Guccifer 2.0 goes drip, drip, drip

With help from Cory Bennett, Eric Geller, Jeremy Herb and Connor O’Brien

WILL IT EVER STOP? — Another day, another leak. The infamous hacker persona Guccifer 2.0 was back at it again on Thursday, posting more alleged Democratic strategy memos from House races around the country. It was the third suspected Russian strike in as many days. On Tuesday, Guccifer 2.0 dropped a humongous file of Democratic National Committee documents, followed hours later by the purported anti-secrecy site DC Leaks posting two years’ worth of Colin Powell’s personal emails. But Thursday’s release didn’t cause nearly the same stir as those two dumps, which drew a strong reaction from the DNC and generated a spate of headlines highlighting numerous unexpectedly crass remarks from Powell’s emails. The latest documents span races in New Hampshire, Ohio, Illinois and North Carolina, and include both summaries of 2014 races, as well as “path to victory” plans for the 2016 election cycle. They were purportedly pilfered during a data breach at the Democratic Congressional Campaign Committee that cybersecurity researchers have blamed on Russian intelligence-linked hackers.


SENATE FOREIGN RELATIONS TO LOOK AT RUSSIAN HACKING? — That was the big question on Thursday after Sen. Jeanne Shaheen, the top Democrat on the Senate Foreign Relations Committee’s Europe subpanel, urged committee leaders to convene a hearing examining the evidence surrounding the high-profile breaches.

Foreign Relations Chairman Bob Corker told POLITICO that he was planning to huddle with panel ranking member Ben Cardin on Thursday afternoon to discuss the matter. "We may consider doing something with it next week," he said. “It is something that affects our nation, it is coming from, we believe, outside sources and forces.”

Neither Corker’s nor Shaheen’s office responded to a follow-up question about whether a hearing — and a possible closed-door briefing — had been given a formal green light. But Cardin’s office said the lawmaker is onboard. “Sen. Cardin is supportive of Sen. Shaheen’s request and looks forward to working with Chairman Corker to accommodate this important hearing,” said a spokesman. “He is very concerned about the mounting evidence that Russia is interfering in our political process and more broadly, believes Russia continues to play by its own rules at the expense of international norms, the rule of law, and global stability. A hearing will bring greater transparency to these issues as our security and law enforcement officials continue their important work.”

HAPPY FRIDAY and welcome to Morning Cybersecurity! Hard to believe that by this time next week, the 114th Congress likely will be done with work until after the election. Or is it? It’s not. Send your thoughts, feedback, tips and vows to stop reading if we keep making puns to [email protected]. Be sure to also follow @POLITICOPro and @MorningCybersec. The full team info is below.

CONGRESS TO NSA: GET ON THAT — The House Intelligence Committee released the unclassified summary of its report on the impact of the Edward Snowden leaks. The committee’s final conclusion dinged the NSA — and the U.S. intelligence community as a whole — for not doing enough to minimize the risk of another massive unauthorized disclosure. “Although it is impossible to reduce the chance of another Snowden to zero, more work can and should be done to improve the security of the people and computer networks that keep America’s most closely held secrets,” the summary read. Lawmakers pointed to a recent DoD watchdog report that found that NSA hasn’t effectively implemented its post-Snowden security improvements. Committee leaders said they had tried to address shortcomings via language in the last four intelligence authorization bills.

NDAA IS DELAYED — The National Defense Authorization Act — the massive policy roadmap for the Pentagon, including its various cyber efforts — won’t be finished until after the November elections, our colleagues Jeremy Herb and Connor O’Brien report for Pro Defense. Leaders of the House and Senate Armed Services committees won’t be able to weld their versions of the legislation together before Congress likely skips town next week, leaving several issues unresolved, including the fate of the greater sage grouse (Google it). “I heard the House blew it up last night,” said Sen. Claire McCaskill. “This is a problem on their side.” Pros can get the full scoop here.

BUT WHAT IF WE OFFERED YOU TAX INCENTIVES? — Rep. Ed Perlmutter wants to give companies a tax break if they adopt certain cybersecurity policies. The Colorado Democrat on Thursday introduced the Data Breach Insurance Act, which would give companies a 15 percent tax credit if they purchase data breach insurance coverage and adopt the NIST cybersecurity framework — which offers guidelines for adopting healthy digital defense practices — or a similar government-approved standard. “The tax credit will help offset some of the costs associated with implementing the cyber frameworks, such as risk assessments, hardware/software upgrades, employee education, training and vendor testing,” Perlmutter’s office said in a release.

DON’T HOLD YOUR BREATH — President Barack Obama’s cybersecurity commission will not propose a solution to the heated encryption debate, according to the commission’s executive director. “The president doesn’t want us to address it,” Kiersten Todt told MC after speaking at an Internet Security Alliance event on Thursday. Todt said that given all the other government efforts to address encryption, it would be “counterproductive” for the commission to come down on one side in its December report to Obama. “The commission is still pushing boundaries on what it thinks it wants to address,” Todt added, “but encryption itself — there could be a whole commission on it. And so if we start to look at that, it will distract from actually putting forth the ideas that are true to the core of the executive order” that established the commission. Encryption won’t be absent from the report, Todt noted. As with other issues touching on digital privacy, the 12 commission members will address it in their recommendations and observations about the core topics that Obama tasked them with studying. “We will make note of them,” Todt said of encryption and related matters, “but coming out with a policy position on that would distract from the other areas.”

CHECK YOURSELF — The White House this week used the spate of election hacks to slam Congress for refusing to take up Obama’s budget and its significant boost to cyber defense funding, but a cyber-focused Republican lawmaker rejected that complaint on Thursday, saying money isn’t the only thing that matters. “If the president thinks that adding more money to the problem is the only way that’s gonna solve it, then he’s incorrect,” Rep. Will Hurd, who chairs the House Oversight IT subcommittee, told MC after delivering remarks at the ISA event. Hurd is the co-author of an IT modernization bill that passed the Oversight Committee on Thursday afternoon.

INDUSTRY GIVES KUDOS FOR THAT EXACT BILL — The IT Alliance for the Public Sector gave lawmakers a pat on the back for moving a bill aimed at quickening the speed the government can update its technology. The House Oversight Committee on Thursday approved the Modernizing Government Technology Act of 2016 — which featured funding pieces from Rep. Will Hurd’s Modernizing Outdated and Vulnerable Equipment and Information Technology, or MOVE IT, Act — garnering praise from ITAPS. “The bipartisan bill reforms the way we fund government information technology solutions to better keep pace with innovation," Trey Hodgkins, the group’s senior vice president, wrote in a letter to several key House lawmakers.

WHEELER’S CYBER NUGGETS — FCC Chairman Tom Wheeler dropped a few cyber nuggets into his Thursday testimony before the Senate Commerce Committee. Wheeler said the commission should have its “final rules … later this year” for internet service providers on how to handle and share people’s data. He also cited cybersecurity as a concern for emergency call centers, or as the FCC dubs them, “public-safety answering points.” Wheeler called on Congress to bring the networks for these centers “under the protective umbrella” of a Department of Homeland Security program known as “Einstein,” which monitors for known cyber threats. Finally, Wheeler made a more general vow that “the vulnerability of advanced telecommunications networks to physical and cyberattack is not lost upon us.” The chairman promised the FCC will “work closely with industry and our agency partners to identify, mitigate and where possible reduce cybersecurity risk.”

PEOPLE ON THE MOVE

— The Center for Democracy & Technology added three new members to its board of directors. The trio, all unanimously approved by the Center’s current board, includes former FTC Commissioner and privacy attorney Julie Brill, computer scientist and cybersecurity expert Carl Landwehr and communications strategist and telecommunications lawyer Mark Seifert.

TWEET OF THE DAY — This is the only “Snowden” review you need to read.

QUICK BYTES

— For decades, Colin Powell has held an uncommonly elevated place in American political life. But in his leaked emails, Powell seems a good bit different from the elder statesman whose endorsement still carries serious weight with presidential candidates of both parties. POLITICO.

— “Why there really may be an upside to Colin Powell’s hacking.” The Washington Post.

— Central banks want global standards after the Bangladesh Bank digital heist. Reuters.

— Oregon Gov. Kate Brown ordered an overhaul of her state’s aging cybersecurity systems. Statesman Journal.

— “Cybersecurity awareness is growing within business sector, research shows.” Computer Weekly.

— One researcher thinks major DDoS attacks are part of military recon to shut down the internet. SC Magazine.

— “On the front lines against cyber hackers.” CBS News.

— “What Counterterrorism Gurus Say About Propaganda in the Age of Social Media.” Fortune.

— “The Rio Olympics’ Legacy Is A Cyber-Surveillance State.” Vocativ.

That’s all for today. Have a totally tubular weekend.

Stay in touch with the whole team: Cory Bennett ([email protected], @Cory_Bennett); Bryan Bender ([email protected], @BryanDBender); Eric Geller ([email protected], @ericgeller); Martin Matishak ([email protected], @martinmatishak) and Tim Starks ([email protected], @timstarks).

Follow us on Twitter Heidi Vogt @HeidiVogt



Eric Geller @ericgeller



Martin Matishak @martinmatishak



Tim Starks @timstarks