Technology

Rep. Jim Himes on the balloon, the PRC, and TikTok


The new ranking member of the House Intelligence Committee isn’t alarmed by what the balloon kerfuffle says about China’s intentions or its tech prowess. In fact, he thinks the clumsy operation may prove to be a “gold mine” for U.S. intelligence agencies.

HAPPY MONDAY, and welcome to Morning Cybersecurity! Oh, what I would give to have been in Billings, Montana, to spot that balloon.

I’ve been waiting 29 years to make a killer “That’s no moon” joke, and I don’t know if you could draw it up any better than that.

Got tips, feedback or other commentary? Send them my way at [email protected]. You can also follow @POLITICOPro and @MorningCybersec on Twitter. Full team contact info is below.

Want to receive this newsletter every weekday? Subscribe to POLITICO Pro. You’ll also receive daily policy news and other intelligence you need to act on the day’s biggest stories.

Alvaro Bedoya, commissioner of the Federal Trade Commission, speaks at a Center for American Progress event on the European Union’s new digital regulations. 1 p.m.

NOT MAD, JUST DISAPPOINTED — The discovery that China was using a high altitude surveillance balloon to surveil U.S. nuclear sites isn’t changing the views of Rep. Jim Himes (D-Conn.) when it comes to the threat that Chinese tech poses to the U.S. — at least, not in the way you might think.

Speaking with MC by phone last night, the new ranking member of the House Intelligence Committee said he was startled by the clumsiness of a country that many assume now rivals the U.S. in military power and intelligence acumen.

“I would hope that all of my colleagues would not have been surprised that the Chinese are aggressive on collection,” Himes told me. “What is surprising here is just the sheer foolishness of what they did.”

Intelligence coup — Push through all the breathless media coverage, Himes told me, and the “real takeaway” of the incident is how Beijing just handed the U.S. an inside look at some of its cutting-edge tech.

While Himes asserted the U.S. retains a surveillance-balloon tech advantage over China, he said the remnants of the downed dirigible could provide a “counter-intelligence gold mine.”

“The fact that we now own the balloon means we’re going to get our understanding of their technology updated,” said Himes. “I’’m fascinated to see where the semiconductors on this thing came from.”

(Not) much ado about TikTok — Asked whether the incident should shake Americans’ trust in Chinese-owned telecommunications technologies like TikTok, Himes countered that Beijing was already doing “all it can to steal our intelligence secrets.”

Still, Himes said he was “not quite there yet” about the idea of imposing an outright ban on the popular app.

Even though it poses clear risks to certain classes of users, like military personnel and government officials, explained Himes, “I’m not ready to say that I have enough facts to know with great conviction whether, you know, no American teenager should use TikTok.”

To get there, he then suggested, “I need to learn more.”

GOP FRESHMAN EYES CYBER — Florida’s former top election official knows firsthand the challenges involved in protecting elections from digital threats — and how important the Cybersecurity and Infrastructure Security Agency is to thwarting them.

Appointed Florida’s secretary of state in 2019, first-time Rep. Laurel Lee (R-Fla.) spent the buildup to the 2020 election working with CISA and state and local officials to secure Florida’s election infrastructure. The effort, which went “well beyond best practices to include hands on keyboard assistance,” ultimately helped Florida avoid any mayhem before or after Election Day, Lee told me during an interview in her new D.C. offices on Thursday.

“CISA was a critical partner to us and was one of the primary sources for information about our threat landscape,” said Lee, who recently nabbed a seat on the House Homeland Security Committee’s Cybersecurity and Infrastructure subcommittee, which oversees CISA.

Trial by fire — In 2020, foreign adversaries’ failure to sway the vote in the Sunshine State were not for a lack of trying.

When Lee was gearing up for the final Election Day sprint, Iranian hackers began sending emails to Florida voters impersonating the Proud Boys, a far-right group. The election interference effort fell flat, however, after local officials reported the suspicious activity to federal law enforcement, who quickly outed the Iranians.

“The experience we had with the Proud Boys in 2020 is an important example of the value of partnerships between state and local election officials and our federal law enforcement partners,” said Lee.

Position to act — Now sitting on a House panel that oversees the agency she once worked side-by-side with, Lee told me she has two priorities for CISA.

“We want to ensure we’re building CISA in a way that it can really invest and protect all of our critical infrastructure.” Second, she said, she wants to help the agency fill a yawning cyber workforce gap by bringing a “focus to the leaders of tomorrow.”

One question — Asked what CISA role should play when it comes to combating election-related misinformation and disinformation — an issue that has proved divisive in Congress — Lee equivocated.

She did state, however, that federal law enforcement has “an important role to play in collecting and sharing intelligence information.”

BUREAU OF CYBER OOPS — It turns out the State Department’s first ambassador at large for cyberspace and digital policy is not a fan of pump-and-dump crypto scams, after all.

On Saturday, hackers momentarily took control of Nate Fick’s personal Twitter account and used it to advertise an obscure cryptocurrency investment. After reclaiming his account later that night, Fick acknowledged the incident and even decided to have some fun with it.

“My account has been hacked. Perils of the job…” tweeted Fick, who has since deleted the fraudulent tweet.

No answers — While the incident appears to have caused little damage, account takeover attacks are a persistent problem for Twitter, one that fraudsters have abused to cause alarm, promote scams and move markets.

And of course, it’s not a great look for the official overseeing the nation’s cyber diplomacy efforts.

As of writing, the State Department has not responded to MC’s request for comment about how Fick’s account was hacked, whether he had two-factor authentication enabled, and if so, whether it deployed phishing-resistant technology.

It is important to weigh all perspectives, not least the balloon’s: