With help from Eric Geller, Martin Matishak and John Hendel
Programming announcement: Our newsletters are evolving. Morning Cybersecurity will continue to publish daily for POLITICO Pro subscribers, but will publish once weekly for other readers starting on July 13. There will be no changes to the policy newsletters available to POLITICO Pro subscribers. To continue to receive Morning Cybersecurity daily, as well as access POLITICO Pro’s full suite of policy tools and trackers, get in touch about a Pro subscription. Already a Pro subscriber? Learn more here.
— The Defense Intelligence Agency, which has significant cybersecurity responsibilities and risks, has a new nominee for director.
— House appropriators agreed to direct the Pentagon and Foggy Bottom to join heads on the issue of NATO, collective defense and cyberspace.
— About 80 organizations, ranging from the city of New York to Verizon, weighed in on the Trump administration’s 5G security strategy.
HAPPY FRIDAY and welcome to Morning Cybersecurity! There’s only one National Kitten Day per year? Send your thoughts, feedback and especially tips to [email protected]. Be sure to follow @POLITICOPro and @MorningCybersec. Full team info below.
SUMMER SCOOPS, MAKE ME FEEL FINE — President Donald Trump has picked Army Lt. Gen. Scott Berrier to be the next director of the Defense Intelligence Agency, Martin scooped Thursday. Berrier, the deputy chief of staff for Army intelligence, was one of a group of candidates the military branches sent to Pentagon brass earlier this year to lead DoD’s spy branch. The continuation of his rank was submitted to the Senate on July 1.
If confirmed by the Senate, Berrier would replace Army Lt. Gen. Robert Ashley — who is expected to retire after a traditional three-year term as director — ensuring that the DIA would have back-to-back Army chiefs. The DIA director has traditionally come with a third-star promotion, but Berrier, who has held a variety of intelligence roles during his military career, including multiple stints in Afghanistan, already has his.
The Senate Armed Services Committee will consider Berrier’s nomination, though when is anyone’s guess. With few legislative days left before the August recess, and a potential block on military nominations by Sen. Tammy Duckworth (D-Ill.), who is demanding answers from DoD on the sudden retirement of impeachment witness Army. Lt. Col. Alexander Vindman, there might not be any movement until September.
COLLECTIVE DEFENSE — A manager’s amendment to the fiscal 2021 State and Foreign Operations bill the House Appropriations Committee approved Thursday would require a joint report by the departments of State and Defense on common NATO standards and protocols for unified responses to cyberattacks. In 2016, NATO recognized cyberspace as an area where NATO must defend itself like it does other domains. Under NATO’s Article 5, an attack on a NATO member is considered an attack on all of them.
“We should start asking the questions about what actions might trigger an Article 5 response in the future,” Rep. Tom Graves (R-Ga.), who pushed the language, said at the markup. Graves also pushed language in the manager’s amendment that would direct the State Department to maintain an accurate list of its IT assets, as part of a bid to implement appropriate cybersecurity standards to protect them.
SECRET SERVICE RE-ORG (NO, NOT THAT ONE) — The Secret Service is establishing the Cyber Fraud Task Forces by merging two existing forces, it said Thursday. The formal combination of the Electronic Crimes Task Forces and Financial Crimes Task Forces stems from the growing convergence of cyber and traditional financial crimes, the service said.
“The creation of the new Cyber Fraud Task Force (CFTF), will offer a specialized cadre of agents and analysts, trained in the latest analytical techniques and equipped with the most cutting-edge technologies,” said Michael D’Ambrosio, the service’s assistant director. “Together with our partners, the CFTFs stand ready to combat the full range of cyber-enabled financial crimes. As the Nation continues to grapple with the wave of cybercrime associated with the COVID-19 pandemic, the CFTFs will lead the effort to hold accountable all those who seek to exploit this perilous moment for their own illicit gain.”
DOZENS WEIGH IN ON ADMIN 5G SECURITY PLAN — From our friends at Morning Tech: The Commerce Department, as statutorily obligated by a recent law, sought feedback last month on how to best implement an administration 5G security strategy and has now posted all its comments. Around 80 parties weighed in, from the city of New York to companies like AT&T, Qualcomm and Ligado.
One key issue across much of the input is the recent industry push to open 5G network architecture to increase the diversity of vendors at play (a challenge to China’s Huawei). Verizon, however, despite backing this “open RAN” approach, is urging the administration “not to rely solely on the promise of open RAN,” the carrier cautions. “The strategic imperative of achieving greater supplier diversity will not be solved by open RAN alone in the face of the strategic government support enjoyed by untrusted suppliers.”
REMEMBER WHEN? — A public records request on the FBI’s surveillance of the DEF CON turned up some entertaining, and intriguing, files on the bureau’s interest in the annual hacking conference. Documents posted on MuckRock, and the subject of a Twitter thread Thursday, suggest that the FBI first became highly interested in the conference in 2000, even though it began in 1993. In 2000, it began filing routine reports, and even had an open investigation that spurred its interest in that year’s event.
Evidence points to a strong FBI presence at the conference in 2000, when it seemed to want to “aggressively determine” something about DEF CON; the Chicago and Washington field offices indicated a specific interest. The bureau warned about the “spot the fed” contest at the conference, too. In 2004, FBI counterterrorism and the Miami and Phoenix field offices again showed a special interest. These days, federal officials openly attend and speak at DEF CON, and many conference organizers encourage working together.
ZOOM GO BOOM — Zoom users running Windows 7 and older versions of the Microsoft OS are vulnerable to a remote-code execution flaw that could let hackers completely commandeer their computers, researchers revealed Thursday. The zero-day exploit works by “getting the user to perform some typical action such as opening a document file,” according to the security firm ACROS Security, which received a report about the flaw from a researcher who requested anonymity. “No security warning is shown to the user in the course of attack.”
Microsoft terminated general support for Windows 7 in January, but it has continued offering support to the elections community, because many voting machines and election management computers run the outdated OS. Zoom is still working on a patch for the affected version of its software, but in the meantime, vulnerable users can download a “micropatch” through ACROS Security’s platform.
WE’RE LOSING SAND — Thirty progressive groups demanded Thursday that the Senate cancel its current recess to clear the HEROES Act (H.R. 6800) to devote more money to election grants. “While Congress appropriated $400 million in federal funds earlier this year, those election assistance grants are grossly insufficient as state and local governments respond to our ongoing health and economic crisis,” read the letter, led by Stand Up America. “Now, states urgently need the $3.6 billion in additional federal funds provided by the House of Representatives in the HEROES Act more than seven weeks ago to provide states resources to expand mail-in voting, make polling places safe for in-person voting, and increase online voter registration.”
TWEET OF THE DAY — The replies here are good.
— Jack Huffard, co-founder and board member of Tenable, has joined the board of Immersive Labs, the company announced on Thursday.
— POLITICO: As TikTok has become more visible, so has its critics.
— TechCrunch: TikTok also has seen a rise in government demands for user data.
— Inside Cybersecurity: “The National Telecommunications and Information Administration is establishing a formal ‘partnership’ between five agencies and the private sector to share information on supply chain risks.”
— NextGov: “Interior Struggles to Secure IT Systems Amid Pandemic, IG Says.”
— Motherboard: Verizon has added a (not fool-proof) protection against SIM swapping.
— TechCrunch: Researchers say a smartwatch that’s popular with elderly patients could let attackers take control.
— Reuters: Telecom Italia is leaving Huawei out of its 5G build in the homeland and in Brazil.
— Reuters: Vodafone and BT say it could take a while to remove Huawei equipment.
— The Associated Press: German intelligence warned against providing personal data to Chinese tech firms.
That’s all for today.
Stay in touch with the whole team: Eric Geller ([email protected], @ericgeller); Bob King ([email protected], @bkingdc); Martin Matishak ([email protected], @martinmatishak); Tim Starks ([email protected], @timstarks); and Heidi Vogt ([email protected], @heidivogt).
