U.S. Cyber Command is facing a pivotal 2018 that could impact the Pentagon’s offensive digital operations for years, if not decades, Martin reports.
The Trump administration’s decision last August to finally place U.S. Cyber Command on the same level as other high-level combat commands was widely applauded. But the fanfare quickly died down as the Defense Department and members of the U.S. intelligence community began the painstaking process of examining how to best separate the premiere cyber warfare unit from the National Security Agency, which has shared resources and leadership with Cyber Command since its 2009 inception.
“This is not something that you do lightly. We don’t want to lose anything in it,” said Sen. Mike Rounds, who chairs the Senate Armed Services cybersecurity subcommittee. The military has a lengthy list of issues it must address before it can make many of the critical decisions for it to formally become a unified combatant command, including finding a new chief to lead the bolstered organization. Navy Adm. Mike Rogers currently helms the organization as a “dual-hat” leader who also oversees the intelligence-gathering NSA. But his tenure is coming to a close. The NSA director told staff last week he would retire this spring.
To manage the mountain of work, DoD has created two high-level working groups — one to iron out the details of elevation, the other to study the dual-hat structure. The recommendations they provide could echo for years, determining the path of Cyber Command after it hits full staffing levels at the end of the fiscal year to reach full operational capability. Many lawmakers are already wondering if the digital warfighting unit will need more personnel, given the rapidly accelerating digital arms race. “Do they have their cyber bullets and do they have their cyber shields?” a congressional aide asked. “Everyone’s pointing towards this FOC mark, but it’s really what happens the day after FOC that’s going to matter.” Pros can read the full story here.
HAPPY MONDAY and welcome to Morning Cybersecurity! Just in case you wanted the funny (?) version of Spectre and Meltdown. Send your thoughts, feedback and especially tips to email@example.com and be sure to follow @POLITICOPro and @MorningCybersec. Full team info below.
MINI Q&A WITH REP. WILL HURD — On Friday, the Aspen Institute launched a new effort to study cybersecurity. The Aspen Cyber Strategy Groups include subject matter heavyweights like IBM CEO Ginni Rometty, former Obama administration Homeland Security Adviser Lisa Monaco and Rep. Will Hurd. Martin spoke to Hurd about his new colleagues. Below are some exchanges, edited for length.
How did this new initiative come together and why did you agree to do it? It came together because the Aspen Institute, in its history, has a record of bringing folks from the public and private sectors to try to talk about big challenges. Then when you look at the members that are part of this group, it really is some of the best and the brightest in government, in the private sector, people that have experience in both. It’s a great group. And also, personally, this is to help the drive oversight agenda for the [House Oversight Information Technology subcommittee].
How might it influence the subpanel’s agenda? It’s having conversations with people that are on the cutting edge of cybersecurity You really get to understand what’s happening … One of the biggest debates we’re having inside the government right now is whether or not we should transition to the cloud. That’s so 1992. So for me, being around a talented bunch of folks, it’s helpful to kind of understand what’s over the horizon and start building an oversight role in making sure that the dot.gov space is prepared for a promising future.
What topics do you hope to address? One topic that I will be intimately involved in helping to drive the conversation is to deal with the problem of unclear roles, responsibilities and perceived value of proactive, operational cooperation between the public and the private sector. Another one we’re going to be looking at is the talent pipeline for cyber professionals and looking at how do you influence that pipeline at the college, high school and secondary-levels. A third one is how do we deal and stay ahead of the curve on future technology, like artificial intelligence, the Internet of Things, quantum computing, cryptography. Those are all areas where the United States must stay No.1.
What will the group produce? I think everybody who is participating in this is going to be effective and might be able to take things away from these engagements. The goal is to have deliverables that can be actioned by the various entities that are participating in this group.
Do you already have meetings planned? We do … three more meetings planned for sure. The dates are set and there’s to be a number of sessions in-between the meetings to be prepared for having that kind of talent in one room together. I don’t know of any other group that has this mix of talent, the …. kind of talent to where we can prevent some of the problems we’ve been seeing of the public and the private sector talking past another, I think is really big deal.
BOTNET REPORT RECEIVED WARMLY — Industry groups offered high praise for the Trump administration’s plan to combat botnets, which the Commerce and Homeland Security Departments published late last week. The draft report, which is out for public comment, recommends steps that agencies, academia and private industry can take to protect the internet from these armies of hacked machines, which have powered spam campaigns and debilitating internet assaults known as distributed denial-of-service attacks. “This report is a major milestone in the battle to defend the security and viability of our nation’s critical infrastructure and digital economy,” said Jonathan Spalter, the chief executive of USTelecom, in a statement. The report will improve the internet security landscape “by calling for deepening collaboration across industry and government,” said Spalter, whose group represents internet service providers, a major player in anti-botnet efforts.
The Consumer Technology Association, which represents a wide array of device makers, pointed to the report’s conclusion that defeating botnets is not the responsibility of any one industry. “Fighting them requires cooperation between the public and private sectors,” CTA President and CEO Gary Shapiro told MC in a statement. A similar message came from the Information Technology Industry Council, whose members include firms as diverse as Adobe, eBay, Microsoft and VMware. “While we’re still reviewing the draft, we are encouraged to see it includes several recommended actions calling on government and industry to work together to drive collaborative solutions across the global digital ecosystem,” John Miller, the group’s vice president for global policy and law, cybersecurity and privacy, said in a statement to MC.
WHAT MIGHT HAVE BEEN — Obama administration officials briefly considered sanctioning Moscow-based cyber firm Kaspersky Lab in retaliation for Russia’s alleged 2016 election meddling, according to the Wall Street Journal. The top sanctions official at the State Department, Daniel Fried, “recommended to colleagues they look for elements of Russia’s cyberpower the U.S. could target” and said “Kaspersky at least needed to be considered as a potential player in Russia’s moves against the West,” the Journal reported late last week. “I asked rhetorically, do you want to testify before some committee about when did you know about this and why didn’t you do anything?” Fried told the Journal.
Kaspersky never ended up on an American sanctions list, in part because other officials thought the move would invite Kremlin retaliation against American businesses, according to the story. Another problem: sanctioning Kaspersky might require the intelligence community to declassify some of the evidence against the company, which had been gathered through sensitive sources and methods.
While the public has only heard strident warnings about Kaspersky over the past year, in the aftermath of the Kremlin’s cyber campaign, federal agencies have been warning for more than a decade that Moscow might be tapping into the software for espionage purposes. The Journal previously reported that the Defense Intelligence Agency produced a report labeling it a “threat actor” in 2004, and the paper’s new story reveals that the intelligence community has “issued more than two dozen reports referring to the company or its connections.”
FISA BACK ON DECK — The House this week will try once again to enact a long-term extension of expiring surveillance powers, with two key panels, Judiciary and Intelligence, forming at least something of a compromise bill. The House Rules Committee will take up the legislation (S. 139) Tuesday, and the bill is scheduled to come to the House floor Thursday. There could be a manager’s amendment that reflects further adjustment sought by House Judiciary Chairman Bob Goodlatte. The major issue still at hand is what kind of warrants should or shouldn’t be required for for officials seeking to access the content of Americans’ communications collected under 702 of the Foreign Intelligence Surveillance Act.
Civil liberties advocates, including Judiciary’s top Democrat, Jerry Nadler, said the bill doesn’t go far enough to prevent “backdoor” searches for Americans’ information. “Members of the House of Representatives should reject this pretend reform bill, just as the privacy community has,” said Robyn Greene, policy counsel and government affairs lead for New America’s Open Technology Institute. “This bill leaves the backdoor search loophole gaping wide open, and it still risks expanding Section 702 surveillance in the same troubling ways as before.” A House aide said House Speaker Paul Ryan was willing to allow a floor vote on one backdoor search amendment.
** A message from Hewlett Packard Enterprise: How are Hewlett Packard Enterprise‘s supercomputers helping create the future in science, medicine and national security? Learn more: hpe.com/supercomputing **
DON’T LOOK AT US — President Donald Trump’s dissolution of his voter fraud commission and his pledge to shift the work to the Homeland Security Department forced DHS to reach out to states and let them know it wouldn’t affect its election security cooperation, Reuters reported. Many states viewed the commission’s information requests as a security threat to voter data. “If (DHS) were to start investigating these non-existent voter fraud claims, that would be very problematic,” said Edgardo Cortes, the chief election official of Virginia, one of many states who fought the commission’s voter data request. The commission’s leader, Kris Kobach, indicated that he expected the Immigration and Customs Enforcement agency to take over its work, while Reuters reported that DHS’s election security officials wouldn’t be involved.
CBP, YEAH YOU KNOW ME — Customs and Border Protection instituted new restrictions last week on border searches of personal devices, but at least one critic still saw loopholes that could create security concerns for border crossers. The new rules require “reasonable suspicion” for advanced searches of laptops, cell phones and other devices. “By requiring ‘reasonable suspicion’ before conducting forensic searches of Americans’ devices at the border, Customs and Border Protection is beginning to recognize what the Supreme Court has already clearly stated that ‘digital is different,’” Sen. Ron Wyden said.
“However, there’s more work to do here,” Wyden said. “Manually examining an individual’s private photos, messages and browsing history is still extremely invasive, and should require a warrant.” Of special concern, Wyden’s office said, is that CBP’s “new rules also explicitly permit CBP to attempt to bypass the encryption or brute-force a password protecting a device seized at the border without reasonable suspicion.”
HAPPY ANNIVERSARY? — The intelligence community report pinning digital 2016 election interference on Russia celebrated its one-year anniversary. Democrats took the occasion to revisit how additional information since reaffirmed the report’s conclusions, and hammer Trump for not acting on them (let alone accepting them as true). Sen. Mark Warner, the top Democrat on the Intelligence Committee, said at the end of a tweet thread: “This is not fake news. This is not a witch hunt,” he continued. “It is a clear and unanimous conclusion that Russia attacked the United States. Frankly I’m astonished that our President has failed to even acknowledge this ongoing threat to our democracy. It begs the question: WHY?” Said the liberal Center for American Progress think tank: “In the face of knowledge that Russia hacked America’s election — and could very well do so again — the Trump administration still refuses to act.”