Start your day with intelligence. Get The OODA Daily Pulse.
Informing your decisions with actionable intelligence
Start your day with intelligence. Get The OODA Daily Pulse.
Informing your decisions with actionable intelligence
Home > OODA Analysis and Briefs
One of the more common reasons why most organizations push back on spending for cyber security is the lack of a “return on investment.” All that fancy, shiny cyber-y stuff costs a lot of money without providing a clear benefit that is commensurate with the expenditure. Firewalls are expensive. IDS/IPS are expensive. SIEMs are expensive.…
We are all targets! This story and many more in the analysis by Mike Tanji in this week’s Cyber Threat Analysis Report.
This post is based on an interview with Jeremy King. It is part of our series of interviews of OODA Network members. Our objective with these interviews is to provide actionable information of interest to the community, including insights that can help with your own career progression. We also really like highlighting some of the…
Why are we perpetually surprised (or not, depending on how you look at it) at the failure of so many at both the organizational and individual level to take cybersecurity seriously? I would argue that most people are placing cybersecurity exactly where it should be when it comes to the myriad risks in their lives,…
This post is based on an interview with the highly regarded and proven cybersecurity professional Mike Tanji. It is part of our series of interviews of OODA Network members. Our objective with these interviews is to provide actionable information of interest to the community, including insights that can help with your own career progression. We…
In 1999 a book called “Unrestricted Warfare” emerged from China and over the past two decades it has served as a good guide for how China views conflict and in particular, cyber and economic conflicts. Businesses that understood Unrestricted Warfare were better enabled to defend their networks and market share. Twenty years later, the U.S.…
Is FaceApp a privacy breach or a blah? This story and more in the analysis by Mike Tanji in this week’s Cyber Threat Analysis Report.
So much attention has been paid to “election hacking” and the like in recent years, analysts and commentators have effectively forgotten an equally if not more pressing threat to American government at all levels: ransomware. We cannot fix the reading comprehension problems and poor critical thinking skills of more than half the nation’s population, but…
This post is based on an interview with Bryson Bort. It is part of our series of interviews of OODA Network members. Our objective with these interviews is to provide actionable information of interest to the community, including insights that can help with your own career progression. We also really like highlighting some of the…
The proliferation of cyber physical systems (CPS) has increasingly enabled cyber actions to have direct kinetic effects on tangible infrastructure, even as cyberspace itself depends on tangible infrastructure vulnerable to kinetic damage. This report focuses on Russia, a particularly important threat actor to track given their track record of brazen infrastructure attacks. It is almost…
Cybersecurity’s role in the M&A market. This analysis and more by Mike Tanji in this week’s Cyber Threat Analysis Report.
This post is based on an interview with Dan Wachtler. It is part of our series of interviews of OODA Network members. Our objective with these interviews is to provide actionable information of interest to the community, including insights that can help with your own career progression. We also really like highlighting some of the…
In Part Two of this series on Cyber Sensemaking, OODA CEO Matt Devost steps through the top management lessons learned and actions that can be taking to drive your cyber risk management program.
Distilling over 25 years working in the fields of cybersecurity and cyberconflict across a multitude of domains including government, corporate, think tank, and academic this article serves as a foundational distillation of observations that can be applied in any organization. In Part Two of the series, we will look at lessons learned and actions that…
The Department of Defense is establishing a new approach they expect their contractors, and sub-contractors to leverage. This is meant to help reduce risk and mitigate many challenges observed in implementing existing security/compliance regulations in the defense industrial base. Our review of this approach leaves us optimistic that this new approach is a positive change.…
TikTok is being punished for the first time for breaching Europe’s data privacy rules. Ireland’s Data Protection Commission, the lead privacy regulator for Big Tech companies, is fining them $368 million for failing to protect children’s privacy. The investigation in 2021 found that the sign-up process for teen users resulted in settings that made their…
As consumers continue to spend and interact online, they have growing expectations for security and identity verification. There is an increased need for businesses to protect customers from fraud while still providing a seamless online experience. Despite their plans to increase their fraud prevention budgets, data shows that businesses may not be completely aligned with…
China’s onslaught of cyberattacks on critical infrastructure is likely a contingency move designed to gain a strategic advantage in the event of kinetic warfare, according to the U.S. Department of Defense (DoD). The agency’s 2023 Cyber Strategy released this week flagged an uptick in state-sponsored cybercrime from the People’s Republic of China, specifically against sensitive…
Deduce, an identity fraud prevention provider, has raised $9 million in a funding round led by Freestyle Capital, with participation from Foundry and True Ventures. Deduce, founded in 2019, focuses on helping organizations prevent AI-generated identity fraud and detect synthetic identities that have already created fake accounts. Its platform uses multi-contextual intelligence to analyze data…
Google has agreed to a $93 million settlement with the state of California to resolve a lawsuit over its location-privacy practices. This comes after a $391.5 million settlement with 40 states in November 2022 regarding Google’s tracking of users’ locations, sparked by a 2018 Associated Press report. The settlement includes various restrictions on Google, such…
The US Department of Defense (DoD) has released its 2023 Cyber Strategy, emphasizing a commitment to enhancing the cyber capabilities of allies and partners while increasing collective resilience against cyber threats. The strategy aims to bolster partners’ cybersecurity infrastructure, facilitate cybersecurity workforce development through training and exercises, and provide direct support for capability development. Additionally,…
Russian hacker Dariy Pankov has pleaded guilty to computer fraud, facing up to five years in federal prison and a $358,437 forfeiture after developing and selling the malware NLBrute, which was used in cybercriminal activities, resulting in over $350,000 in illicit proceeds between 2016 and 2019. Pankov, a Russian citizen, was extradited from Georgia and…
In the constantly evolving technological landscape, Generative AI emerges as both a beacon of opportunities and a nucleus of substantial risks. Leveraging massive data sets to conjure anything from realistic text to fabricated videos, Generative AI, underpinned by engines like OpenAI’s GPT-4, carries with it a Pandora’s box of potential dangers. Let’s deliberate on the…
The US Department of Defense (DoD) this week published an unclassified summary of its 2023 Cyber Strategy, outlining plans for both offensive and defensive efforts. One key focus of the 2023 Cyber Strategy is the commitment to boost the cyber capabilities of allies and partners, and to increase collective resilience against cyberattacks. This includes augmenting the capacity…
The artificial intelligence (AI) market has been growing at an exponential pace over the last couple of years, thanks in large part to consumer-ready products such as ChatGPT, Google Bard and IBM Watson that are now being used commonly across the globe. To this point, global management consulting firm McKinsey believes that anywhere between 50% and…
As part of its efforts to be more nimble in space, the US military has been pushing satellite and launch companies to become more “responsive” in their ability to put spacecraft into space. Essentially, the military is concerned about other nations damaging or destroying its assets in orbit during a conflict. Military officials believe one…
AI is a large umbrella with various applications underneath. Two prominent branches have emerged under this umbrella — conversational AI and generative AI. While conversational AI and generative AI may work together, they have distinct differences and capabilities. Artificial intelligence (AI) changed the way humans interact with machines by offering benefits such as automating mundane tasks…
Chinese Defense Minister Li Shangfu was taken away last week by authorities for questioning, according to a person close to decision making in Beijing, while U.S. officials say he is being removed from his post. Li hasn’t made a public appearance since late August. One U.S. official said the trouble surrounding Li pointed to deep-seated…
Washington and Moscow flooded the Korean Peninsula with arms and aid as they fueled the war between South and North seven decades ago. Now, in a fateful moment of history turning back on itself, Russia and the United States are reaching out to those same allies to supply badly needed munitions as the powers face…
China launched large-scale military drills in the Western Pacific this week, deploying an aircraft carrier and dozens of naval ships and warplanes. The drills appear to simulate a blockade of Taiwan, and are a show of force aimed at pushing back at U.S. pressure. The joint exercises come after the United States conducted a series…
Since a military coup in Niger this summer, border closures and a freeze on financial transactions imposed after soldiers seized power are hurting millions. Western nations remain divided over what to do. After mutinous soldiers seized power in Niger, West African countries froze financial transactions, closed their borders with Niger, and cut off most of…
The explosion of interest in artificial intelligence this year has fueled a major rally in technology stocks, with a concentrated group of large US companies leading the market higher. This slate of “early winners,” including makers of semiconductors needed to build AI technology and cloud service providers with the computing infrastructure to commercialize it, returned…
There’s no getting away from it. The buzz around generative artificial intelligence (genAI) is intense. Tech-savvy consumers are quickly jumping on the genAI bandwagon for activities ranging from search to entertainment to travel and meal planning, however, it’s a different reality for the enterprise. Despite the hype, the truth is that we’re still a couple of…
Roni Cohen-Pavon, a former executive at Alex Mashinsky’s now-bankrupt cryptocurrency lender Celsius Network, has pleaded guilty to U.S. criminal charges and agreed to cooperate with prosecutors’ investigations. Cohen-Pavon, Celsius’ former chief revenue officer, admitted to four charges, including manipulating the price of the exchange’s crypto token Cel, at a Wednesday hearing before U.S. District Judge John…
Chinese researchers claim they have developed what the media is terming a ‘force gun’ that purportedly uses magnetic plasma rings to manipulate distant objects in space, almost reminiscent of ways the Jedi in the Star Wars film franchise use the force to move objects with their mind. Little information is available about the mystery weapon,…
Tesla CEO Elon Musk suggested that muscular action from Washington on artificial intelligence is needed, even “perhaps a Department of AI.” “We’ve created regulatory agencies before,” Musk said Wednesday after attending a gathering in Washington with other tech CEOs who convened to discuss AI, according to video of the comments to reporters. Musk — who also owns…
Widespread power blackouts across Nigeria have followed a “total system collapse” on Thursday. The outage affected all of Nigeria’s 36 states and its capital, Abuja. The grid has collapsed many times, and it is not clear when power will be restored. The Enugu Electricity Distribution Company supplies electricity to south-eastern Nigeria described the issue as…
The presidential transition process has been suspended by Guatemalan President-elect Bernardo Arévalo de León after Public Ministry agents raided electoral facilities and opened voting boxes. Arévalo informed President Alejandro Giammattei that they are suspending their participation in the administrative process until the necessary institutional political conditions are reestablished. Arévalo was expected to be sworn in…
The United Nations has said most of the deaths in the flash floods that occurred in Libya could have been avoided. Relief workers are struggling to deliver humanitarian aid in the politically divisive climate, along with he debris from the disaster. Over 5,000 people have died and thousands more are feared missing. Unprecedented rainfall flushed…
Ukraine says it destroyed a Russian air defense system in occupied Crimea using cruise missiles and drones. Video footage on social media showed a fire and smoke near the city, in the west o the Russian-occupied peninsula. Moscow has not commented on the claim directly. The Russian defense ministry claims it had shot down several…
An investigation has been launched by Airbus after a hacker leaked information allegedly stolen from the aerospace company’s systems. The attack was claimed by a hacker using the online moniker ‘USDoD’ earlier this month according to cybercrime intelligence firm Hudson Rock on Tuesday. The same hacker had previously claimed to have breached the FBI’s InfraGard…
Medical device makers have had to comply with new cybersecurity regulations for the past six months. These regulations have been developed to protect medical devices against cyber attacks, but the US Food and Drug Administration has refrained from using its power to not accept a medical device, until now. On October 1, the FDA will…
Consulting firm EY said it recently completed a $1.4 billion investment into artificial intelligence, the latest among a series of peers to make a billion-dollar announcement regarding the rapidly developing technology. In addition to the $1.4 billion investment, announced Wednesday, the professional-services company said it has created its own large language model, EY.ai EYQ, and that…
Machine learning (ML) and artificial intelligence (AI) are rapidly unlocking new business opportunities and influencing every industry. That said, AI comes with its own set of risks and threat actors are known to employ a range of novel techniques to exploit weaknesses in AI models, security standards and processes, to dangerous effect. Organizations keen on…
On Sept. 12, crypto exchange CoinEx experienced abnormally large outflows to an address with no prior history, leading security experts to suspect the exchange was hacked. Blockchain security platform Cyvers Alerts has estimated the losses to be approximately $27 million. At approximately 1:21 pm UTC, a known CoinEx hot wallet transferred around 4,947 Ether, worth…
The United States is involved in a new global space race, to which individual entrepreneurs such as Elon Musk, Jeff Bezos and even Richard Branson are making enormous and positive contributions. Space exploration has been much in the news of late, with efforts by Russia, China, India and Japan to send craft to the moon,…
Ever since ChatGPT exploded in popularity last year, Silicon Valley’s titans have been embroiled in a race to be at the forefront of artificial intelligence. Yet in Washington, lawmakers have struggled to keep up with the technology, which they are only beginning to understand. On Wednesday, both sides collided in one of the tech industry’s…
While data sharing remains a challenge, many organizations already benefit from two key things that AI does now for supply chain management. Supply chains perform a series of actions starting with product design and proceeding to procurement, manufacturing, distribution, delivery, and customer service. “At each of these points lie big opportunities for AI and ML,” says…
Global payment giant PayPal continues expanding its digital asset services, integrating new methods to sell cryptocurrencies like Bitcoin. On Sept. 11, PayPal introduced new on- and off-ramps for Web3 payments, allowing users in the United States to convert their crypto to U.S. dollars directly from their wallets into their PayPal balance. According to the announcement, the…
Eight tech companies, including Salesforce and Nvidia, are signing on to the White House’s voluntary artificial intelligence pledge, joining a roster of prominent firms that have agreed to mitigate the risks of AI, as Washington policymakers continue to debate new regulation of the emerging technology. Fifteen of the most influential companies in the United States have…
A hacker took control of Ethereum cofounder Vitalik Buterin’s X (formerly Twitter) account over the weekend and promptly stole hundreds of thousands of dollars worth of high-profile NFTs. In a now-deleted post, Buterin’s account advertised what appeared to be a link to a free NFT celebrating “Proto-Danksharding,” in partnership with Consensys, the company behind the MetaMask…
Artificial intelligence can help tackle climate change, but to fulfill that promise companies need to find a way to limit AI’s own climate impact. Information and communications technologies already contribute up to 3% of global greenhouse-gas emissions, according to many estimates. Data centers emit about the same amount as the aviation industry and consume hefty…
North Korean leader Kim Jong Un arrived in the Russian border town of Khasan via armored train on Tuesday. Russian officials stated that Kim and Russian President Vladimir Putin will discuss many topics during the fully-fledged visit, including UN sanctions against North Korea and giving humanitarian aid to the country. The United States warned that…
A three-judge panel found Rui Pinto, the Portuguese hacker behind the “Football Leaks” campaign that exposed the salaries and transfer fees of various famous football players, guilty on nine accounts. The court was unable to prove he hacked a Portuguese soccer federation website but found significant evidence he illegally accessed computers at the Doyen sports…
Symantec discovered a new China-linked APT campaign targeting the power grid in Asia over the past 6 months. The campaign overlaps with activity previously attributed to APT 41, also known as Redfly, Winnti, Wicked Panda, or Blackfly. The threat actor used the ShadowPad remote access trojan (RAT) with websencl[.]com as its C2 server. The RAT…
Mediterranean storm Daniel caused major destruction in multiple Libyan coastal cities over the weekend. Ahmed al-Mosmari, a spokesperson for Commander Khalifa Hifter, stated the death toll in the city of Derna has surpassed 2,000. This figure, corroborated by east Libyan Prime Minister Ossama Hamad, greatly overshadows a confirmed death toll of 61 that does not…
On Monday, the Biden administration announced it issued waivers for banks to free Iranian funds as part of a deal between the U.S. and Iran. The current arrangement will trade $6 billion in frozen funds and five Iranian citizens currently held in the U.S. for the release of five American citizens currently held in Iran.…
ESET Research reported on Monday that they discovered the Iranian APT35/APT42 group targeting entities in Brazil, Israel, and the U.A.E. using an undocumented backdoor. The threat actor, also known as Charming Kitten, has a history of targeting education, government, healthcare, human rights, and journalism organizations in the Middle East and the United States. Charming Kitten…
Anonymous Sudan is a hacker group dedicated to launching cyberattacks against any entity it views as opposing Sudan. The group emerged in 2019 and has since executed DDoS attacks against targets in Australia, France, Germany, Denmark, India, Sweden, Israel, and the United Kingdom. The group recently launched an attack against Telegram after the platform suspended…
Ukraine recently announced that special forces retook control of the Boyko Towers in the northern Black Sea last month. Russia seized the gas drilling platforms in 2015 after it annexed the Crimean peninsula. Ukraine’s military intelligence also released a video of the operation. The video explains that Russia used the Boyko Towers as a radar…
The rapid rise of large language models (LLMs) and generative AI has presented new challenges for security teams everywhere. In creating new ways for data to be accessed, gen AI doesn’t fit traditional security paradigms focused on preventing data from going to people who aren’t supposed to have it. To enable organizations to move quickly…
What should we believe about the reasoning abilities of today’s large language models? As the headlines above illustrate, there’s a debate raging over whether these enormous pre-trained neural networks have achieved humanlike reasoning abilities, or whether their skills are in fact “a mirage.” Reasoning is a central aspect of human intelligence, and robust domain-independent reasoning abilities…
TO meet the challenge of a rising China, the Australian Navy is taking two very different deep dives into advanced submarine technology. One is pricey and slow: For a new force of up to 13 nuclear-powered attack submarines, the Australian taxpayer will fork out an average of more than AUD$28 billion ($18 billion) apiece. And the…
A United Launch Alliance Atlas 5 rocket blasted off and boosted multiple National Reconnaissance Office satellites into space Sunday to keep tabs on the behavior of potential enemy spacecraft in the high orbit favored by spy satellites, communications stations and other high-priority U.S. assets. The NROL-107 payload, made up of an unknown number of satellites…
The journalist and academic Nicolas Lemann has observed that when the internet came along a quarter century ago, “just about everyone, including liberals, assumed that an unregulated Internet would be a good idea.” Well, policymakers saw what that produced: tech markets dominated by a handful of giant companies, privacy invasions of truly staggering proportions and…
While U.S. President Joe Biden was in the Indian capital to attend the G20 summit, he has said that he raised issues of human rights in India and the importance of a free press with Prime Minister Narendra Modi in Delhi. Activists and rights groups have questioned India’s deteriorating human rights track record under Mr…
North Korea and Russia have confirmed North Korean leader Kim Jong Un will visit Russia for talks with Russian President Vladimir Putin. The Kremlin said on Monday Kim’s visit was at Putin’s invitation. Kim does not travel abroad often and, when he does, it is often shrouded in secrecy and security. The meeting between Kim…
Ukraine’s military said on Sunday that it had foiled a large Russian drone attack on the capital, Kyiv, overnight. This attack was aimed at terrorizing and demoralizing the local population. The military said it shot down 26 of the 33 drones launched at the capital. The fate of the other seven drones was unclear. Blast…
President Biden has traveled to Hanoi to sign a new historic deal with Vietnam. The Comprehensive Strategic Partnership with Vietnam is a major relationship upgrade for the U.S.. This strengthening of ties with Vietnam is seen as key to counter China’s influence in Asia. Closer ties with Vietnam could mean better business deals and less…
Security researchers have revealed a number of lookalike Telegram apps on the official Play store which were modified to contain spyware. Since removed by Google, these apps were promoted in Chinese and Uighur as faster than the original Telegram and had been downloaded tens of thousands of times. The spyware collects such user-related information as…
The Associated Press is informing some AP Stylebook customers that their information has been compromised as a result of a data breach impacting an old website. The AP Stylebook is hosted on apstylebook.com, however an old version was still available on a different website. Threat actors hacked into the old site and managed to obtain…
Pentagon leadership will begin reviewing plans to implement zero-trust measures across the military, as cybersecurity officials eye a 2027 deadline. Zero trust is a different paradigm for cybersecurity — one that assumes networks are always at risk or already jeopardized, requiring constant validation of devices, users and their virtual reach. The push to beef up…
Findings from a new report released by Microsoft Threat Analysis Center showed China has unveiled a new cyber capability powered by artificial intelligence, enabling the automatic generation of images for influence operations.The research of the report underscores the expanding threat of influence operations and cyber activities in the East Asia region. In particular, China-affiliated actors…
Maldives President Ibrahim Mohamed Solih is facing a tough re-election battle against pro-China mayor Mohamed Muiz in a crowded field of candidates. Solih, who sought closer ties with India and repaired relations with the West during his term, is struggling to generate enthusiasm among voters, with many feeling disillusioned with the options. Analysts suggest that…
The UN’s first Global Stocktake of progress on the Paris climate agreement warns that the world is seriously off track in achieving the treaty’s goals of reducing carbon emissions and providing financial support to developing nations. While the Paris Agreement has led to significant reductions in future warming, it states that much more needs to…
Informing your decisions with actionable intelligence
Copyright © 2025 — All Rights Reserved.
Notifications
Informing your decisions with actionable intelligence