Everyone’s confused about Trump denying Russian hack involvement

With help from Eric Geller, Martin Matishak and David Pittman

WHAT WOULD IT TAKE, EXACTLY? — Donald Trump’s refusal to believe that Russia is linked to the recent hacks of the U.S. election process is leaving some inside the Beltway scratching their heads. House Homeland Security Chairman Mike McCaul — a member of the GOP nominee’s national security advisory council — told the real estate mogul about Moscow’s involvement in the string of high-profile intrusions, but apparently Trump didn’t believe him. “I think he has in his mind that there’s not the proof,” McCaul said Tuesday during a Texas Tribune event in Austin. "Now he hasn't had the briefing I had, but I made it clear that in my judgment it was a nation-state."


Speaking at a Council on Foreign Relations event in New York, Director of National Intelligence James Clapper, who is responsible for providing classified briefings to both presidential contenders, declined to specify what national security issues Trump had been told or asked about behind closed doors. “I will say, though, that policymakers have the option of listening to intelligence or not. That’s up to them,” the spy chief deadpanned, provoking laughs from the audience. Earlier, Clapper said it was his “hope that the next president, whoever it is, would continue in the tradition of the current president in allowing and encouraging truth to power. I think that is a fundamental writ of intelligence that it be presented to the president in an unpoliticized, unvarnished manner.”

Michael Hayden, former director of the NSA and CIA, said on CNN on Tuesday that he was appalled that Trump was using the fruits of leaked Democratic documents while denying the spy agency consensus on their source. “What he chose to say was he rejected the high-confidence judgment of the American intelligence community because it was politically inconvenient to him,” Hayden said. “That’s scary.”

HAPPY WEDNESDAY and welcome to Morning Cybersecurity! LeBron James is looking pretty spry for an old man, huh? Send your thoughts, feedback and especially tips to [email protected], and be sure to follow @timstarks, @POLITICOPro and @MorningCybersec. Full team info is below.

CLAPPER TO EVERYBODY: COOL YOUR JETS — The U.S. should “think twice” before launching any type of retaliation for Russia’s alleged hacking of the election process, Clapper warned. People often overlook the inevitable counter strike from Moscow, he said. “Given the tremendous dependence of this nation on the cyber domain to do everything — whether it’s personal, institutional — we have to think twice, I think, and be very cautious about retaliating in a cyber context, because the presumption that there’s going to be an equally exquisite and precise calculus may not be a good — a valid one to make,” he said Tuesday at a Council on Foreign Relations event.

“I can recall instances where we got a big head of steam up about wanting to retaliate in a symmetrical manner. And you have to consider things like, are we counterattacking through another nation-state’s infrastructure, which poses all kinds of legal issues? The lawyers get very agitated about that,” the nation’s top spy added. Any nation state must first think through “how well you think we can withstand a counter-retaliation. And those get to be very complicated calculations.”

FBI TURNS OVER CLINTON FILE — The FBI has complied with a subpoena from the House Oversight and Government Reform Committee to turn over the complete records of its investigation into Hillary Clinton’s private email server, MC has learned. A committee spokeswoman said the FBI turned over more than 1,000 pages of documents related to its investigation and that staffers continued to review that material. Chairman Jason Chaffetz issued a subpoena for the material during a Sept. 12 hearing with the FBI’s top legislative affairs official. The committee spokeswoman did not say when the committee received the documents. The FBI did not respond to an email seeking comment.

After the FBI concluded its investigation earlier this year, FBI Director James Comey chose not to recommend that Clinton or her aides be charged with mishandling classified information on the server. But congressional Republicans — incensed that the Democratic nominee and former secretary of State avoided criminal charges — have pressed Comey and Justice Department head Loretta Lynch over various aspects of the investigation, from immunity agreements with Clinton aides to searches of one aide’s China-made laptops.

APPLE EXECS LIKED CLINTON’S CRYPTO STANCE — A senior Apple executive reassured Hillary Clinton campaign chairman John Podesta that the tech industry appreciated Clinton’s middle-of-the-road encryption comments at a Democratic primary debate. “Leadership at Apple certainly noticed and I am sure that is true though out [sic] the Valley,” wrote Lisa Jackson, Apple’s vice president of environment, policy and social initiatives, in an alleged email to Podesta on Dec. 20, 2015. The message is part of the latest batch of Podesta’s hacked emails that WikiLeaks posted on Tuesday. In the debate Jackson is referencing, Clinton voiced concerns about putting backdoors in encryption, but declined to rule out some form of guaranteed access to encrypted data for law enforcement. Jackson, who previously served as President Barack Obama’s first EPA director, praised Clinton’s “principled and nuanced stance” in her email.

AS WARNER PROBES INTERNET OF THINGS, TECH URGES CAUTION — Sen. Mark Warner on Tuesday became the latest member of Congress to raise questions about the security of the internet of things, given the role that malware-hijacked, internet-connected devices played in last week’s attack on domain name system provider Dyn. Warner — the co-founder of the Senate Cybersecurity Caucus — wrote letters to three agencies asking what steps, such as minimum security standards, could be taken to protect these internet of things devices. But the Consumer Technology Association on Tuesday cautioned the government not to go too far. It instead suggested that industry could handle security improvements via voluntary measures like those the association is working to develop. “We must not let these cybercriminals hinder innovation and the countless ways in which technology is changing our lives for the better,” said Gary Shapiro, president and CEO of the group. "To that end, the industry can consider adopting a set of best practices for security, including developing a certification program.”

Two sources said Tuesday that the Dyn attack doesn’t appear to be the work of a nation-state. Clapper, speaking at the CFR event, said, “The investigation's still going on, there's a lot of data to be gathered here [but] that appears to be preliminarily the case.” Security firm Flashpoint, meanwhile, said the attack was likely carried out by members of an amateur hacking forum. White House spokesman Josh Earnest said Tuesday that when Obama said on “Jimmy Kimmel Live” that “we don’t have any idea” who was behind the attack, he was merely “using shorthand.” Overall, “I don’t have an update in terms of the ongoing investigation,” he said.

IF YOU SEE SOMETHING, SAY SOMETHING — The Treasury Department took another step Tuesday to remind financial institutions that they’re required to report suspicious cyber activity. In an advisory to banks and other firms, Treasury’s Financial Crimes Enforcement Network explained how the Bank Secrecy Act’s reporting requirements apply to cyberspace. “A financial institution is required to report a suspicious transaction conducted or attempted by, at, or through the institution that involves or aggregates to $5,000 or more in funds or other assets,” the FinCEN advisory said. “If a financial institution knows, suspects, or has reason to suspect that a cyber event was intended, in whole or in part, to conduct, facilitate, or affect a transaction or a series of transactions, it should be considered part of an attempt to conduct a suspicious transaction or series of transactions.” The advisory also encouraged firms to voluntarily report activity that cannot disrupt transactions but might still be of interest to investigators — including DDoS attacks on bank websites — and it listed the kinds of information that Suspicious Activity Reports must include.

WE KNOW WHO’S SELLING, BUT WHO’S BUYING? — A new report out from Intel Security’s McAfee Labs today picks out examples of people selling medical data online, showing just a fraction of how much hacked medical information is going to the black market. But the report raises another question. “One troublesome issue with this topic is the lack of evidence pointing to the motivation behind the acquisition of stolen medical data,” the report states. “With payment card information, we have documented that stolen card numbers are used to conduct fraud against the victims. In the course of our investigations, we have identified where specific data is sought to verify the addresses of the victims. At present, however, we have not identified specific uses for bulk data purchases of medical data.”

HOW TO HELP CYBER IN HEALTH CARE — From our friends at Morning eHealth: The enormous health IT trade group HIMSS has some ideas in a position statement recently approved by its board of directors. 1) “Adopt a Universal Information Privacy and Security Framework for the Health Sector.” The framework should be “voluntary, universal information privacy and security framework with use cases and implementation guidance.” It should also be scalable. 2) “Create an HHS Cyber Leader role.” Several offices within HHS currently split cyber duties. 3) “Address Shortage of Qualified Cybersecurity Professionals.” The issue is the top barrier to health care organizations. Find the full position statement here.

Related: On Tuesday, HIMSS opened a Cybersecurity Hub, a 30,000-square-foot area within the HIMSS Innovation Center in Cleveland. The hub “reveals to all visitors how they can apply a variety of technologies to impact the safe and secure flow of health information,” HIMSS says.

A SERIES OF TUBES — On the heels of the massive DDoS attack, cheeky liberal gadfly group Fight for the Future kicked off a helpline Tuesday aimed at members of Congress who struggle with tech. The phone line, 1 (844) 294-A-CLUE — yes, that’s one number too many — greets you with a “press one if you’re a member of Congress” prompt, and instructs that if you have a rotary phone, you should get a new one. “Have some self-respect,” the automated voice says. Your MC host lied and pressed 1, where a staffer identified himself as a “cyber bot” to skewer a specific member of Congress. He then offered meaningful cybersecurity advice, served with a side of chiding Capitol Hill for passing last year’s cybersecurity information sharing law and others that the group argued presents a threat to digital privacy.

CORRECTION DEPT. — Tuesday’s Morning Cybersecurity misattributed comments about the internet of things to a Commerce Department official. The person who made the comments was Josh Corman, director of the Cyber Statecraft Initiative at the Atlantic Council. MC regrets the error.

TWEET OF THE DAY — Donald Trump does not use email, but other than that, this is pretty funny.

QUICK BYTES

— “Millions of individuals' sensitive financial information would be vulnerable to a cyberattack if the SEC does not change a long-awaited market-surveillance tool that it is likely to finalize next month, 13 House Republicans said in a letter to the agency's chief.” POLITICO.

— Whatever’s going on with Yahoo’s alleged mass scan of emails probably won’t be made public by the Obama administration, Reuters reports.

— “AT&T is spying on Americans for profit, new documents reveal.” The Daily Beast.

— Experts say the cyber insurance market is full of “trap doors.” CyberScoop.

— The Israeli digital forensics company Cellebrite had its firmware leaked online. Motherboard.

— A Chinese company could recall 10,000 webcams after the Dyn attack. Reuters.

— WhatsApp talks privacy. The Wall Street Journal.

— Deloitte Cyber Services says online IP theft is up.

That’s all for today. Go get yourself a trip-dub in whatever you do in life, just like LeBron James, LeBron James, LeBron James, LeBron James, LeBron James.

Stay in touch with the whole team: Cory Bennett ([email protected], @Cory_Bennett); Bryan Bender ([email protected], @BryanDBender); Eric Geller ([email protected], @ericgeller); Martin Matishak ([email protected], @martinmatishak) and Tim Starks ([email protected], @timstarks).

Follow us on Twitter Heidi Vogt @HeidiVogt



Eric Geller @ericgeller



Martin Matishak @martinmatishak



Tim Starks @timstarks

Follow Us