Vice President Pence on Tuesday used his first major speech on cybersecurity to assert that the Trump administration is taking an aggressive stand against digital threats from Russia.
In a speech at a Department of Homeland Secuity cybersecurity summit in Manhattan, Pence outlined steps federal agencies are taking to protect election systems and other critical infrastructure from cyberattacks. And he affirmed the intelligence community's conclusions that Moscow interfered in the presidential elections -- in a stronger, less equivocal tone on the issue than the president has taken, as my colleague Ellen Nakashima reported.
“While other nations certainly possessed the capability, the fact is Russia meddled in our 2016 elections,” Pence said. “And while no actual votes were changed, any attempt to interfere in our elections is an affront to our democracy, and it will not be allowed.”
Pence's remarks capped a wide-ranging summit that was a clear attempt to demonstrate that the administration is taking cybersecurity seriously following weeks of criticism over Trump's meeting with Russian President Vladimir Putin in Helsinki, in which the president refused to back the intelligence community's findings about Moscow's election interference on the world stage. The White House is facing intense pressure from lawmakers to develop a comprehensive plan to deter adversaries in cyberspace. But despite the tough rhetoric from Pence and other top administration officials, the broader conference highlights only incremental steps the administration is taking to address the problem.
Here are a few takeaways from the conference:
1. The Trump administration blames its predecessor for the cyber challenge.
Pence insisted the Trump administration had "inherited a cyber crisis" and blamed the Obama administration for what he said were the country's failures in cyberspace. "The last administration too often chose silence and paralysis over strength and action,” he said. “But make no mistake, those days are over."
2. Pence's proposals were low-hanging fruit.
Pence said the administration is “putting the finishing touches” on a long-awaited national cyber strategy that members of Congress from both parties have agitated for. The new plan, he said, will “bring every element of American power to bear to protect the integrity and security of the American digital domain.” (However, this is the second go-round for the Trump administration: Congress was so unhappy with the strategy the administration submitted that lawmakers demanded another one. It remains unclear whether this one will meet their approval.)
He also called on the Senate to pass a bill that would rebrand the National Protection and Programs Directorate, DHS's main cybersecurity unit, as the Cybersecurity and Infrastructure Security Agency to better reflect its mission. And he pledged that the administration would create a “whole-of-government” approach to boost election security in all 50 states.
3. Still, administration officials believe cyberattacks are now a bigger threat than physical attacks.
Homeland Security Secretary Kirstjen Nielsen said in prepared remarks that cyberattacks “exceed the danger of physical attacks. The new reality marks a sea change for DHS, which was created in response to the Sept. 11, 2001, terrorist attacks, she said. “This has forced us to rethink homeland security. ... Today, the next major attack is more likely to reach us online than on an airplane.”
Last year was the worst “in terms of cyberattack value,” Nielsen told attendees. She pointed to major data breaches that exposed millions of Americans' personal information, the North Korean WannaCry computer worm that spread ransomware worldwide, and the NotPetya cyberattack from Russia that the White House has called the most destructive in history. Several years ago, cyber intrusions by foreign adversaries were like a “sloppy break-in,” Nielsen said. “Today, we don’t just need an alarm system, or a neighborhood watch, or security cameras, or even armed guards constantly roaming the hallways. We need it all.”
4. Government and the private sector are still struggling to “connect the dots.”
Nielsen said private companies and government agencies have all the data they need to disrupt cyberthreats, “but we aren't sharing fast enough or collaborating deeply enough to make it happen.”
To help tackle the problem, Nielsen and NPPD Undersecretary Christopher Krebs announced Tuesday that DHS is creating a national risk management center to help energy operators, banks and other critical infrastructure companies evaluate threats. “I occasionally still hear of companies state and local that call 911 when they believe they‘ve been under a cyberattack,” Nielsen said. “The best thing to do will be to call this center. This will provide that focal point.”
“Government is here to help you,” Krebs told the industry executives in attendance. “We are inextricably linked. Your risk is our risk.”
While information-sharing between government and the private sector needs a lot of work, things are improving, FBI director Christopher A. Wray added in a panel discussion. “I can go to any head of any [FBI] field office and ask him or her, 'Tell me about the private-sector partners in your area — who are they, who is your point of contact, what are their big threat issues?” Wray said. “If I had tried to do that last time I was in law enforcement, it would have been crickets chirping.”
5. Nielsen also came out forcefully on Russia's election interference.
Pence wasn't the only official to strongly acknowledge Russia's role in election interference. “Let me be clear: Our intelligence community had it right. It was the Russians,” Nielsen said. “We know that. They know that. It was directed from the highest levels. And we cannot and will not allow it to happen again.”
Nielsen has faced criticism in recent weeks for casting doubt on the intelligence community’s conclusion that Moscow sought to help Trump. She wouldn't say whether she believed that when asked about it at a conference in Colorado last month.
|You are reading The Cybersecurity 202, our must-read newsletter on cybersecurity policy news.|
|Not a regular subscriber?|
PINGED: “Facebook has shut down a sophisticated disinformation operation on its platform that engaged in divisive messaging ahead of the U.S. midterm elections, the company said Tuesday, an escalation of what a top executive described as an 'arms race' to manipulate the public using its tools,” The Washington Post's Elizabeth Dwoskin and Tony Romm reported. “Facebook said it discovered 32 false pages and profiles that were created between March 2017 and this May, which lured 290,000 people with ads, events and regular posts on topics such as race, fascism and feminism — and sought to stir opposition to [Trump]. The company informed law enforcement before it deleted the profiles Tuesday morning. It also notified lawmakers of the activity this week, and said it would notify the real Facebook users who were swept up in the operation.”
There were indications that the inauthentic accounts that Facebook uncovered had ties to the Russian troll farm Internet Research Agency. “Facebook found that one of the most popular pages, 'Resisters,' briefly had a co-administrator — for seven minutes — that was a known IRA account before the co-administrator disappeared, according to Facebook,” my colleagues wrote. “Another known IRA account had previously shared an event associated with the same page.” Facebook said the Resisters page promoted an event that was scheduled to take place in Washington on Aug. 10 through Aug. 12 and was meant to serve as a counterprotest against a white nationalist gathering. The event that the Resisters page promoted had gathered support from real users. “We’re sharing this today because of the timing of the event that was planned for Washington,” Facebook Chief Operating Officer Sheryl Sandberg said, as quoted by my colleagues.
PATCHED: Alex Stamos, Facebook’s chief security officer, wrote in a post that the company was shutting down the 32 pages and accounts it discovered “without saying that a specific group or country is responsible” for the disinformation efforts. Stamos also noted that some of the techniques employed in this online campaign were similar to that of the IRA in 2016 and 2017, but he added that such indications are not “strong enough to provide public attribution to the IRA” this time around. “Our technical forensics are insufficient to provide high confidence attribution at this time,” Stamos wrote.
While Facebook declined to directly place the blame on Russian authorities, several lawmakers warned that this disinformation operation is a sign of continued Russian efforts to interfere in American politics. “Today’s disclosure is further evidence that the Kremlin continues to exploit platforms like Facebook to sow division and spread disinformation, and I am glad that Facebook is taking some steps to pinpoint and address this activity,” Sen. Mark R. Warner (D-Va.), the Senate Intelligence Committee’s vice chairman, said in a statement.
Similarly, House Minority Leader Nancy Pelosi (D-Calif.) said in a statement that Facebook's announcement “confirms the long-standing findings of the U.S. Intelligence Community and national security experts: that Russia is actively utilizing social media in a coordinated effort to sow discord among the American people and undermine our democracy.” Sen. Richard Burr (R-N.C.), the chairman of the Senate Intelligence Committee, also mentioned Russia in a statement Tuesday. “The goal of these operations is to sow discord, distrust, and division in an attempt to undermine public faith in our institutions and our political system,” Burr said. “The Russians want a weak America.”
PWNED: Mikhail Khodorkovsky, a Russian opponent of the Kremlin and former prisoner, says he has formed a project called Dossier Center to expose corruption in the high ranks of Russian power by collecting tips via anonymous online drop boxes, the Associated Press’s Raphael Satter reported Tuesday. “The exiled former energy executive is funding the Dossier Center himself and said it was born out of frustration with the inability of journalistic investigations to lead to real change in a Russia dominated by his foe, President Vladimir Putin,” Satter wrote. “He wanted the project to produce more than occasional stories and to gather enough actionable information on the Kremlin’s leadership to bring its members, eventually, to court.”
Khodorkovsky said he would not dismiss outright the possibility of publishing hacked material. “He told the AP he would weigh such material on its merits, suggesting that the brutal environment of Russian politics, where opponents of the government can be gunned down and poisoned, didn’t leave much room for squeamishness,” according to Satter. “‘I’ll say this to you, weighing it up in my own moral balance. If I think that this information might prevent such things from happening then I don’t give a damn how it was obtained,’ he said.”
— More cybersecurity news:
— Sens. Lindsey O. Graham (R-S.C.), Sheldon Whitehouse (D-R.I.) and Richard Blumenthal (D-Conn.) on Tuesday introduced two bills to combat cybercrime and strengthen election security, according to a statement from Graham's office. The International Cybercrime Prevention Act would enable federal prosecutors to shut down botnets while the Defending the Integrity of Voting Systems Act would make hacking voting systems used in federal elections a federal crime. “Both pieces of legislation provide the Department of Justice urgently needed tools to shut down the digital infrastructure used by cybercriminals and to prosecute those who hack our critical infrastructure,” Graham said in a statement. “Congress should act quickly to pass these bills to help protect us from Russian interference in the 2018 election, and from the broad array of other state-enabled cyber threats.”
— Five Democratic lawmakers want the Government Accountability Office to investigate the facial recognition industry and examine how law enforcement authorities use the technology. “These technologies raise serious concerns about individual privacy rights and the disparate treatment of minority and immigrant communities within the United States,” Sens. Ron Wyden (Ore.), Christopher A. Coons (Del.), Edward J. Markey (Mass.), Cory Booker (N.J.) and Rep. Jerrold Nadler (N.Y.) wrote in a letter to the GAO released Tuesday.
— Senators will examine foreign influence operations on social media today during a Senate Intelligence Committee hearing. Todd Helmus, a senior behavioral scientist at the RAND Corporation, plans to tell the panel that Russian propaganda on social media pursues different goals depending on the regions that it targets, according to his prepared remarks. “In the former Soviet states, including the Baltic states and Ukraine, the Kremlin often aims to leverage shared elements of the post-Soviet experience to drive wedges between ethnic Russian and Russian-speaking populations and their host governments, NATO, and the West,” Helmus plans to say, according to his opening statement. “Further abroad, the Kremlin often attempts to achieve policy paralysis by sowing confusion, stoking fears, and eroding trust in Western and democratic institutions.”
— More cybersecurity news from the public sector:
— Ancestry, 23andMe and other companies that offer genetic testing want to quell consumer privacy concerns by pledging to be upfront about how they share people's DNA with researchers, law enforcement and other companies, my colleagues Tony Romm and Drew Harwell report. Under new voluntary guidelines, “the companies said they would obtain consumers' 'separate express consent' before turning over their individual genetic information to businesses and other third parties, including insurers. They also said they would disclose the number of law-enforcement requests they receive each year,” Tony and Drew write. Justin Brookman, director of consumer privacy and technology policy at Consumers Union, told my colleagues he wanted to see tougher restrictions: “In general, I think there should be stronger transparency requirements and legally binding rules for everyone around the transfer and use of super sensitive data like this.”
— More cybersecurity news from the private sector:
— “Some 10 million Dixons Carphone records containing personal data may have been accessed in a 2017 cyber attack, the British electronics and mobile phone retailer said on Tuesday, boosting an earlier estimate of 1.2 million,” Reuters reported. “It was the second major cyber attack in three years on the company, which has about 22 million customers in the UK and Ireland. It apologized to customers on Tuesday and said that an investigation into the hacks was nearly complete.”
- Senate Intelligence Committee hearing on foreign influence operations on social media.
- Black Hat USA security conference on Aug. 8 through Aug. 9 in Las Vegas.
- DEF CON security conference on Aug. 9 through Aug. 12 in Las Vegas.
Rudy Giuliani keeps admitting this is all for PR:
Immigration officials tout “summer camps” for migrant children:
Monsoon storm hits Phoenix: