The Trump administration delivered on promises to take a tougher stance against foreign cyberaggression yesterday when it charged an alleged hacker for the North Korean government in connection with a series of devastating cyberattacks, including the 2014 assault on Sony Pictures Entertainment.

But once again President Trump undercut his administration’s efforts with his off-the-cuff statements. Hours before the Justice Department announced the charges, Trump praised North Korean leader Kim Jong Un on Twitter, thanking him for “unwavering faith in President Trump” and negotiations to curb Pyongyang's nuclear weapons program. He made similar remarks at a rally in Montana Thursday night. 

The gulf between Trump’s words and his administration’s actions is frustrating the government’s efforts to mount a coordinated plan for deterring cyberattacks from foreign adversaries. As the administration took steps to punish Russian interference in the 2016 election by imposing sanctions and indicting Russian operatives, Trump has similarly scrambled his administration’s messaging by casting doubt on his intelligence chiefs' determination the Kremlin was responsible for the hacks and offering kind words for Russian President Vladimir Putin. The same disconnect was on display again Thursday,  when Trump did not dedicate any tweet or statement to mark the first time the United States has charged a North Korean operative in a hacking campaign.

Still, lawmakers who have criticized the administration for moving too slowly against Russia, North Korea and other adversaries in cyberspace said the charges were a step in the right direction.

“Good. It's been four years since North Korea's petty little despot hacked Sony Pictures because he didn't like a movie that a free and open society produced,” Sen. Ben Sasse (R-Neb.) said in an emailed statement. “It’s been a year and half since he launched a ransomware attack that hit hundreds of thousands of computers across the globe. Kim showed the world both how small he was and how capable his cyber soldiers can be. Cyber war gives outsized opportunities to North Korea and it's important to push back.

Sen. Mark R. Warner (Va.), the ranking Democrat on the Senate Intelligence Committee, said in a statement that the administration still needed to develop a “clearly thought-out and articulated strategy for deterring and punishing state-sponsored cyberattacks.” But he called the charges “an important step in making clear to our adversaries that these kinds of criminal activities are unacceptable.”

A sweeping 179-page criminal complaint details the charges against Park Jin Hyok, 34, a computer programmer accused of being part of a conspiracy to hack on behalf of North Korea’s Reconnaissance General Bureau, the military intelligence agency that controls most of the country’s cyber capabilities, as my colleagues Ellen Nakashima and Devlin Barrett reported. Park and other unidentified actors are accused of launching the destructive attack on Sony in retaliation for the satirical film “The Interview,” which depicted Kim being assassinated. The attack “wiped data from thousands of computers, stole confidential emails whose contents forced the resignation of a top executive, and most alarming of all, pressured the Hollywood studio” into pulling the film, my colleagues write.

“He and other unidentified operatives are accused of being members of the Lazarus Group, which also has been implicated in the audacious attempt to steal $1 billion from the Bangladesh Bank in 2016, and to the WannaCry 2.0 virus that affected more than 230,000 computers in 150 countries last year,” according to my colleagues. In conjunction with the charges, the Treasury Department on Thursday imposed sanctions on Park and a state-owned firm in China that employed him. 

These are exactly the kind of punitive actions against foreign hacking that lawmakers and cybersecurity experts have called for — and that administration officials have pledged in recent months to pursue more aggressively. Congress used the massive defense policy bill it passed last month to press the administration to create a comprehensive cyber deterrence strategy, and lawmakers want this type of “naming and shaming” to be part of it. Although it’s unlikely Park or any of the other alleged conspirators will ever see the inside of an American courtroom, the unveiling of the charges and the extensive documentation of the hacking campaign are designed to discourage future attacks, especially when coupled with other measures such as sanctions.

But these actions lose their bite without full-throated support from the president. Trump’s praise for Kim Thursday stood in glaring contrast to statements from law enforcement officials, who blasted the North Korean government’s hacking campaign as “offensive to all who respect the rule of law and the cyber norms accepted by responsible nations.” 

Cybersecurity experts overwhelmingly agree this clash of messages only weakens the administration’s overall stance, as I reported recently. As one expert told me, “The president must set the tone.”


PINGED: “Casting blame across the aisle, House Republicans withdrew on Thursday from negotiations with Democrats over a pact that would have effectively barred both parties from using hacked or stolen material on the campaign trail this fall,” the New York Times's Nicholas Fandos reported. “Leaders of the National Republican Congressional Committee, the campaign arm of House Republicans, and their counterparts at the Democratic Congressional Campaign Committee had labored for much of the summer over a set of rules that would have governed the way the congressionally run committees and their candidates treated material like the thousands of pages of damaging Democratic documents stolen and leaked by Russian hackers in 2016.”

A deal had been in sight but both parties differed on how to handle hacked or stolen information that has already been made public, for instance through news reports, according to the Times. “Republicans argued that such material had to be fair game and that to ask candidates not to seize on news reports was unnecessarily prohibitive,” Fandos wrote. “Democrats countered that any agreement would be toothless without such a provision.” Each side blamed the other for the collapse of the talks. “Republicans claimed that Democrats had negotiated in bad faith and violated an agreement not to speak about the negotiations publicly, and Democrats insisted that Republicans were merely searching for an excuse to pull out,” the Times reported.

PATCHED: “An expert panel of the National Academy of Sciences called for fundamental reforms to ensure the integrity of the U.S. election system, which is handicapped by antiquated technology and under stress from foreign destabilization efforts,” the Associated Press's Frank Bajak reported on Thursday. “The cautiously worded report calls for conducting all federal, state and local elections on paper ballots by 2020. Its other top recommendation would require nationwide use of a specific form of routine postelection audit to ensure votes have been accurately counted.” The report does not provide an estimate of the costs to enact the recommended changes.

The report advocates for the adoption in all elections of human-readable paper ballots by the 2020 presidential election and risk-limiting audits, the AP reported. The report also warns against the use of Internet voting. “At the present time, the Internet (or any network connected to the Internet) should not be used for the return of marked ballots,” the report said. “Further, Internet voting should not be used in the future until and unless very robust guarantees of security and verifiability are developed and in place, as no known technology guarantees the secrecy, security, and verifiability of a marked ballot transmitted over the Internet.”

PWNED: IBM used video surveillance footage from New York City police to develop technology allowing searches based on features such as skin toneGeorge Joseph and Kenneth Lipp reported in the Intercept on Thursday. They wrote that the NYPD has not disclosed details about the origin of the technology or how it works. “Now, thanks to confidential corporate documents and interviews with many of the technologists involved in developing the software, The Intercept and the Investigative Fund have learned that IBM began developing this object identification technology using secret access to NYPD camera footage,” Joseph and Lipp wrote. “With access to images of thousands of unknowing New Yorkers offered up by NYPD officials, as early as 2012, IBM was creating new search features that allow other police departments to search camera footage for images of people by hair color, facial hair, and skin tone.”

The NYPD stopped using the IBM software in 2016, according to the Intercept. “NYPD spokesperson Peter Donald said the search characteristics were only used for evaluation purposes and that officers were instructed not to include the skin tone search feature in their assessment,” Joseph and Lipp wrote. “The department eventually decided not to integrate the analytics program into its larger surveillance architecture, and phased out the IBM program in 2016.”


— “Colorado, whose election systems are ranked among the nation’s safest, held a cyber-security and disaster exercise Thursday for dozens of state, county and federal elections officials to reinforce the state’s preparedness for, and public confidence in, November’s midterm elections,” the AP's James Anderson reported. “Participants included Department of Homeland Security cyber experts working with county elections clerks to confront a rapid-fire sequence of scenarios. In a brief appearance, Homeland Security Secretary [Kirstjen] Nielsen praised Colorado as a national leader in safeguarding elections.” Speaking at the event in Denver, Nielsen touted the state's approach to election security. “We’d love to continue to use you as an example of what other states can adopt,” she said, as quoted by the AP.

Judd Choate, Colorado's elections director, told participants to expect a hard test. “Choate warned the dozens of clerks, database experts and others that Thursday’s exercise would be tough, involving, among a cascade of other problems, attempts to hack voter rolls, detect possible malware planted in voting systems weeks beforehand, phishing and responding to social media posts claiming systems were hacked or voters turned away,” Anderson wrote. “The exercise concerned both the weeks leading up to the election and election day itself.”

— “With much fanfare, officials on Thursday unveiled a new system that eventually will replace boarding passes with facial scans for international travelers at Washington Dulles International Airport,” The Washington Post's Lori Aratani reported. “Instead of pulling out their passports and handing over a boarding pass, travelers will instead have their faces scanned. That photograph, shot by an iPad mounted on a stand, will then be matched with a collection of photos maintained by the U.S. Customs and Border Protection agency. If the photos — from passports and visa applications — match the one taken at the gate, the traveler will be cleared to board.”

— More cybersecurity news from the public sector:

The troubled agency is charged with responding to Russian influence operations.
Foreign Policy
The Pentagon is working with the Department of Homeland Security in gathering cyber-threat indicators from the financial services industry as part of a model program that is expected to be applied to other sectors, according to Defense Department Chief Information Officer Dana Deasy.
Inside Cybersecurity
Washington is gearing up for a fight with big tech — and Google could be at the center of it
The Verge
Apple Inc plans to create an online tool for police to formally request data about its users and to assemble a team to train police about what data can and cannot be obtained from the iPhone maker, according to a company letter seen by Reuters.
Electrical grid infrastructure providers and federal agencies need to do even more collaboration on operational preparation, response and recovery planning, according to a new study.

— “British Airways was forced to apologize on Friday after the credit card details of hundreds of thousands of its customers were stolen over a two-week period in the worst ever attack on its website and app,” Reuters's Paul Sandle reported. “The airline discovered on Wednesday that bookings made between Aug. 21 and Sept. 5 had been infiltrated in a ‘very sophisticated, malicious criminal’ attack, BA Chairman and Chief Executive Alex Cruz said. It immediately contacted customers when the extent of the breach became clear. Around 380,000 card payments were compromised, the airline said, with hackers obtaining names, street and email addresses, credit card numbers, expiry dates and security codes - sufficient information to steal from accounts.”

— More news about cybersecurity vulnerabilities:

Asia & Pacific
The agreement, under discussion for more than a decade, highlights growing ties despite tensions over trade.
Joanna Slater

Coming Soon


Haley slams Russia over Novichok attacks:

Police detain black teen mistakenly reported as robbing his white grandmother:

Remembering Burt Reynolds, Hollywood's outlaw: