1 October 2016

Anticipating cyber in the first debate

09/26/16 

With help from Cory Bennett and Martin Matishak

THE STAGE IS SET — Hillary Clinton and Donald Trump will face off tonight in the highly anticipated first debate at Hofstra University. But will they talk cyber? Moderator Lester Holt of NBC News will devote two of the debate’s six 15-minute segments to the topic of “Securing America,” and national security discussions tend to include at least glancing cybersecurity references.

Story Continued Below

Clinton and Trump have both promised more aggressive responses to cyberattacks and improvements to America’s digital shields. Clinton has pledged to do more to “make sure we are well defended and able to take the fight to those who go after us,” and she has said that she would “make it clear that the United States will treat cyberattacks just like any other attack.” If elected, Clinton promised on Aug. 31, “We will be ready with serious political, economic and military responses” to cyberattacks. Meanwhile, Trump has vowed to “make it a priority to develop offensive and defensive cyber capabilities” and said that one of his first acts as president would be to order a “thorough review” of U.S. digital defenses. But the New York businessman has, at times, shown a lack of deep knowledge about the subject. In two separate interviews with The New York Times, Trump said the U.S. was “obsolete in cyber” and argued that “we don’t even know where [attacks are] coming from.” Cybersecurity experts strongly dispute both opinions.

Follow MC’s social media accounts and keep checking the POLITICO website for any cyber stories that emerge from the Hofstra debate hall.

HAPPY MONDAY and welcome to Morning Cybersecurity! What’s the one cybersecurity topic you’d most like to see addressed during tonight’s debate? Send your suggestions for Lester Holt and your thoughts, feedback and tips to egeller@politico.com, and be sure to follow @ericgeller, @POLITICOPro and@MorningCybersec. The full team info is below.

“GRAVE CONCERNS” ABOUT TRUMP AIDE’S RUSSIA MEETINGS — Political operatives and former cyber-focused officials are voicing serious concerns about a report in Yahoo News that Donald Trump foreign-policy adviser Carter Page has met with aidesto Russian President Vladimir Putin — including a senior Putin aide “believed by U.S. officials to have responsibility for intelligence collected by Russian agencies about the U.S. election.” “The optics of this are horrible,” Republican strategist Matt Mackowiak, a fierce Trump critic, told MC. “We’ve crossed a line into a whole new territory there,” he added, although he noted that the issue likely would not resonate with voters as deeply as more fundamental economic and national security concerns. Hillary Clinton’s campaign called the news “chilling” in a statement, noting that Trump had “openly invited” Russian hacking. Rep. Adam Schiff, the top Democrat on the House Intelligence Committee, released a statement calling the news “deeply disturbing.” Craig Varoga, a veteran Democratic strategist, told MC, “Trump may say that the gun isn’t smoking, but it sure as hell is pretty damn hot.”

What Page reportedly did may not be illegal. The 1799 law most often cited as applying to Page’s actions — the Logan Act, which criminalizes private negotiations with foreign governments engaged in “disputes or controversies with the United States” — has never been used to prosecute anyone. Indicting Page under the Logan Act would require proof that his meetings featured actual negotiations, promises or enticements. “The use of it would almost certainly draw First Amendment challenges,” Ed McAndrew, a former Justice Department cybercrime specialist and current partner at Ballard Spahr, told MC. Even so, a former government official who handled cybercrime matters said that “any meeting by a Trump adviser with a Russian official involved with cyberattacks would raise grave concerns, as it might suggest, if not outright collusion with Russia, at least implicit support by the Trump campaign for Russian interference with the U.S. election.”

PATIENCE THINNING — “The window is rapidly closing for the White House to publicly hit back at Russia over a suspected Kremlin-backed cyber campaign to meddle in the U.S. election process, according to a vocal cadre of lawmakers who are hammering the Obama administration over its silence on the matter,” Cory, Martin and Eric report in a new piece that ran over the weekend. It’s not that easy for the Obama administration, though. “Officials are constrained by competing priorities. … Any response could put the final nail in the State Department’s already faltering efforts to negotiate a Syrian ceasefire agreement with Russia, spark a tit-for-tat cyber war between Washington and Moscow and potentially expose valuable espionage tactics at a time that the U.S. government is reportedly ramping up its digital snooping on Putin’s regime.” Read the full story here.

YAHOO BREACH FALLOUT — Yahoo has hired Stroz Friedberg, a risk management firm founded by two former federal cyber crime investigators, to help it investigate and respond to the data breach that affected 500 million people, according to a person familiar with the matter. The firm and its client have their work cut out for them: Questions continued to swirl through the weekend about the timeline of Yahoo’s disclosure, as some users shut down their accounts and others filed a class-action lawsuit against the company. The Financial Times reported on Friday that CEO Marissa Mayer knew about the investigation since July, which would potentially contradict a Sept. 9 regulatory filing claiming the company had no knowledge of “security breaches.” The historic breach might have been motivated by a foreign government’s desire to gather intelligence, rather than to steal victims’ money, according to the Associated Press. That would be a break from the original mega-breaches at major retailers like Target and Home Depot, which many tied to cyber criminal syndicates, and fit more with breaches at several major health care providers and airlines, which some security experts tied to Chinese espionage efforts.

CLINTON’S HUMAN PASSWORD MANAGER — Newly released interview notes from the FBI’s investigation into Hillary Clinton’s private email server offered a few more details about how the former secretary of State managed her system. For starters, every employee at an IT firm had access to the system that backed up her emails. Additionally, State Department employees often switched to Gmail accounts when their government accounts didn’t work overseas. Clinton also had an aide, Monica Hanley, that managed her email passwords. “Clinton did not know her email login information,” the bureau noted, “as Hanley would generally change the information in Clinton’s BlackBerry when necessary so Clinton’s email would automatically populate.” Also of note: Hanley — who was not part of the email-processing operation that followed the disclosure of Clinton’s private account — reacted to a congressional subpoena for Clinton’s emails by purging her own Gmail account of all messages to and from state.gov addresses.

The investigative documents also reveal new information about the security features protecting Clinton’s email server, including how one spam filter regularly prompted a system administration — whose name is redacted — to block IP addresses associated with attempted cyberattacks. And on a lighter note, thanks to the FBI, we now know that Clinton preferred older BlackBerry phones with trackballs for navigation instead of newer models that used trackpads.

NOT IMMUNE FROM THE COURT OF PUBLIC OPINION — House Science Committee Chairman Lamar Smith on Friday blasted the Justice Department for granting two top Hillary Clinton aides immunity from prosecution as part of the FBI investigation into Clinton’s private email server, bringing the total number of immunized aides to five. “The FBI’s decision to grant immunity to five key individuals who failed to properly secure the highly sensitive contents of former Secretary Clinton’s private server raises questions as to whether the FBI conducted a thorough inquiry into the actions of Secretary Clinton’s closest aides,” Smith said in a statement.

The Science Committee subpoenaed documents from three companies that helped maintain the server, and your MC host reported late last week that the committee is expecting to soon begin receiving documents from one of them, SECNAP Network Security. Another company, Datto, provided approximately 800 documents in two installments, a committee aide said. Smith’s staff is still waiting for a letter from the third company, Platte River Networks. Smith hasn’t ruled out asking the House to hold Platte River in contempt of Congress if it defies his subpoena.

FOLLOW THE (ATTACKS ON) THE MONEY — While more recent cyberattacks have been hogging the spotlight, the House Science Committee has continued to examine reports of dozens of cyberattacks on the Federal Reserve’s computer network in the past five years. On June 3, after a Reuters story on the attacks, committee Chairman Lamar Smith asked Federal Reserve Chairwoman Janet Yellen for documents about the breaches and briefings on how the Fed secures its highly sensitive economic data. A committee aide told MC on Friday that staffers have received what they asked for from the central bank. The Fed briefed congressional aides on July 15 and Sept. 16, and staff reviewed documents at the Fed on July 27, some of which the central bank later sent to the Hill. Staffers are “reviewing the incidents to determine if the committee will pursue a further inquiry into these cybersecurity incidents,” a committee spokeswoman said.

ABOUT THOSE PHONES … — Rep. Ted Lieu wants to know what the Defense Department is doing to protect its mobile users from Trident vulnerabilities. “The changing nature of the workplace and advances in technology have increased the number of personnel who use mobile services and for both private and work related matters,” Lieu wrote in a letter today to Pentagon CIO Terry Halvorsen. The California lawmaker requests a briefing on what steps Halvorsen is taking to protect employees and details a number of policy areas he wants more info on, including: DoD’s strategy for mobile security; the agency’s “bring your own device” policy; and if it will take a breach similar to the one that occurred at the Office of Personnel Management to spur a “serious and urgent” Pentagon effort on mobile security.

ANY LUNCH PLANS? — The National Cyber Security Alliance is holding a briefing today on Capitol Hill entitled “Empowering Users to Protect Themselves.” The event — promoted late last week in a “Dear Colleague” letter from Congressional Cybersecurity Caucus co-founder Rep. Jim Langevin — is part of National Cyber Security Awareness Month. It will highlight cyber resources lawmakers can take back to their districts and tips for staff on how to protect their own networks and devices, something of particular interest following the hacks of the DNC and others. The briefing will feature a panel of experts and take place at noon in Rayburn B-339.

RECENTLY ON PRO CYBERSECURITY — Guccifer 2.0 released internal research files on the Democratic Congressional Campaign Committee chairman … A hacker who gave U.S. military data to the Islamic State was sentenced to 20 years in prison … An expert told a House panel that the U.S. faced a growing cybersecurity worker gap … The top Democrats on the congressional intelligence committees warned of Russian attempts to interfere in the election.

QUICK BYTES

— The White House employee whose emails were leaked last week had his password leaked in an Adobe data breach. Ars Technica.

— Lansing, Mich., spent almost $2 million dealing with a massive ransomware attack in April. Lansing State Journal.

— The German military reportedly hacked an Afghan telecom company as part of a plan to rescue an aid worker held captive in the country. Der Spiegel, Associated Press.

— U.S. officials are worried about cyberattacks disabling American military weapons. FedScoop.

— Hackers apparently broke into the iCloud account of Pippa Middleton, the sister of the Duhess of Cambridge, and stole 3,000 photos. CNN.

That’s all for today. Let’s get ready to ruummmmmblllllle.

No comments: