Cyber winners and losers in Trump’s budget

The White House budget proposal included cyber provisions both big and small that revealed the Trump administration’s thinking on digital security, even if much of the document will never be enacted.

— THE BIG ITEMS: Overall, the proposal touts over $15 billion in digital defense spending, a 4.1 percent increase from estimated 2018 spending. The Pentagon would get more than half of that request, asking for just under $8.5 billion, a bump up from $8.2 billion. Another large chunk would go to the Department of Homeland Security, which would get a slight boost to $1.74 billion, up from $1.72 billion.

Story Continued Below

— THE MEDIUM ITEMS: The DHS’s main cyber wing, the National Protection and Programs Directorate would receive $3.3 billion for its total budget, a figure that largely mirrors the White House’s last request. And the Justice Department cyber-specific funding would creep back toward 2017 spending levels, with the Trump budget requesting $721 million, up from $703 million in the 2018 fiscal year. Elsewhere, the White House allocated $210 million for an IT modernization fund that Congress approved as part of a bill last year, but hasn’t yet funded.

— THE SMALL ITEMS: The 2019 DOJ request would include $1.6 million for cyber investigations in the DOJ’s National Security Division — double the current figure. The budget also promises a new focus on securing the electric grid, proposing $95 million for a new office at the Energy Department that would unify the agency’s cybersecurity activities. The Energy Department also asked for a $22.4 million boost for cyber spending within its nuclear security division.

Separately, the budget would funnel nearly $30 million more into the Education Department to help secure the vast trove of students’ personal data the agency collects. Other notable cyber upticks include a $7 million jump for the Office of Personnel Management, victim of the 2015 hack that exposed over 20 million federal workers’ files, and nearly $60 million in additional cyber dollars for the Department of Veterans Affairs.

— THE CUTS: Cyber research funding had a tough day. While the White House budget would massively boost the NPPD’s cyber research funding — from $2 million to $41.4 million — it would concurrently slash digital security research within the DHS Science and Technology Directorate, dropping it from $93.5 million to $22.8 million. Elsewhere, the National Science Foundation would face another drop in cyber research dollars, and the government’s technical standards agency — the National Institute of Standards and Technology — would receive a cut to the cyber budget in its science and technical research division.

HAPPY TUESDAY and welcome to Morning Cybersecurity! We’re back to MC-by-committee today. Send your tips to and be sure to follow @POLITICOPro and @MorningCybersec. Full team info below.

INTEL LEADERS ON THE HILL — The Senate Intelligence Committee gavels in this morning for its annual hearing on worldwide threats. Director of National Intelligence Dan Coats and the heads of the NSA, FBI, CIA and others will testify in open session about a myriad of national security issues. “Our nation’s intelligence agencies stand at the forefront of our defense against continuing threats from terrorist groups, extremist ideology, rogue regimes, nuclear proliferation and regional instability,” Sen. Mark Warner, the panel’s top Democrat, will say in his opening statement. “But in recent years, we have also seen the rise of nations who view themselves at least as competitors, and at worst, as adversaries of the United States. They have begun to utilize new asymmetric weapons to undercut our democratic institutions and steal our most sensitive intellectual property.”

There should also be plenty of questions about palace intrigue within the Trump administration. FBI Director Chris Wray could face uncomfortable questions about his agency squaring off against the White House over a memo drafted by House Intelligence Republicans that accuses the agency of abusing its surveillance authorities for political purposes. Wray asked the White House to withhold or alter the memo before it was made public, which it refused to do, prompting reports Wray might resign.

Meanwhile, it will be one of the last Capitol Hill appearances for NSA Director Adm. Mike Rogers, who recently announced his retirement after nearly four years leading the clandestine organization. Senators might ask how the agency, and its reportedly beleaguered personnel, are coping with recent high-profile thefts of classified information, including one that led to the mysterious Shadow Brokers hacker group — a suspected Russian cutout — posting the agency’s cyber weapons online. U.S. Army Cyber Command chief Lt. Gen. Paul Nakasone — who was nominated last week for his fourth star — is expected to be named as Rogers’ replacement any day.

Expect lawmakers to press all of the intelligence leaders on Russian election interference ahead of the upcoming midterms. Democrats in particular have been ringing the alarm bell for months that the Trump administration has done little to protect the nation’s election infrastructure ahead of the next campaign cycle — or to punish Moscow for tampering in the 2016 presidential race. Congress has yet to enact any significant legislation that might help ward off hackers.

…SPEAKING OF ELECTIONS — This afternoon the Senate Armed Services Cybersecurity Subcommittee will come to order to receive testimony about what role, if any, the Pentagon should play in protecting democratic elections. The subpanel will hear from four experts, including Michael Sulmeyer, the former director of cyber policy plans and operations in the Office of the Secretary of Defense.

IF YOU CAN’T STAND THE HEAT… — The Justice Department’s third-ranking official will leave her job soon in part because she fears having to oversee special counsel Robert Mueller’s probe into possible ties between the Trump campaign and Russian election meddling efforts, NBC News reported Monday. Associate Attorney General Rachel Brand, who is leaving the department to take the top legal job at Walmart, has said privately that she did not want the attention that would come with overseeing Mueller, which would fall to her if Trump fired Deputy Attorney General Rod Rosenstein. “Brand told friends she did not want to enter” the spotlight that would accompany such a change, according to NBC News. After Brand leaves, Solicitor General Noel Francisco will be next in the line of succession at DOJ. If Rosenstein were fired, Francisco would become the acting attorney general for the purposes of the Russia probe. A DOJ spokeswoman told NBC News that its report about Brand’s thinking was “false and frankly ridiculous.”

NOOSE TIGHTENS AROUND INFRAUD — Albanian police have arrested another alleged member of the cybercrime ring known as the Infraud Organization. Authorities in the Southeastern European country announced Monday that they had detained Aldo Ymeraj in Tirana, the capital city, on an international arrest warrant. Last week, the Justice Department indicted Ymeraj and 35 other cyber criminals for participating in Infraud’s operations, which included identity theft, selling stolen credit and debit card information and distributing malware. At the time of the indictment, a global operation had arrested 13 of the defendants. Two days later, Thai police announced the arrest of Infraud’s alleged co-founder.

CRYPTO JACKING, SO HOT RIGHT NOW The popularity of cryptocurrency is increasingly translating into malware that hijacks machines to mine for the digital currency. Over the weekend, a cryptocurrency-mining malware that used U.S. and U.K.-government machines surfaced. The U.K. National Cyber Security Centre issued an alert on the matter. “NCSC technical experts are examining data involving incidents of malware being used to illegally mine cryptocurrency,” the center said. “The affected service has been taken offline, largely mitigating the issue. Government websites continue to operate securely.” Oh, and stop us if you’ve heard this before: Another coin exchange got hacked for a multimillion-dollar haul.

LET’S SHARE — The financial industry’s cyber threat information-sharing hub is out with a new mechanism designed to allow for a more secure transfer of information on hackers. The updated communication tool features enhancements to protect the transfer of sensitive financial data. The move “benefits everyone in the data aggregation ecosystem,” Eric Guerrino, chief operations officer of the data-sharing hub, dubbed the Financial Services Information Sharing and Analysis Center, said in a statement. “We want to ensure that everyone from the consumer to the financial institution and the data aggregators can share information safely, quickly and accurately.”

BY OUR POWERS COMBINED… — General Dynamics is buying IT contracting giant CSRA for nearly $7 billion, the two companies announced Monday. The move instantly makes General Dynamics a major player in the realm of federal IT, as CSRA was recently awarded a $2.4 billion contract by the NSA to develop a portion of its clandestine infrastructure and snared some of the Defense Department’s $500 million push to build an on-premise cloud computing system. “The acquisition of CSRA represents a significant strategic step in expanding the capabilities and customer base of GDIT,” General Dynamics CEO Phebe Novakovic said in a statement. On top of the $6.8 billion transaction, General Dynamics will also take on $2.8 billion in CSRA debt, bringing the total price tag to $9.6 billion.

INDUSTRY COMMENTS ON BOTNET REPORT — Monday was the deadline for interested parties to comment on a draft government report recommending ways to defeat botnets and generally improve the stability of the internet. The report, written by the Commerce and Homeland Security departments, was a key part of Trump’s cyber executive order, though it contained little in the way of new advice about a problem that has become increasingly pressing as more devices connect to the internet and become prey for hackers. Among the organizations that filed comments ahead of the deadline were the trade groups BSA | The Software Alliance, US Telecom and the Coalition for Cybersecurity Policy & Law. DHS and Commerce must submit their final botnet report to the White House on May 11.

RECENTLY ON PRO CYBERSECURITY — The White House said House Democrats had to work with the FBI to scrub their classified memo before it could be released. … Hackers targeted the Olympics opening ceremonies with destructive malware. … The Trump administration released its infrastructure plan.

TWEET OF THE DAY — This could be its own horror novel.


“A behind-the-scenes look at two tumultuous years at Facebook as it battled with fake news, its impact on the election, global affairs, and users’ minds.” Wired.

Equifax has hired Jamil Farshchi as its chief information security officer. The Wall Street Journal.

NBC reporter Ken Dilanian pushed back at a DHS statement blasting the news outlet’s reporting on election hacking.

Anthony Ferrante, who once coordinated the government’s response to Russian election interference, is now helping BuzzFeed’s effort to verify the Trump dossier. Foreign Policy.

Edward Snowden trolled the White House over its security clearance struggles. The Hill.

That’s all for today.

Stay in touch with the whole team: Cory Bennett (, @Cory_Bennett); Bryan Bender (, @BryanDBender); Eric Geller (, @ericgeller); Martin Matishak (, @martinmatishak) and Tim Starks (, @timstarks).