Peter Strzok, who led the FBI’s investigation into Russia’s alleged 2016 election interference, considered the bureau’s Cyber Division a disorganized, incompetent mess, according to text messages he sent to Lisa Page, an attorney working for special counsel Robert Mueller.
“Their division is incapable of pulling its head out of its ass,” he texted Page in September 2016. Minutes later, he bemoaned the fact that “no one … is willing to say: cyber is f—– up. Cyber needs to fix itself. Cybers [sic] way of doing business is unacceptable.” Senate Homeland Security Chairman Ron Johnson released the texts on Wednesday as part of his investigation into whether Strzok and Page, who were having an affair, acted inappropriately and with political bias in their work for the FBI and Mueller.
Story Continued Below
The Cyber Division is “broken,” Strzok texted Page on Oct. 9, 2016, two days after the Obama administration publicly blamed Russia for hacking the Democratic National Committee. “Is it going to take some f—— 9/11-type event for everybody to stop saying, just coordinate better, have lots of meetings, figure it out?” In December 2015, Strzok called the division “wildly dysfunctional” and “really bad,” telling Page, “They can do individual investigations but there is NO coherent program management.” In the October 2016 message, Strzok even seemed to suggest that the FBI should replace the Cyber Division with a different structure. “The [bureau] will still recruit cyber people if we have a directorate,” he wrote in October. The FBI did not respond to an email seeking comment on Strzok’s criticisms.
HAPPY THURSDAY and welcome to Morning Cybersecurity! Do not trust the mutant crayfish. Send your thoughts, feedback and especially tips to firstname.lastname@example.org and be sure to follow @POLITICOPro and @MorningCybersec. Full team info below.
ONE MORE MOLE WHACKED — The Justice Department has scored a big win in its game of Whac-A-Mole against cyber criminals. Officials on Wednesday announced that they had busted one of the world’s largest international cybercrime rings, the Infraud Organization. The digital crime syndicate spans at least seven countries and caused $530 million in losses to consumers. The group ran an online forum that amounted to a “premier one-stop shop for cyber criminals worldwide,” according to Deputy Assistant Attorney General David Rybicki.
The illicit marketplace, he added, trafficked in the sale of stolen personal information — including credit card details and Social Security numbers — and advertised services to facilitate identity theft. As part of their global sting, authorities made 36 indictments and 13 arrests, five of which were in the U.S. But Rybicki cautioned that while Wednesday’s action represents a significant victory for law enforcement, other global cybercrime rings of equal or even greater size are “certainly” still in operation.
ELECTION SECURITY UPDATE — Senate Democrats interrogated a top DHS official Wednesday about progress on defending future elections against Russian interference. Sen. Kamala Harris said she was concerned that Chris Krebs — who has been serving as the leader of DHS’s main cybersecurity wing — didn’t have a precise timeline for when in April DHS will finish delivering the highest-level cyber checks that states requested. “What we’ve done is put at the top of the pile the state and local election officials right now. So we have deprioritized others and put those at the top,” Krebs answered, referring to state and local needs over other critical infrastructure needs. “We are looking at the ways to increase training, to bring additional personnel on.”
Krebs also told Harris at a meeting of the Homeland Security and Governmental Affairs Committee that 30 percent of the 50 senior state election officials have received security clearances to receive cyber threat information. He further stated that there are 37 officials who “have submitted their paperwork.” Additionally, “we have about 17, I believe, interim secret,” meaning that they can be “read in” to receive classified information at certain times.
— SPEAKING OF: Also Wednesday, the White House nominated Krebs to fill the position of undersecretary of the National Protection and Programs Directorate on a full-time basis. He has also been serving as assistant secretary for infrastructure protection at NPPD. A key congressional Democrat endorsed the nomination. “The Trump administration has moved far too slowly to fill vital cybersecurity roles across government,” said Rep. Jim Langevin, co-founder of the Congressional Cybersecurity Caucus, in a written statement. “That said, I must commend the choice of Assistant Secretary Chris Krebs to lead NPPD. I’ve known Chris for years, and both in and out of government, he has shown a steadfast commitment to advancing policies that will improve our homeland security, particularly in the cyber domain.” Langevin credited Krebs with emphasizing election security aid to state and local governments. Rep. John Ratcliffe, too, offered his support, as chairman of the House Homeland Security Subcommittee on Cybersecurity and Infrastructure Protection.
POLL ON RUSSIA PROBE INCONCLUSIVE — Voters are divided straight down the middle on whether the Trump campaign colluded with Russia to influence the 2016 election, according to a poll out Wednesday from POLITICO and Morning Consult. Among those surveyed, 40 percent said they believe it did, 40 percent said they believe it didn’t. Meanwhile, 39 percent said they believed Mueller’s Russia probe has been handled fairly, compared to 38 percent who say they believe it hasn’t.
WHAT EVEN IS TRUTH ANYMORE? — Equifax and the office of Sen. Elizabeth Warren are sparring over Warren’s allegation that the credit reporting agency’s massive data breach compromised Americans’ passport information. In a report published Wednesday, Warren’s office said that “Equifax failed to disclose the fact that the hackers gained access to consumers’ passport numbers.” But the company disputed that claim to MC. “Passport numbers were an element we examined while conducting the forensic investigation, but we found no evidence that any passport numbers were stolen,” spokeswoman Meredith Griffanti said in an email.
Not so fast, responded Warren’s office. The senator’s staff pointed MC to Equifax’s answers to questions that Warren’s staff posed on Oct. 4. When the company responded on Jan. 2, it listed “passport #” as one of the data elements that the hackers were able to access. The company’s latest response appears to distinguish “accessed,” meaning hackers saw the passport data, from “stolen,” meaning hackers took it with them. “Equifax hid this breach from the public for weeks, then gave consumers confusing information about whether their data had been stolen, then told Congress one thing and is saying something totally different today,” said Lacey Rose, a Warren spokeswoman, in an email to MC. “Equifax needs to get its story straight — with the Senate Banking Committee and with the American people.”
DON’T MAP ME, BRO — A bipartisan pair of senators asked Defense Secretary Jim Mattis about the department’s policy on enabling the “nomap” feature — which disables a Wi-Fi network from being mapped — for wireless networks and devices on military sites. The letter from Sens. Richard Blumenthal and Tom Cotton, both members of the Armed Services Committee, comes after fitness tracking app Strava shared a heat map that detailed its users’ activity, prompting a DoD-wide review of personal electronics at its installations. “In an era of increasingly contested cyber domains, we could be unknowingly allowing our adversaries to map DoD networks for cyber intelligence, surveillance, and reconnaissance and operational preparation of the environment,” the pair wrote. Specifically, the duo wants to know if the Pentagon regularly uses “nomap” for its Wi-Fi networks so that Google cannot use them in location tracking and if the tech giant has ever advised the department to enable the feature.
SAFETY FIRST — Sen. Steve Daines introduced legislation Wednesday designed to clarify that products used to combat cyberattacks can qualify for liability protections. The bill would update the SAFETY Act, a post-Sept. 11 program designed to protect makers of certain anti-terrorism products from lawsuits. It says that the SAFETY Act would also apply to tools used to combat attacks that the Homeland Security Department declares a “qualifying cyber incident.” DHS has, in the past, certified some cyber defense products under this program.
RECENTLY ON PRO CYBERSECURITY — Spearphishing emails appear to show that Russian hackers may have infiltrated the emails of dozens of top defense industry employees. … Congressional leaders reached a deal on the budget. … The data protection chief in Austria is set to become the first ever chairwoman of the European Data Protection Board.
— Some consumers are more scared of marketers than hackers, a new survey that dropped today from RSA illustrates. The majority of people who have falsified personal data when giving it out, 59 percent, did so because they didn’t want marketer solicitations, compared to 35 percent who were worried about companies keeping their data safe.
TWEET OF THE DAY — You know what they say about people with long passwords…
— Bangladesh’s central bank is suing a Manila bank over the cyber heist of the former. Reuters.
— “The House That Spied on Me.” Gizmodo.
— A small Australian company helps spy and law enforcement agencies break into phones. Motherboard.
— Power company Entergy said a cyber incident didn’t lead to any customer or employee data compromises, nor was the reliability of the grid affected. Fox 8.
That’s all for today. In general, don’t trust any muties.
Stay in touch with the whole team: Cory Bennett (email@example.com, @Cory_Bennett); Bryan Bender (firstname.lastname@example.org, @BryanDBender); Eric Geller (email@example.com, @ericgeller); Martin Matishak (firstname.lastname@example.org, @martinmatishak) and Tim Starks (email@example.com, @timstarks).