Running late with the deadline for your work? Then we are your reliable assistant in paper help.
Get ready to ask for our assistance when you need essays, research or course works, reports, case studies, etc. Our experts have seen it all and are ready to start working on your assignment right away. Go for it!
With over 6 years of experience in the custom writing service, our team of support agents, managers, editors and writers has got a lot of knowledge about everything that may be required by you. Heres what you get for sure when cooperating with us:
Everyone needs some paper help from time to time, because we are only human.
Our prices start at $10 per page for works completed from scratch and from only $6 per page you need to be edited and proofread.
What factors influence the cost of our paper writing services? There are 5 of them:
Youre a lucky client! Why? Because you never pay for everything. You have lots of freebies to go with every single assignment. They are:
Asking for our paper writing help, you dont only pay us. We also pay you! You can receive up to 15% bonuses back and even earn money with our referral program.
We understand that sometimes you may want your deeds to go unknown. That is why we guarantee your complete privacy and security with our paper help writing service. After registration, you receive a unique ID and that is the only thing along with your instructions visible to our experts. Only our support team will see all the details you provide to be able to contact you in case any questions arise and send you a happy birthday discount on your special day.
Our custom writing service is completely ethical and provides busy students with great resources for their assignments. In the modern world when we need to do a lot of things at the same time, its nice to know you can count on someone for back up. We are always here to create the needed sample or perfect your work through editing/proofreading or explain the solutions to any problems you may have. Find out how much more free time you can get with our writing help.
Phd dissertation for dummies nyu mfa in creative writing LaGuardia Community College, dissertation politique monetaire bce CUNY Graduate Center, Rockefeller University web reportage france info paris Hamilton. University at Buffalo to kill a mockingbird chapter 26 summary sparknotes case study international business strategy Greenwich Court zip 10014. Skidmore College, Saratoga Springs endogenous antigen processing and presentation exemple de dissertation corrige bac Bronx SUNY Plattsburgh, Saint Joseph's College (Suffolk Campus) toekomst van de stad essays for scholarships Montgomery Street zip 10002.
Phd dissertation for dummies capstone microturbine telephone thesis topics in international conflict management good morning everyone I'm Fred camp I'm presidency over the Atlantic Council and it's my privilege to welcome you to the council's conference Russia's cyber operations in Ukraine and beyond this important dialogue is part one of a two-part event on Thursday and congressmen heard we're very proud to say this we'll take this conversation on the road to San Antonio City notable not only as the home of US Cyber Command headquarters but also congressman Hertz district and a growing hub for the tech industry this is indicative of the way the council likes to do business we strive to link what we do in the Beltway into broader populations taking issues to the communities the impact from US cities and states to domestic constituencies of our international partners it just isn't enough to make the arguments we need to make within Washington today if it ever was today we're also live streaming the day's events so we welcome all those joining us remotely we encourage everyone to be part of the discussion by using the hashtag Russia factor so hashtag Russia factor I'm honored to welcome our keynote speakers congressman will Hurd who represents Texas's 23rd congressional district Demetriou shim kif the deputy head of presidential administration in Ukraine thank you both for joining us today to bring your valuable insights to the discussion let me also recognize our partner in this effort the victor Pinchuk foundation whose support and collaboration has helped produce a timely and noteworthy event a warm welcome to Benjamin Loring mr. Benjamin Loring a head of the board of the Victor Pinchak foundation who is here with us today in a few minutes we'll introduce our Ukrainian speaker I also send our congratulations back to Victor I was just in Davos the Ukrainian breakfast there has been has been a standard for a long time like the Atlantic Council here in Washington stood for Ukraine's independence and sovereignty and this year there was a Ukraine house as well which was a big deal and in a new addition to Davos and very very popular among people there we'll hear from many sustained 'wish speakers this morning including cybersecurity experts from Ukraine in the United States and several of our own our own experts here at the Atlantic Council so thank you for to those who traveled here some from very far away I had enough trouble getting here from Chevy Chase DC this morning in the traffic so praise all of you who came even further the conference lies at the intersection of several of the Atlantic Council lines of effort conducted through our Eurasia center digital forensic research lab and cyber statecraft initiative all these groups have together work to catalyze the transatlantic community's response to cybersecurity threats arising from malicious actors including Russia and take steps toward safeguarding democracy today's discussion is also indicative of the Atlantic Council's focus on Europe's East Ukraine is at the heart of this programming and research at the council's Eurasia Centre and since 2014 it's not just the center but the Atlantic Council large has made Ukraine's sovereignty security and reform process an urgent priority not just for the purpose of Ukraine or even the purpose of its region or even the purpose just of Europe but for the purpose of rule of law and and and securing and defending the international liberal order we've worked and we will continue to work to support a secure independent Ukraine anchored in Europe the Eurasia center together with the council's digital forensic research lab out of this commitment has also had a greater commitment over time in looking at the Kremlin's hybrid warfare over the last year we've put the spotlight on the spread of Russia Russia's targeted disinformation campaigns in Ukraine and across the west through events such as disinfo conference in June of 2017 Stratcom conference in September as well as several important reports on topics such as artificial intelligence and the Kremlin's Trojan horse in Europe in June we'll do a major convening in Berlin around these issues and also the training of citizen activists and journalists and how to do counter disinformation as the United States and European Union have increasingly become targets of the Kremlin cyber operations lessons learned from Ukraine's experience can and should play a key role in formulating a robust transatlantic response we'll continue to engage Western policymakers and cyber security experts to facilitate this critical and timely dialogue with their Ukrainian colleagues to kick us off today it's my distinct pleasure to welcome congressman will Hurd and mr. demitriou shim keffe to deliver keynote addresses I'll introduce congressman Hurd and then our Ukrainian guests will be introduced by our partner from the Pinchak foundation hailing from Texas and born embraced in his district congressman Hurd has been a member of the US House of Representatives since 2015 so very often we come up here and say oh the 23rd district and everyone in the audience kind of wonders what that is think San Antonio to El Paso think to timezones think eight hundred fifty eight hundred twenty mile border a border where there's a lot of debate over a wall as you know and I think some of our Ukraine guests wouldn't mind if the wall were put somewhere else but in any case he has a fascinating place I think if you drive across the whole thing it takes how many hours ten hours at 80 miles per hour which you can actually do in the 23rd district so and he's also one of the rising stars in this town and in the United States on national security issues prior to being Congress when he served the nation in another capacity as an undercover officer of the CIA he also spent time as a senior advisor with a cybersecurity firm and a partner with a strategic advisory firm helping businesses expand in international markets in 2017 with all this background I suppose it's no surprise that he should be appointed to serve on the house permanent Select Committee on Intelligence he is also a member of the Committee on Homeland Security where he's a vice chair of the border and maritime security subcommittee and a member of the committee of Oversight and Government Reform where he chairs information technology subcommittee congressman you're uniquely positioned to speak on these issues and we're honored to have you here to open the discussion with that for yours [Applause] I want to thank Fred and the Atlantic Council for for really sharpening my focus on on this topic I my time in the CIA was in South Asia I did two years in India two years in Pakistan the two years in New York City doing interagency work and then a year and a half in Afghanistan and in Afghanistan I managed Oliver undercover operations but since I've been in Congress I've talked more about Ukraine Moldova Estonia then I do those those three those three countries and part of that is is because of the Atlantic Council kind of educating me on these issues and part of this is because I chased Russian intelligence officers all across the world and you realize that the center of gravity of this geopolitical struggle is Ukraine and having been there in my first trip you know I I like to say I'm a little bit I'm a fairly sophisticated observer of what's happening around the world but I learned at my my my time my first trip to keeve one it skeeve not Kiev okay that's that's step one that's that's that just that alone I think is an indication of information operations right to to the false narrative that what was happening in eastern Ukraine and the dawn boss was separatist movement it's not separatist movement those 920 tanks that are in the eastern Ukraine are Russian tanks there are Russian officers that are leading activities in Ukraine in the eastern Ukraine and when the rest of the international community refers to it as a separatist movement you're feeding that narrative that the Russians are trying it is very clear it is an invasion of a country and so if you if the international community can't even agree or is not calling that what it is then the Russians are winning being on hypsi when I got on hypsi the house permanent Select Committee on Intelligence it's kind of a full circle for me because when I was in the CIA I was the dude in the back alleys at four o'clock in the morning collecting intelligence on threats to our homeland best job on the planet but I also had to brief members of Congress and I was pretty shocked by the caliber of our elected leaders so my mother said you the part of the problem part solution that's why I ultimately ran for Congress and when I got on the permanent Select Committee on Intelligence I would not have thought that the bulk of my time would be talking about elections in the United States it's very clear the Russians we're trying to manipulate our elections for one clear reason to erode trust in our democratic institutions and guess what the Russians are winning here when you have the press criticizing Congress for shining a light on activities within the government that's a problem when you have Republicans and Democrats unable to agree with each other just because the idea came from the other side that's a problem and when you have a gap or even a perceived gap between the White House the intelligence community and the legislative branch that's a problem I have said many times that grisly step this is this is what the US intelligence community refers to the Russian activity in our elections that's that that's kind of the word that's used for it this is going to go down in history in Russian history in the history of Mother Russia as the greatest covert action campaign why because they're succeeding and eroding that trust in our institutions they're succeeding in eroding trust in multinational organizations like NATO NATO is important the reason there's been peace and prosperity in Europe for almost 100 years is because of NATO the Russians understand that they cannot win a physical fight with NATO or the United States they know they can't win an economic fight so they have to resort to asymmetrical warfare and part of that is voting trust Russian activities influence our 2016 US elections require the development of a u.s. counter disinformation strategy against these influence operations instead of talking about whether or not the Russians got involved we should be talking about how do we prepare and to deal with this now we have some problem structurally in the United States from doing that disinformation is a part of covert action covert action is responsibility of our intelligence services specifically the CIA the National Security Act of 1947 says the CIA can't do operations in the United States so who's should be responsible who should be responsible when it comes to disinformation and if we want to be narrow disinformation when it comes to our campaigns maybe maybe it's an organization like the National Association of secretaries of state maybe they could be the entity that coordinates because they're the ones ultimately responsible for our elections but I think we have a model that we should be using and thinking about when it comes to disinformation and that's CVE or countering violent extremism State excuse me Department of Homeland Security is the entity designed to do that countering and Islamic extremism message is very similar to countering a disinformation campaign our social media companies are looking to highlight how the Russian actors were utilizing their tools and to look at those tactics techniques and procedures and figure out how to stop it in the future this was fairly successful in the German and French elections but we need to make sure that we have clear roles between the public and private sector on how to do that and I'm glad there's groups like the Atlantic Council that's shining a light on this issue I'm glad there's groups like jigsaw jigsaw is part of Google or alphabet that have actually met with fake and whose developers to understand their there are tactics techniques and procedures we have groups like the Alliance for securing democracy which is trying to shine a light on these issues so this is a a problem that we need to be prepared for it is a problem that we are not prepared for and it starts with recognizing that there is a problem and it's great to be able to have allies like the Ukraine on this issue I learned something in my travels to Ukrainian Estonia and Poland the closer you are to Russia the less likely you are to believe their nonsense now the converse of this rule is true as well the farther away you are from Russia the Morse acceptable you are to their messaging and that's why we have a lot to learn that's why I'm glad to take the metro to San Antonio to talk with leaders there I'm glad that we have friends like him because they are ground zero on this fight we should be working together and I'm looking forward today to voting YES on a piece of legislation coming out of the house about improving cooperation when comes the cybersecurity and we need to take that even step further we need be improving our collect or our cooperation on electronic warfare the Russians are using the latest and greatest tools that they have they're learning how to to sharpen their tactics in the Donbass region and we're seeing that exported to other parts of the world so let's work with an ally who have the capabilities the willingness to stand up to Russia because what happens in Ukraine is going to happen in in the rest of Europe so I'm glad to have to be able to say that in my time in Congress the places I've traveled the most is Ukraine and because it's an important issue not only to your country in our country but for the world so thank you all for being here today and enjoy the rest of the activities [Applause] Thank You Kurt congressman Hurd for your remarks and we await you in Ukraine we look forward to your next trip good morning I am Benjamin Loring I am a head of the board of the Viktor Pinchak Foundation and on the behalf of our founder Viktor Pinchak I want to welcome you to today's conference on this important issue of Russian cyber operations and their application in Ukraine we are very pleased to partner with the Atlantic Council on this important initiative and we view it as a part of our broader cooperation on the Ukraine and Europe initiative which is critical in our view to keeping the momentum for reforms going in Ukraine for educating policy makers in this country about Ukraine's concerns and issues and for guarding the sovereignty and territorial integrity of of the country the Viktor pen trick foundation provides a large number of platforms and for over a decade has sought to enhance understanding about Ukraine's international international partners its international perspectives its challenges in the area of security through the Yalta European strategy conference that happens every fall and at which most recently we had congressman Hurd at the davos Ukrainian breakfast and our side events at the Munich Security Conference next week and through the expert roundtables and public lectures that we hold in Ukraine all devoted to critical issues around Ukraine's national security and in all of these we've had the involvement and participation of our friends at the Atlantic Council and we're very pleased with our cooperation these are important for enhancing decision-makers understanding of critical issues it's important for opening dialogues between Ukraine and its international partners it's critical for raising urgent and often difficult questions about Ukraine's way forward and for keeping Ukraine on the international agenda and keeping the spotlight on on the country so today to discuss our Ukraine's opportunity the opportunity that it offers to the world in the world in terms of being able to teach a lot more about Russia's cyber operations it's my pleasure to introduce to Metro Shimkus who is deputy head of the administration of the president of Ukraine but before coming to public service he served for 20 years in leadership positions in the IT industry most recently as general manager of Microsoft Ukraine and he is one of the foremost experts in the government and in the country indeed on cyber security issues so please give a warm welcome to mr. Shimkus [Applause] good morning first of all it's big big honor to be here and speak with this distinguished audience I want to start with I want to start with the thank you thank you thank you for having the conference thank you for having this discussion about cyber security and national security threat to my country us always been on the front line supporting Ukrainian independence sovereignty and integrity I want to thank you Atlantic Council and Victor Pinchot foundation for making it here today which is extremely important day because the very important bill I will be I hope voted today in the Congress I want to thank congressman Boyle Fitzpatrick Royce and of course heard congressman hood who give a nice welcome speech now this is we are talking about Ukrainian cyber security cooperation Act which put a cooperation between Ukraine and us in the cybersecurity area to absolutely different level which put a requirement for us officials and Ukrainian official to put cooperation to different level to much deeper cooperation between educational institutions between industries and between governments but nevertheless even before the this legislation is all in place I want to thank you Department of Energy who during the last two years been training personnel on the cyber security issues I want to thank you White House for organizing and coordinating u.s. Ukraine cybersecurity dialogue which took place the autumn last year I want to thank you State Department who sponsored the higher the engagement of Miller to do a first report on the cyber security state of the cyber security infrastructure in Ukraine and the first I've just read the first report and the next week there will be a big working group discussion and a bit of simulation so I'm really looking forward for this type of cooperation when it's become very practical and of course Nader whose support and Finance creation of the first cybersecurity centers in Ukraine so when we talking about cyber security and cyber war that Russia started in Ukraine it's not started in Ukraine it started in Estonia it started in Georgia and Ukraine was the pitch point where Russia unfolded all types and forms of aggression against sovereign country but then using Ukraine as a playground where target was Western civilization Western values democracy in the principles that's been governing and ensuring peace in the world the retired retired Lieutenant General Charles Cleveland in his testimony to the Congress on the Russian aggression and covered operation the traceur execute in in Ukraine highlighted that we always been focusing on the firm four main areas of sphere of war land sea air space there is two new cyber and human and this is two important areas which the world is failing and I'm not afraid to say that we've been failing and Russia been using the weaknesses of the world to attack where nobody was expecting where we we where the attack was about trust individual to individual country to country company to company citizens to government this is all is at stake today so when we look at try to analyze what's actually is Russia strategy in the cyber space we all know about famous five D there is a four D they not yet destroyed real physical infrastructure but they deny the great disrupt and deceive this is full things that Russia puts as a strategy for all cyber security operations in Ukraine and the rest of the world I think that you know a lot of strong political statement is goodbye I want to give you examples how things that happened initially in Ukraine later being scaled in other areas in other countries there is four main areas where we've seen operations that Russia is executing critical infrastructure political infrastructure social infrastructure and intelligence let's look at the first one critical infrastructure 2015 and 2016 attack on the electricity grid three power plants been down we had a blackout which again due to the a kind of good activity and fast reaction of the personnel was mitigated but the hack has been sitting on the network for half a year collecting information and and he should call a would movie where the person who sits in front of his terminal suddenly see the demise switching off the power supply to the grip and then the same virus was found in American grid financials 2016 Minister of Finance was wiped out completely few days before the budget in voting in the palate all including Treasury so no transaction was possible we've seen this similar operation and similar activity in other places in the world as well 2017 attack on the transportation infrastructure the virus and attacks was going on the port Seaport Airport Metro in Kiev and minister of infrastructure again we've seen a similar activity similar strategy of Russia in other places of course in the classical cybersecurity world we can't say Russia but here in this room we say Russia despite the fact that there is attribution and evidence shows that there is one country who wants to destroy Ukraine and the Western civilization now looks let's look at the political infrastructure and the first is electoral system 2014 elections in Ukraine they completely a day before wiped out the whole infrastructure in there the election committee and then they orchestrated the fake distribution in the news who won the first election who is leading in the in devoting to create a disruption and deceiving across the Ukrainian population so election infrastructure but then another part which is part of the electoral system is people who vote so influencing political parties influencing individual creating fake news again targeting print media all type of media to disrupt and deceive to change the perception particularly at the moment where people vote because you can do it you're not restricted for advertising if you do it on the last minute and they've done it and then let's see what what happened in you ask this year last year and then similar stories Montenegro u.s. France Germany Netherlands and one of the story which is also interesting in the East Qatar how you can create a diplomatic crisis out of the simple website but they did it so now about social infrastructure now it's we're talking about citizens citizens mistrust citizens meat mistrust to companies citizens mistrust to to government citizens mistrust so they trying to influence public opinion through the fake news and one of the response to this for the last four years Ukraine been on again on the front line of the fake news we find a way how to fight this we have teams of like stop fake NGO which is united more than a 1000 journalists who put together and destroy proof that the fake news are fake it took significant amount I for European Parliament to understand this and create a special group in EU but it's still too small and they the there are produced news on the massive scale it's an avalanche of the fake news and they don't need you don't need to make fake news 100% fake you make them 20% fake 40% fake and then you play with it people you through intelligence gathering on individuals you know their profiles nervous narrow scientists and sociologists can orchestrate in a campaign which will influence your behavior my behavior my kids behavior because we're human and there is no defense lines around us because we will response to aggressivity we will response the anything that's triggered our emotions and targeting individual and business is as part of the social infrastructure to create uncertainty not pity the virus bat rabbit this has all been targeted to destroy the full infrastructure and now we go into the fullest area intelligence gathering we shut down social networks to major social networks in Ukraine from Russia of contact and underclass Nicky the total coverage of population is around 20 million so it's half of Ukrainian population has their pictures their friends their profiles their skills their emotions in one big system which has a direct feed to f as we can you orchestrate their opinions in the regions in the genders in the age groups you can inject things and not pay taxes paid a virus in Ukraine and the big disruption which was directly targeting Ukraine not disruption not destroying the infrastructure the target was initially collecting intelligence about biggest tax payers the virus was deployed on the computers of the CFO's and chief accountants we're all bills we're all digital signatures we're all contracts were all critical data about companies being stored intelligence is one big area where cyber warfare is taking place so what happened to know during all this in Ukraine we've learned thanks to the training and support from US and other international partners we try to boost awareness we introduce new law we introduce new infrastructure we put the President issued a decree where the whole framework of the cybersecurity infrastructure being developed in Ukrainian it's begain based on the rent advisory that we we asked for help at the beginning of the term of the president we focus on people training both individuals but also people I can talk about presidential administration we are training regularly employees to understand what could happen of their negligence towards the cybersecurity area we have a new cyber police and many institutions are trying to build infrastructure to it that will target or protect the state so where we need cooperation going forward and I the first is building capability the capability today in the globe and it's not only in Ukrainian but in Germany France UK us is lack of resources professionals can we retain these professionals in the government no we are not competitive sorry I know I work for the government bike I cannot pay the salary that is paid in the private sector so how we can unite private sector serving the public sector how this cooperation how we can train this capacity building for common good second is awareness awareness the key don't click the mail don't go on this side it's very simple don't install an application you don't know on your father's iPad and it's a very very very basic things but awareness and understanding is a critical and it's need to start from the kids and it's go through the universities and it goes to the work labor force need to know what they shouldn't do and what it leads to this email looks like it's sent from the tax authority no the email was a targeted virus for this individual we also face the specific viruses written for specific individuals for targeting primary teams in the international relations area or military finally cooperation the world is non cooperating well on the cybersecurity there's need to be much stronger cooperation between states between players and I value what we are he what we haven't here today this meeting and this discussion this is just the beginning of as much stronger cooperation and finally cooperation and legislation we will face new legislation vows in u.s. in Ukraine in Europe which will be discussing the policies around cyber about social networks about artificial intelligence about many new technological areas we need to bring industry in but we also need to remember the final responsibility for the citizens stay is on the government because when the companies can go bankrupt or the supply of the water electricity is not functioning is the government who is whose job is to provide it so the government and the industry need to find a ways how to regulate this area so that disasters can be mitigated and the enemy which is trying to destroy our world is stopped so I try to give you an overview what's the strategy that Russia had on Ukraine was its war operation in cyber war parish which is again part of the hybrid and we're not talking about tanks and other things that the trust has been doing what I try to give is a holistic trying to give you a holistic view of four main areas attacks on the critical infrastructure political infrastructure social infrastructure intelligence gathering and what could be the areas of further cooperation through capacity building with of professional building awareness cooperation and legislation I wish you all of us a very interesting discussion today thank you very much [Applause] good morning so I think those opening remarks were very pertinent and important to setting up the first panel that we have here with us today the testing ground the Ukrainians experienced Russian cyberattacks I'm Alina Polyakova the David Rubenstein fellow for foreign policy at the Brookings Institution but of course 7f wasn't the Atlantic Council previously for quite a few years working on these issues as well so it's really my pleasure and honor to return to the council to moderate this I think incredibly interesting and knowledgeable panel today I'll just very quickly introduce my panelists and then we'll have a what I hope will be a pretty engaging discussion so immediately to my left I have dr. Alec div on Co who is the chairman of the board for information system security and partners is SP a company founded in Ukraine focusing on cyber security but now has operations on seven countries if I'm not mistaken so thank you for joining us today immediately to his left I have mr. Nikolic Koval who we've met before in Kiev I think also on a panel who's a chief executive officer of CYS centrum LLC and was previously working out for the Ukrainian government for cert so thank you for joining us from Kiev as well and then I have MS Laura Galante who is a senior fellow in the cyber statecraft initiative here at the Atlantic Council a cyber security expert working primarily in the United States and founder of kalantay strategies but also previously at fireEye which of course has become a firm really well known here in the United States for some of us investigations around apt 28 and 29 and then of course to miss Galante is left last but certainly not least I have dr. Alexander 40 who is the deputy chief designer of JSC Institute for mation technology cyber security expert as well and interestingly has worked quite a bit secretary ukraine particularly with nafta has which i think is a critical area in ukraine when it comes to these questions of cyber breaches and attacks as we heard earlier from mr. Shimkus ukraine has very much been the target of critical infrastructure attacks from the russian federation specifically so thank you for joining us today I will say we're running a little bit late so I will let the panel run a couple of minutes over so we have ample time to bring the audience into the conversation Sonia let me start with you as we've heard this morning as many in the audience know Ukraine has very much been a frontline state for various cyberattacks particularly from Russia and it seems from the outside that these attacks are not only growing in frequency but also in sophistication I think particularly since 2014 Russia's annexation of Crimea and continued war in eastern Ukraine but is that actually true so what's the big picture are we seeing more and more attacks particularly from the Russian Federation against Ukraine and certain sectors in Ukraine and are they becoming more sophisticated or is it that we're just paying more attention now thank you and good morning to everybody I just don't like to think that many cancel and Viktor Patrick foundation for inviting us here I think that's a really important event and as matera said it's really great that this ever security dialogue is kind of moving to the next level and took almost like three years to understand that we can lead and prepare this this important step forward and that's absolutely right and as as what mentioned before Ukraine was not just a testing ground for cyberattacks as as it is and the cyber landscape but also a testing ground for cyber is a holistic approach of and you know they have this four domains as was mentioned cyber cyber warfare electronic warfare psychological operations and informational operations and military operations if we look back to what mr. Shimkus mentioned to Estonia and Georgia and in the story in Georgia they predominantly use like two techniques they used DNS hijacking and DDoS attacks predominantly and still we can you can find experts that would refer to attacks in Georgia and Estonia like the largest DDoS exacts but if you would go to Ukraine starting from 2014 you would find DDoS attacks just DDoS attacks yeah 30 times 32 times larger in scale and scope than it was in Georgia and in Estonia then if you would look go further and you would look at the whole kind of range and scope of operations and methods use you would find in that in Ukraine they already deployed everything that was available like the doors Tito still funding our telephone denial of service that they launched for example when there was a blackout attack they simultaneously launched telephones in our service so that citizens couldn't call the concept of call centers and could not can find out what's going on fishing spear phishing malware apt attacks all these you know technical terms they're probably not that important what's important that the culmination that we saw just last year with a not pettier culmination stage of the attack we are cyber security expert we are not tracking the cyber it not feta attack because it's it's basically not the correct term because when the attack becomes visible when it becomes known to the public it means that we're seeing the combination stage of the attack and the attack started much long you know before that with the combination stage of the not petit attack we saw all the instruments that were used from 2014 to 2017 in various attacks separately they were combined packaged in one tool and automated and we saw infrastructure some of the infrastructure that were under monitoring we saw them going down within three to five seconds 30 minutes the large infrastructures of the large organizations so what we see we see really a tremendous evolution of the instruments and methods used in just a cyber warfare length domain alone let alone the basically the cyber as an element of the broader concept of the of the hybrid war so thank you for that and have you noticed me talk about not beta which mr. shim cave also brought up this was an attack the initially targeted the accounting systems I think it was through a vulnerability in a Microsoft system if I'm not mistaken but are you noticing that there are specific sectors they're being targeted more than others yeah basically of what you know that's very easy we could have the whole the whole conference on that great idea well if you won't yeah and I hope it will do because there's so many lessons to learn if you would go not even back to 2014 if you even go back to April 2017 with the company that were like the which is the major provider of this text report in software that mr. Shimkus mentioned the first back to earth through the company came of 14 of April then one month later wanna cry happened in one of the vector one of the channels however wanna cry reached Ukrainian organizations was through that back door not through the rents aware instrument itself than just three days later there was a second back door delivered through médoc and three days later was excited and one month later there was a another update with back door and three days late three days later was on 27 to do what a combination stage of not beta and and they and milk was not the only vector of not better arriving into the organizations and what we saw we again we see this evolution of the we call it when we first and now in one our lab and our experts when they saw the attack and we try to how to classify it I mean we it's not enabled LBT advanced persistent threat it's not like ransom we started to classify it as massive coordinated cyber invasion because with non pizza on 27th of June basically all major industries in Ukraine were targeted and hit we had at least 80 large organization that reported they were hit some estimates going that up to 10% of the of the entire computers computer population of their decisions were here we are 22 banks 6 large energy companies 6 large retail retail chains some petrol stations including 10 to 12 media companies 7 governmental institutions so it's basically like an invasion and and and and what also is very very important that with this not been detected a also were testing the the new technique and now we I would call this technique cyber deception because they even managed to sub managed to make cyber security experts around the world believe that it was a ransomware attack well we're the only company for two days that we're talking it was not a ransomware because we did this reverse engineering immediately and 29th of June we publish the report and some cyber security expert immediately agreed with it and started to also helped us to propagate this but still you would find in media today how not even like policymakers but even cyber security experts refer to this attack as ransomware attack which was not a ransomware attack which means they again succeeding with deceptive even cyber security expert the server server cyber mask it off curve he want to call it on yes you can called cyber whatever the border yeah that's it would be a good term but the point is that they're evolving very very quickly and there was each attack for example just ask a question why just six energy companies were hit by not data we know with literal for sure that other energy companies unfortunately are not better protected they're not better protected why initializations around 10% an initiative an image homogeneous network some computers survived and a niche organization of up to 10% of computers survived so they're basically there try and they test it that's again because you have this you know playground you have you're sorry for this word material on which you test everything and you don't want it to go down completely and you don't want to you have you need your your experiments to go further I think was particularly I think concerning is to light up a word for your describing which is a full-on spectrum societal attack and all critical infrastructure systems happening simultaneously at the same time which of course is not something that we have experienced in Western countries but at the same time what happens in Ukraine is not contained or limited to Ukraine because each of global systems and these viruses have spared not petia I think is the most prominent example of that of how that affected also Western critical infrastructure systems as it spread throughout the networks but Nicolai I want to also bring you into this conversation because you worked on these issues from inside of government as well I think one question that always comes up in conversations here is attribution right so how do we actually know that these groups that there has described they're carrying out these sort of testing attacks testing these new weapons how do we know that we can attribute them to Russian linked actors can we attribute the majority of these kinds of attacks to russian linked actors or or not how do you deal with that problem thanks Before we jump into a discussion of attribution I would like to comment on the previous shakers several to say several words so yeah you know Alex said it correctly that this was sort of masqueraded hybrid invasion because the the Jones attack had several it this is if we're talking about the sophistication of the of the attacks and if if they get better I mean the attackers so during the not better attack they exploited the government level infrastructure of vulnerability in the software so because in order to hit everyone with one with one stone you can just concentrate on compromising the specific organization which product is present and like three hundred thousand devices throughout the country and you get in with one hit you can disable all of them but before before doing the cyber sabotage phase they concentrated on several organizations this is if we're talking about the intelligence element they did more and deeper invasion and deep and deeper penetration in networks of several particularly important organizations before the whole the infrastructure of three hundred thousand the organization was sabotage they did their job and after doing that after like after they have finished they decided to sabotage all others so to complicate the forensics analysis and understanding the understanding of all the main goals of this invasion so yeah and several recent attack attacks they have element of fakeness it was said correctly that because right after the attack started everyone even antivirus vendors and others say look this is like white spreading via email or by drive-by stuff and no one sees the crux of the matter no one understand that this was not the drive-by this was not the email or something this was launched from the internally somehow even for antivirus solutions it's hard to understand how it actually started so this is another sophistic sophisticated sophistication in in their attacks what else attribution yeah so as per attribution attribution is vital it's important having this we can classify certain types threats we can describe them we can understand the tactic techniques procedures which are being used and more like quality idea we track them but attribution is all is also certain based on assumptions based on perception of particular properties of the of the attack of the actors it themselves and others so just if you if you attribute some activity to so what we do as a technical experts we collect the characteristics of the specific activity we understand the TTP's and we try to form the group the threat itself and naming like during using all those weird or not weird names for the threat like a BD 28 and and something like that but of course it's based on tardik targeting based on instruments used but but then you have to understand the origin and here and attribution which is under sieved by majority of the community and people it's like if this country was involved or if this is like state-sponsored or not and if it's sponsored by this country this is really hard from from what we can say from the investigations we have we have done it's just like we can J we can judge by titles in the code we can judge by compilation time stamps we can judge by some sort of time when the operating starts let's say like BOTS starts to connect to the control command and control server at 9 eet and this gives some some hints but it's also sort of not very reliable source and what from the very recent attacks I would say they try to introduce element of fakeness as well because when you manage to pee trade the attackers infrastructure you see the let's say the administration panel of the particular botnet and you say like you like it somewhere deep deep very deep in your soul you understand who may stay behind but you look at the interface user interface and you see like you can choose the language let's say you can choose French German and English or and something sound like something like this so it's an purpose fake functionality of the panel itself so it because it makes harder even if you manage to get this level of access into the attackers infrastructure you will not be able just hey say like see look at this it's like using forensic tools that you're describing those of us who are not deeply engaged in the technicalities of the cyber world having this toolkit that you just described of how you can tell the origins of certain attacks and then all of the ways that they try to cover up their steps I mean can you can you give us an example of a specific time where you think you were confident in your attribution I mean I'm just trying to get a kind of bigger picture of you even can we say that you're 90% of the attacks that you clean experiences and all of these different sectors are coming from the Russian Federation can we make a statement of that nature or is that not something that you're comfortable doing yeah I'm not comfortable doing the statements of course I just can say can say for sure that this threat actor was behind this but if this threat actor is associated with specific countries just based on assumptions we have as I said before so it's not very professional to say like yes this is okay it's Russia or it's not not it's it's another country well so picking up on that Laura I want to turn to you because you've been working on apt 2029 understanding how these persistent threats have infiltrated certain systems not just a new clean ball so you know in states and these two particular groups fans severe and cozy bears are also sometimes called have been definitively attributed to Russian lead actress particularly the FSB and the GRU by the US intelligence and also private firms as well you know so I guess two questions for you one is in in those cases how do you determine attribution in just a few words and why our intelligence community here in nine states are confident making that in tribution in these cases and then secondly we've been talking about a cozy beer a fancy beer ever since these attacks on the DNC servers from cover United States are these two groups still carrying out their activities now what can you tell us about their their current state of sophistication and what would their up - okay so attribution is obviously an enormous question whenever we're talking about cyber security and Nikolay rightly is differentiating two ways that people think about attribution and how it's done and how its discussed in the security community and then in the larger media world geopolitical sort of salon and discussion so when researchers and the people with sort of fingers on the keyboard looking at the actual forensics of an attack of an intrusion of how a tool works when they're judging where did this come from or what do these details tell me they're thinking about what is a fact what are the language settings for instance how does this downloader work what does the screen look like to the user that's asking for instructions and what is the actual command behind that saying so the sort of features and functionality of how the tool works and then how the attack or intrusion happened the tactics that were employed and the next sort of layer up analytically from taking those factual statements around the functionality of the actual tool is to say what can this tell us and these become assessments right so for instance with a bt 28 one of the original kind of assessments that we used back in fireEye two and say we think this is the work of a state or likely the work of a state is based on the amount of time that clearly had gone into developing this malware we had evidence that had been developed in 2007 so seven years at that point this was to 2014 when ap 228 was kind of originally exposed publicly so seven years of tool development well that starts to tell you something but that alone isn't enough to go around saying hey the Russian government did this right they put seven years of investment into it no but it shows resourcing right and then you can start to take other facts like the language settings were in Russian and timestamps that show when development occurred were conducted from about 9:00 a.m. to 6:00 p.m. weekdays excluding Russian holidays okay another point right and it's this sort of analysis of taking the facts and understanding what they logically can say and assessing that with proper caveat and confidence language likely not a statement of fact for instance that start to lead to these conclusions about larger attribution that you're asking about right when can you start to stay it's likely that the Russian government is sponsoring this activity or the most likely conclusion is the Russian government's behind this so it's that sort of tick-tock from the very friends exceed details and functions of the tools and the actual attack that lead you up to the point where you can say this is who may be behind this or who may be sponsoring this type of activity now the trouble that we've got now is that people play in this attribution space in all sorts of different layers so for instance there can be statements made that this is Russia definitively without there being the underlying forensics around it and that becomes difficult for people to say oh well based on what why would you be seeing it's Russia is it just because it's in your interest to say it's Russia and that's when confusion starts to to come out and I think the rightful instinct that that you had Nikolay and saying it would be unprofessional for me to jump to these conclusions well when you're not going to lay out those details it does become hard to go out and say here is this nation-state attribution without underlying fact so I'll stop there well I think what you're pointing to Laura is that in this cyber domain I think those of us outside the the actual analytical space that don't have access to this information we want black and white answers but in fact it's very much sort of a great ambiguous area where you can have confidence intervals so to say but you can't always you can't use you can't almost ever be a hundred percent sure but you can be almost a hundred percent sure when you're making these kinds of attribution claims I mean this is intelligence analysis exactly at the end of the day right and unlike with conventional weapons you're not going to have you know satellite images of where the nukes took off right so there is a layer of difficulty in assessing overall attribution but it doesn't make the task less meaningful or less necessary if we're going to take any sort of consequential steps to address the problem so I want to circle back to this question about what what's a cosy barrier and fancy beer up to today but I'll go I'll come back to that shortly because I do want to bring onyx hundra into the conversation here as well we've been starting to talk you know a lot more about the vulnerabilities that government agencies have to these kinds of attacks obviously we're talking about Ukraine and the kinds of vulnerabilities that seems not just governments but the private sector energy firms banking sector have been exposed through the the process of these attacks the alia and Nikolay and others have described how would you actually assess Ukraine's preparedness given the range of attacks they've they've had to deal with specifically between Ian's government's preparedness to be able to respond to similar attacks in the future thank you very much for for question I answer on Russia with my interpreter mr. Chaddha bottom 2/3 of no problem that was Toby speeches with the passage to Crimea at the key blue grouse he currently working on four directions in order to secure Ukrainian secure Ukrainian security in from the cyber threats at the systemic butta butta must grow the cat or a lizard through cranial noise at plan away systematicity corrupted we work on it non-stop systematically because the threat itself has is also systemic it doesn't take breaks stutter calculus is very ni pirata yet the conceit rotc way is reached poverty meanie upon me as to what is actually is the classic military operation it is concentration of forces and resources in a specific place and specific time post linear path leading attack what is it more Union it's a policy Cheska waianae Piazza the latest attack on June 27 was the classic a classic military operation told Kafka press transcript however by cyber means in cyberspace postmortem poverty meaning attack a precision attack da cut da Prez head you Sabrina but shred what's up the timing of this attack was considered exactly with the timing of the g20 meeting a table at a bull fucked politics cordini edema strats a mushi agree Sarah concrete Namibian three minutes to work as a truly onion red onion in politics collision it was an act of political pressure plus the demonstration of might of the aggressor in order to exert the pressure on in May while making wildest certain specific political decisions were made leadership factor Annabella's upon your own historical master a Neapolitan a syllable a discredited organ of rice Ukraine produced a suitcase Rainier produced a an attic in Rodham Wizzle it was also quite carefully and massively prepared a long time before the attack in order to discredit the Ukrainian government as a as an entity being incapable to meet these challenges treaty animals careless economy just give me preached in economics ischemia of a pro Samir tip of my greatest Virginia border publicly economists confirm masters tapas Creek Nastasia politics key way in itself the third factor is that it was camouflaged by the economical reasons extortion of money and other financial operation in order to cover up the political essence of this action khatma does not reach yet not a coda via IP rotc how should you respond to this kind of a military operations Murrah bottom shatrugna probably near pirouette yet a free marijuana known as the cannot date in Nevada we work on the four directions one is the creation of development of a new legislative basis the kiyotaka will start sports coverage company ideas penny-ante knows the cone of ukrainian pokey bribe is a processed electron the original slogan because of precision to crania about a barrage of qibla strands such attacks triggered endorsement of the new legislation about cyber security of Ukraine and other legislations which have two specific for me to be able to translate them is this one as Hiroshi trendy the stache natural shape as it says NASA Venetian women and we have achieved quite a great deal of success in this direction and we work in a positive terminal probably know from marijuana Argan its own structural Couture episode produced a yet gruesome II a booster a Giro at nanoworld Rose the second direction is creation of a structure which would be able timely respond to the new cyber threats mu P Richland after wait up for a marijuana in Turku structurae I am in a free marijuana at center of regular when yeah it's interrupted nights Indian tea its center of key bridges of past mysteriously sneaker Ghana we're currently we're on the second stage of development of the Centers for responsive for cyber incidents should you respond suppose book wanna win what is really odd clearly you shouldn't look at center of not son Alan Bank Ukrainian it's understood with the shit in from at exclusive display key Ukrainian in January and February we open new centers in the banking Bank of National Bank on Ukraine and the Ukrainian security service treaty and probably near it signatures material Nablus Pacini central dishonesty proverbial sky blue grouse I mean the third Direction is the technical support for these centres of cybersecurity while facing the cyber challenges marked unity 3m res bitch new program novice puccini another robot own substance Trieste was a shit in formats another / Naruto Kamali we introduced new software and developed our own means of a high-quality holo quality if technician complain Ukraine an opposition of the station across camera need lettuce or operate esthetic in Monroe sir so in technical level Ukraine isn't quite as a isn't quite good state to respond these threats and challenges each tortellini toppika toppika specialist of robotis new selenium the fourth level is the is the education of the experts and education of the population general population message has Oh Calista to achieve never see to target or spits a list of work I believe is a partnership we have about 30 universities were the experts on cybersecurity are trained at the premiere now with him so DeVito Chile we've got Kotova postcards is when your city of annually they they produce about 800 900 experts at the Kanishka Molyneux tour associate rent-a-car Watson Kapoor got off the station I was ok this is not sufficient yet but this is a good trend which shows our our success in this direction he was normally mean to me that it's a publishing equal to it was a past nest in the Selenia and another important element is the raising awareness of the population about this is this militia pristine ogre Pascual occurred at reboot which in bushwick Wassily access terrain go siddhartha coordinate i catch a snake company it requires much more efforts and there is a great deal of work to do because it requires not only government involvement but private companies as well so Alexander thank you for telling us about Ukrainian government efforts to I think build resilience and also build defenses against future cyberattacks think it's very the program we described is certainly very impressive I want to go back to I think an issue that mr. Simcoe brought up in his opening remarks which of course is not specific to Ukraine that it's difficult for governments in general to recruit and retain talent in this specific domain because of the high competition from the private sector so from the Ukrainian government perspective are you actively working and seeking out also private partnerships are you relying more and more on private sector help when it comes to either trying to understand the the various attacks and also trying to develop new tools to to withstand them [Music] and I should cranium securing a robot you've always a cryptographic success the shit in formats technicians get the shit in from at sea Ukrainian experts have quite a high level of the development of cryptographic means of the security security if the skill and technical means II postulate anemia nationalistic badali does not analysis Natasha knows which artist and robot kissed and art oppose quantum cryptography and lately our experts even even sent to the National Standards Institute of the United States new standards for cryptography it a great I was talking of near 90 in Basel Kramer but I'm not probably it shows that Ukraine has a quite developed by higher level of the technical base no foundation in this area tug the stache now Sonia robotically program east of Drago program novice petunia we also have quite highly given a high-level experts who developed new software Kotori integral or additional system SCADA system informal Tony system a transport a system and relief system which can be integrated in different systems like SCADA system will probably need like system of management transportation system and other systems an economy of Kojima's possibilities Ruby's new program that we speech in II privilege it will be cutting these theses that I was to be silly with but I'm not problem in our show Roberto however was Tony need for software and to bring new investments in order to improve our job thank you I want to bring a Laura and the other into this exact question about you know the how do you assess Ukraine's ability to withstand and Ukraine's vulnerabilities and preparedness Laura I think you want to speak to this directly though it's an issue you've been working on and then Andy I'd like to get your views as well sure so one of the challenges that not just Ukraine but a lot of countries are facing as they're sort of in their 2.0 mode of building out their sock their national cert and then more to the point their Incident Response capability is figuring out the best way to clarify and explain to the world and other researchers what's happened on either their national networks or within the purview of what their government teams are looking at and I think one of the sort of untold stories particularly in 2017 about how effective Incident Response and information sharing works circles back to this information security community or this researcher community that we kind of refer to but we never really characterize and I think wanna cry was actually our best glimpse at how well that really decentralized network of researchers who are everyone from you know a guy in a certain Poland for instance to a researcher at a major tech company in the US - to just somebody who's kind of into looking at malware and understanding how it works so really wide range of people who are very interested in looking at this problem and what happens with wanna cry for instance is the domain behind the ransomware wasn't registered and someone goes ahead a researcher goes ahead and just says I'll register it let's see if it if it isn't it by chance it's not and that's what stops the wanna cry ransomware attack but what that story tells us is far different than the sort of common how do we solve this from a government standpoint conception is that the way that we're going to figure out how to effectively talk about Incident Response and how we're going to be able to kind of use this private sector capacity with this government mission that we have is to figure out how to inculcate that information security community to sort of jump on problems that's there needed as they're coming up in Ukraine we have you and I think the the most tactical step that we can take as people interested in helping governments do this is to say how do you lower some of the barriers for the guys on the frontlines say in Ukraine to be able to talk about the incident they're seeing with the rest of this amorphous information security community does that mean clarity of response reporting take the maritime examples right when there's something that happens in the black sea like like it did in July 2017 maybe no one knows who's done it yet maybe we don't have a lot of details about the incident but quickly someone can send up a flag to the maritime organization that looks at things and say something's off here it's worth dogpiling on this problem whether you're in South Africa California or or London and come take a look at it so how do we make that platform of information sharing to use those two horrible buzzwords more accessible to the sort of edges of who's dealing with the cybersecurity problem like Ukraine I think you bring up a really fascinating about the specific industry if you want to call it that that you have this very decentralized network that is actually the hub for tracking down these cyber attacks usually if that works much faster more efficiently than government agencies or individuals and bettering government's or even potentially large organizations I think that's really unique to the specific space and then how do you how do governments use those resources to be able to answer profound questions about the electrical grid takedowns and other forms of infrastructure attacks and I know you want to come into this but I if you could also respond to to what Laura just put on the table about information sharing and to what extent what's happening in Ukraine could potentially be valuable is valuable in other countries they're funny that this question goes to fire I and and and Isis be with a but you know just well it's not a secret could be revealed by seen methods but to great specialists from one of the aquarian government authorities in cybersecurity where recently left recently left its authority one of them joined fire I another joint is SP and that's it's not because we're like and it's but for us for example the key is the key goal is please to keep those specialists in Ukraine and that's I with all my respect to Alexander into our capacities of our scientists in fundamental research I totally disagree that Ukrainian educational system is prepared to produce and to and is ready to educate cybersecurity professionals that are needed for the daily Cyber Security Operations because daily cyber security operations is not about fundamental research it's about technology's operations processes and people and what we need desperately we need operators of Sauk centers we need analysts of first tire we need analysts of second tire we need advanced this that do reverse engineering malware analysis that that can you know quickly detect because what all the AI means you know today's for example talking about technology just a quick remark everyone is fascinated about AI today I am as well but when AI and you know that when one of the algorithm of I recently like one and chess games against the best computer chess game after lonely for four hours because it played like eighty thousand games with itself but the point is when from a hacker perspective and if it look at cybersecurity if I would play chess what they say our algorithm and I would decide that with a move for I can hit King with a poun directly no AI algorithm will win this game against me and I can create this type of rules as many times as they want and this is the way the the cyber attacks happened this is the way the hackers use so for each AI is very helpful technology from the mental research is very helpful but the key issues in order to address the most critical challenges in cyber security are processes and people and and with the processes there are several and with processes people not only the cyber security professionals the key obstacles for today's advancement in capacities and and resilience are three things you know first of all is lack of understanding of cyber threats at sea level across all you know private and public sector domains that just don't realize how it happens you know when you go to sea level or when the attack happened with Ministry of Finance for instance and Treasury they saw it was an insider attack I said we had an insider who was kind of compromising this insider they couldn't even believe that that that the adversaries penetrated their network state in their network for for very long time and then launch the attack when they needed to launch it then in terms of decision making very slow decision making and of course there are some good things about slow decision making when it relates to the government because times fast decisions are not good but on the other hand for example in Ukraine with energy companies and in the u.s. I don't think there's a challenge because master most of the energy this was in private hands you cannot kind of directly and force them to apply this or that technologies in Ukraine energy companies are partially private partially governmentally owned and if you face an issue of investment into cybersecurity the private shareholder would say all that government invest in cybersecurity its governmental kind of responsibility to the national security and the government say ok you are like 85 or whatever percent owner of these assets why don't you invest in cybersecurity if government has to invest in cybersecurity it has to increase the electricity tariffs if it's increase in credit LF it has to go to the Commission then you have to go to Parliament on its political issue and then there's no investment for cybersecurity so all these things you know there I like just the examples but I believe that in all in each country in Ukraine in the u.s. there are a lot of decision making obstacles that need to be identified analyzed and removed in order to really step up in terms of capacities capabilities and in cyber resilience and private public partnership is key for this because we would never manage in I was I used to be also Ukrainian government and minister of education education is my passion but I completely understand that there's no way at the moment maybe we will find the solution in the future how you can keep the best talent within the government whatever whatever government you take in whatever country at certain point where the government when when this bright talent he can go to the government at the beginning of the career for working at great projects and so on and that at a certain point when when he really won he was already kind of advanced and so on and we will just look a little bit you know out of the window and will be immediately hired by by private sector I think that's exactly what Laura was speaking to as well right necessarily routine towel it's not realistic because you're very talented professionals will seek opportunities elsewhere and obviously the private sector will always pay more than the public sector but the question is given those the constraints and limitations that every government faces not just here playing how do you harness the these informal networks of experts that have formed right I want to go to the audience for some Q&A in just a minute but but I do want to ask you collide to to chime in here a little bit you know you you work so closely and on the analysis and tracking on the forensics behind many of these viruses and attacks that happen in Ukraine I'm curious to know I mean to what extent do you personally whatever information sharing and being part of this informal global network do you regularly communicate with other colleagues abroad is this just part of your everyday or do you find that it's a bit more contain to your colleagues in Ukraine or in neighboring states now is this really a big global network that laura has described all right several points first the Ukraine was planned to attack two more times the at the end of the last year it was prevented not everyone knows about it but several knows it was prevented due to the cooperation between private and government sector who is a private sector there are two software companies one of which is AV vendor because it has tremendous view on the threats and it it spotted it and it shared thanks to this thanks to this in October we didn't have another blackout in at the industry yeah it was planned on December another attack against oil and gas industry it was also prevented but in my opinion it was just postponed it was partially prevented due to the that type of cooperation so hunting the threats it's like searching for a needle in a haystack it's really hard all we are talking about is just response we don't have a proper responds we have no one to come to the ministry or to the middle company who was hacked and provide this assistance last year we we had some sort of public/private partnership examples but not Ukrainian government and ukrainian private partnership but ukrainian private Ukrainian government private and private sector of from in other countries like several specialists and companies came to Ukraine and rendered a an assistance in investigating the this stuff that happened so really hard when you're talking about the cooperation is if we're just you know it can be just declared that we need it but in order to prevent really prevent the threat you have to do to do more you have to not just set up the security operation sense or deploy the sensor throughout the Ukraine and just see it's it's cool but attackers are stepped forward on a different higher level and now you have to provide this these sensors their socks with pure intelligence the one like the Netherlands provided the US regarding the hack but in even in that case it happened they gained its goal so how we do work we try to to be a hat attackers we try to see what they plan and and prevent only this helps and from from from my experience we just inform the government informed the ministries like you will be hacked in in June where you will be roped in Friday after 12:00 p.m. but even in this situations you face oppression you cannot imagine how it's hard to deliver this message to the to those who have who have been compromised the first phase is just they deny know everything is ok but when you give more information they they have to agree but they do not know what - and after that something happens either bad or good if they trust you finally they can like ask you to help but in 80% of such incidents of such cases they they just do not trust you and they are not ready to gather the information so before sharing we have to be to make sure that while shared while it's being shared it will be perceived and like they will you know properly processed by those who are under attack so this is another problem we have can you imagine that this whole discussion is about the cyber attacks aimed at disrupting the infrastructure and intelligent gathering we are not even touching the area of data breach and personal information bridge and financial fraud it's just you know it's just it's just a question of like national security now whereas there's a huge other you know risk for a personal finance personal information and so on yeah of course which we didn't we're not touching in this topic specifically on this panel but there's this bigger question of then how does this data become used in various other distant formation campaigns etc and you know you have this merger of sort of disinformation campaigns and cyber attacks working together to disrupt politics in certain countries and is a key matter of national security as you said but I do want to get you the audience we have been given to 1105 for this panel so the shiva mics going around please introduce yourself and please ask a question versus giving us a long lecture the gentleman on the left yes there should be a mic coming I'm not mistaken there it is so I'm Peter Chu from Galisteo consulting group based in Albuquerque I wanted to pick up on something that mr. Shimkus bore up which was the let's see the the way in which the FSB has this treasure trove of social media date of contact here Ned Nicholas Nikki it seems like all of our discussion really pretty much has been about defense but I just want to throw out this idea for consideration that there's also offense right and this kind of direct link to the FSB and as long as Russia keeps its internet open you know weaken influence as well you know with counter-propaganda I personally and I'm speaking more as a private person here but I have a I have a blog I blog in Russian and English that Puffs enough and I fully realized that you know my as if someone in Russia is reading my posts or of their public the FSB could could be reading them as well and I think we need to have a you know confidence in our own message as well with the counter-propaganda just want to throw that idea out and see what you think it is a bit of the topic but I think the general question of a some sort of offensive strategy versus a defensive strategy is this something that countries like Ukraine in the United States should be thinking about as we face increasing cyber attacks I just I would be very brief because it's really kind of not the topic of the panel but I believe with the that Ukraine can develop its cyber offensive capabilities very quickly and become one of the top 500 cater in countries with offensive cyber capabilities provided there is enough cooperation including the cooperation with United States and that's a strategic that is matter of strategic importance or did you want to touch on this yeah I think I think what this question highlights is do we deal with the threat of influence operations active measures however you want to put that kind of category of psychological tools into a direct opposition with other psychological tools so counter-propaganda for instance is the term you use and I think that that puts us in a trap of not understanding why these tools are being used in the first place and I think what this really highlights right now is kind of a cross domain need to think about what Russia's trying to do this isn't just about trying to influence you it's trying to influence you in order to achieve a certain state goal or in order to divert attention or to create a false equivalency but why is that being done is it in order to keep support for Nordstrom to the major energy lever that Russia has over Germany in place is it to question corruption across every official in the Ukrainian government for instance so that it looks like no one is a good guy and no one can speak with authority we have to dig under why these influence tools are being used to understand how to counter them if we're talking about them being used for corruption for example to say oh there are no good guys right the way to counter that isn't to just have some sort of created account of propaganda and say no no everyone no one is corrupt it's to truly have an anti-corruption body that's working like Nabu in the Ukrainian case right and give it real teeth and actually root out corruption right that is the best counter to what Russia is trying to do in this space in my mind well I think what you're actually pointing to then is resilience you know in a way more so than an offensive strategy where we have potential you know open warfare and the cyber domain which we probably long term not benefit Russia or Ukraine or the United States versus actually investing in institutions at home where they be in the United States some of the issues I think congressman Hurd described that we experienced the United States with polarization the political space etc these are issues that we've been dealing with for a long time and we still be dealing with whether the Russians interfere in our elections or not frankly so I think we also have to come to that realization of some of these vulnerabilities ourself made and it's really about in reinvesting in institutions that will get us on a different path and will make us more less vulnerable to future attacks not the nonlinear nonlinear kind who is reinvesting in principles I think to be even get a sharper point on your good fight now yes thank you ma'am Elaine Sree oh and with a UA see you wiU you in Kiev Ukraine thank you for this panel and actually Mike my question relates exactly to the points that were just being made the maxim the best defense is an offense it can be looked at seriously at multiple levels I think what you were saying is accurately described it's not a matter of one thing it's a matter of a collective thing and then and then what mr. Shimkus said about cooperation and legislation and that's not just domestically in Ukraine but of course globally with all the countries that have been working with Ukraine now how do you see a greater offense being developed that sends the message to the well-defined source of the obstruction the cyber warfare that's been going on and the obstruction into systems and labeling it for what it is very publicly despite the fact that everyone wants to sort dance around things sometimes saying well these things happen these things happen these things ergo this is and we've defined the source at multiple levels and with a global response how do you think that sort of we respect how do you think that could be taken forward as an offense as per offensive capabilities there are probably at least two that the two types of those offensive capabilities of intelligence services which are I'm pretty sure are being developed around being used and applied because Ukraine like has to provide intelligence and collected in the cyber domain and there's per intelligence it gains as an offensive against a as you said well-defined threat actor I'm not sure if you heard we have a different groups probably like or likely in us by community they are labeled as hacktivists by they are being called ace Ukrainian safe cyber lines and other such sort of formations and they try to gather real intelligence from the real influencers from real movers and shakers that like from from the offenders and the information is being provided being translated into different languages and being published online and and what so like we have a lot of such work being done on regular basis from day to day and the information provided it's really you know it's it's not it's not fake this is information which is which is collected from the particular from the concrete attacker and we need it for what like all the decisions we had to make we already have already been made and by by Ukrainian government by other Ellis's government so like we have an offensive capabilities I just like all of them and I don't know what its help if you like if you want Ukraine to attack attackers probably this is also being the but it's not sort of publicly like you know shared or something like that so I think in the open-source domain you know we don't we likely probably don't see a lot of what's actually happening behind the scenes and the level of intelligence and that's probably a good thing frankly Laura I think you wanted to chime in I'm sure I'll try to take that on a little bit I think the best offensive weapon that Ukraine has is its ability to build trust with the West on this whether it's talking about an incident to trusted partners in the international community so that cooperation can begin to mr. Shimkus point at the beginning or whether it's rebuilding institutional trust domestically in Ukraine so that people in one government office don't doubt the intentions or sponsorship of someone in another government office that is the you know the the great kind of fabric that weaves together liberal democracies at the end of the day right and Ukraine's for years and to you know post-revolution so this is so early but I I think steps that build trust between peers as as minor as that seems is actually the basic building block that starts to get people to think about you know is this new source trying to convince me of something that's not true or can I trust my government or should I go out and vote those are the sorts of building blocks that that have enormous dividends I think mr. Simcoe wanted to chime in here since we've been talking about him yeah thank you just on offensive I'm extremely prominent on building offensive capability why offensive capability gives you first of all good training on the defense and that's something that we're trying on any teams my team is doing red red blue teams just training all the time but when are we talking about offensive capability is counter-attack we touching the subject of counter aggression or response so from one angle building capacity puts you into the modular move building your module in terms of fighting aggressor and they aggressor knows that you have this capability but in order to have offensive capability need to demonstrate it so you need to find a guinea pig where you demonstrate something that you can all attack power grid and destroy but then knowing mr. Putin an understanding or not understanding his logic what could happen is that your offensive counter response could lead to the physical aggression very quickly and I think that's a question that's politicians globally has not yet answered so we coming from the technical capabilities building to a political response so a few hackers you know very strong offensive shut down a plant in Russia I don't want a missiles flying into Kiev okay so I want to put this all in perspective but fact the demonstrating offense capability stops the aggressor but also that requires a significant policy change in terms that attack on this frame on this infrastructure would could trigger the response physical or technical thanks thank you I think what you're describing is perhaps a cyber deterrence strategy right that you have to be careful the terms only works as long as your adversary thinks that you have the tools and will be ready to use those tools if the average it takes a certain action but that also is a is a fine balance to strike of course particularly in the cyber domain which is not as clear-cut perhaps as the the conventional space of the military space but thank you for the intervention that was really I think valuable and important let me take another round of questions I'll take a few at a time gentlemen here I see India there and the third one here so one two three thank you Michael doesn't owe us Ukraine business council I think first of all everybody needs to understand that the government of Ukraine in the various governmental entities have done a lot in the four years because when we were conducting our members were conducting seminars and workshops back in 2014 people were with you know clear conscience saying oh we got Windows Firewall and got Kaspersky antivirus we have nothing to worry about I think that changed radically now but looking into the future Ukraine is supposed to be adopting a lot of you legislation EU is launching against as may be the right term general data protection regulations in May of this year that's going to put a lot of work for the EU companies working in Ukraine because they need to comply because they're you based companies but when it comes to any export of services especially from Ukraine to the EU that's going to be a major challenge we had a couple of events in Kiev on that and it looks like the government of Ukraine is not really moving on that neither in preparing specialist knowing thinking about changing the legislation and the companies in Ukraine Western or Ukrainian are starting to move very slowly on that any comments on how you see the preparedness for this and and the lack thereof maybe Thanks thank you and then in the middle in the back hello I have a furrier to precise questions first of all only Stoney attacks everything was very well investigated up to the people who were actually orchestrating the the attacks on meddling with Aegean Sea servers we also know pretty much all those cozy bears whoever bears our hands up to the particular names on the attacks on Ukrainian infrastructure can you give the names of people who were behind them first thing and second thing Dimitra was speaking about very important things in relation to all those social media and other pieces of Russian software like Kaspersky like 1s like what others could can potentially collecting information I support the actions of Ukrainian government to block them very unfortunate for Russian business but you know so that's the reality that we have to face but to my observation in Ukraine 80% of people continue to use them and especially government officials continue to use messengers like telegram whatever so what are the policies that are going to be are enforced by Ukrainian government to stop this thank you and last question gentlemen here yes hello my name is Chris Bing I'm a reporter with scoop news group in DC I just wanted to touch on the comment that was made there at the end regarding two failed operations that occurred in October last year I think you know if you could shed some light on that that's important one because it shows that defenses are capable of stopping these sort of things and two it just shows the continued persistence of these types of attacks thank you thank you so let me start backwards with Alexander each of you have about a minute to answer whatever parts of those three questions you would like so understand let's begin with you and please just one minute the pyramid of a prostitue each oh I go to ask the first two questions Craner greenskeeper is what Italy the company mo good postulate so he produces rubbish yes Ukrainian companies and can provide their services to the West he provided catch the notion is Lithuania and conduct high-quality research work with video blue in this domain II opposites Kerensky productive knee no more sadness to it so I don't think that there should be any worries about the quality of Ukrainians rudeness Lou Krinsky Prasad Italy it prefers Genia system certificates your credit at Chili's organ Satya sushi stron currently the main challenge for Ukrainian producers is the certification and accreditation in the with their thirties with the governments of the corresponding countries a durable process which is a quite an expensive process no grain skip resume Italy move up readily watch each of a process we were on what was mostly Ukraine's key product a good with a partner if on isn't it the drug extra our Ukrainian producers Ukrainian manufacturers can deal with this issue and they can provide safe and secure products for a good quality products for these countries but my Cetina subsonic city goes to Dartmouth Liu shishi Miami otaku a and what concerns the social networks and the government employees who use them I would say the following the sweetener approached Picasa which to know give astute robotics assigning city are somewhat not classic if Kentucky passed linear process 3d module postulate seafood is no stowaways in presenter indeed many polls indicate that people still are actively involved in the class mates door true and the contacted the latest poll showed that 98% of people continue be present there are some strategies the suit does not which in formula and Selenia rubato Sapodilla nami grupa me the Selenia and our main strategy in dealing with this issue is education we need to raise awareness with the specific social and age groups of nasa population privileged it really no alternative no cranes cameron key items asylums each a module only group miscellanea but the second response would be to offer to ukrainians and at alternative networks which would work for any brain no siddhartha does not which administrative machine is posed when in Turkic States and regarding government employees it should be very simple ban on using such such networks possible thank you the user question is is huge whether it be in Ukraine or the United States people continue to make errors to open phishing emails etc this is how most of these kinds of attacks actually spread Laura please any other questions that were I'm on just one point on the question about the not petia and maybe bad rabbit from this fall those were attributed by at least CIA publicly in December you know yeah December recently so to the Russian to Western military so that is clearly zero intelligence direct I'll pick up if there's any other questions okay Nikolai s Purdy give me the names while I was flying here I was looking at watching the movie the foreign air with Jackie Chan as well so was also about give me the names so I don't know if if there are some names regarding the actual executor z-- or whose names the do you mean while asking for names executor x' or those who asks for this ask for this activity probably not a good start would be to have the whole picture of the threat its TTP's its intentions and that's that's fair enough word for to start in ukraine taking into consideration the recent deployment of several several socks under the different authorities so it would be enough so i don't know if there are concrete names as per the attacks two attacks i was mentioning recently one of the attacks was planned to be as a medoc like attack the software producer was compromised and the signal from the front big software company probably who has very very good view into the computers and other stuff it was prevented thanks to the signal from them and the another as i said it was directed at the oil and gas industry but it like my opinion it wasn't it properly prevented and probably it will we will come up to this come again to this question a bit later probably in in in in spring or something so the nothing special regarding those attacks the the whole the the crux of this is to spot this activity and the like instruments used approaches used are the same as used before likes even not specific malware may be used but some like you know did some software which is unburden of a regular level trading systems so I don't know what what what else I can tell you about this but the fact is that the some sort of coward for public/private partnership resulted in sort of more or less happy end of the year because this is the first year we since like 2014 we had no major cyber attack disruption blackout so could be celebrated on someone at some point that's an incredible statement that 2017 was the first year that you couldn't didn't experience a massive infrastructure yeah yeah I didn't want to put any of the lie on this so I didn't want it to happen you know I don't want to cause it but yeah the fact is like it would judge by facts nothing happened yet at least at the end of the year so I also think of me since I think you said you were a reporter there's not very much information about the attacks that don't happen right the ones that are prevented and I think that would be interesting to learn more about specifically from Ukraine's experience so I hope you'll write that story up very quickly the first case you were addressing there the non oil and gas one when you spoke about it the first time you were mentioning if I understood you correctly something along the lines of the grid it was it was that first case the compromised software vendor did they have to do with the energy sector and then the second point you said a major AV provided the tip can you name the AV no of course not al when you have this conversation after the event I want to give you the final word yes thank you very much first of all GDP are Ukraine is not GDP already Europe is also not GDP already okay so Europe is Russian to become cheaper already but it's a very huge issue the second thing regarding the very quick remark on offensive cyber I completely support mr. Jenkin here really need to differentiate between like information operations and counter operations and cyber operations if your organization is hijacked by hackers and you launch an attack and I have offensive power and I shut down your organization what is a counter-attack and you're not guilty even so you're aware like hijack so they and the third thing regarding the attack just a quick remark I can reveal one of the cases because it was the case investigated by Isis P labs and it was called crystal attack and we informed a lot of labs and you can now it's now public and Cisco's Dallas lab directly referring to this research you can also find it on our website and read about it it was in July 2017 the same attempt is with me doc it was the attempt to compromise the software of millennium finance called crystal and yeah and in the last but probably not least we really have to think how to better facilitate the cross-border partnership on a governmental level on a private level we should think not only about enterprise level we should also think about SMEs you know in Europe eighty percent of us immediate experience cyber incidents and data that level and this is the main and SMEs are the main vector to get into the enterprise and then as we as we all know and and this and the key and the key area where we could really start and boost the cooperation is of course education and experience sharing and that's that's very that's that's a crucial area and all these numbers that I heard the number that us is like in something around three hundred thousand cybersecurity professionals now and the world combined would like 1.5 million probably by 2020 and that's a huge issue and we need to address it going from the schools and onwards and this is where we all need to join forces because too much competition and too much rivalry among existing players and sometimes we'll face when some companies and even big names are Russian with conclusions just for PR purposes that they like investigated that attack and it hurts the investigations it hurt tracing the and hunting the threats and hunting the adversaries and we need to really think about how we get better within all these domains and but I believe we will succeed anyway so the white side will win anyway so on that very uplifting note please join me in thanking our panel for this conversation and now I think there's a five-minute break before the next panel [Music] good morning my name is John Herbst I run the Eurasia Center here at the Atlantic Council we've got a wonderful panel for you all right now and we'll get started right away since we're already over time immediately on my right is Frank Kramer I'll shoot by left to choose me Frank Kramer to his left is Hot Tuna receive of bushido boxa and then we have Ken gears on the far left you have their BIOS so I'm not going to read them I'm going to launch it again right into the conversation I will start on the far end with Ken Ken I appreciate your assessment of Russian cyber capabilities and Russian goals and use of cyber so I think the story you know it begins a long time ago when they talked about a few minutes ago one of the keywords is attribution because cyber spaces is difficult to get your mind around and you know attacks there are can be quite quite subtle and indirect but let's go all the way back to the 19th century I think in in the Zhou in Czarist Russia right there was already a failed coup failed assassination in 1866 of tsar alexander ii which led to the rana the the secret police in pre-revolutionary Russia and then when Lenin and Stalin take over in 1917 and they never give up they're known Daguerre right so remember that they're they're revolutionaries for their entire lives and and unfortunately in the soviet soviet union it you know it there was there was a sense in which part of Orwell's vision actually became reality there's a there's a one of the Stalin's favorite pictures of himself has been airbrushed at least four times with with people in the picture disappearing right who had been killed and then removed and become non non persons so so there's a little bit of a political background and if you think about technology the students are very good at math and science so there's a spy Museum right near here if you haven't seen this something called the thing you really need to is something that's at above the u.s. ambassador's desk in Moscow for years and it was a present from the Soviet Venera schoolchildren right - and in 1945 before the end of the war and it's a technical marvel so it's a wooden seal of the United States put above the ambassador's desk inside was a cavity that would bounce voice communication in the room onto a radio frequency that could be picked up elsewhere in Moscow and it was it was passive and still it could be turned on and off remotely by by its handlers right on the Soviet side it just is brilliant and it took us years to figure out and that was before the end of World War two so you know if you move move forward some the the issue of attribution is fraught but I would I would submit and suggest that actually Russia has the largest body of evidence and literature right if you think about the Cuckoo's egg from the mid-1980s this is probably the best book on cyber defense that exists and it was all about University of california-berkeley administrator chasing 75 cents accounting error all the way back to Moscow right the 1990s we have a multi-million dollar counterintelligence cyber investigation called moonlight maze in the United States again best guess is it's the Russian it's the same effort now now countries they do cyber espionage right Russia is not the only country engaged in in this the fact is is that the the internet and cyberspace that would have laid the foundation for a very post nation-state planet earth right and so I don't know how long it's going to take to get there but they are chipping away sovereignty and jurisdiction every day and so elections for example are a good example the you know the the clearly in Ukraine the there was an election targeted in 2014 in 2016 US intelligence community says the Russians targeted our election next year what's coming up in March right the Russian election which is which is interesting to watch because there's really not much in the way of a challenger but if you're going to hack for in elections you're probably going to hack your own election as well and the the you know the if you look at even you know everything is run by internal security Trump's external security and it's the reason that external intelligence operations happen in the first place right is because ultimately you're wanting to protect your own political your own financial and your own security space so I would I'm going to finish there and just suggest that Russia actually has the longest and most robust body of literature in this domain in terms of information operations and hacking as well okay okay thank you the tuna you've been watching Russian operations for some time both from the United States but also from Georgia your comments on how you see the danger see how dangerous Russian cyber warfare is we have to just understand how Russian information warfare works because cyber is one of the components as for example Intelligence counterintelligence of muscular of Kurdistan deception does information trolls RT they are the part of the big information warfare doctrine and cyber is one of the elements so all of those all of those elements have equal share on the strategy and they were as an integrated system of system that's why they're so effective and so efficient and this is how we implement this against against countries you know countries like Georgia United States and the Western are the Western countries also another very important component here is to underline is that Russia securitized the information warfare back in the mid 90s and later included the cyber warfare and what is the securitisation securitisation is the concept when the country addresses cyber you know problems outside them normal means there is not a technical or legal matters anymore but an existential threat warranting extraordinary attention and for example in melee there was a military guy mr. Sam stone up in 1996 made a Walkman statement it was very vocal about this that information warfare is existential and will be essential for the Russian government because it gives a void you know and actually here on computer - it is effectiveness and it's important to you the weapons of mass destruction and there was the military guy talking about it in 1996 and then fast forward we had a garrison of doctrine what Gerizim of actually saying that the treasure is very unhappy about the existing situation about the existing curse there the score and international order and what they have to do they have to you know shit their attention to the information space because this is that this is the space that they can defeat enemies and reduce the fighting potential of them enemy countries that's also very important things and when I say about them that Russia use they don't compartmentalize like we do for example in the Western world that's enabled whether it is a cyber warfare or no it is in electronic warfare they don't think like a base this is no Russian concept that's it's so it is effective and efficient because it's it is an integrated system of system working together for example I'm gonna tell you one example with false flag operations that Russia use for the combination of the cyberattack and the deception attack on a pediment five French double moon five that was very they hackers claimed that they were the cyber caliphate indeed they were not a cyber caliphate because we use the same TTP's same attack vectors same said 'not malware saying the same registrar and same servers that was before used by the apt 28 and so when you mentioned about the georgia in georgian case it was the first ever combined ki-netic in cyber attack but it was not as we tried hackers the Russian hackers try to reduce Georgian government's ability to communicate with the best world and to deliver their story aware message and the pyramid from the beginning we were pretty successful but remember remember back then Georgia's dependent on Internet technology was just at about eight to ten percent so Georgia was not affected as much as for example Estonia was affected because the stoniest you know dependent on Internet technology was very very high but now the situation changed drastically in Georgia and we are heavily heavily dependent on Internet technology and God save us I mean if something happened like this you know that would be buna would cause a devastating result for the little countries and one also a very important thing that I would like to mention here is that Russian are improving and it's cyber element of improving their cyber capabilities and we see some of the example for example if we just look at the development and evolvement of the BA black energy malware what kind of the new character istic sand TTP's an attack vectors it has what's you know where mostly you know it's concentrated hackers behind it concentrate against the critical infrastructure especially the industrial control system and the media for example one of the big media conglomerate was affected severely in in Ukraine and we see apart from the black energy malware we see the heavily growth sophistication in case of the for example that for example the attack against the financial institutions and that's very dangerous because they are improving their skills their are improving I'm improving their capability this is very hard to catch them it is very hard to you know reverse engineer those attacks and we should be really a very have a very comprehensive strategy in order to counter those Fred effectively and efficiently and one more issue than lastly and I'm going to finish for example in the French elections Russian try to infiltrate and marsh and macron campaign was very smart about this they actually looked at well looked at what happened in the United States and they said ain't gonna happen in our system and they and omicron people hired a very smart guy who actually set up very simple but very effective strategy and as we've seen Russians haven't been able to you know affect the French election because McCrone leak was you know it was not they didn't contain any important information this guy he actually who you know set up the fake credential systems and even in some in there is also the information on various media that they use the parallel system so we have to be very smart in future in this respect and especially during the elections election period we have to just kind of you know have very comprehensive and counter strategy to to fight such frauds because they're after not only after the political systems they're after you know business communities and critical infrastructures in general our chair thank you oh I'm very interesting Oh Frankie you know you had a senior position at the Pentagon you were look at your you looking things from 30,000 feet you your your sense of the strategic danger to the United States of Russian capabilities and what the United States and others in the West should be doing about it please my colleagues already said and also what's been said of the opening keynote and and the panel's that we panel we've already heard I think it's clear enough 30,000 feet or 50,000 feet that this derives if you will from a worldview by the Russian government it's an anti Western worldview it derives historically it's an integrated approach and it includes a variety of things so it's a challenge not only to the US but also to allies and also not only to governments but also to the private sector and we heard all that in the first panel and Anna's was just spoken about it it's integrated in that it involves cybers part of an overall hybrid strategy if you will which includes low-level use of force which includes economic and political subversion which includes information operations which includes actual cyberattacks as we've heard about with respect to Ukraine there's a potential for use of force in which make all high end conflicts the West if you will NATO has put forces into the Baltic countries we have those countries or have a tripwire conventional force they also have a very big cyber hole so to speak in that they would not be able to meet a Russian attack so there's a full spectrum set of issues and then of course as we've heard very much here with respect to the 2016 election and alike there's a challenge to the functioning of democracy so the question is what do you do about it and the a lot of points were made what I'd like to do is hopefully crystallize some of those points and then we can talk about them with the audience and with each other again as I said the targets if you will are not under the US government's also allies and partners it's also the private sector so you have to think about dealing with all of those you have to have a domestic response you have to have a response with allies you have to include the private sector so the first thing one might think about is what's the structure or structures that one is going to use in the DoD we always create what I call the Joint Task Forces fusion centers in the intelligence community bringing multiple entities together that have different capabilities in the UK they recently created what was called what is called a national cybersecurity Center and they are the front face of cyber sets of issues they have back up from their NSA GCHQ they involve the DoD and the like they involve law enforcement capabilities it brings together a number of things we don't have that yet in the United States so how to create a structure that involves if you will Department of Security Department of Defense intelligence community of law enforcement FBI we need to think about that and then there needs to be one internationally the second is broadly speaking what are the approaches so I would say that there are basically three things one needs to think about they were all talked about the first panel one is you really need to raise costs to the adversary you can do that by offense I'll talk about what I mean by offense and you can do that by defense and resilience and you need to include the appropriate entities again so it can't just be government it has to be private sector camp it just US has to be allies and partners when you talk about raising cost through offense it's not just cyber packback although I'm a big fan of that and I'll tell you what I mean by that but certainly want to be thinking about non cyber methods first and foremost perhaps legal methods law enforcement methods sanctions so for example you could change the laws and expand the availability of legal sanctions you might make a greater use of forfeiture you might freeze assets and the like might do multinational sanctions for cyber well when the US put the sanctions on December it was us only it would have been better in my opinion if we had included EU and the like it might have been hard to do but at least could have tried with respect to cyber already said I'm a fan hacked back you know I'm gonna get beat up for that what I really mean by that is a very limited and appropriate use of active defense I mentioned the UK national cybersecurity Center they just put out a report I mean just put out a report on active defense it's about 65 pages long and they talk about what they've done it's a useful primer to understand what can be done and it's both you might underscore the defence part as much as the active part so there were a number of things that can be done by governments for example blocking the wrong kinds of malware the wrong kinds of botnets and the like reaching out and knowing what's going on so that you can figure out what you do need to block and helping the private sector I'm working with the private sector to create a cleaner environment there are a number of technical capabilities some of which were discussed this morning I won't go into the specifics but the point simply be can create a cleaner network and the government can help you do that the so-called Internet service providers see their networks we should engage them a great deal to try and figure out there's a lot of conversation of course about engaging the platform companies same thing out of how to do that in Europe the European Union has a public-private partnership with respect to online hate speech and basically the platform companies have agreed to take down hate speech when notified a Germany even has a Germany even has passed the law saying I have to do it very quickly or the sanctions might take that approach and apply it to other aspects of cyber attacks you can raise the cost with respect to defense we've talked about greater resilience the key thing I think is critical infrastructures which would include elections transparency would be a very good thing there was a proposal by Senator McCain senator Klobuchar and Senator Warner I believe Mark Warner called the honest ads Act transparency and then as we do these kinds of things we ought to work with others and there's a lot of discussion this morning of course about working with Ukraine but also working with NATO allies working with partners in the various parts of the world so those are a broad set of ideas and let me stop there John okay thank you oh there's a I would say a misunderstanding in much of the international community regarding the effectiveness of overall Russian foreign policy as if Putin is an absolute wizard and achieving his objectives I think the same understanding or misunderstanding may also apply to Russian cyber capabilities a two dimension that Mark Rowan and his team in the French election did a very effective job at blocking Kremlin cyber operations so my question for the panel is how good are they and how difficult would it be for us to actually floor it if we pay the right amount of attention they are pretty good and pretty effective because once again it goes to my point when I mentioned that they securitize it we don't we're still thinking about this what should be in our cyber warfare should we call it cyber warfare should we call it a negative defense no passive defense I mean we are just kind of there you know discussing about the terminology and nice job should we you know mention this should we we just don't always they have the very straightforward strategy and we are implementing it and they are using a different process and the via are using very effectively not only the cyber elements but also the and they understand very well the power of the social media after though there was a couple of very high-level statements after the Arab Spring and the first-ever massive demonstrations do you remember in 2011 and 12 Du Monde presidential election that was the first ever massive demonstration against Putin's regime organized through unit unit was becoming the FIFA state and after that they squeezed the freedom on the road and now if you are the very famous online voice and you have 3000 or hits in a day you have to be registered because Roscommon azure will blacklist or Bloodless you I mean NV adopted couple of laws and regulations I mean his actually it's impossible to and on top of this you know we know how they treat their opponents and opposition you know leaders in general but we we just only talk about the you know role of the GRU the leading role of the jury in this respect and up and the FSB but we're discounting the role of this we are the foreign intelligence because foreign intelligence and when I will mention the to social media foreign intelligence SVR was thinking in 2012 and 13 and I do the research on the unit over a decade and everybody with some kind of you know technical ability and skills could have found those kind of information on the unit if you know how to browse and how to you know just collect all of those information of a processor awesome truth and and the Sabine tools so SVR was thinking was implementing the project how to influence the mindset of the message on the social media how to form the opinion on the social media and it was in a kind of it it can contain three major phases and the first phase was called dispute there was actually the research phase they were researching the formation of the online communities and then you know a second phase was called storm 12 that was about the organization of those communities and the third phase was the implementation phase that actually was about how to spread there's information and propaganda through pre registered account there automated ballot system and they they tested it on their social media platforms and in 2013 and 14 they were testing it on on the west and all social media platforms and we've seen this kind of examples how effectively and efficiently they used the Twitter platform for example they were accountants were tweeting over two thousand three thousand tweets during 24 hours I mean it is that was their you know that is the one of the examples so yes they understand it and if we paid attention if we really pay the attention what the Russians were doing we could have avoided this we just we need to pay attention we need to do the research we need them you know cyber intelligence personnel not only know techni you know guys people who have the policy understanding and have a technical ability we could have avoided this so we know over the past year the West certainly has its vulnerabilities right to to attack and surprise attack but authoritarian regimes also they have they have a real difficulty I think sometimes bridging tactics and strategy a good example is when Stalin met Roosevelt and Churchill at the end of World War two he was he almost certainly knew more about Western nuclear projects then did the Western leaders right because the Russians were so good at espionage and stealing information at the same time Stalin despite overwhelming evidence refused to believe that Hitler was going to invade the Soviet Union until he did right and and so and so it's interesting that I think cyberspace today looks a whole lot more like democracy somehow then it does autocracy right so we all I think in the West we do need to be a little bit patient with Russian politics and Russian information operations it's not that we should sit still but you know the Internet in cyberspace are also coming for Putin right and and so we you know do no harm should come before you know massive counter-propaganda for example but I think that that you know as we move forward we have to realize here's another example in Ukraine there have been so many cyber attacks and so much more damaging let's say in Estonia that's true but that pales in comparison to the over 10,000 humans dead in eastern Ukraine and a nation invaded and over a million people displaced from Donbass for example that's much bigger and that's much more important and that speaks to how serious the game is for Moscow's perspective right when you invade other countries and when you kill this many people it's very serious when the threat perspective the threat perception from the Kremlin so I think what I would say is the Russians are on 10 feet tall they're technically very good in cyber there's no question about that and they have multiple organizations that are sometimes in competition with one another and they engage criminal organizations one of the big problems is as was alluded to is that it's only recently we've paid substantial attention to these sets of issues Russian general for example until about 2014 Crimea and the like there are a lot of vulnerabilities that were built up because of the way of the you know that came about and people are only starting now to try to sort those out so with there's a high degree of openness a lack of education of active sufficient technical personnel all of which have been discussed on the other hand the West has not collapsed and there have been a lot of activities undertaken in response to what the Russians have done including here in the United States including in Ukraine including in other places it's early days and the West in general and the United States are resilient societies and the key is if you're in a fight you know not to say what was me but to get in there and fight so we need to increase our overall attitude towards resilience a good example of a nation that does a very good job about that and has lived close to the Russians for a long time of course is Finland and if you talk to the Finns their first line of defense is the individual and the individual resilience there are many things of course that we ought to do technically there are many things I mentioned some we're ready to go to do politically and organizationally legislatively I think those are all important but we need to remember that we have a lot of things going on our side the garage rob was mentioned if you read actually what he wrote he was talking about Russia but he actually was talking about what the West had done to Russia and then therefore what brush ought to do back color revolutions are all on our side so we need to not despair we need to make sure that we do take steps it's a not I already said this is a strategic danger it's non-trivial there are lots of things going on but I think we really can do a lot more and a lot better and we ought to think that way okay there are two threads I'd like to develop but for a first one is somewhat technical and I am NOT an expert on cyber so I'm about just maybe nonsense but it seems to me that the great development the great develops in technology which has created this capacity the internet of social media has advantaged free societies because essentially for this stuff to be used most effectively and to develop at the fastest clip you have to unleash human potential now if what I've just said is right does this mean that we have a natural advantage because certainly what's that one thing that Putin has done in Russia is to clamp down on activity across the board so any comments on this sure so there's three basic kinds of cyber attack right there's stealing information blocking information or manipulating it right so you can classify these things to better understand it think about the ease with which cyber command could shut down North Korea right if it came to a real war and the reason is is there there's relatively few nodes which are easier to surveil to block into to knock monitor and manipulate so when you're looking at the West from a you know let's say a from Iran or from from Russia you definitely see a sense a lot of vulnerability a lot of targets but that's also precisely the point there are far more targets and there's so much more depth and we have we possess the strategic depth in cyberspace in the same way that Napoleon and Hitler when they invade in Russia they found that Russia had mence strategic depth in traditional space its flipped in cyberspace right if you an autocratic regime a dictatorial regime will have fewer nodes that are easier to manage that's an interesting point your discussion of strategic depth I think another example of how a free society has an advantage is the fact is work being done actually in my area where you have Belling cat in Britain and you have the democracy lab here private citizens going out and doing serious geopolitical work damaging Russian cyber efforts and disinformation efforts Frank so just to pick up I think broadly speaking what I would call innovation of the United States the West I think has an advantage but it's good to remember the Russians are very capable scientists alike so they are not it's not 100 to 0 please could you go back historically for example Cold War days they had very very very good forces very capable tanks submarines airplanes etc maybe on a one-on-one basis as we're better but they were a serious threat so I would say long term and etcetera as I've already said the West has advantages but they are constants are consequential in their capabilities and if left unchecked would be a serious problem oh I have never been accused of being Pollyanna oh and I agree with everything you said I just want to broaden the point I've made it's true the Soviet Union produced world-class weapons at the extent at the expense of everything else and the regime collapsed you have something I don't want you have something analogous not the same but analogous going here you're right I mean I mean Russia has produced among the world's greatest mathematicians and scientists which has not turned into a great Russian information industry world class may have individual here and there but not whole industry and some of that great Russian talent is sitting in Silicon Valley precisely because of the problems of the overall regime okay I think we've exhausted this topic second point which has also come up in common so of all of you in a sense Russia has stolen a march in the cyber area because they've been playing attention and we have not why do you think for example when they launched that attack in Estonia in the summer of 2007 over ten years ago we did not label it as such and recognize this was this was not the start of something this is something we had to respond to I mean first of all because vest is a very legalistic you know kind of they use the legalistic approach where legalistic society but they know in Russian we just don't we do things and we don't care and I mentioned the concept of the securitization that's this technical and legal matter and then doesn't matter because and there they end in case of the Estonia it was very important point because NASA Group one of the Kremlin CEO group was heavily involved in this and our share of common stock back then called was cocoa made the statement of Financial Times and he said that he and his comrades were behind it and we will do this again for the raja'na for the motherland you know they were very vocal about this because they are not afraid of because there is no consequences and they are trying of testing us testing us so many over the decade now they are testing and they do everything we were gave get away with everything and then there were the Georgia and you know it was a first error combining kinetic and cyber thank and we had an evidence that's you know hackers used the infrastructure that's before we he used by the Russian business Network Russian business Network criminal organization we were involving sort of you know terrible activities child pornography botnets DDoS attack by the way Russian business Network was in 2007 Internet service providers and the principles of those in our began where the former FS officers and after that it is it's happened in Georgia we started to talk again weird Russians behind it you know how can you prove it you know I mean how did we don't have enough evidence I mean this is this is our you know mistake because we're too legalistic they do whatever they want to do and then we analyze here you know do you have a hundred percent proof no maybe I don't have a hundred percent proof but I have a 99 percent proof and I have all the dots and I am able and willing to connect those dots and I think that we have to move to this direction okay Frank so I think one of the things to be said is it's the wins to the church who vote that everyone uses you know the UL should do the right thing after it tries everything else working slowly the United States as a government started to really work cyber in the 90s I think was until 2010 approximately though the decision was made to create Cyber Command but approximately then so it was it was a pattern Estonia what happened in Estonia was not a good thing but it wasn't actually a total disaster it was an attack it affected the country of course there was a response actually mostly by the private sector that came in the certs and the like but and it started to be a wake-up call Georgia had lots of other issues going on as many people can remember conversations about if there's no question about the Russians invaded and whatnot but there are a lot of questions about who started it etc and Georgia wasn't isn't inside of NATO a lot of legalisms just like was pointed out so it took a while to to get things going and then again this public-private distinction what role do you ask the ISPs to play he had the pewter fraud act another axe out there that limit companies in the United States and different ways they're limited in Europe privacy issues and the like the data regimes were mentioned earlier so we still haven't organized ourselves in a way to optimally respond I think a lot of that is ongoing for just by way of example I would hardly say that Facebook is acted perfectly but there's a lot of attempt by the senior executives Facebook to try and figure this out there's a lot of pushing by governments to say you need to do more the the atmosphere with respect to how Silicon Valley is is being treated as changed as many many people said from about a year ago to now congressional hearings and the like I mentioned already the German laws about takedown with respect to hate speech so we're in a period of major transition so I think the the question is to keep that transition going to start to try and figure out what kinds of things will actually be effective to say that you're in a fight and that we're going to be in this fight for a long time I mean this is only one element of what the Russians are doing and we're focused here course in Russia there's a whole set of activities in other parts of the world whether it's Isis and there are sets of use of the Internet China has a hybrid strategy and alike so we certainly from the United States point of view we need to take a look completely around the world as to where we're doing and not not just limit ourselves so we just say one thing you know in in definitely with information operations you there's certainly a an element of Pyrrhic victory as well right and so about 10 years ago over drinks with a group with the yakov ik so the the defense minister of Estonia he raised his glass and he said the one person to whom he really owes a case of champagne is Vladimir Putin for having attacked Estonia right in cyberspace in the same way in in in in you if the goal somehow was to eventually win the hearts and minds of Ukrainians you would think that it was a failed operation relative to Ukraine if indeed Kiev as Putin has said is the mother of all Russian cities right that's probably no longer the case and so you know so looking forward you know information operations you know they they they may have a femoral value to them right moving forward and so we shouldn't let the shine and the glitz and the bling you know may not last long I mean can measured about the information operation and by the way as I mentioned that's this is a broader concept but 2017 shabu instead of defense of Russia made the statement that information operation troops so called you know in military scientific units were created on a world fighting structure and what it was also very important he made a statement that we will be more effective than we used to have during the Soviet times and propaganda must be smart effective and efficient in other words those information operation troops will not be under in charge of the cyber operation but they will be in charge of the desert formation and propaganda campaign so that's actually very important aspect that should be taken into account and they are developing their capabilities but at the same time what is very very important that there is a big clash between the different agencies who's going to be the leading player there in Russia big clash between the FSB and GRU and even SVR and this because of the overlapping functionalities because of the money and the power and if you remember you know it's not something that they love each other and may have a fun for example in the couple of years ago there was a if you remember and you know this website war filed or throw a bunch of information about the GRU agents were posted all the names and their locations and everything that was deleted in five minutes and actually show who himself was so pissed off that he launched the launch that he's you know GRU launched the investigation and they you know they actually found out that there was the operation of the information center of the FSB that's that's you know this is this is very it's not something that you know all of those they are and the CrowdStrike for example when we then we did a report about the apt twenty eight and apt twenty-nine those two groups acted in the front independently and apt twenty-eight is associated with the Giardia 50:29 associated with them where there has been that's a really interesting anecdote so let me ask the simple question that flows from that would you say competition among the strategic services in Russia in this area is a net strategic plus for the Kremlin or - it is you know that the power of the FSB increased even Putin came to her power fab said there was a foxy organization there's a major five of the disorganized from foxy and the major function of the foxy went to under their first be in some function went to SF s o and G ado etcetera etcetera but I mean FS B's role in increased immensely and is and now as we see this varies a lot of robberies I think it's simply I mean it's a corrupt country it's unique nexus of government and business and crime and they just fight for the for the power they just fight for the money and that's what's going on you know and we've seen this for example the central head of the center of information security Doku tribe and mihail of the arrested and there was lots of thing is going on inside Russia so I mean it's not that you know there is a such a great relationship and collaboration and cooperation among those agencies and it's not only between the GRU and FSB it also SV RFS oh yeah it's not easily swimming in a pool of sharks I think yes exactly okay your questions okay right here first you shove it yes microphone is coming please identify yourself knowledge and frankly I think perhaps this panel should have been first because you cannot in my view or maybe that's my question how can you understand the problem that we are confronted in the cyber warfare if we don't really understand that this is not the beginning of what's been happening but is only the latest tool in the in the tool chest so my question to you is can you really develop a strategy for fighting this cyber warfare without having this deeper understanding of where this fits and what has been going on for decades we can't and I'll explain why because there in in the Western countries there was a misunderstanding about the information warfare and I think that now we are you know we are starting understanding how it works and afterwards happen during the u.s. election in French election in Ukraine that's that's the most important element first of all to understand it to learn it and based on this understanding develop the counter strategy how to fight those threats that's the the important issue and and the you know key issue and we have to just have this shenanigans about you know we can't throw this hundred percent and all of those very legalistic approach I know it's in our DNA and we kind we always want you know debate about this but I mean when we debate you know about the green Menace in Ukraine who started were in Georgia who were behind in Estonia what about you know we have a who was behind the carbonate activities who was you know behind is behind the now the Brillion of money taker operation there is a more sophisticated than the carbonic carbonic already was very I mean we have we have the infrastructure yes yes attribution is very challenging you can't solve it hundred percent but we know you know we know what kind of for structure we are using we know what kind of that you know there are some similarities with the TTP's we have to just look the broader picture if we don't look the broader picture we are not that we're going to fail and we're gonna fail terribly and I hope that we're waking up and we need also very important things we need a collaboration and partnership within a there should be a government business partnership definitely there is the key there and now you mentioned about the social media for example how to fight the automated ballot system there should be outgoing and I'm sure wave you know how about algoriphagus out use it and you know learn a lot from the previous mistake because election is you know where we'll be next elections and the way we will use those platforms as they used to be very effectively before so we need Facebook Twitter all of those companies you know just you know and I think that there is a some kind of the step forward and they are awesome Bob you know attempts of the collaboration in this respect so and one of the great example also is how this French campaign actually were effective to counter the Russian cyber espionage campaign you know at some point we have to learn and I think that you know we're going in this direction and most important thing is understanding as its tenth as is an integrated system of system how it works and understanding the if you know how how they you know I'll use this this doctrine against that they are as they say perspective enemies so I think the answer your question is we can solve this problem but you don't solve some types of problems perfectly we haven't got one we haven't gotten rid of crime for example but we have some very good law enforcement agencies and crime is relatively down we can make this less of a risk I mentioned the UK's national cybersecurity Center it's a good model NATO just recently at the November ministers of defense meeting agreed to create something called the cyber operations center its precise mechanism and working is just being worked out as we sit here but that means that cyber is now integrated into the overall NATO sets of operations that's needs to be high end conflict it doesn't deal with per se the hybrid sets of issues we need to do something as was just pointed out with respect to the private sector a few of us have written we proposed something called an international cyber stability board it's just a made-up title with maybe a number of like-minded countries and the countries might be at the center but then they you would integrate appropriate private sector companies ISPs depending on what you're focused on could be the grid companies could be others but it'd be an international model that would be able to work on sets of issues like botnets or various other kinds of questions we'll see whether or not this ever gets picked up by governments and the like but it's an idea not the only idea out there so I think the key point is to keep moving forward if we stayed where we are I would say quite unsatisfactory but I would also say we've taken some steps in the right direction but there's so many vulnerabilities out there that has been pointed out that we need to take a lot more steps thank you I'm Reba sook Fulbright fellow American University yeah now talking a lot about operational activities of Russia what they did what they are doing but political landscape and cyber security policy not in the vision of this group I just need to mention that last year Russia blocked adoption of report by first committee of General Assembly general group of governmental experts on international security with related ICT usage and at the same time Russia very actively promote own concept in platform likes Commonwealth of Independent States BRICS John Horgan ization for cooperation negotiation on cybersecurity information security feels so my question is about collective responses and cyber alliances what for example United States could propose for Islands and for partners like Ukraine in the building cyber alliances and common defence collective defence for treats by Russia thank you so the the nature of the internet in computer code and applications and what's called the network stack it's all very international all right it's its own language and and it crosses borders like nothing we've ever seen so what that means is that cybersecurity is fundamentally an international problem and requires an international solution right so you're stuck within your own jurisdiction and sovereignty but cyberspace covers the whole globe and and really you can move about at will when computers are connected usually you can move between them so and that includes good things in bad right so the best places to look for progress on on cyber security are NATO and the EU because those are the strongest political military alliances we have and so where else you're going to see it so there's the Shanghai Cooperation Organization right which is Russia China India plus and they've got they've got a number of things that they've done as well but fundamentally in alliances are a lot about getting on the same page philosophically and from perception of a threat right so there's no doubt that other nations with similar politics will will have some some strategies right forward but you you will not see anywhere progress like you will in NATO and the EU and they are working ever more closely on cybersecurity because they understand that there is a military and a political relationship right you have to work with academics and business space as well because that's where the engine is operating so so as the for example the Tollan manual which looks at international laws that applies to cyber warfare and NATO there say the all these laws already exist we have good laws we just need to update them and reinterpret them for the Internet era okay thank you thank you I'm Paula Stern associated with the Atlantic Council in my own consulting group thank you for a wonderful presentation the entire morning I'm going to be provocative I tend to do that coming in I heard the repetition of the speech that President Trump made yesterday saying that those who did not clap for him at the State of the Union were treasonous yes I we call it treason he went on and said it several times I want to discuss this issue ask y'all to discuss this issue about trust among our population and how corrosive this topic we've talked about when weaponized can corrode trust among each other we have not talked and I'd like you to talk about what legislation is going forward and will be passed and put in place in time for the 2018 election we had our law enforcement officers institutions and our intelligence institutions telling us about interference in the u.s. election I know this is about Ukraine but this is a bigger subject and the Ukraine legislation that's been introduced I think that's wonderful it's important I'd like you to address however what we are doing within the United States not just at the at the the defensive levels in in cyber invasion but at the at the national level when it comes to our community that's going to be voting in 20 18 okay anyone want to take that off oh so it's a hard topic Paula but I would you know Ken started with some history so I'm gonna refer back so I wasn't quite there I'm not quite that old but when Washington was President Jefferson Jefferson spent a lot of Jefferson spent a lot of time even while he was a Secretary of State undercutting him and in the worst you know in a very serious way when Lincoln was president they tried to there was a movement to try to move him out before his second term we have had very very substantial fights in the United States multiple multiple times and obviously that kind of use of that language you know rises to the similar level so this isn't the first time we've been in a set of circumstances where different parts of the population strongly don't agree with one another in the Civil War so you know an example obviously just need I think to move it forward now with respect to legislation there are a number of legislative proposals up on the hill and the one I'd particularly like or the overall approach I particularly like is the one I mentioned with respect to being sponsored by Senator McCain and also across the aisle and that's I think it's called the Amistad Zac but it's it's basically a requirement to have transparency online transparency with respect to where these various kinds of activities come from and I would particularly say that what we've need to distinguish is between Americans fighting with one another which is if you will enshrined in the Constitution by the First Amendment Justice Brandeis and others talking about you know I don't agree with you about fight to the death to ensure your ability to speak into sin and foreigners we we have limits on the ability of fires to engage in electoral activities they're totally barred for example with respect to contributions we need to take a look at without impacting inappropriately in any way on the First Amendment we need to take a look at what limitations in the context of cyber which is a new relatively new mechanism might be put on a foreign engagement right now I think transparency is a very good thing there may be more things and I think the Congress needs to look at that I happen to know because a friend of mine is gonna testify that next week the Senate Armed Services Committee is holding a hearing on these kinds of issues I'm sure other committees have held them also so again I would encourage a crawl walk run approach for sure about transparency maybe there are more things that need to be done and we need to sort of think our way through because you don't want to have a blowback if you will on Americans right to speak and talk you don't want to create an authoritarian culture I'm just gonna add very good comment but you're exactly right we as a public politicians and especially president and congressmen senators those people should be very careful what kind of the language we will use because this is what really Russians want to divide the society and we just want to create the chaos and it is actually about the division that's way created in this country and I come from country Georgia and I know how I experience war after war you know my relatives my friends were killed in in those Wars and it's very very high and they try they try to destroy my country so many times and they are until now they're trying to even divide my country I know what they are up to and we want to just bring those strategy in a bigger countries like the United States yes but it's very important that we really have to be very careful about about what we say because for example there was a big report RBC just posted a big when I say about I mentioned about this division and chaos for example the CNN of the Reaper comprehensively covered this and there are some other you know Western media and I recommend all of you to read this report how they use how we create groups for example they created that fake black live metal groups with a 1.2 million subscribers and they even according to their BC data they interviewed routes for metros and they did a very comprehensive report about they even send money to the some of the contacted the American activists and they sent money to them to organize demonstrations about forty demonstration according to this report they're organized in the United States state money that was sent from the Russian internet research agency this is this is important and we really have to be very I mean have careful you know they are trying to divide our society and they are using everything every element and and politicians should be very very careful you know not to be not to kind of the develop and help them to implement the people based on their rhetoric help them implement there are divisive strategy shape not only in the United States but also in other Western countries time is very short okay over here yeah like that you brought up the idea you know discussed the idea that vulnerabilities are the adversary because I think that's really important I wonder if you'd agree with the notion kind of taking it to philosophical and optimistic way of looking at things if really the ultimate vulnerability or the adversary here in this information war is is you know they're basically trying to spread falsehoods you know the idea that the light overcomes the darkness kind of thing well I wouldn't caution against you know propaganda versus propaganda you know because I think you know those let's say living in Moscow they probably see see right through it you know and so that you had you have to be smart and and think ahead and I'm not sure I'm trying to follow the the election that's coming in as you are I'm sure in Russia in March to glean what I can about the dynamics there and what what's happening today and what people are thinking because it's very important it's very important for the world I think Russia is such a critical piece that we need to be investing time and effort into and to understanding how to you know how to help Russia move forward right because it's it's not it's not like it's a lost cause and so we have our own issues we have our own challenges with corruption you know and we have you know a political system that obviously needs modernization as well so yeah yeah so now we have the tools to do it right with with the internet which truly is an international space so yeah I would just encourage again as you said earlier engagement language study travel these kinds of things I was I was really really proud recently I had the Moscow seaso forum which is chief information security they called me a Sione key note dark conference downtown Moscow I thought about for two seconds and of course and I said yes let's go and you know I have friends who said why why would you do that because they're cool guys be cool it was fun you know it were their spies they're probably you know but do we have spies walking around easy yeah so that's the nature of a capital and that's you know everybody's collecting information and thinking but we need to keep the lines of communication open to do you want something last word I think what I would say thinking you over both the first panel in this panel and also the speakers beforehand is that the concept of resilient citizen really is something that we need to think about that so first and foremost that's the educated citizen not just educated at the cypher but educated if you will in the broadest sense of civics and then I think John asked the question at some point whether the Russian activities were effective and Ken pointed out the blowback that sometimes occurs with Kevin information operations it looks effective but a couple months later it hasn't turned out quite that way so for example a lot of what NATO has done has been in response to what the Russians have done or the Russians better off for what they have done well you know maybe they think they are but I don't think they are so I think we need to focus on our strengths you know to keep keep our nerve if you will it is a fight I've said that several times there's no question it's a fight but we have a lot of capabilities and now there are vulnerabilities as you point out both technical and otherwise there are a lot of strengths in the West the innovation the people a system and the like and I think if we build on that we can do just what we did in the Cold War partly what you see with respect to the Russians is a bunch of KGB thugs who can't believe they lost the Cold War well let's have them lose the second okay thank you all for coming to thank you for our [Applause] dissertation poster template a2 New York School of Urban Ministry.