Search

Begin New Search Publishing Institution Third Way Publication Year within 10 Years

11. Digital Currencies' Role in Facilitating Ransomware Attacks: A Brief Explainer

Author:
Kristine Johnson and Michael Garcia
Publication Date:
05-2021
Content Type:
Policy Brief
Institution:
Third Way
Abstract:
This paper details how Bitcoin—the most popular digital currency—is used to facilitate ransomware attacks and how criminals try—and sometimes fail—to cover their tracks. Understanding how criminals use digital currencies for ransomware attacks can lead policymakers to solutions in thwarting and enforcing cybercrimes.
Topic:
Cybersecurity, Digital Economy, Bitcoin, Digitalization, and Digital Currency
Political Geography:
North America and United States of America

12. Border Regulation Begins with Stronger Capacity at Official Points of Entry

Author:
Todd Rosenblum
Publication Date:
05-2021
Content Type:
Policy Brief
Institution:
Third Way
Abstract:
After the Trump Administration cutbacks, Congress should invest in the U.S. southern border to benefit trade, stop bad actors, and humanely process people with real asylum claims. Managing vehicular, rail, and people throughput at border crossings is an enormous challenge, but one not being met. U.S. inspectors do not properly screen more than a small percentage of incoming commercial and personal vehicles making this the primary means for narco-trafficking into the United States. Investing more in screening capacity at the official land Points of Entry with Mexico will reduce crime, illegal drug importation, guns going southbound, strengthen regulation and order essential for safe trade and opportunity, and make for a safer environment for those seeking legal entry into the United States. Congress has steadily appropriated new funds for more border screening capacity, but additional investment in screening capacity is still needed to make up for Trump Administration cutbacks. President Biden’s U.S. Citizens Act of 2021 has a range of helpful proposals to make us safer and keep commerce moving. Congress should mandate better measures to evaluate actual screening effectiveness. Congress also should conduct stronger oversight to address shortcomings in the US Department of Homeland Security (DHS) and Customs and Border Protection Agency (CBP) acquisition plans to make sure border inspectors spend the money more effectively and field the right capability in a timely fashion. There is a range of reforms we must make across immigration and border regulation to better serve our nation and those seeking to come here. Immigration and border enforcement have strayed from our values as a country and urgently need reform. Our legal immigration system both in asylum and visa-based needs clear modernization. Millions who have known no home but America deserve citizenship. Enforcement alone also will not solve our problems, but we must improve all aspects of American immigration and our border.
Topic:
Migration, Immigration, Law Enforcement, Borders, Illegal Trade, and Commercialization
Political Geography:
North America and United States of America

13. To Patch or Not to Patch: Improving the US Vulnerabilities Equities Process

Author:
Josh Kenway and Michael Garcia
Publication Date:
06-2021
Content Type:
Commentary and Analysis
Institution:
Third Way
Abstract:
The process that determines when and how the US government discloses unknown cybersecurity vulnerabilities to relevant companies or withholds them for government purposes lacks sufficient accountability, transparency, and public trust. Malicious actors do not hesitate to exploit “zero-day vulnerabilities,” or vulnerabilities that a company has had zero days to patch, with Chinese-based hackers most recently using a zero-day in Microsoft Exchange Servers to infect hundreds of thousands of systems.1 Yet, the government also uses zero-days to carry out activities that are in the nation’s interest and, as a result, does not tell the impacted software or hardware vendor about the vulnerability. In this case, the government determines that the benefit of not disclosing the vulnerability outweighs the consequence of a bad actor potentially exploiting the vulnerability for nefarious purposes. In 2010, the US government created the Vulnerabilities Equities Process (VEP) to convene federal agencies that represent a range of national interests—including security, intelligence, foreign policy, commerce, and civil rights and liberties protection—to weigh distinct perspectives on how vulnerabilities should be patched or briefly kept open for law enforcement, intelligence gathering, or military purposes. However, the VEP is not codified in law and has failed to deliver greater transparency around government retention of vulnerabilities nor ensures accountability for the government’s decisions. Congress and the Biden administration should address deficiencies with the VEP to increase transparency, strengthen accountability, build public and industry trust, and establish a world-leading model for decision-making around what to do about high-value vulnerabilities. This paper details seven steps for the Biden administration to enhance transparency and accountability in the VEP while preserving government priorities, as well as flexibility for the defense of democratic values and institutions.
Topic:
Security, Defense Policy, Science and Technology, Governance, Cybersecurity, and Transparency
Political Geography:
North America and United States of America

14. 2021 Reader’s Guide to Understanding the Proposed US Cyber Enforcement Budget

Author:
Aaron Clarke
Publication Date:
09-2021
Content Type:
Commentary and Analysis
Institution:
Third Way
Abstract:
Cyber attacks in the United States continue to devastate and disrupt day-to-day operations in the private and public sectors. Marked by events like the ransomware attack on Colonial Pipeline that created gas shortages and increased prices, cybercrime impacts everyday citizens, even if they are not directly targeted by an attack. The Department of Homeland Security (DHS) reported that in 2020 there were “over $4 billion in cybercrime losses reported to the U.S. government.”1 This growing cybersecurity threat has only been exacerbated by the rise of cryptocurrencies like Bitcoin and exposed network vulnerabilities from those working from home during the pandemic.2 In response to this influx of cyber attacks, the Biden Administration has taken steps to both bolster the federal government’s ability to detect and respond to cyber attacks as well as protect its own systems.3 The Department of Energy (DOE) and DHS have both made cybersecurity a top priority in their latest initiatives. President Biden called on DOE to launch a 100 day plan aimed at preventing disrupted services for electric utilities, and DHS announced a series of 60-day “sprints” to support private and public partners against ransomware.4 The FY2021 National Defense Authorization Act also created the first U.S. National Cyber Director, tasked to lead the implementation of U.S. cyber policy and strategy, and rapidly improve cybersecurity defense capabilities. Although ransomware attacks have spiked, the federal government has made inroads on combatting cyber criminals. The Cyber Enforcement Budget for FY2022 should continue funding and seek to build on the key improvements and actions taken by the Biden administration. In this guide, we will look at the budget implications for cyber enforcement, recommendations for Congress, and provide a detailed breakdown of the proposed budget’s funding allocations. Specifically, we recommend that Congress should: Restore the $15 million of funding cut from the State Homeland Security Program. The program provides critical grants to states that require recipients spend at least 10% of their grants on cybersecurity needs. Require an alignment of cybercrime goals and outcomes across law enforcement agencies within the Departments of Homeland Security, Justice, and Treasury. Ensure that federal agencies are prepared to implement President Biden’s cybersecurity executive order.
Topic:
Defense Policy, Science and Technology, Law Enforcement, Budget, and Cybersecurity
Political Geography:
North America and United States of America

15. Where Are We Now? Examining the Trump Administration’s Efforts to Combat Cybercrime

Author:
Michael Garcia and Anisha Hindocha
Publication Date:
06-2020
Content Type:
Special Report
Institution:
Third Way
Abstract:
Amid the COVID-19 pandemic, the United States has seen an acceleration of an already massive cybercrime wave. Daily reports of cybercrime to the FBI’s Internet Crime Complaint Center have nearly quadrupled since the pandemic began, to roughly 4,000 reports per day. Unfortunately, even before this crisis began, the enforcement rates for these crimes are low – for every 1,000 reported cyber incidents, only three arrests of the perpetrators occur. In the fall of 2018, the White House released the “National Cyber Strategy of the United States,” which detailed how the Administration would create or update policies for combating cybercrime. While no implementation plan for this Strategy was ever published, Third Way conducted an analysis of publicly available information of the Administration’s actions and budgetary allocations since the strategy’s release to examine their cybercrime enforcement efforts.
Topic:
Security, Defense Policy, Science and Technology, Cybersecurity, Pandemic, COVID-19, and Digitalization
Political Geography:
North America and United States of America

16. US Global Cybercrime Cooperation: A Brief Explainer

Author:
Allison Peters and Anisha Hindocha
Publication Date:
06-2020
Content Type:
Policy Brief
Institution:
Third Way
Abstract:
Cybercrime is a persistent and transnational threat with the rates in the United States estimated to have up to quadrupled during the COVID-19 pandemic. Unfortunately, law enforcement in the United States and globally has struggled to keep up with this crime, resulting in a considerable enforcement gap that allows cybercriminals to operate with near impunity. In the United States, only 3 in 1,000 malicious cyber incidents will ever see an arrest and the global enforcement gap is likely to be similar.1 The investigation of one cybercrime case often involves criminal justice systems in many different countries, requiring intense international cooperation to bring the perpetrators to justice. The United States is a member of a number of formal and informal mechanisms that help facilitate this cooperation. This includes being a party to a number of binding treaties—particularly the only global cybercrime treaty known as the Budapest Convention—as well as a member of key networks and in multilateral forums. The United States is also a member of a number of entities aimed at developing norms to guide the behavior of nation-states in cyberspace where cooperation in cybercrime investigations is encouraged.
Topic:
Defense Policy, Crime, Cybersecurity, Pandemic, and COVID-19
Political Geography:
North America and United States of America

17. Weakened Encryption: The Threat to America’s National Security

Author:
Mieke Eoyang and Michael Garcia
Publication Date:
09-2020
Content Type:
Special Report
Institution:
Third Way
Abstract:
For years, law enforcement officials have warned that, because of encryption, criminals can hide their communications and acts, causing law enforcement to struggle to decrypt data during their investigation—a challenge commonly referred to as “going dark.” They called on technology companies to build a process, like a “master key,” to enable law enforcement to unlock encrypted communications. While this may seem like a tempting idea, it would have grave implications for our national security. As more and more of our communications move online, users seek out encrypted services to protect their privacy. Unlike telephonic communications, and despite repeated requests by law enforcement to do so, Congress has not required internet communications platforms to give law enforcement access to intercept user communications or access stored communications. In this paper, we assess the national security risks to a requirement to provide that master key (referred to throughout as “exceptional” or “backdoor” access) to encrypted communications and propose alternative approaches to address online harms.
Topic:
Security, Science and Technology, Cybersecurity, and Encryption
Political Geography:
North America and United States of America

18. 2020 Country Brief: Russia

Author:
Third Way
Publication Date:
09-2020
Content Type:
Policy Brief
Institution:
Third Way
Abstract:
Under Vladimir Putin, Russia is our adversary. The goals of Vladimir Putin are simple and dangerous: 1) reassert Russian global “great power” status; 2) have supremacy over the territory of the former Soviet Union; and 3) create a sphere of influence in the international system to achieve dominance. To do so, the Kremlin seeks to weaken America and its allies by sowing domestic discord, discrediting the institutions of democracy, and destroying US alliances and partnerships. Under Donald Trump, they are winning.
Topic:
Diplomacy, Military Strategy, Hegemony, Conflict, and Power
Political Geography:
Russia and Europe

19. 2020 Thematic Brief: COVID-19 and Global Health Security

Author:
Third Way
Publication Date:
09-2020
Content Type:
Policy Brief
Institution:
Third Way
Abstract:
The Trump Administration’s catastrophic mismanagement of the pandemic has made the United States the center of virus contagion. Yes, the COVID-19 virus began in China and there should be a no-stones-unturned investigation into its origins and the failure to contain it. But Trump’s attempts to distract from his mishandling are a sideshow—the priority must be protecting Americans and safely re-opening the economy. If blaming others, making excuses, and ducking responsibility were a cure for the virus, America would be open for business right now. But President Trump had no strategy from the start, played down the severity of the crisis, refused to wear a mask until July, and made just about every wrong move you could make to take a very bad situation and make it worse. Now we have millions of cases in the United States, almost 200,000 deaths, and tens of millions of people filing for unemployment. What we don’t have is any semblance of a national strategy. And on the international front, Trump’s only answer is to blame and defund the World Health Organization (WHO).
Topic:
Security, Governance, Leadership, Public Health, Pandemic, and COVID-19
Political Geography:
North America and United States of America

20. 2020 Country Brief: China

Author:
Third Way
Publication Date:
09-2020
Content Type:
Policy Brief
Institution:
Third Way
Abstract:
hina is no longer a budding regional hegemon, but a global power seeking to rival the United States on the international stage in economic, military, technological, and diplomatic terms. Further, the country’s actions—such as handling public health issues—have direct consequences for Americans. Moderating China’s growing influence is the foreign policy challenge that will define the future. Yet “America First” policies, in combination with erratic leadership, have placed the United States at a strategic disadvantage in the international arena, providing China the opportunity to fill a leadership void and promote its policies and technologies, while achieving its economic and military ambitions.
Topic:
Science and Technology, Hegemony, Leadership, and Influence
Political Geography:
China and Asia