Good morning. It's Friday, which means I finally have some time to watch “Squid Game.” Hopefully it's not as dystopian as … real life. 

Below: Russia-linked hackers targeted gmail users and some hackers are portraying themselves as moral crusaders. 

Cyber Ninjas CEO skipped a hearing on the Arizona election audit he led

Yesterday's House hearing on the partisan election review in Maricopa County, Ariz. quickly devolved into baseless claims and partisan bickering.

And the star witness didn’t even show up.

Cyber Ninjas CEO Doug Logan flouted the House Oversight and Reform Committee’s request to testify. Instead of appearing before lawmakers, Logan went on conservative podcast “Conservative Daily,” whose host has made baseless allegations that some election machines were rigged to ensure former president Donald Trump lost the 2020 election. 

For more than two hours, Logan defended his Florida-based firm’s handling of the controversial Arizona review, arguing the review (which ultimately found even more votes for Biden) was “beyond reproach.”

Logan's absence infuriated House Democrats. “Mr. Logan’s refusal to answer questions under oath today is just one more sign that the dark-money-fueled audit he led never should have happened in the first place,” House Oversight and Reform Committee Chairwoman Carolyn B. Maloney (D-N.Y.) told The Cybersecurity 202 in a statement. “We are evaluating next steps, but rest assured this issue is a top priority for me.”

No fraud findings
The witnesses who did show up said Maricopa's election process was fair and accurate.

The Arizona Republicans who appeared before the committee called the election results “free, fair and accurate.” When pressed, Ken Bennett, the Arizona Senate’s liaison to the Cyber Ninjas review, noted that a hand count of the ballots found 350 more votes for Biden.

Ultimately, the report that Cyber Ninjas presented to Arizona’s Republican-controlled Senate found no evidence of fraud. Maricopa County’s board, which opposed the review, said that Cyber Ninjas misunderstood election procedures as being nefarious. 

GOP response

But that didn't stop some Republican lawmakers from alleging more baseless election fraud claims.

Rep. Paul Gosar (R-Ariz.), who has promoted “Stop the Steal” rallies, suggested that Cyber Ninjas should have received access to Maricopa County's Internet routers. The routers would “be able to validate and have more information to this audit team," he said. (Trump has publicly called for the county to “produce the network routers.”)

Rep. Jody Hice (R-Ga.) called for a “full audit” of election results in Georgia, which President Biden won by around 12,000 votes. (Trump lobbied Georgia Secretary of State Brad Raffensperger to “find 11,780 votes, which is one more than we have.")

In a phone call on Jan. 2, President Trump insisted he won the state and threatened vague legal consequences. Here are excerpts from the call. (Obtained by The Washington Post)

Other Republican lawmakers at the hearing said they didn’t know who won the 2020 election and argued that the election was “compromised,” Eugene Scott writes.

But U.S. government officials have called the 2020 election “the most secure in American history.” Former Cybersecurity and Infrastructure Security Agency director Chris Krebs and other experts have argued it was the Arizona audit – not the election – that was host to a litany of errors and ultimately undermined confidence in elections and voting equipment. 

Critics of the Maricopa audit also point to the fact that Cyber Ninjas did not have any election auditing experience before conducting the review. And Logan has echoed false claims that the election was stolen.

Democrats respond

GOP assertions of election fraud represent an assault on American democracy, Maloney said.

“Republicans repeated the ‘big lie’ by continuing to cast doubt on the indisputable fact that President Biden won in Arizona,” she said. "Spreading such disinformation is a direct attack on our democracy. I implore my Republican colleagues to review the clear record from today’s hearing and end their efforts to undermine our elections.”

When asked about whether the committee plans to hold future hearings on the issue, Maloney said “we are not ruling anything out.” She added that she intends to do “everything I can to fight back against efforts to undermine our elections and subvert our democracy."

The keys

Russia-linked SolarWinds hackers mined for information on sanctions

The hackers who breached SolarWinds software searched specifically for information on “sanctions,” a person involved in the U.S. government investigation into the hack told Reuters’s Joseph Menn and Christopher Bing. 

“The suspected Russian hackers who used SolarWinds and Microsoft software to burrow into U.S. federal agencies emerged with information about counter-intelligence investigations, policy on sanctioning Russian individuals and the country’s response to COVID-19," Joseph and Christopher write.

U.S. intelligence officials have said Russia’s foreign intelligence service was behind the hacks, while Russia’s embassy have called those claims “baseless.” The hackers behind the SolarWinds cyberattack breached nine U.S. government agencies, around 100 companies and dozens of federal prosecutors’ offices.

The counterintelligence information is believed to be the worst data loss, a person involved told Reuters. The Justice Department did not respond to a request for comment.

Google told 14,000 Gmail users that Russia-linked hackers targeted them

In a security warning issued yesterday, Google said Gmail filters successfully marked all of the emails as spam. The campaign represented 86 percent of Google’s monthly warnings, Google Threat Analysis Group director Shane Huntley said. In a tweet, Huntley called it an “above average batch of government-backed security warnings.”

Huntley explained that the warning system “really mostly tells people you are a potential target for the next attack, so now may be a good time to take some security actions." And he reiterated that users can take basic cybersecurity to make themselves less vulnerable to cyberattacks.

Cyberattacks on tech companies are raising fears of collateral damage

The hackers behind the breaches are portraying themselves as moral crusaders against technology companies, Drew Harwell reports. User data belonging to thousands of users has been exposed in recent breaches.

“The perpetrators of these hacks are distancing themselves from financially driven cybercriminals and ransomware gangs by portraying their attacks as moral crusades against what they said were the companies’ sins,” Drew writes, citing as examples Epik and Twitch, whose hackers released celebratory notes alongside their data dumps.

But the guerrilla struggle between tech firms and anonymous hackers is raising fears that everyday Internet users could get caught in the crossfire. User data belonging to thousands of users has been exposed in recent breaches.

“Hacking because you disagree with an organization and you want to expose them is starting to really gain traction again,” said Allan Liska, a senior intelligence analyst at cybersecurity firm Recorded Future, adding that “generally the biggest victims of the attacks are not the target organization … but the people who work there” or who use its service for work or personal reasons.

Hill happenings

Democrats want details on Biden administration’s approach to cryptocurrencies and ransomware

The four lawmakers asked top Biden administration officials for details on attempts to seize cryptocurrency from ransomware groups, international cooperation to combat ransomware groups and take back cryptocurrencies and treatment of cryptocurrencies. Sen. Edward J. Markey (D-Mass.), Sen. Sheldon Whitehouse (D-R.I.), Rep. Jim Langevin (D-R.I.) and Rep. Ted Lieu (D-Calif.) “believe that stronger coordination between your departments is necessary, especially to address the role of cryptocurrency in facilitating ransomware attacks,” according to the letter. 

“Expanding efforts to seize cryptocurrency ransoms and increasing the costs associated with facilitating ransom payments can certainly help deter ransomware attacks by decreasing their profitability and changing threat actors’ incentives,” the lawmakers argue in the letter, which is addressed to Attorney General Merrick Garland, Secretary of State Antony Blinken, Treasury Secretary Janet Yellen and Homeland Security Secretary Alejandro Mayorkas.

Cyber insecurity

Global cyberspace

Industry report

Daybook

  • U.S. cybersecurity officials speak at the Billington Cybersecurity Summit today.
  • Former MI6 Chief Alex Younger, cybersecurity executives and experts speak at Recorded Future’s three-day Predict 21 conference, which begins Tuesday.
  • Cybersecurity executives and officials speak at the three-day Pearson Global Forum, which begins Tuesday.
  • The Atlantic Council hosts an event on the geopolitics of international technology standards on Tuesday at 10 a.m.
  • Palo Alto Networks Chair and CEO Nikesh Arora and Suzanne Spaulding, a senior adviser at the Center for Strategic and International Studies and former DHS official, speak at a Washington Post Live event on Tuesday at 4 p.m.

Secure log off

Thanks for reading. See you Monday.