Experts protest potential elimination of White House cyber coordinator

With help from Eric Geller and Martin Matishak

EXPERTS FRET OVER WH CYBER POST — Abolishing the White House cyber coordinator role would be a huge misstep amid the NSA and U.S. Cyber Command planning their separation and the need for interagency mediation greater than ever, according to experts reacting to Eric’s story about national security adviser John Bolton mulling the decision. As the Trump administration considers splitting the “dual-hat” leadership arrangement for the NSA and Cyber Command, the post “is a critical job to ensure both ‘hats’ get a fair hearing when tensions emerge,” said Michael Sulmeyer, director of the Harvard Belfer Center’s Cybersecurity Project and a former top cyber policy adviser at the Pentagon.


Getting rid of the coordinator role would also be the wrong move considering the tense international climate around cyber issues, said Christopher Painter, who was America’s lead cyber diplomat from 2011 to 2017. “This would be a huge step backwards,” Painter warned. “The time is right to prioritize, not demote, these issues,” he said. “Sending any signal that we are not prepared to lead makes a difference to our allies [and] adversaries alike.”

Bolton’s deputy, Mira Ricardel, has expressed interest in leading the White House’s cyber policy work on top of her regular duties, according to Eric’s sources. But experts said that would be extremely unwise. “The cyber coordinator job is WAY too big to be shared with so many other priorities,” said Kate Charlet, a former acting deputy assistant secretary of defense for cyber policy. “The job takes deep subject familiarity, time-consuming interagency wrangling, and lots of external outreach.”

Rep. Ted Lieu, a California Democrat who has been at the vanguard of congressional cyber activity, rebuked President Donald Trump following the POLITICO scoop. “This is yet another example of the Trump Administration talking a big game on national security but taking steps that directly undermine our ability to combat emerging threats,” he said in a statement. “Of course, this isn’t what the President told us when he issued an executive order to strengthen federal cybersecurity when he first took office — but like so many other promises, this too is turning out to be another lie.”

HAPPY FRIDAY and welcome to Morning Cybersecurity! Today’s edition is sort of Thursday’s edition 2.0, with follow-ups above and below on stories our team broke. Send your thoughts, feedback and especially tips to [email protected], and be sure to follow @POLITICOPro and @MorningCybersec. Full team info below.

HAPPENING TODAY: INDUSTRY GROUPS PLAN BOTNET COUNTERATTACK — A tech trade group partnership is launching two projects today to defend the internet from botnets. The Council to Secure the Digital Economy, a collaboration between USTelecom and the Information Technology Industry Council, is organizing an effort to develop “baseline security practices” that can protect companies against botnets and will convene stakeholders to create an emergency action plan on how tech firms can repel major attacks. CSDE announced the projects to coincide with the deadline for a DHS/Commerce Department report on recommendations to repel and dismantle botnets. Trump mandated the report in the cyber executive order he signed a year ago today.

For the first project, the anti-botnet best practices guide, CSDE’s member companies will compile “effective technologies, tools, and common practices that have been shown to prevent and mitigate botnets and other distributed attacks.” The goal is to cut through a thicket of overlapping and sometimes conflicting guides and create “a common taxonomy aligned with baseline security practices.”

But those best practices won’t be enough in a large-scale botnet attack, which is why CSDE is also bringing together the biggest players in the internet infrastructure community to craft an emergency response routine. The group will first identify what constitutes a crisis, then assemble “pre-scripted mitigation strategies, with playbooks for different scenarios” and test their effectiveness in coordination with government agencies. CSDE said its plan would “streamline industry and government actions in the event of major cyber emergencies, so that precious time is not lost on non-essential, low-priority activities.”

CSDE includes heavy hitters like content delivery behemoth Akamai; communications firms AT&T and Verizon; routing equipment maker Cisco; and tech giants like IBM, Intel and Samsung. Dean Garfield, president and CEO of ITI, said that “increased cross-sector collaboration by global digital innovators will create a more resilient ecosystem for consumers and businesses.”

PRO-ENCRYPTION BILL LAUDED — Privacy and civil liberty groups hailed a bipartisan group of House lawmakers for resurrecting legislation that would prevent tech companies from building “backdoors” into their devices. As first reported Thursday in MC, the members introduced a tweaked version of the Secure Data Act, which would prevent courts from issuing orders to break encryption. The new measure “will help ensure that in a time of heightened threats to national and digital security, users and businesses are able to rely on strong encryption without the risk of imposed vulnerabilities,” Ed Black, the president and CEO of the Computer and Communications Industry Association, said in a statement.

The bipartisan bill “could not come at a better time,” according to Robyn Greene, the policy counsel and government affairs lead for the Open Technology Institute at the think tank New America. “Despite reports that tools giving law enforcement access to the contents of encrypted devices are increasingly available and affordable, the FBI and DOJ are unrelenting in their attacks on strong encryption.”

— SPEAKING OF ORGANIZATION LAUNCHES TODAY: A pair of former government officials are unveiling the Transatlantic Commission on Election Integrity to study how to respond to potential election interference. Former Homeland Security Secretary Michael Chertoff and Anders Fogh Rasmussen, former NATO chief and Danish prime minister, are co-chairing the effort and will detail its members and full agenda at a news conference today. “Working with political and private sector leaders, traditional and new media actors, and non-governmental organizations the Commission will fill a void in transatlantic coordination, identifying and plugging gaps and raising awareness of this important issue,” according to a press release, which notes there are 20 elections set in the next 18 months among the U.S., European Union and NATO. “It will also look into the level of risk exposure across Western countries and recommend concrete to address this problem head on.”

GET MONEY — The House Appropriations Committee has been moving fiscal 2019 spending bills in recent weeks, and more of them have cybersecurity tidbits beyond those we featured here and here. The Agriculture-FDA measure boosts funding for the Commodity Futures Trading Commission, in part to fund cybersecurity initiatives, according to a committee summary. The Legislative Branch bill adds funding to pay for 80 more full-time employees at GAO, specifically to increase the watchdog’s scrutiny of cybersecurity and critical infrastructure threats, according to the committee report.

Members wrote in the Military Construction-VA bill report that they’re “concerned about the pace at which implementation of cybersecurity best practices are occurring at the Department, especially as VA and DOD continue to integrate VA electronic health information.” They continued: “The Committee directs the Department to identify for the Committee steps it has taken to protect data and patient records across physical, virtual, and mobile networks and the devices and systems attached to these networks.” The panel also remains worried that overstressed roads and parking near Fort Meade are creating delays for NSA and Cyber Command employees. It’s seeking a report from the Defense Department on the extent of the problem within 60 days of enactment, as well as a second report in advance of the fiscal 2020 budget about department-wide unfunded requirements for road and parking construction, including at Fort Meade.

YOU MAY PROCEED — A federal judge in Boston declined to throw out a lawsuit challenging the government’s practice of conducting warrantless searches of personal electronic devices at U.S. borders. DHS filed a motion to have the suit — brought by the ACLU’s Massachusetts branch and the Electronic Frontier Foundation on behalf of 11 plaintiffs — dismissed, arguing the searches of things like cellphones and personal laptops are crucial to uncovering potential security threats and ferreting out contraband. However, the judge found the suit had “plausibly alleged” that such searches breached constitutional protections against unreasonable searches and seizures. “The court has rightly recognized the severity of the privacy violations that travelers face when the government conducts suspicionless border searches of electronics,” ACLU attorney Esha Bhandari, who argued the case last month, said in a statement. “We look forward to arguing this case on the merits and showing that these searches are unconstitutional.”

ELEPHANT IN THE ROOM — The industry group that writes voluntary grid security and reliability standards has a new leader, and cybersecurity was at the top of everyone’s mind. Jim Robb took the reins of the North American Electric Reliability Corporation on April 9, but NERC’s board of trustees formally welcomed him during its quarterly meeting Thursday. Board Chairman Roy Thilly said the group had “high confidence” in Robb’s “qualifications to lead this organization as we face exciting opportunities, as well as new challenges, to the reliability of the North American grid,” according to a NERC statement.

On the cyber front, NERC works closely with the Federal Energy Regulatory Commission to develop and enforce Critical Infrastructure Protection, or CIP, standards, and manages the electricity sector’s information sharing group. Bruce Walker, DOE’s assistant secretary for electricity delivery and energy reliability, attended Thursday’s meeting and observed that “reliability is essential to protecting national security,” according to the statement. Also in attendance was a FERC commissioner who “addressed FERC’s resilience proceeding and cyber-security topics.”

RECENTLY ON PRO CYBERSECURITY — Dragos profiled a suspected Russian hacking group targeting critical infrastructure. … Christopher Wylie, who called attention to Cambridge Analytica obtaining a trove of Facebook user data, will testify before the Senate Judiciary Committee next week. … Trump thanked Kim Jong-Un for releasing three American prisoners.

TWEET OF THE DAY — Any day now …

QUICK BYTES

— U.S. cyber insurance premiums reached $2.1 billion in 2017, according to an analysis. Intelligent Insurer

— Homeland Security Secretary Kirstjen Nielsen was pushed to the verge of resignation by a Trump harangue. The New York Times

— “Russian hackers found the 'ultimate' hacking tool buried in the supply chain of laptops.” CyberScoop

— The Washington Post opines that Trump isn’t moving aggressively enough to counter Russian cyberattacks.

— In the latest episode of “hackers hacking hackers,” a hacker hacked the ZooPark hackers and stole the info they’d stolen. Motherboard

— “Deluge of Attacks Prompts Telecom Firm to Overhaul Cyber Investigations Team.” The Wall Street Journal.

— Security researchers dug into the source code of a popular breathalyzer and said they found flaws. ZDNet

— Facebook has adjusted its policies on “unsolicited adult nude genitalia imagery sharing,” which has a less verbose name that MC will not be putting in print. Motherboard

That’s all for today. Will Monday’s edition be today’s edition 2.0? Would that make it Thursday’s 3.0? Oh no, infinite regresssssssss …

Stay in touch with the whole team: Bryan Bender ([email protected], @BryanDBender); Mike Farrell ([email protected], @mikebfarrell); Eric Geller ([email protected], @ericgeller); Martin Matishak ([email protected], @martinmatishak) and Tim Starks ([email protected], @timstarks).

Follow us on Twitter Heidi Vogt @HeidiVogt



Eric Geller @ericgeller



Martin Matishak @martinmatishak



Tim Starks @timstarks