With help from Eric Geller and Martin Matishak
Editor’s Note: Morning Cybersecurity is a free version of POLITICO Pro Cybersecurity’s morning newsletter, which is delivered to our subscribers each morning at 6 a.m. The POLITICO Pro platform combines the news you need with tools you can use to take action on the day’s biggest stories. Act on the news with POLITICO Pro.
— Like most everything in the policy world that’s not explicitly about coronavirus, the pandemic has slowed momentum for the Cyberspace Solarium Commission, but its leaders remain optimistic.
— Congressional Democrats struck out on getting the funding they wanted for election administration in a massive Covid-19 aid package.
— Remote voting for Congress poses significant security challenges, a House panel concluded, although there is a dissenting view.
HAPPY WEDNESDAY and welcome to Morning Cybersecurity! So it’s come to this. Send your thoughts, feedback and especially tips to [email protected]. Be sure to follow @POLITICOPro and @MorningCybersec. Full team info below.
SOLARIUM ECLIPSE — Action on recommendations by the Cyberspace Solarium Commission is effectively on hold, after a series of congressional hearings on the group’s findings were postponed due to the coronavirus, Martin and your MC host report. House and Senate Armed Services subcommittees were set to scrutinize the bipartisan panel’s work this week and the Senate Homeland Security Committee was also making plans for a session, but all of that’s been scrapped as the pandemic occupies Capitol Hill’s attention.
“Clearly, our timing is not perfect here. But we are adjusting as necessary,” said Rep. Mike Gallagher (R-Wis.), one of the commission’s co-chairmen. “While it’s dampened some of the public attention we’ve gotten, it hasn’t stalled our behind-the-scenes legislative effort.” Sen. Angus King (I-Maine), the other co-chair, argued that the virus has “underlined the importance of this commission’s work”: “If you cross out ‘coronavirus’ and write in ‘destruction of the electric grid,’ we’re in a very similar position.”
Beyond tripping up the commission’s Hill debut, the virus could have greater repercussions as the cost of relief efforts reaches into the trillions and the pandemic endangers everyday life, warned Klon Kitchen, lead tech analyst at The Heritage Foundation. “When they were writing it, they weren’t writing it in a context of the nation being in … a potentially global downturn,” he said. “None of the major strategic initiatives were going to be cheap.” Pros can read the full story here.
DEMOCRATS FALL SHORT ON ELECTION FUNDING DEMANDS — Republicans and Democrats overnight reached a deal on $2 trillion in coronavirus aid, with the text expected to be released later this morning. One thing we do know about the package? “We didn’t get the money we wanted for elections, but that would not be to hold up this bill,” House Speaker Nancy Pelosi (D-Calif.) said Tuesday. That, she added, can be revisited.
THE SECURITY CONCERNS OF REMOTE VOTING — Remote voting for Congress poses security challenges and other problems and probably couldn’t be implemented during the current pandemic crisis, House Rules Committee Democrats said in a report released Monday evening. “In order to allow Members to vote remotely from all over the country, a new electronic system would have to be put in place, raising several security concerns: foreign and domestic cyberattacks, interference by third parties, and challenge authenticating Members’ identities as they cast votes remotely,” Democrats wrote.
The existing electronic voting system, which is a closed system that’s not connected to the internet, is regularly tested and took almost 100 years and more than 50 bills and resolutions to implement, the report states: “Although off-the-shelf products exist to allow a Member to videoconference their votes … they have not been tested under the sort of pressure they would face from enemy states or other bad actors trying to force the system offline or prevent individual Members from accessing it.” Proxy voting doesn’t have some of the same technological or security problems, the report observes.
The progressive group Demand Progress took issue with the Rules report on Monday evening, noting that the panel largely appeared to assume a push-button voting system rather than an approved teleconferencing system where lawmakers could be seen registering their vote. “The House of Representatives’ Chief Administrative Officer has already approved five video-conferencing software as appropriate for House use,” wrote the group’s policy director, Daniel Schuman. “Presumably, the CAO has evaluated questions on hackability and cybersecurity when it approved the use of these technologies. In addition, the military and the intelligence agencies use remote video-conference software to coordinate their secret activities.”
RANKING THE FEARS — Three-quarters of IT pros surveyed are more worried about critical infrastructure cyberattacks than a breach of an individual organization’s networks, according to a poll Claroty released today. Claroty, which focuses on industrial cybersecurity, found the numbers noteworthy because many of the 1,000 pros they surveyed in the U.S., U.K., Germany, France and Australia “are typically tasked with protecting enterprise networks.”
More than half of U.S. respondents were concerned that industrial networks were inadequately protected, compared to a sunnier disposition in other countries. U.S. respondents also ranked hacking, ransomware and sabotage the greatest threats, and the energy, oil and gas, and transportation sectors as the most vulnerable.
GRU THE WANDERER — GRU, the Russian military spy agency, may shift its approach in the coming decade, Booz Allen Hamilton warned in a report out today. “The Russian military aspires to better coordinate with economic, political, and other nonmilitary elements of state power,” the analysis of publicly attributed attacks reads. “In contrast to trends in the previous decade, this coordination could plausibly lead to GRU cyber operations occurring in collaboration with Russian civilian security services. Such coordination could undermine attribution efforts going forward.”
For the most part, though, while the agency is capable and prolific in cyberspace, “the GRU’s process for selecting targets and methods is consistent and therefore predictable,” Booz concluded. A revised Russian Military Doctrine due this year could tweak the analysis, the company said.
ANOTHER PLAYER IN THE WILD WEST — Unknown hackers have been targeting organizations in the Middle East since May 2019, security researchers at Kaspersky said in a report published Tuesday. The researchers dubbed the campaign “WildPressure” after the C++ Trojan that the attackers deployed to remotely control infected systems. Interestingly, neither the hackers’ command-and-control infrastructure nor their targets overlap with any known, attributed cyberattack campaigns, Kaspersky said.
Researchers were only able to find three malware samples, each of them “almost unique” in code composition but all three compiled in March 2019. Kaspersky urged caution in attributing the activity. “The targeted nature seems to be clear, but the targeting itself might be limited by our own visibility,” the researchers wrote. “The malware is not exclusively designed against any kind of victim in particular and might be reused in other operations.”
TWEET OF THE DAY — A good learning opportunity.
RECENTLY ON PRO CYBERSECURITY — The Trump administration has written a 5G security strategy. … European governments have begun adopting Chinese-style surveillance in response to Covid-19. … Canada isn’t looking to use cellphone data to track the spread of the pandemic, “as far as I know,” Prime Minister Justin Trudeau said. … “Cloud service providers in Europe ‘have to bear more responsibility and have more obligations’ to report cybersecurity breaches and incidents, Poland’s minister for digital affairs said today.”
— Ishan Mehta, policy adviser for Third Way, is leaving to become the tech policy adviser for Sen. Brian Schatz (D-Hawaii). And Michael Garcia, a staffer for the Cyberspace Solarium Commission, is joining Third Way as a senior policy adviser.
— CyberScoop: Hackers tried to redirect visitors trying to go to a Health and Human Services Department website to a different one that would steal their data.
— Motherboard: Hackers took over a bunch of Twitter accounts to send people to a shady website hawking pandemic supplies.
— Dark Reading: Automated tools are making life easier for would-be hackers, Recorded Future said.
— Inside Cybersecurity: NIST and DHS are talking about an update to telework guidance.
— PortSwigger: How bug bounty platforms are responding during coronavirus.
— CyberScoop: “This team wants to teach your kids cybersecurity while they’re home from school.”
Stay in touch with the whole team: Eric Geller ([email protected], @ericgeller); Bob King ([email protected], @bkingdc); Martin Matishak ([email protected], @martinmatishak); and Tim Starks ([email protected], @timstarks).