US considers how to settle accounts with Holiday Bear. International norms in cyberspace. Ransomware continues to surge against vulnerable Exchange Servers, and other criminal trends.

The US Administration continues to prepare its response to Holiday Bear’s romp through the SolarWinds supply chain. Congress is asking for details on what was compromised in the incident, and why the Department of Homeland Security failed to detect the intrusion. The UN offers some recommendations on norms of conduct in cyberspace. Ben Yelin on a New Jersey Supreme Court ruling that phone passcodes are not protected by 5th amendment. Our guest is Frank Kettenstock from FoxIT on the security of PDF files. Developments in ransomware, including Exchange Server exploitation, credible extortion, and attempts to enlist customers against victims.  For links to all of today's stories check out our CyberWire daily news brief: https://www.thecyberwire.com/newsletters/daily-briefing/10/60