THE KEY

House Republicans’ campaign arm is still relying on CrowdStrike to protect its sensitive data, even as the cybersecurity firm has become embroiled in a bizarre conspiracy theory promoted by President Trump and his GOP allies.

The California company, which Trump and some House Republicans have accused without evidence of conspiring with Democrats in the 2016 election, is still helping the National Republican Congressional Committee protect its networks. The committee has no immediate plans to change vendors, a person familiar with the matter told me.

The NRCC decision suggests a stark split between Republicans’ rhetoric and their actions when it comes to the serious task of protecting campaign data against hacking from Russia, China and elsewhere. Both President Trump and some House Republicans insist, without basis, that the firm was somehow involved in a Ukrainian-backed intelligence operation designed to harm Trump's winning the White House in 2016.

“[This is] a great illustration of how the GOP knows better when it enables conspiracy theorists,” Peter Singer, a cybersecurity expert at the New America think tank, told me. “It actually makes that knowing act worse.”

The NRCC’s most recent payment to CrowdStrike, which helped it respond to a 2018 hack, was for $40,000 in June, according to Federal Election Commission data.

The move is also an implicit rejection by a major GOP campaign organization of a baseless conspiracy theory embraced by Trump and some House Republicans, which has taken center stage in the impeachment inquiry.

The theory, in a nutshell, is that CrowdStrike helped the Democratic National Committee fake its 2016 data breach to tar the Trump campaign and is hiding a DNC server that contains crucial evidence somewhere in Ukraine. To be clear, there’s no known evidence backing up that theory and U.S. intelligence agencies, the Mueller report  and the Senate Intelligence Committee all confirmed that the DNC breach was not only real but part of an elaborate Kremlin-backed campaign to harm Hillary Clinton and help Trump.

But Trump evidently believed the theory enough to ask Ukrainian President Volodymyr Zelensky to investigate it during an infamous July phone call when he also urged Zelensky to find dirt on the family of his 2020 rival, former vice president Joe Biden.

And some House Republicans have followed suit, with Rep Andy Biggs (R-Ariz.) decrying “CrowdStrike Ukrainian interference in the 2016 election” during a recent Judiciary Committee hearing and Rep. Debbie Lesko (R-Ariz.) asking FBI and Justice Department witnesses if “CrowdStrike still [has] possession of the Clinton server.”

CrowdStrike, which did investigate the DNC breach, never took physical possession of DNC servers and never investigated the private server Hillary Clinton used while secretary of state.

The assaults on CrowdStrike threaten to politicize campaign cybersecurity while former officials and cybersecurity experts are warning that campaigns are far too vulnerable to hacking and are struggling to keep the issue nonpartisan.

CrowdStrike declined to comment for this story, saying through a representative that it doesn’t discuss specific clients.

Overall, the NRCC has spent about $160,000 on CrowdStrike services since 2017, including $40,000 in 2018 when it suffered a data breach. That breach has never been attributed to any specific hacking group and it’s not clear whether it was the work of a foreign government.

The NRCC also initially planned to contract with CrowdStrike on a program to offer free cybersecurity services to GOP House candidates as I reported in July. The committee has since switched to a different cybersecurity company for that program -- the Massachusetts-based Carbon Black, which was recently acquired by VMWare -- a person familiar with the matter told me. Carbon Black declined to comment. 

Senate Republicans’ campaign wing, the National Republican Senatorial Committee, spent $18,000 on CrowdStrike services in 2018, according to FEC data, but hasn’t spent anything so far in 2019. The committee did not respond to multiple requests for comment about whether it has any active Crowdstrike contracts.

There’s no record of the Republican National Committee contracting with CrowdStrike.

Democratic campaign organizations have contracted far more extensively with the company, with the Democratic National Committee alone spending about $250,000 on CrowdStrike services since 2018, according to FEC data.

PINGED, PATCHED, PWNED

PINGED: Members of Trump's inner circle were floating conspiracy theories about Ukraine being responsible for the DNC breach as early as 2016,  my colleagues Rosalind S. Helderman and Spencer S. Hsu report. Former Trump campaign chairman Paul Manafort pushed the conspiracy to aides, Manafort's protege Rick Gates told the FBI during an interview last year as part of the Mueller investigation. The interview was recorded in documents recently released in response to lawsuits filed by BuzzFeed and CNN. 

The records show that Manafort and other senior Trump advisers, including his short-lived national security adviser, retired Gen. Michael Flynn, adamantly pushed the conspiracy theory, my colleagues report. The Ukrainian conspiracy may have originated with Konstantin Kilimnik, a Manafort employee with alleged ties to Russian intelligence, Gates told investigators. Kiliminik has denied any connections with Russian intelligence.

Gates also told the FBI that he suspected the Trump campaign was aware of Russia and WikiLeaks's plans to leak hacked emails from the DNC, according to the redacted interview transcripts. Mueller did not charge Trump or any associates with working with Russia or WikiLeaks.

PATCHED: Licenses for U.S. companies to sell components to the blacklisted Chinese telecom firm Huawei will be “forthcoming very shortly,” Commerce Secretary Wilbur Ross told Bloomberg News's Haslinda Amin in an interview yesterday. The agency has received 260 requests to sell to blacklisted Chinese firms, far more than it was expecting, Ross noted. 

Ross said companies should be prepared for their requests to be denied, “even though we will obviously approve quite a few of them.”

The Trump administration banned U.S. companies from selling to Huawei in March over concerns about Chinese spying, but has twice delayed the ban, which is now scheduled to take effect Nov. 19. It later added 28 other Chinese companies to the blacklist. President Trump promised to exempt some sales in June, but so far no licenses have been approved. The United States and China are expected to reach the first phase of a trade agreement sometime this month, which could expedite the process, Ross said.

PWNED: President Trump's intense Twitter habit has made him a prime target for propaganda from China, Russia and Iran, the New York Times's Mike McIntire and Nicholas Confessore report.  

State-sponsored accounts from those nations have directed thousands of posts at the president, some of which he has retweeted, they report.

State-sponsored accounts trying to attract the president's attention "frequently promoted conspiracy theories or support for Mr. Trump’s policies," Mike and Nicholas report. One of the state-sponsored accounts retweeted by Trump wrote, "We love you Mr. President!".

Trump's high level of engagement on Twitter gives users an "amazing opportunity to game the president," former FBI agent and cybersecurity expert Clint Watts told the Times. “You are very clearly capable of using Twitter to entice and influence this president,” he said. “You can distort the guy’s views from your house.”

Trump has retweeted at least 145 unverified accounts that push conspiracy or extremist content, more than two dozen of which have been suspended by Twitter, the Times found.

PUBLIC KEY

— Cybersecurity news from the public sector:

Officials and cyber experts are expressing confidence in reforms made to prevent a repeat of election hacking and foreign interference one year ahead of their biggest test yet, Election Day 2020.
The Hill
The Pentagon once again is sending cyber personnel overseas to gather intelligence to help protect the 2020 presidential elections against foreign interference, the U.S. Embassy in Montenegro announced this week.
CyberScoop
Organizations that rely on third-party vendors to provide cloud-based services are increasingly at risk of ransomware attacks, according to a new report.
State Scoop
The Trump administration is creating a center that will give immigration agents access to information from U.S. intelligence agencies. Migrants and others denied entry will be unable to see the evidence against them because it is classified.
ProPublica
The Defense Department named five bases around the country to test emerging high speed 5G network applications.
Federal Computer Week

PRIVATE KEY

— Cybersecurity news from the private sector:

After months of warnings, the first successful attack using Microsoft's BlueKeep vulnerability has arrived—but isn't nearly as bad as it could have been.
Wired
The so-called Hamburglar is still at large, infiltrating customers’ McDonald’s app accounts and ordering food on their dime. For some victims, their troubles didn’t end there as they were unhappy with how McDonald’s handled their cases.
CBC
Germany and France are rolling out a government-backed project to develop European cloud infrastructure in an effort to help local providers compete with U.S. technology giants, which dominate the global cloud market.
Wall Street Journal

THE NEW WILD WEST

— Cybersecurity news from abroad:

India’s main opposition Congress party said on Sunday that its general secretary Priyanka Gandhi Vadra had been informed by messaging service WhatsApp that her phone was hacked during this year’s election campaign by malware from Israeli surveillance firm NSO.
Reuters

CHAT ROOM

Just in time for this year's Election Day, check out John Oliver's This Week Tonight riff on election security:

ZERO DAYBOOK

—Coming up:

  • The Judiciary Committee’s subcommittee on crime and terrorism will host a hearing entitled “How Corporations and Big Tech Leave Our Data Exposed to Criminals, China, and Other Bad Actors on Tuesday at 2:30 p.m. EST.
  • The Senate Judiciary Committee will host a hearing on Reauthorizing the USA FREEDOM Act of 2015 on Wednesday at 2:30 p.m. EST.