Republicans, meanwhile, steered clear of the bizarre theory involving CrowdStrike, which posits that the cybersecurity firm was somehow helping Ukraine interfere in the 2016 election to hurt Trump. GOP questioners, however, did repeatedly suggest Ukraine was working to elect Hillary Clinton, though the location of the DNC server examined by CrowdStrike wasn't name-checked by them.
That’s a far cry from earlier hearings when some of Trump’s GOP allies eagerly parroted his claims on the cybersecurity firm that has taken center stage in the impeachment inquiry. Instead, Democrats invoked CrowdStrike to paint Trump and Republicans as peddling unfounded claims.
In fact, State Department official George Kent, one of two witnesses called by Democrats, announced he’d never heard of CrowdStrike before reading the transcript of the Trump-Zelensky call and quickly declared he saw “no factual basis” to the president’s claims.
“I think it’s amply clear that Russian interference was at the heart of the interference in the 2016 election cycle,” Kent said, echoing the unanimous conclusions of the U.S. intelligence community, the Mueller report and the Senate Intelligence Committee.
As my colleagues Shane Harris and John Hudson put it, “Kent emerged as a forceful debunked of some of the most frequently cited assertions and conspiracy theories among Trump’s allies.”
Indeed, no Republican lawmakers even mentioned CrowdStrike during the course of the more than five-hour hearing. Instead, their questions focused mainly on a separate investigation Trump urged into former vice president Joe Biden’s son Hunter’s work on the board of a Ukrainian oil company — claiming he was underqualified for the post and that the president did nothing wrong because Ukraine never launched the investigation.
They also argued Trump's withholding military aid was based on concern about corruption in Ukraine, a point Schiff hit back at noting the president's conversation with Zelensky mentioned no major corruption cases.
“What the President brings is CrowdStrike, the server and the Bidens, am I right?” Schiff said.
There were also other fireworks for security hawks during the hearing.
The big reveal came when acting U.S. ambassador to Ukraine, William B. Taylor Jr., described a previously undisclosed phone call about the investigations between Trump and U.S. Ambassador to the European Union Gordon Sondland, who spoke on a cellphone from a restaurant in Kyiv.
That call last summer “was a stunning breach of security” that was almost certainly overhead by Russian intelligence agencies, my colleague Ellen Nakashima reports.
It also raises serious concerns about Trump officials playing fast and loose with operational security — and giving the Kremlin ammunition it could use to blackmail or embarrass U.S. officials in the process.
“The security ramifications are insane — using an open cellphone to communicate with the president of the United States,” Larry Pfeiffer, a former senior director of the White House Situation Room, told Ellen. “In a country that is so wired with Russian intelligence, you can almost take it to the bank that the Russians were listening in on the call.”
PINGED, PATCHED, PWNED
PINGED: Lawmakers are raising alarms about foreign actors impersonating veterans on social media as a tactic to con other veterans and sow disinformation. The concerns come after Russian agents imitated veterans as part of their efforts to sow discord in the 2016 election and amid fears they could deploy the tactic again in 2020.
House Veterans' Affairs Committee Chairman Mark Takano (D-Calif.) urged social media companies to take action on the problem or “Congress will need to step in directly” during a hearing yesterday.
“By impersonating veterans, these foreign actors are effectively eroding the hard-earned power and integrity of veterans’ voices,” he said.
The scams, known as “Internet spoofing,” can imitate a person by using their name, picture and other information or taking over a real account. Researchers and veterans groups have also found alleged veterans organization pages that are actualy run by foreign agents and that target the group with misinformation.
Here are more details from my colleague Cat Zakrzewski.
PATCHED: A Russian man charged by federal authorities with committing more than $20 million in computer fraud made his first appearance in a U.S. court yesterday after being extradited from Israel, my colleagues Paul Duggan and Tom Jackman report. Russia unsuccessfully tried to derail the extradition by offering to exchange an Israeli American prisoner with Israel for the suspected hacker..
U.S. attorneys say Aleksei Burkov operated a website called CardPlanet that sold hacked credit and debit card numbers. He also ran a website where cyber criminals could advertise stolen goods and criminal services. He’s also charged with wire fraud, money laundering and identity theft.
PWNED: Mexico’s national oil company Pemex is refusing to pay hackers a $5 million ransom demand to get back access to their computer systems, Reuters's Adriana Barrera reports.
The hack, which follows a string of ransomware attacks against major industrial firms, caused Pemex to shut down computers across Mexico, including corporate networks and payment systems, over the weekend. But the company's plants and wells are still in operation, Energy Minister Rocio Nahle said.
The company was still issuing payments but was forced to revert to manual processes for billing as of Tuesday, Bloomberg News reports.
— Cybersecurity news from the public sector:
— Cybersecurity news from the private sector:
THE NEW WILD WEST
— Cybersecurity news from abroad:
- Rep. Bennie G. Thompson (D-MS), Chairman of the Committee on Homeland Security, will speak at the Georgetown University 2019 “State of Cyber” Conference in Washington DC at 10:30 a.m.
— Coming up:
- New York University’s Center for Cybersecurity, the Journal of National Security Law & Policy will host an event titled “Catching the Cybercriminal: Reforming Global Law Enforcement” on November 18 at 10 a.m.
- The House Financial Services Committee will host a hearing on the role of big data in financial services on November 21 at 9:30 a.m.
- The 2019 International Conference on Cyber Conflict U.S. (CyCon U.S.) will take place 18-20 Nov 2019 in at the Crystal Gateway Marriott in Arlington, VA.
- CYBERWARCON takes place on November 21 in Arlington, Va.