Jason Healey

Last updated
Jason Healey
Jason Healey.jpg
Born Rhode Island
OccupationSenior Research Scholar, Columbia SIPA
CitizenshipUnited States
Education US Air Force Academy (BA)
Johns Hopkins University (MA)
James Madison University (MS)
Subject Cyber security
Cyber policy
Notable worksA Fierce Domain, Cyber Conflict 1986 to 2012
Cyber Security Policy Guidebook
Website
twitter.com/Jason_Healey

Jason Healey is an American senior research scholar and adjunct professor at the School of International and Public Affairs, Columbia University. [1] He is also a senior fellow with the Cyber Statecraft Initiative at the Atlantic Council, where he was the program's founding director. [2] He has published many academic articles, essays, and books on the topic of cyber security and has advised on security measures for corporate, government, and military institutions. He has been identified as the first historian of cyber conflict.

Contents

History

Healey was born and raised in Rhode Island, and at 17, joined the United States Air Force. [3] He graduated from the United States Air Force Academy in 1991 and was commissioned as an officer. Initially trained as a fighter pilot, Healey transitioned to signals intelligence and in 1998, began working at The Pentagon, implementing a computer network defense system. [3] During his Air Force career, Jason was awarded two Meritorious Service Medals for his contributions to cyber security. [4] Healey later received a master's degree in Information Security from James Madison University. [3] [4]

Work in cybersecurity and cyber policy

Healey's career has focused principally on cyber policy, its implementation, and addressing responses to security threats. In Hong Kong, as vice president at Goldman Sachs, he developed a crisis-response system to address incidents across Asia. [5] [6] He has also worked at The White House as the director for cyber infrastructure protection. He is currently a board member on the Cyber Conflict Studies Association and the Military Cyber Professionals Association. [4] The extent of his work has led one magazine to refer to Healey as the first historian of cyber conflict. [3]

Healey is a frequent public commentator [7] [8] and has written many articles [9] [10] on malware threats and cyber policy. Healey has discussed the potential advantages and disadvantages of the United States launching cyber-based attacks. [11] In regards to such an offensive on Syria, he stated that "you no longer have to drop physical bombs and kill people... it can be targeted, non-lethal microforce", but surmised that due to past leaks of the United States' involvement in Stuxnet, government agencies may have decided against it. [12] Healey has also commented on the Heartbleed bug, noting the discrepancy between the National Security Agency's stated priority of defense and its failure to expose the bug when it was found, and he said that the organization would be "shredded by the computer security community" for this failure. [13] In 2013, Healey took a critical stance on the state of mass surveillance in the United States. He predicted that U.S. interests abroad would suffer "deep and long term damage" if the administration failed to find alternatives to spying conducted by the National Security Agency. [14]

In 2012, Healey published the first comprehensive history of cyber-conflict, A Fierce Domain, Cyber Conflict 1986 to 2012, [15] positing that confrontations within cyberspace have established a new kind of conflict, with new characteristics. He explores this development through historical studies, beginning with the KGB's 1986 hacking initiative to steal military plans from the U.S. in what is referred to as the Cuckoo's Egg Case. [3] [16] The book was positively reviewed [17] and has been referred to as a "definitive historical record of cyber conflict." [18]

In March 2014, Forbes identified Healey as one of twenty cyber policy experts to follow on Twitter. [19]

Publications

Related Research Articles

<span class="mw-page-title-main">Cyberwarfare</span> Use of digital attacks against a nation

Cyberwarfare is the use of cyber attacks against an enemy state, causing comparable harm to actual warfare and/or disrupting vital computer systems. Some intended outcomes could be espionage, sabotage, propaganda, manipulation or economic warfare.

Beginning on 27 April 2007, a series of cyberattacks targeted websites of Estonian organizations, including Estonian parliament, banks, ministries, newspapers and broadcasters, amid the country's disagreement with Russia about the relocation of the Bronze Soldier of Tallinn, an elaborate Soviet-era grave marker, as well as war graves in Tallinn. Most of the attacks that had any influence on the general public were distributed denial of service type attacks ranging from single individuals using various methods like ping floods to expensive rentals of botnets usually used for spam distribution. Spamming of bigger news portals commentaries and defacements including that of the Estonian Reform Party website also occurred. Research has also shown that large conflicts took place to edit the English-language version of the Bronze Soldier's Wikipedia page.

Cyberwarfare by Russia includes denial of service attacks, hacker attacks, dissemination of disinformation and propaganda, participation of state-sponsored teams in political blogs, internet surveillance using SORM technology, persecution of cyber-dissidents and other active measures. According to investigative journalist Andrei Soldatov, some of these activities were coordinated by the Russian signals intelligence, which was part of the FSB and formerly a part of the 16th KGB department. An analysis by the Defense Intelligence Agency in 2017 outlines Russia's view of "Information Countermeasures" or IPb as "strategically decisive and critically important to control its domestic populace and influence adversary states", dividing 'Information Countermeasures' into two categories of "Informational-Technical" and "Informational-Psychological" groups. The former encompasses network operations relating to defense, attack, and exploitation and the latter to "attempts to change people's behavior or beliefs in favor of Russian governmental objectives."

Cyberwarfare is the use of computer technology to disrupt the activities of a state or organization, especially the deliberate attacking of information systems for strategic or military purposes. As a major developed economy, the United States is highly dependent on the Internet and therefore greatly exposed to cyber attacks. At the same time, the United States has substantial capabilities in both defense and power projection thanks to comparatively advanced technology and a large military budget. Cyber warfare presents a growing threat to physical systems and infrastructures that are linked to the internet. Malicious hacking from domestic or foreign enemies remains a constant threat to the United States. In response to these growing threats, the United States has developed significant cyber capabilities.

Stuxnet is a malicious computer worm first uncovered in 2010 and thought to have been in development since at least 2005. Stuxnet targets supervisory control and data acquisition (SCADA) systems and is believed to be responsible for causing substantial damage to the nuclear program of Iran. Although neither country has openly admitted responsibility, multiple independent news organizations recognize Stuxnet to be a cyberweapon built jointly by the United States and Israel in a collaborative effort known as Operation Olympic Games. The program, started during the Bush administration, was rapidly expanded within the first months of Barack Obama's presidency.

Cyberwarfare by China is the aggregate of all combative activities in the cyberspace which are taken by organs of the People's Republic of China, including affiliated advanced persistent threat groups, against other countries.

Operation Olympic Games was an ostensible and still unacknowledged campaign of sabotage by means of cyber disruption, directed at Iranian nuclear facilities likely by the United States and Israel. As reported, it is one of the first known uses of offensive cyber weapons. Started under the administration of George W. Bush in 2006, Olympic Games was accelerated under President Obama, who heeded Bush's advice to continue cyber attacks on the Iranian nuclear facility at Natanz. Bush believed that the strategy was the only way to prevent an Israeli conventional strike on Iranian nuclear facilities.

A cyberattack is any offensive maneuver that targets computer information systems, computer networks, infrastructures, personal computer devices, or smartphones. An attacker is a person or process that attempts to access data, functions, or other restricted areas of the system without authorization, potentially with malicious intent. Depending on the context, cyberattacks can be part of cyber warfare or cyberterrorism. A cyberattack can be employed by sovereign states, individuals, groups, societies or organizations and it may originate from an anonymous source. A product that facilitates a cyberattack is sometimes called a cyber weapon. Cyberattacks have increased over the last few years. A well-known example of a cyberattack is a distributed denial of service attack (DDoS).

In 2013, there were two major sets of cyberattacks on South Korean targets attributed to elements within North Korea.

<span class="mw-page-title-main">Heartbleed</span> Security bug in OpenSSL

Heartbleed is a security bug in some outdated versions of the OpenSSL cryptography library, which is a widely used implementation of the Transport Layer Security (TLS) protocol. It was introduced into the software in 2012 and publicly disclosed in April 2014. Heartbleed could be exploited regardless of whether the vulnerable OpenSSL instance is running as a TLS server or client. It resulted from improper input validation in the implementation of the TLS heartbeat extension. Thus, the bug's name derived from heartbeat. The vulnerability was classified as a buffer over-read, a situation where more data can be read than should be allowed.

Cyberwarfare is a part of Iran's "soft war" military strategy. Being both a victim and wager of cyberwarfare, Iran is considered an emerging military power in the field.

<span class="mw-page-title-main">Dark0de</span>

dark0de, also known as Darkode, is a cybercrime forum and black marketplace described by Europol as "the most prolific English-speaking cybercriminal forum to date". The site, which was launched in 2007, serves as a venue for the sale and trade of hacking services, botnets, malware, stolen personally identifiable information, credit card information, hacked server credentials, and other illicit goods and services.

Lazarus Group is a cybercrime group made up of an unknown number of individuals run by the government of North Korea. While not much is known about the Lazarus Group, researchers have attributed many cyberattacks to them between 2010 and 2021. Originally a criminal group, the group has now been designated as an advanced persistent threat due to intended nature, threat, and wide array of methods used when conducting an operation. Names given by cybersecurity organizations include Hidden Cobra and Zinc. According to North Korean defector Kim Kuk-song, the unit is internally known in North Korea as 414 Liaison Office.

CrowdStrike Holdings, Inc. is an American cybersecurity technology company based in Austin, Texas. It provides cloud workload and endpoint security, threat intelligence, and cyberattack response services. The company has been involved in investigations of several high-profile cyberattacks, including the 2014 Sony Pictures hack, the 2015–16 cyber attacks on the Democratic National Committee (DNC), and the 2016 email leak involving the DNC.

<span class="mw-page-title-main">WannaCry ransomware attack</span> 2017 worldwide ransomware cyberattack

The WannaCry ransomware attack was a worldwide cyberattack in May 2017 by the WannaCry ransomware cryptoworm, which targeted computers running the Microsoft Windows operating system by encrypting data and demanding ransom payments in the Bitcoin cryptocurrency. It propagated by using EternalBlue, an exploit developed by the United States National Security Agency (NSA) for Windows systems. EternalBlue was stolen and leaked by a group called The Shadow Brokers a month prior to the attack. While Microsoft had released patches previously to close the exploit, much of WannaCry's spread was from organizations that had not applied these, or were using older Windows systems that were past their end-of-life. These patches were imperative to organizations' cyber security but many were not implemented due to ignorance of their importance. Some have claimed a need for 24/7 operation, aversion to risking having formerly working applications breaking because of patch changes, lack of personnel or time to install them, or other reasons.

<span class="mw-page-title-main">2017 Ukraine ransomware attacks</span> Series of powerful cyberattacks using the Petya malware

A series of powerful cyberattacks using the Petya malware began on 27 June 2017 that swamped websites of Ukrainian organizations, including banks, ministries, newspapers and electricity firms. Similar infections were reported in France, Germany, Italy, Poland, Russia, United Kingdom, the United States and Australia. ESET estimated on 28 June 2017 that 80% of all infections were in Ukraine, with Germany second hardest hit with about 9%. On 28 June 2017, the Ukrainian government stated that the attack was halted. On 30 June 2017, the Associated Press reported experts agreed that Petya was masquerading as ransomware, while it was actually designed to cause maximum damage, with Ukraine being the main target.

Charming Kitten is an Iranian government cyberwarfare group, described by several companies and government officials as an advanced persistent threat.

<span class="mw-page-title-main">Sandworm (hacker group)</span> Russian hacker group

Sandworm is an Advanced Persistent Threat operated by Military Unit 74455, a cyberwarfare unit of the GRU, Russia's military intelligence service. Other names for the group, given by cybersecurity researchers, include Telebots, Voodoo Bear, and Iron Viking.

<span class="mw-page-title-main">2022 Ukraine cyberattacks</span> Attack on Ukrainian government and websites

During the prelude to the 2022 Russian invasion of Ukraine and the 2022 Russian invasion of Ukraine, multiple cyberattacks against Ukraine were recorded, as well as some attacks on Russia. The first major cyberattack took place on 14 January 2022, and took down more than a dozen of Ukraine's government websites. According to Ukrainian officials, around 70 government websites, including the Ministry of Foreign Affairs, the Cabinet of Ministers, and the National and Defense Council (NSDC), were attacked. Most of the sites were restored within hours of the attack. On 15 February, another cyberattack took down multiple government and bank services.

References

  1. "Jason Healey". sipa.columbia.edu. Retrieved August 31, 2019.
  2. "Jason Healey".
  3. 1 2 3 4 5 Vitaliev, Vitali (December 16, 2013). "Interview with Jason Healey". E&T Magazine. The Institution of Engineering and Technology. Retrieved August 31, 2019.
  4. 1 2 3 Balaban, David (June 3, 2013). "Why is Cyber Conflicts Amnesia Dangerous? Interview with Jason Healey from the Atlantic Council". Privacy PC. Retrieved August 31, 2019.
  5. "2015 International Cyber Risk Management Conference" (PDF). ICRMC. Retrieved 10 June 2021. Healey worked twice for Goldman Sachs. First to anchor their team for responding to cyber-attacks and later as an executive director in Hong Kong to manage Asia-wide business continuity.
  6. "Freeman Spogli Institute for International Studies - Faculty and Researchers". Stanford. Retrieved 10 June 2021. Healey created the first cyber incident response team for Goldman Sachs and later oversaw the bank's crisis management and business continuity in Hong Kong.
  7. Wood, Molly (July 9, 2013). "Tech companies look to stay ahead of hackers". Marketplace.org. Retrieved August 31, 2019.
  8. Hoffman, Karen Epper (February 3, 2014). "Advanced malware: The growing cyber menace". SC Magazine. Retrieved August 31, 2019.
  9. Healey, Jason (2011). "The Spectrum of National Responsibility for Cyberattacks". Brown Journal of World Affairs . 18 (1): 57–69.
  10. Healey, Jason (2011). "Four ways to address cyberconflict – and how analytics can help" (PDF). Journal of Advanced Analytics: 32–34. Archived from the original (PDF) on March 3, 2016. Retrieved August 31, 2019.
  11. Gjelten, Tom (February 11, 2013). "Pentagon Goes On The Offensive Against Cyberattacks". Morning Edition . NPR . Retrieved August 31, 2019.
  12. Todd, Brian (February 28, 2014). "Syria: U.S. Cyber-Strike". The Situation Room. CNN. Retrieved August 31, 2019.
  13. "NSA said to have exploited Heartbleed bug, exposing consumers". NY Daily News . April 12, 2014. Retrieved August 31, 2019.
  14. Strohm, Chris; Gaouette, Nicole (November 6, 2013). "Lawmakers Spurn Obama Bid to Preserve NSA Data Gathering". Bloomberg News. Retrieved August 31, 2019.
  15. Healey, Jason (2013). A Fierce Domain, Cyber Conflict 1986 to 2012. Cyber Conflict Studies Association. ISBN   978-0989327404.
  16. "Jason Healey: A Fierce Domain". Pritzker Military Presents. Pritzker Military Museum & Library. April 10, 2014. Retrieved August 31, 2019.
  17. "Digital doomsters". The Economist . The Economist Newspaper Limited. June 29, 2013. Retrieved August 31, 2019.
  18. Gourley, Bob (September 29, 2017). "A Fierce Domain: Conflict in Cyberspace, 1986 to 2012". CTOvision.com. Retrieved August 31, 2019.
  19. Stiennon, Richard (March 26, 2014). "20 Cyber Policy Experts To Follow On Twitter". Forbes. Retrieved August 31, 2019.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.