White House holds back top cyber official from Senate hearing

The White House has declined to make Rob Joyce, President Donald Trump’s chief cyber adviser, available for a Senate Armed Services Committee hearing today focused on defending the country against cyberattacks, a committee source told POLITICO.

Joyce had been invited to appear before the panel alongside the digital chiefs from the Pentagon, the Homeland Security Department and the FBI to discuss the roles and responsibilities each agency plays in protecting the nation from online threats.

The absence of Joyce — the senior National Security Council official responsible for coordinating a “whole of government” approach on cybersecurity — is not likely to sit well with members of the Armed Services Committee, especially Chairman John McCain. The Arizona Republican — who is already having something of a week with the president — has regularly chastised the Trump administration for failing to develop a cyber warfare doctrine, a critique he also leveled against the Obama White House.

The Senate version of the fiscal 2018 National Defense Authorization Act (H.R. 2180) includes language — crafted by McCain — that would establish the country’s first ever cyber warfare policy. The strategy would dictate that the U.S. should employ all tools of national power, including offensive digital weapons, to deter and respond to cyberattacks that aim to cause casualties, threaten infrastructure or disrupt normal business. The Trump administration has objected to the clause, but McCain has shrugged off the concerns.

HAPPY THURSDAY and welcome to Morning Cybersecurity! Oh man, is this ever creepy. Send your thoughts, feedback and especially tips to tstarks@politico.com and be sure to follow @timstarks, @POLITICOPro and @MorningCybersec. Full team info below.

[NEW PRO FOR THE HILL] POLITICO Pro now offers all-inclusive Pro access to Hill offices. Senate offices: learn more here. House offices: learn more here.

STANDARDS BODY WILL TACKLE WPA2 FLAW — The international group that sets key wireless security standards will consider a response to recently revealed vulnerabilities in the WPA2, a protocol that protects wireless computer networks. In a statement to POLITICO, the Institute of Electrical and Electronics Engineers said its wireless working group “will be meeting to address the matter and define a plan of action.” After Monday’s announcement of the WPA2 flaws, Johns Hopkins University computer science professor Matthew Green said that the IEEE’s unusually opaque standards-setting process was partly to blame for the issue and the 13-year delay in discovering it.

In its statement announcing the plan to review the WPA2 vulnerabilities, the IEEE defended its process, calling it “open and inclusive.” It also said its eventual “plan of action” for the WPA2 issue would be “shared publicly as soon as it is available,” though it did not offer a timetable for any of the work. Green told MC that, for this situation, the IEEE should depart from its usual approach. “They should cast their net [of meeting participants] more widely,” he said in an email. “Open their process up to the research community, and make their meeting minutes available online.”

SESSIONS KNOCKS PROPOSED 702 REVISION — Attorney General Jeff Sessions said Wednesday that he’s against legislation that would force the FBI to seek a warrant to access the content of NSA-intercepted communications. The proposal is contained in a House bill to reauthorize Section 702 of the Foreign Intelligence Surveillance Act, a statute that authorizes extensive overseas electronic surveillance but sunsets at the end of the year.


Continue reading…