A Death Knell for the International Norms of Cyber Conflict – Modern War Institute, US Military Academy

My essay for the Modern War Institute, US Military Academy at West Point: https://mwi.usma.edu/death-knell-international-norms-cyber-conflict/.

On July 8, Michael Schmitt, a law professor and former judge advocate in the US Air Force, posted a perplexing tweet about changing his mind on the “status of cyber capabilities as ‘weapons.’” He followed it up with the link to a recent paper he coauthored for the International Law Studies journal of the US Naval War College.

Continue reading “A Death Knell for the International Norms of Cyber Conflict – Modern War Institute, US Military Academy”

Understanding strategic threat Intelligence – SC Magazine

Written for the SC Magazine: https://www.scmagazineuk.com/understanding-strategic-threat-intelligence/article/1685804.

In March 2020, Booz Allen Hamilton released a fascinating dossier analysing the cyber operations of GRU, the Russian military intelligence agency, spanning 15 years. The dossier ran the traditional cyber threat intelligence (CTI) tradecraft through an impressive analytic process, thus credibly gluing the cyber operations of GRU to the doctrinal framework and geopolitical imperatives of the Russian state.

Continue reading “Understanding strategic threat Intelligence – SC Magazine”

How the MSSPs Can Strive to be Detection Ninjas – Infosecurity Mag

For the Infosecurity Mag: https://www.infosecurity-magazine.com/opinions/mssps-strive-detection-ninjas/.

I am having some strange epiphanies as I go knee-deep into SIEM engineering. While the MSSPs have existed in all flavors and sizes, there seems to be a broad consensus that they simply can’t mimic the capabilities of an in-house security operations function – especially when it comes to gaining context, visibility and speed.

Continue reading “How the MSSPs Can Strive to be Detection Ninjas – Infosecurity Mag”

What Microsoft needs to get right about cyber norms

In my recent essay for the Centre for Internet & Society, I surmised that the current initiatives to derive cyber norms within the ambit of international law could be incongruous with the technical dynamics of cyber operations. I shed light on the critical fissures in global attempts to establish normative frameworks for cyberspace.

Continue reading “What Microsoft needs to get right about cyber norms”

Lessons from Kudankulam – Part II: Targeting, jointness & offensive toolchains

I may (or may not) do a series of quick posts highlighting the strategic challenges encountered while investigating a cyberattack like Kudankulam. They would be filed under the ‘lessons-from-kudankulam‘ tag. Since our agencies were literally caught napping, this is a good primer for understanding what nation-state-level cyber capabilities entail:

Some dumbified excerpts from my dispatches to the government:

Continue reading “Lessons from Kudankulam – Part II: Targeting, jointness & offensive toolchains”

Lessons from Kudankulam – I: Recreating the target context

I may (or may not) do a series of quick posts highlighting the strategic challenges encountered while investigating a cyberattack like Kudankulam. They would be filed under the ‘lessons-from-kudankulam‘ tag. Since our agencies were literally caught napping, this is a good primer for understanding what nation-state-level cyber capabilities entail:

Continue reading “Lessons from Kudankulam – I: Recreating the target context”