Trump talks ‘very important’ cyber

President Donald Trump this weekend talked about cybersecurity and election interference at two separate events. Here’s a bit of an annotation of his remarks from Friday in Scottsdale, Ariz.

— Asked about Friday’s unsealed indictment of a Russian woman charged for midterm election interference, Trump said, “It had nothing to do with my campaign.” Nobody said it did, although much of the manipulation featured in the indictment favored Trump.

— Questioned about warnings to Russia not to interfere, Trump he’d already issued them, then shifted attention to former President Barack Obama knowing about the 2016 interference. “He did nothing about it because he thought Hillary Clinton would win.” By all credible accounts, Obama was hesitant to take stronger action because he feared Republicans would accuse him of politicizing the issue. Republicans reportedly resisted issuing a bipartisan statement condemning Russian meddling, but the Obama administration ultimately released a public statement and delivered private warnings to Russia.

— “Now, the good thing is every single report — as you know, Richard Burr came out — Senator Richard Burr, head of the Senate Intelligence. They said, ‘Did you see any collusion?’ ‘No collusion. I’ve seen no collusion whatsoever.’ Very strong. Couldn’t be stronger.” Really, Burr’s comments could’ve been stronger. What Burr actually said there was no “hard evidence” yet of collusion, but there was further investigation to be done.

— On 2016 election meddling, Trump said, “But the good news is, it never affected — whatever did take place never affected the vote. And everybody agrees to that. It never affected the vote.” This is similar to the problem with Trump’s comment on Burr. In its 2017 report, the intelligence community made no judgment on whether the meddling affected the vote. But the director of national intelligence at the time, James Clapper, said he believes it’s likely that it did.

MEANWHILE, AT LUKE AIR FORCE BASE — Trump offered additional comments on cybersecurity in Glendale, Ariz. “It’s great knowledge involved,” he said. “You can’t just hire somebody off the street and say, ‘Hey, congratulations, you’re in charge of cyber.’” But he said he thought the U.S. could leverage its talent. “Very important — cyber,” he said. “And I hear more and more about cyber. And we have the brainpower.”

HAPPY MONDAY and welcome to Morning Cybersecurity! The Onion had a pithy Q&A on blockchain worth checking out. Send me your thoughts, feedback and especially tips at, and be sure to follow@POLITICOPro and @MorningCybersec. Full team info below.

POLITICO IS PARTNERING WITH THE MILKEN INSTITUTE to bring a special edition of the POLITICO Pulse newsletter to the Milken Institute Future of Health Summit. Written by Dan Diamond, the newsletter will take readers inside one of the most influential gatherings of global health industry leaders and innovators as they tackle today’s most pressing health challenges. The newsletter will run Oct. 23-24. Sign up today to begin receiving exclusive coverage on Day One of the summit.


HOW THE KOLBASA IS MADE — Russian intelligence officers supervising Moscow’s election influence operation provided detailed instructions for how workers should inflame tensions in the U.S. based on current events, the Justice Department revealed late last week when it charged a Russian woman with managing the operation’s finances. In a section of the criminal complaint titled “Targeted Messaging to Sow Social and Political Discord,” prosecutors offered examples of the guidance that supervisors provided for discussing a variety of stories, most of them supportive of Trump.

“Emphasize that all illegal voters must be kept away from the ballot boxes at distances ‘beyond artillery firing range,’” a Russian operator said in reference to a local news story about possible election irregularities. “There is an urgent need to introduce voter IDs for all the states, above all in the blue (liberal and undecided) states.” In another case, referring to a column by the conservative columnist Michael Savage, an operator wrote, “Savage made it clear that any attempt to remove Trump is a direct path to a civil war in the United States. Name those who oppose the president and those who impede his efforts to implement his pre-election promises.”

The complaint includes what appear to be photocopies of printed-out Facebook posts, including an April 28, 2017, photo post with the caption “NRA determined to turn major election wins into permanent gun rights for Americans.” It also includes a transcript of a July 4, 2017, Facebook Messenger conversation between one of the Russians and an unidentified U.S. resident, in which the Russian convinces the U.S. person to manage an anti-immigration Facebook page. “Please tell me I’m not going to jail for this,” the U.S. person wrote. “Jeez why would u,” the Russian replied.

THE CASE FOR RESILIENCE — It’s peak cyber jargon. Every company, government agency or department is aiming for resiliency — the wherewithal to withstand a cyberattack and keep running after it happens. The idea is that organizations assume they’ll experience a breach and therefore build in internal defenses to safeguard valuable data once hackers get inside.

“Focusing not just on keeping intruders out, but on what happens when they get in: that’s resiliency,” said Jonathan Reiber, head of cybersecurity strategy for the firm Illumio and former chief strategy officer for Cyber Policy in the Office of the Secretary of Defense. On Wednesday, Mike will moderate a panel with Reiber on a national cyber resilience strategy along with Kate Charlet, director of the Technology and International Affairs Program for the Carnegie Endowment, and David Simon, a partner in the Washington office of Mayer Brown who specializes in cybersecurity and privacy. Ahead of the event at the Willard Hotel (register to attend here), Mike asked Reiber to make the case for resiliency.

— Resilience could have safeguarded Office of Personnel Management data, Reiber said. Since OPM’s data center wasn’t secure when a Chinese hacker broke in, the intruder was able to maneuver through the system and get access to valuable personal information belonging to millions of current and former government workers. “OPM’s data center was insecure,” said Reiber. “And after gaining an initial foothold, the intruder could stroll through the data center and steal the United States’ crown jewels”

— Instead of putting all their cyber efforts into hardening firewalls or perimeter defenses, he said, organization should work at “protecting the rest of the house once an intruder gets in.” If that happened, he said, “more valuable data would be better protected – and perhaps Russia, China, Iran, and North Korea would be further deterred in cyberspace.”

— The Pentagon is the agency that’s made the most progress on cyber resiliency “because of the degree of risk facing military weapons systems: If weapons systems are disrupted, the whole country can be at risk,” said Reiber, who helped write the DoD cyber deterrence study along with Charlet.


THAT’S NO MOON. IT’S A SPACE STATION — The Defense Digital Service and Army Cyber Command will host an open house later this week to mark the opening of a workspace in Augusta, Ga. DDS director Chris Lynch and ARCYBER chief Lt. Gen. Stephen Fogarty will be on hand for the Oct. 25 event as the two organizations seek to expand a pilot program, dubbed Jyn Erso, where Army soldiers with technical knowhow work alongside civilian digital wizards at the Pentagon on projects. The new workspace is also in keeping with ARCYBER’s plans to move from Fort Belvoir, Va., to Fort Gordon, Ga., by the end of 2020.

EYES EMOJI — Israel is the home of a burgeoning spyware industry, Haaretz reports in a deep dive, that helps repressive regimes around the world surveil dissidents, human rights activists and citizens just trying to keep their heads down, into the key role of several major companies. Most prominent among them is NSO Group, makers of the powerful Pegasus spyware that has popped up in operations against civil society in many Middle Eastern countries. Haaretz spoke to a private surveillance consultant named Ben who said the United Arab Emirates was “a big client of surveillance technologies … and they know that the best technologies come from Israel.”

But NSO Group isn’t the only game in town. Haaretz’s story revealed that Herzliya, Israel-based Verint Systems sold its surveillance technology to dictatorial regimes like the one ruling Bahrain. “Verint supplied the kingdom with systems that are typically used by monitoring centers, and with another system used for collecting information from social networks,” Haaretz reported. Verint also sold its technology to Swaziland, Africa’s last absolute monarchy, and South Sudan. “I can’t constrict my client’s capabilities,” a former senior employee at multiple cyber firms told Haaretz. “You can’t sell someone a Mercedes and tell him not to drive faster than 100 kilometers an hour. The truth is that the Israeli companies don’t know what use will be made of the systems they sell.”

SAUDI MOLE MIGHT HAVE SPIED ON TWITTER USERS — Western intelligence officials warned Twitter in 2015 that one of its employees was spying for the Saudi government, The New York Times reported over the weekend. The employee, Ali Alzabarah, allegedly dipped into the user accounts of dissidents and others and was eventually fired, although the social media giant uncovered no evidence that Alzabarah gave any information to the Saudi government. Twitter ultimately warned dozens of users, including some who worked for the Tor anonymity network, that they had been targeted by state-sponsored actors.

RECENTLY ON PRO CYBERSECURITY  Top security officials warned of election security threats ahead of the midterms. … DHS’s Chris Krebs said the department is looking out for short-term election security attacks. … Apple CEO Tim Cook called on Bloomberg to retract its chip-hacking story. … A enrollment portal suffered a breach. … The U.K. launched a review of telecommunications supply chain security.

This article originally appeared on