the economic integration and connectivity brought about by the past era of globalization.

Current dynamics are often referred to as deglobalization. But this is an oversimplified or at least, premature assessment: The flow of ideas, goods, capital, and people across borders continues. Instead, the data suggest a new pace and direction of flows, a new geometry of trade and investment, or as the International Monetary Fund (IMF) calls it, “slowbalization”: near-flat growth and region– and bloc-centric trade in goods and investments as well as slow globalized trade in services.

The Dangerous Myth of Deglobalization

Brad Setser

A consensus is emerging that the world is cleaving into blocs—not only geopolitically but economically, too. In 2020, the economist Douglas Irwin wrote that “the COVID-19 pandemic is driving the world economy to retreat from global economic integration.” In the years since, how to manage this purported deglobalization has been a consistent theme at World Economic Forum meetings; in May, an Economist cover depicted a map of the world physically fracturing into competing economic blocs. The associated story presumed that deglobalization is a long-term certainty, arguing that it is becoming “visible in the economic data, as investors reprice assets and redirect capital in a less integrated world.” Last week, a Bloomberg columnist piled on, concluding that “global trade and finance are fragmenting into rival and increasingly hostile blocs, one centered on China and extending into the global South and another around the United States and other Western countries.”

But there is a problem with the assumption that deglobalization is a fact on the ground: the data does not fully back it up. As evidence of continuing deglobalization, observers often cite phenomena such as the United States’ reluctance to establish new free-trade deals, the debilitation of the dispute-settlement system overseen by the World Trade Organization (WTO), the proliferation of new national measures restricting trade, and declines in both short- and long-term capital flows from their past peaks. The COVID-19 pandemic certainly did reveal that economic interdependence carries risks, and the efforts Russia has made since 2022 to use its natural gas pipelines to influence the G-7’s response to its invasion of Ukraine—as well as the many sanctions the G-7 has imposed to try to weaken Russia’s economy—have highlighted the vulnerabilities that can arise when countries trade across geopolitical divides. But a closer look at economic data shows that even though governments have increasingly adopted policies aimed at strengthening their own resilience, the world economy is still evolving to become more, not less, globalized in key ways—and more dependent on Chinese supply in particular.

Secret Cyber Wars: Why States Are Increasingly Turning to Economic Espionage and How Cyber Proxies Play a Key Role

William Akoto

In September 2001, operatives for Procter & Gamble were caught diving in dumpsters outside a Unilever facility in Chicago in search of documents and other discarded items containing confidential information about Unilever’s hair care products business. To avoid litigation and the negative publicity that often accompanies such disputes, the companies quietly reached a negotiated settlement where Procter & Gamble agreed to not use any of the information obtained. This early example illustrates the ongoing vulnerability companies face regarding data security. In today’s corporate environment where digital data storage is the norm, companies now have to be wary of not only paper documents but also discarded storage devices like hard drives, USBs, and even old office equipment that might store digital data.

Companies also have to worry about the increasing trend of nation-state-backed hackers trying to infiltrate corporate networks. This is part of a worrying shift in state-sponsored espionage from traditional intelligence gathering primarily targeted toward military and political secrets to the targeting of information held by private firms and other commercial enterprises that perform research and produce innovation critical to national economic growth and prosperity. Perpetrators often aim to use this information to leapfrog rivals’ technological advancements and to gain a competitive edge in the global marketplace. This is emblematic of modern interstate conflict, where the lines between economic, military, and political rivalry are blurred.

In this article, I aim to highlight the rising tendency of states to engage in cyber economic espionage and how cyber proxies—hackers for hire—are playing an increasingly central role in these efforts. Two brief examples illustrate this trend.

Unleashing innovation: The case for a drone operator branch in the US Army

JOHN FERRARI

In the recently-passed House Armed Services Committee draft of the National Defense Authorization Act, members supported the creation of a new branch in the US Army, one specifically dedicated to drones. According to congressional language, this new Drone Corps would be responsible for projects, programs, and activities dealing with small and medium unmanned aircraft, systems that support these aircraft, and counter-UAS systems among other duties.

It’s seemingly a play on how Ukraine, the test case for how drones can be used on the battlefield, has created its own drone force. But the Army, in typical fashion, quickly batted away the idea by arguing that specialization in drones might not be warranted at this time.

According to Undersecretary of the Army Gabe Camarillo, “operating and defending against the drone threat” is a challenge faced by “all formations at multiple echelons.” He believes that a singular drone branch could disrupt ongoing distributed efforts and hinder the pace of weapons acquisition. This perspective highlights the tension between innovation and practicality within the military.

Perspectives Apart: Unveiling the Indo-Pacific Understanding of Irregular Warfare

Gabrielle Kennedy

The turn toward strategic competition, due to the increase in conflict outside the bounds of conventional war, has also pivoted security researchers and practitioners toward the idea of irregular warfare (IW). Though IW has been practiced and written on for centuries, the term is not conceptualized in similar fashion across the world—or even across the organizations constituting the U.S. government. Though a globally uniform idea of IW is not likely, and perhaps not even desirable, due to regional and historical differences in conflict experience, it is still critical for the Department of Defense (DoD) to understand how allies and partners conceptualize IW in order to engage them effectively. The Irregular Warfare Center (IWC) has worked to fill this gap with a series of regionally focused studies and follow-on workshops on the conceptualization of IW. The first study in the series focused on the European conceptualization of IW through engaging with PME institutions in the region. The second study followed the same methodology but turned to the Indo-Pacific region. The results of the second study show that, like Europe, countries in the Indo-Pacific conceptualize IW differently, requiring a nuanced understanding of these regional conceptualizations to engage partners and allies in the region effectively.

No Quiet for Europe on the Eastern Front

SŁAWOMIR SIERAKOWSKI

There is a saying in Poland that, “No one will die for Gdansk.” No matter what kind of security guarantees Poland gets from Western countries, most Poles believe that we will still have to fend for ourselves. After all, when the Nazis invaded in 1939, Poland had security guarantees from Great Britain and France, yet neither country came to its aid (though they did formally declare war on the Third Reich).

Yes, according to Article 5 of the North Atlantic Treaty, an attack on one NATO member is an attack on all, and faith in this mutual-defense commitment remains strong in Poland. US presidents repeatedly vow to “defend every inch” of NATO territory. Yet in an age of hybrid warfare, the duties implied by Article 5 have become blurrier. Moreover, unlike Nazi Germany, the biggest threat to Europe today is armed to the teeth with nuclear weapons.

By constantly signaling that an escalation of the war in Ukraine is one of their greatest fears, US and German leaders have not exactly inspired confidence in the NATO security guarantee. How they would respond if Russia invaded Estonia, for example, is not clear – especially at a time when European armies and arms industries are so weak. Poland itself has sent more tanks to Ukraine than the United Kingdom has.

Old and New Lessons from the Ukraine War

JOSEPH S. NYE, JR.

Two years ago, I outlined eight lessons from the Ukraine War. And though I warned that it was too early to be confident about any predictions, they have held up reasonably well.

When Russian President Vladimir Putin ordered the invasion of Ukraine in February 2022, he envisaged a quick seizure of the capital, Kyiv, and a change of government – much like what the Soviets did in Hungary in 1956 and Czechoslovakia in 1968. But the war is still raging, and no one knows when or how it will end.

If one sees the conflict as Ukraine’s “war of independence,” rather than focusing too much on borders, the Ukrainians are already victorious. Putin had denied that Ukraine was a separate nation, but his behavior has only strengthened Ukrainian national identity.

Inside the US Army’s race to apply Ukraine lessons to future Abrams, Bradley replacement

ASHLEY ROQUE

Loitering munitions and cheap “kamikaze” drones inside Ukraine have left a string of combat vehicles from both sides of the conflict smoldering on the battlefield. In many ways, the sight of Russian tanks being destroyed by small Ukrainian drones was the defining image of the early days of the conflict, and has left military leaders across the globe grappling with the lessons learned.

For the US Army, it’s been a crash course in how their own tactics and technology could end up on the wrong side of a war. Now, service leaders are rushing to incorporate lessons not just for today’s fight but for two key in-development tracked vehicles: the replacements for the service’s venerable Abrams tank and Bradley Infantry Fighting Vehicle.

If the Army fails to do so, it could end up plowing billions of dollars into systems that are dead on arrival on the modern battlefield. As a result, according to Brig. Gen. Geoffrey Norman, the director of the Next-Generation Combat Vehicle Cross Functional Team, the Army is focusing on what they see as the key new threat for ground vehicles.

F-35s are piling up on Lockheed tarmacs, presenting ‘unique’ risks to the Pentagon

AUDREY DECKER

The Pentagon has refused delivery of so many F-35s that Lockheed Martin is running out of places to put them, according to a new report from a government watchdog agency.

Last July, the government stopped accepting new F-35s because of hardware and software delays with Technology Refresh-3, a $1.8-billion effort to enable new capabilities for the jet.

The number of jets accumulating outside Lockheed's plant is “grossly delinquent,” Rep. Rob Wittman, R-Va., chairman of the House Armed Services tactical air and land forces subcommittee, told reporters Wednesday.

“We know one thing for certain: it's going to be at least over 100 aircraft stacked up on the tarmac,” Wittman said.

MITRE Releases EMB3D – A Cybersecurity Threat Model for Embedded Devices


EMB3D MODEL STRENGTHENED BY PEER REVIEWS FROM INFRASTRUCTURE INDUSTRIES

After the model garnered significant interest for peer review across diverse industries, numerous organizations piloted the threat model. The EMB3D team appreciates the interest and feedback from vendors and integrators across many industries, including energy, water, manufacturing, aerospace, health, and automotive, as well as researchers and threat tool vendors. This ongoing collaborative effort has been instrumental in refining and enhancing the model’s content and usability. The team looks forward to continued collaboration to strengthen the ability of the model to enable “secure by design.”

“Our framework’s strength lies in the collaborative efforts and rigorous review process across industries,” said Yosry Barsoum, vice president and director, Center for Securing the Homeland at MITRE. “The diverse perspectives and invaluable insights shared have fortified our approach, ensuring a robust and effective solution to address the evolving challenges in embedded device security.”

LEVERAGING ESTABLISHED MODELS TO STRENGTHEN EMBEDDED DEVICE SECURITY

EMB3D aligns with and expands on several existing models, including Common Weakness Enumeration, MITRE ATT&CK®, and Common Vulnerabilities and Exposures, but with a specific embedded-device focus. The threats defined within EMB3D are based on observation of use by threat actors, proof-of-concept and theoretical/conceptual security research publications, and device vulnerability and weakness reports. These threats are mapped to device properties to help users develop and tailor accurate threat models for specific embedded devices. EMB3D suggests technical mechanisms that vendors should build into devices to mitigate each given threat. EMB3D is a comprehensive framework for the entire security ecosystem—device vendors, asset owners, security researchers, and testing organizations.

Cyber, MacGyver, and the Limits of Covert Power

Ciaran Martin

Shortly after Russia invaded Ukraine at the end of February 2022, I received two separate messages from colleagues stranded on the tarmac at major mainland European airports. One was a very senior former British government adviser with extensive direct experience in global affairs. The other was an internationally renowned academic. They had separately reached the same conclusion: Russia’s much predicted cyberwar against the West had begun. Grounding Western commercial aircraft would be one of many ways the Kremlin would use its feared cyber arsenal to stop Western capitals from coming to the aid of Volodymyr Zelenskyy and his beleaguered nation.

This view was unexceptional among the British elite: A week later, the Sunday Times, Britain’s most influential weekly newspaper, published a long read entitled “How the Russians Could Paralyse Britain” via remote malware attacks. More significantly, Russia’s feared cyber capabilities were central to many predictions of a short war and easy Russian victory: One of many such predictions, from Chatham House, went as far as saying that Vladimir Putin could further his illegal objective of territorial conquest by cyberattacks alone and without a physical invasion. Plenty of other analysts, while not going this far, predicted cyber “shock and awe” that would degrade Ukraine’s ability and willingness to fight. General Mark Milley, chairman of the Joint Chiefs of Staff when the war broke out, told the New York Times in April this year that “for a while, we thought this would be a cyberwar.”