Buttigieg’s CISO is ‘hard paranoid’

PROGRAMMING NOTE: POLITICO's Morning Cybersecurity will not publish on Thursday, Nov. 28, and Friday, Nov. 29. We'll be back on our normal schedule on Monday, Dec. 2.

Editor's Note: This edition of Morning Cybersecurity is published weekdays at 10 a.m. POLITICO Pro Cybersecurity subscribers hold exclusive early access to the newsletter each morning at 6 a.m. Learn more about POLITICO Pro's comprehensive policy intelligence coverage, policy tools and services at www.politicopro.com.


With help from Mike Farrell, Eric Geller, Martin Matishak, Matthew Brown and Alexandra S. Levine

Quick Fix

— Pete Buttigieg’s chief information security officer is pushing on all fronts to bolster digital security, and said he could use more “money, stuff for free” from the government.

— The FCC will vote on a rule to further block Chinese telecom companies from the U.S. market. Meanwhile, senators urged the White House to halt license waivers to do business with Huawei.

— North Korea is banking on hackers to generate the income and support Kim Jong Un’s regime.

HAPPY FRIDAY and welcome to Morning Cybersecurity! Pretty sure I wouldn’t be able to finish the test. Send your thoughts, feedback and especially tips to [email protected]. Be sure to follow @POLITICOPro and @MorningCybersec. Full team info below.

Election Watch

THAT CAMPAIGN CISO LIFE — Buttigieg's CISO on Thursday offered a glimpse of what it’s like to secure a presidential campaign. Speaking at Cyberwarcon, Mick Baccio said he has worked “nonstop” to shore up the campaign equivalent of a supply chain, including donor data and voter registration rolls. “I’m creating a culture — heavy on the cult,” he told the audience. “I’m pushing something in a place where it’s never, ever been before and we’re moving at 100 miles an hour,” he said at the cybersecurity conference just outside Washington.

Baccio said he personally engages with campaign staffers to educate them about why digital security matters. “You have not experienced joy until you explain to a 22-year-old from Cedar Rapids exactly what the GRU is,” he joked, referring to Russia's military intelligence agency. Baccio, a former branch chief of White House Threat Intelligence, confessed he could use more “money, stuff for free” from the federal government, explaining that DigiDems, a group started after 2016 to help campaigns link up with tech-savvy organizers and volunteers, has a $2,800 donation cap.

Baccio noted that, to his knowledge, he is the only CISO among the 2020 campaigns. “I have no idea why.” He also said his cybersecurity strategy hasn’t changed since Buttigieg rose to the top of the polls in Iowa and New Hampshire. “No, I’ve been hard paranoid from day one.”

FCC VOTES ON HUAWEI — FCC commissioners will convene this morning to vote on proposals to cut out Huawei and ZTE from the U.S. marketplace by blocking broadband subsidies from companies that don't rip out gear made by the Chinese firms. Although rural telecom carriers have raised concerns about how implementation of the proposal could harm or at least cost them, Chairman Ajit Pai has largely received bipartisan support for the move, including in a letter from Attorney General Bill Barr.

And lawmakers expressed new concerns about Chinese tech. A bipartisan group of senators asked President Donald Trump on Thursday to suspend granting waivers for U.S. companies to do business with Huawei, worried that such agreements pose national security risks. Sen. Tom Cotton (R-Ark.) and Chuck Schumer (D-N.Y.), along with 13 other senators, wrote to the president a day after Commerce Secretary Wilbur Ross said the department has started to approve some requests from companies that want to do business with Huawei, which the U.S. placed on its “entity list” to prohibit business dealings between American firms and the company.

North Korea

STRAIGHT CASH MONEY — North Korea is relying on its hacking outfits to support itself, according to a CrowdStrike analyst. So-called computer network operations have “become a lifeline” for Pyongyang, Katie Blankenship, a senior intelligence analyst at the firm, said during a presentation at Cyberwarcon. She noted that in July, South Korea’s central bank announced North Korea’s GDP contracted by 4.1 percent in 2018, the worst year since 1997. However, a U.N. report issued in August said the country has generated $2 billion from cyberattacks.

“Because we do continue to see them use these tools, develop tools … they will use them how they see fit to support the regime,” she said, adding that a blending of certain hacking groups, dubbed Chollimas, is resulting in hybrid organizations with multiple capabilities. Because of such developments, she said, CrowdStrike and others are seeing “an increase in tempo, we’re seeing an advance in tactics, an advance in tools.”

CISA LOSING SENIOR OFFICIAL — Jeanette Manfra, the Cybersecurity and Infrastructure Security Agency’s assistant director for cybersecurity, is leaving at the end of the year, she confirmed on Thursday, after CyberScoop first reported the news Wednesday night. Her departure will leave a key vacancy at CISA just as the one-year-old agency finds its sea legs and prepares to coordinate with its partners to defend the 2020 election from hackers.

Manfra, a 12-year DHS veteran, served in senior staff-level roles at the department’s component that preceded CISA, did a stint on the National Security Council and then served as counselor to the DHS secretary before being tapped as assistant secretary for cybersecurity and communications in the early months of the Trump administration. At CISA, she leads the Cybersecurity Division, which houses the government’s 24/7 cyber watch center and the office overseeing government-wide cyber monitoring and defense. Rep. Jim Langevin, co-founder of the Congressional Cybersecurity Caucus, said on Twitter that Manfra’s “tenure has been marked by stellar work to tackle pernicious problems, from election security to supply chain risk management.” Top House Homeland Security Democrats praised her too.

After she leaves the government, Manfra will continue the long tradition of senior cyber officials going to the private sector, she told TechCrunch. In an interview with the publication, she reflected on the difficulty of winning the trust of state and local officials and private companies in the collective effort to combat cyberattacks. “It’s really easy to say how important it is to have the government and the private sector working together,” she told TechCrunch. “But to do it well, it’s actually really hard.”

On the Hill

‘CAN I ACTUALLY SAY SOMETHING?’ — Fiona Hill, Trump’s former top Russia aide and NSC official, panned Republicans for peddling a “fictional narrative” that Ukraine meddled in the 2016 election, during an impeachment hearing on Thursday.

“I have heard, some of you on this committee appear to believe that Russia and its security services did not conduct a campaign against our country — and that perhaps, somehow, for some reason, Ukraine did,” she said. “This is a fictional narrative that has been perpetrated and propagated by the Russian security services themselves.” Trump and his personal lawyer, Rudy Giuliani, have amplified unsubstantiated claims that Ukraine, not Russia, interfered in the election.

She warned the panel that Russia is already mobilizing to attack the 2020 election and implored action. “Right now, Russia’s security services and their proxies have geared up to repeat their interference in the 2020 election,” she said. “We are running out of time to stop them. In the course of this investigation, I would ask that you please not promote politically driven falsehoods that so clearly advance Russian interests.”

BILLS, BILLS, BILLS — Trump signed into law on Thursday a continuing resolution that would extend government funding through Dec. 20; it includes a three-month extension of three expiring provisions of the USA Freedom Act. Parts of the 2015 surveillance law, which include Section 215 that allows the NSA to collect Americans’ phone records, will now expire March 15.

The Senate passed two cybersecurity bills: one that would authorize DHS to collaborate with the National Cybersecurity Preparedness Consortium to conduct cybersecurity training and research and a second bill that would encourage information sharing between DHS’s National Cybersecurity and Communications Integration Center and the Multi-State Information Sharing and Analysis Center.

The second bill would also give tools to state and local governments to combat cyberattacks. The chamber adopted new text, which would nix a provision establishing an initiative to enhance efforts to deploy capabilities or services that utilize classified cyber threat indicators or intelligence for detecting or preventing malicious network traffic on unclassified non-federal information systems. Both measures are ready for House consideration.

CATCH THAT CODE — Google just upped its bug bounty for finding security flaws in its Android ecosystem. The Android Security Rewards program will now offer a top prize of $1 million for finding vulnerabilities on its Titan M security chip for Pixel devices. A bonus $500,000 is awarded if the researcher catches the flaw on developer preview versions. Google started ASR in 2015 and has awarded more than 1,800 researchers since then. Over the past year, payouts have totaled more than $1.5 million.

TWEET OF THE DAY — Progress!

RECENTLY ON PRO CYBERSECURITY — FERC will create a new cybersecurity division to combat cyberattacks against energy infrastructure. ... POLITICO talked about security with Defense Innovation Unit Director Michael Brown. … Business emails are mostly attacked on the weekdays, says a report. … IG: EAC challenged by vacant leadership posts and scant resources. … The IG’s report on the FBI investigation into Trump’s campaign ties to Russia will drop next month. … EU’s cyber agency provided security recommendations in 5G report.

People on the Move

— U.S. Chief Technology Officer Michael Kratsios on Thursday named Eric Burger as assistant director for telecom and cybersecurity at the White House Office of Science and Technology Policy. He will advise on telecom, broadband, 5G, and cybersecurity policy. Previously, he served as chief technology officer at the FCC.

Quick Bytes

— Google says that Russian “Sandstorm” hackers targeted Android too, per WIRED.

— A Russian hacker was sentenced to four years in a U.S. prison for malware attacks, per Bloomberg,

— CyberScoop reports that the Pentagon’s new “cyber guru” predicts more collaboration in cyberspace.

— ZDNet on how hackers use a WordPress site vulnerability to install malware updates.

— WeWork developers exposed customers’ personal information on Github, according to Motherboard.

— Nextgov sat down with Rep. Mike Gallagher about what to expect in Congress’ cyber strategy.

— The Pentagon will host an event in December on its cyber certification program. Inside Cybersecurity

That’s all for today.

Stay in touch with the whole team: Mike Farrell ([email protected], @mikebfarrell); Eric Geller ([email protected], @ericgeller); Mary Lee ([email protected], @maryjylee) Martin Matishak ([email protected], @martinmatishak) and Tim Starks ([email protected], @timstarks).

Follow us on Twitter Heidi Vogt @HeidiVogt



Eric Geller @ericgeller



Martin Matishak @martinmatishak



Tim Starks @timstarks