The Washington PostDemocracy Dies in Darkness

The Cybersecurity 202: Watchdog report criticizes State Department cybersecurity bureau established by Trump administration

with Aaron Schaffer

A government watchdog released a report criticizing a State Department cybersecurity bureau set up in the last days of the Trump administration.

The plan for the new bureau failed "to address fundamental aspects of cyber diplomacy and will not solve the problems a new bureau would need to address, the Government Accountability Office found. Those failures could lead to mismanagement of resources and conflicts within the agency and with other agencies at a time when cybersecurity is a pressing national security concern for the United States, the report notes. 

The report highlights the challenges new Secretary of State Tony Blinken will face in elevating cybersecurity as a key part of his department's mission. 

Blinken expressed his support for the Trump administration's creation of a State “Bureau of Cyberspace Security and Emerging Technologies,” according to a State Department spokesperson. But his plans for how the bureau will look are unclear. The bureau was intended to lead U.S. diplomatic efforts in cyberspace including policy toward China, Russia, North Korea and Iran.

He will take a close look at where this bureau should be placed within the department and what its mission and scope of responsibility will be, the spokesperson said in response to a question about Blinken's thoughts on the watchdog report.

Blinken has put cybersecurity at the heart of the agency's diplomatic and national security efforts by focusing on a massive Russian hack of government agencies made possible by a breach of network management company SolarWinds.

“We’re looking very urgently as well at SolarWinds and its various implications,” Blinken said at a news conference Wednesday.

Cybersecurity experts say the blueprint left by the Trump administration will need an overhaul.

Chris Painter, the State cyber coordinator under President Barack Obama, called the watchdog report's findings hardly surprising. 

“It seems like this proposed organization is more of a product of bureaucratic turf wars than critically thinking about policy, he said. 

GAO found State failed to address serious concerns with how the new bureau is organized and how it would develop unified cybersecurity policies while placing responsibility for policymaking in two distinct bureaus.

For example, the GAO raised concerns that State failed to address how the department would tackle digital economy cybersecurity issues when some of that work would be split between the new bureau and the one overseeing economic and business affairs. 

Internal documents show State acknowledged that dynamic could complicate policymaking. Yet in more than a year developing plans for the bureau, it failed to come up with a solution.

Those complications could lead to conflict, turf wars, and not speaking in a unified voice on the global stage, Painter says. Any clashes would make it difficult for the Biden administration to achieve its goal of making the United States a leader in global cyber policy.

The recent report was the second one by the office during its two-year investigation to raise major concerns about the proposal. A September 2020 GAO report found that the State Department also failed to consult other agencies involved in the same work to “obtain their views and identify any risks, such as unnecessary fragmentation, overlap, and duplication of efforts.”

Although the new report concluded State failed to use evidence to justify its proposal, that doesn't mean there isn't a need for a cybersecurity bureau there.

“The challenges have only gone up in the past four years, not gone down, Painter said, pointing to major hacking efforts by Russia and other adversaries.

Congress supports a cyber bureau at State. Still, it's urging an overhaul of the new one.

Members of both the House and Senate Foreign Relations want a bureau that would oversee both economic and security aspects of cybersecurity policy, as outlined in a Cyber Diplomacy Act in 2018. The act was passed by the House and Senate Foreign Affairs Committees but blocked by Secretary of State Mike Pompeo, who refused to work with Congress. The leaders of the House Foreign Relations Committee asked the GAO to launch its investigation shortly after.

A bipartisan congressional commission focused on cybersecurity also called for the creation of a State cybersecurity bureau in its extensive list of recommendations last year. The report also called for additional resources for cybersecurity at the agency and an assistant secretary position to run the bureau.

The co-commissioners of the Cyberspace Solarium Commission in a statement earlier this month called for Biden to halt any reorganization and instead work with Congress on a solution.

Rep. Gregory W. Meeks (D-N.Y.), chair of the House Foreign Affairs Committee, expressed confidence in the Biden administration. 

Secretary Pompeo’s failure to address the issues the GAO identified came at the detriment of the State Department and our national security, Meeks said in a statement. I look forward to working with Secretary Blinken and the rest of the Biden administration to ensure the State Department establishes an effective Cyber Bureau without further delay.”

The keys

Researchers say Hezbollah-linked hackers infiltrated Oklahoma government servers.

The state says it hasn't seen evidence of a successful hack.

The Volatile Cedar hacking group exploited known vulnerabilities in Atlassian and Oracle software to steal “valuable information, according to Israeli cybersecurity company ClearSky. 

In a new report, ClearSky says that victims of the attack include Oklahoma’s Office of Management and Enterprise Services as well as U.S. companies and a host of Middle Eastern tech and telecom companies. 

OMES spokeswoman Bonnie Campo said in a statement that “OMES is working with our federal partners to quickly identify the validity of the claims” but “at this time there is no indication of a compromise. Further information will not be released until the investigation is complete.”

The NSA has a new interim cyber head.

Dave Luber is serving as the agency’s interim cybersecurity director, Cyberscoop’s Shannon Vavra reports. Luber, who has held positions at U.S. Cyber Command and the National Security Agency, will temporarily lead the agency that was previously run by NSA cyber chief Anne Neuberger, the Biden administration’s new deputy national security adviser for cyber and emerging technology. 

Rob Joyce, the NSA’s special liaison in the U.S. Embassy in London, is expected to eventually lead the cybersecurity directorate.

Wray says the FBI is “working nonstop” on the SolarWinds attack.

The bureau is focusing on identifying new victims, analyzing evidence and sharing findings from the cyberattack, FBI Director Christopher A. Wray said at his first major talk since joining the Biden administration. President Biden picked Wray, the director of the FBI since 2017, to continue leading the agency earlier his month. 

In his virtual talk at Fordham University, Wray also touted the FBI's participation in an international law enforcement takedown of the Emotet botnet. Wray stressed the importance of cooperation between the government and the private sector in fighting hackers.

Hill happenings

Senate Republicans want government watchdog to investigate Chinese coronavirus test kits.

Sens. Chuck Grassley (R-Iowa) and Marco Rubio (R-Fla.) say that Health and Human Services watchdog Christi Grimm should investigate the agency’s distribution of test kits made by a Chinese genetics company, BGI Group. “In light of the documented concerns from the intelligence community and the ongoing investigation into HHS’s national security protocols,” they wrote, “it is unacceptable that safeguards were not in place to prevent HHS’s promotion of BGI products.”

Industry report

  • Trinity Cyber has added Michael Sikorski, the founder of the FireEye Labs Advanced Reverse Engineering team, to its advisory board and Tenable Network Security co-founder Ron Gula to its board of directors. Gula Tech Adventures recently invested in the company.


  • Officials speak on the second day of Vanguard Canada's C4ISR and Beyond conference today.
  • The House energy and commerce committee holds a hearing on fighting fraud and scams amid the coronavirus pandemic on Feb. 4 at noon.

Secure log off

A weird thought from Stephen Colbert to start off the weekend.