DHS ramping up election security coordination

With help from Eric Geller, Martin Matishak and Cristiano Lima

SAVE THE DATE — DHS will boost coordination and information sharing efforts on election security threats later this month in the run-up to the midterms, a senior agency official said Tuesday. The “heightened operational posture” will take effect Sept. 21, as absentee ballots begin streaming in, Bob Kolasky, director of DHS’s new National Risk Management Center, told reporters after a panel discussion at the Intelligence and National Security Summit in National Harbor, Md.


The agency’s Election Task Force “continues to be the hub of DHS election activity,” according to Kolasky. But there will be “enhanced coordination” and “heightened information sharing” among the department’s various agencies and partners, including the Defense Department, 45 days before voters go to the polls, Kolasky explained. He noted that while the increase is in part time-driven, there are no plans “to change the nature of how we work with states in the run-up to the elections.”

Speaking on the panel, Kolasky echoed comments by DHS Secretary Kirstjen Nielsen and Director of National Intelligence Dan Coats that U.S. officials aren’t seeing the same level of election meddling activity as before the 2016 elections; however, “we do believe the intent and capability of the adversary still exists and we need to be ready for something to happen.”

New Jersey has gotten the message. Last week, the state’s Office of Homeland Security and Preparedness and the head of the National Guard signed a memorandum of understanding allowing the service to bring its expertise directly to bear when it comes to cybersecurity. Traditionally, the Guard would have to be operationally deployed by DoD to come in during a disaster; the agreement allows the state to put service members into a training environment during a non-event so they can become acclimated to the civilian systems, according to Jared Maples, the state’s homeland security chief. The document “breaks down some of the barriers, administratively,” he told Martin. It was driven in part by the upcoming election, Maples said, noting the attorney general approved the document in a matter of weeks.

WE’RE IN IT — A pair of senior Pentagon and NSA officials on Tuesday lamented the number and potency of digital attacks hitting the U.S. A few years ago, discussions centered around what constituted a “major cyberattack,” whereas today “we've crossed that threshold many, many times,” John Rood, the undersecretary of Defense for policy, said in a panel discussion at the Intelligence and National Security Summit. While the specifics are classified, the number of daily attacks is “astonishing,” he added. Rood suggested that it’s only a matter of time before the U.S. experiences a digital attack that’s combined with other physical effects. “We have a lot of work to do,” Rood said, adding that cyber is “going to be a bigger and bigger part of our defense apparatus.”

George Barnes, deputy director at the NSA, noted that he gets insights daily about online threats. “I don't see a dramatic cyber attack coming at us; every day there are small ones,” he said. A major problem facing national security officials: While they focus on potential large challenges a “slow drip” occurs, said Barnes, namely the “continual theft” of intellectual property. The government must come up with “appropriate” defenses against such pilfering, he said.

HAPPY WEDNESDAY and welcome back to Morning Cybersecurity! Dangit this is cute. Send your thoughts, feedback and especially tips to [email protected], and be sure to follow @POLITICOPro and @MorningCybersec. Full team info below.

SHOWTIME FOR TWITTER, FACEBOOK — Twitter’s Jack Dorsey and Facebook’s Sheryl Sandberg will come face-to-face with lawmakers on the Senate Intelligence Committee this morning — the latest round of hearings on security efforts by tech companies ahead of the midterms. There’s no shortage of topics that could come up, with the companies facing scrutiny on a laundry list of issues including data privacy and content moderation.

A spokesperson for Chairman Richard Burr told our friends at Morning Tech that the session “will be about hearing what these companies are doing to address a threat we now know exists, and how they can work with government to address it moving forward.” Meanwhile Sen. Mark Warner, the panel’s top Democrat, plans to question Twitter CEO Dorsey and Facebook COO Sandberg on issues including their policies regarding bot activity, the need to share data with outside researchers and whether they need to beef up how transparent they are with users. “After witnessing numerous episodes of misuse, what further accountability should there be with respect to the flawed advertising model that you utilize?” Warner plans to ask, according to prepared remarks.

Alphabet may have declined to send its CEO Larry Page and Sundar Pichai, head of Google, to today’s hearing, but that doesn’t mean it’s escaping congressional scrutiny. A committee spokesperson confirmed they plan to follow through on their threat to have an empty chair where Page or Pichai would have sat — a symbolic rebuke to the tech giant.

Senate Intel lawmakers continued to sound off on Google’s decision to offer up Kent Walker, senior vice president for global affairs, to speak for the company alongside Dorsey and Sandberg. “This is a hearing that’s going to talk about solutions,” Warner told Wired. “I think it speaks volumes that Google doesn’t want to be part of that discussion.” Burr told reporters last week he "wasn't accepting" Google sending Walker in place of Pichai, and the panel later formally invited Page to appear, to no avail.

The companies may not be “verbally” testifying, Google spokeswoman Riva Sciuto said, but the company offered input nonetheless in the form of written comments from Walker. “While the nature of our services and the way we run our advertising operations appears to have limited the amount of state-sponsored interference on our platforms, no system is perfect—and we are committed to taking continuing action to address the issue,” he wrote, adding that he plans to brief lawmakers this week during his D.C. trip. Sciuto added that Google had informed the panel of plans to send Walker in late July and “had understood that he would be an appropriate witness for this hearing.”

NOW EVEN THE TROLLS ARE FAKE — Watchdog group the Campaign for Accountability said Tuesday that it purchased “politically divisive” ads on Google produced by Russian trolls, even buying the ads in rubles and posing as the Kremlin troll farm the Internet Research Agency. “The ease with which CfA was able to replicate the 2016 Russian ad campaign shows Google has failed to keep its promise to prevent foreign actors from interfering in our elections,” said the group’s executive director, Daniel Stevens. “Google is more interested in pocketing rubles than protecting American Democracy.”

Google said it has made continual improvements and will make more, but not without blaming tech company Oracle for the campaign. “Now that one of our US-based competitors is actively misrepresenting itself, as part of a stunt to impersonate Russian trolls, we have taken further appropriate action to upgrade our systems and processes,” the company said. “We’d encourage Oracle and its astroturf groups to work together with us to prevent real instances of foreign abuse — that’s how we work with other technology companies.” Oracle, one of the reported backers of CfA, said it had no knowledge of the nonprofit’s research.

APPLE RAMPS UP DATA TRAINING FOR COPS — Also from our friends at MT: Apple plans to launch a team dedicated to training law enforcement officials on digital forensics, the iPhone giant said in a letter Tuesday to Sen. Sheldon Whitehouse. Apple’s general counsel, Kate Adams, pointed to a recent Center for Strategic and International Studies report, which suggests the biggest problem for investigators is figuring out which service providers hold the (mostly unencrypted) digital data they need. That may be welcome news for Apple, which famously fought an FBI effort in 2016 to force it to unlock an iPhone linked to the mass shooting in San Bernardino, California. (The feds later dropped the effort, saying they’d found another way to get the iPhone data.)

ENERGY’S CYBER CHIEF IS IN — Karen Evans started work at the Energy Department on Tuesday as the head of its new cybersecurity office. “From her extensive cybersecurity background in both the private and public sectors, there is no one better suited or more qualified to carry out this mission than Karen Evans,” Deputy Secretary Dan Brouillette, who swore in Evans, said in a statement. Evans, who served as the top federal IT official in the George W. Bush administration, is now the assistant secretary in charge of DOE’s Office of Cybersecurity, Energy Security, and Emergency Response, which Secretary Rick Perry created in response to congressional pressure to take grid security risks more seriously. After serving in the Bush administration, Evans led the U.S. Cyber Challenge, which promotes cybersecurity skills development through a series of competitions.

WELCOME BACK, SEN. KYL — The Senate’s newest senator, Jon Kyl, has a record of paying close attention to cybersecurity. Kyl, named Tuesday to fill the seat left vacant by the death of John McCain, called cybersecurity a “huge problem” during his previous tenure in the Senate, in remarks he made in 2012. Nonetheless, he has warned against executive overreach in the digital realm to combat threats. He also teamed with Whitehouse on legislation that would have forced the federal government to disclose more information about cyber risks. As senior of counsel at Covington & Burling, Kyl specialized in cybersecurity, among other subjects.

BONNIE AND CLYDE — A cybercrime gang known for stealing payment card data is using malware to harvest massive amounts of it from retail transactions, according to research out today from IBM’s X-Force. The group, FIN6, has been collecting the data at points of sale. It’s just the second time the group’s activity has been publicly identified since FireEye initially outed it, IBM noted. Also Tuesday, IBM revealed the existence of a sophisticated malware campaign targeting Brazilian bank customers.

RECENTLY ON PRO CYBERSECURITY — The House passed two cybersecurity bills. … The scope of cyber threats to the U.S. goes beyond the elections, Director of National Intelligence Dan Coats reminded.

TWEET OF THE DAY — Not exactly the next WannaCry.

PEOPLE ON THE MOVE:

— Alan Davidson, a former senior adviser to Commerce Secretary Penny Pritzker and head of the agency’s digital economy program, has joined Mozilla as its vice president of global policy, trust and security. He also previously worked at Google and led New America’s Open Technology Institute.

QUICK BYTES

— What went wrong with the Secure Elections Act (S. 2593), via the Associated Press.

— Election results reporting systems are risky. Intercept

— A majority of the most populous cities have cyber insurance. The Wall Street Journal

— Google notified users about an FBI investigation. Motherboard

— Facebook exec Sheryl Sandberg is under pressure to fix security issues. The Wall Street Journal

— A government transparency website got a little too transparent. CNN

— NIST is developing a privacy framework.

— Not much has happened since the Equifax hack. Inside Cybersecurity

— Mobile spyware maker mSpy leaked records again. Krebs on Security

— Germany is worried about other countries cyber sabotaging it. Reuters

That’s all for today.

Stay in touch with the whole team: Mike Farrell ([email protected], @mikebfarrell); Eric Geller ([email protected], @ericgeller); Martin Matishak ([email protected], @martinmatishak) and Tim Starks ([email protected], @timstarks).

Follow us on Twitter Heidi Vogt @HeidiVogt



Eric Geller @ericgeller



Martin Matishak @martinmatishak



Tim Starks @timstarks