SECURING ELECTIONS 3.0 — Senate lawmakers plan to introduce a revamped version of the Secure Elections Act next month, according to Sen. James Lankford, the bill's chief GOP sponsor. The next iteration of the bill will be unveiled after the Sept.
With help from Eric Geller and Martin Matishak
SECURING ELECTIONS 3.0 — Senate lawmakers plan to introduce a revamped version of the Secure Elections Act next month, according to Sen. James Lankford, the bill’s chief GOP sponsor. The next iteration of the bill will be unveiled after the Sept. 30 government funding deadline and will tackle concerns about compelling more states to use paper-based audits, Lankford told Martin. “As I like to say, we’re now fighting over nouns and verbs and prepositions to try to figure exactly how things are working, to make sure it lines up with everyone.”
Story Continued Below
The new push is a major turnaround from last month, when a partisan feud derailed a Senate Rules Committee markup of the bipartisan bill, S. 2593. Still, challenges remain, such as the truncated congressional calendar. Pros can read the full story here.
HAPPY MONDAY and welcome to Morning Cybersecurity! Your MC host caught up to the replay of Canelo Alvarez vs Gennady Golovkin II this weekend. In the words of Golovkin’s countryman Borat, “Very nice.” Send your thoughts, feedback and especially tips to our full team using the contact info below, and be sure to follow @POLITICOPro and @MorningCybersec.
THIS WEEK join POLITICO at The Liaison Capitol Hill on Sept. 27 for the AI Summit: Innovation & Governance, a global leadership gathering of policy makers, business leaders, and experts for solutions-driven conversations on the impact of AI on governments, industries, and society. Doors open at 8:30 a.m.! bit.ly/POLITICOAI
PRESIDENT DONALD TRUMP SAYS A RED WAVE IS COMING ON ELECTION DAY. Is he right or will the tide turn blue? Compete against the nation’s top political minds in the POLITICO Playbook Election Challenge, by correctly picking the winning candidates in some of the most competitive House, Senate and gubernatorial races in the country! Win awesome prizes and eternal bragging rights. Sign up today! Visit politico.com/playbookelectionchallenge to play.
YOU’RE INVITED Help us celebrate the launch of POLITICO Pro Canada at a special breakfast event on Sept. 26 at the University of Toronto’s Munk School of Global Affairs. “Navigating the New Washington” will feature an intelligence briefing by POLITICO reporters who cover trade, economic policy, the White House, and the midterm elections—and an in-depth conversation with Canadian Ambassador to the U.S., David MacNaughton. Send us questions you’d like us to ask and RSVP here: https://bit.ly/2NIb19Y
BUSY LITTLE BEES — The Senate is back and could make a number of cybersecurity moves this week. The full chamber might advance a top DHS legislative priority (H.R. 3359) on cyber, a bill renaming and reorganizing the department’s major cyber wing. The Senate Homeland Security panel on Thursday has scheduled consideration of three more cybersecurity measures. One (S. 3085) would create a council and take other steps to assess IT supply chain risks for the federal government. A second (S. 3208) would give agencies the right to circumvent collective bargaining when securing information systems, reviving a fight that went nowhere under the Obama administration. And the third (S. 3437) would establish a program to allow cybersecurity pros to move from one civilian federal agency to another civilian federal agency to sample life elsewhere.
Wednesday brings a pair of pertinent Senate committee hearings, with an Armed Services subcommittee exploring the Defense Department’s cyber readiness and the Senate Commerce panel probing consumer data privacy safeguards at major telecommunications companies.
The organizers of DEF CON, meanwhile, are bringing their agenda to the Hill. On Thursday, the DEF CON Voting Village will release a final report on its election hacking experiment at last month’s conference. And DEF CON’s industrial control system village will host “Hack the Capitol” Wednesday and Thursday with the Wilson Center and National Security Institute, in an event featuring workshops, talks and more about the ICS threat.
BIG MONEY — Major fiscal 2019 spending legislation (H.R. 5895) that bundled multiple bills together — and that President Donald Trump signed into law late last week — finalizes funding for the Energy Department to create a $120 million Office of Cybersecurity, Energy Security and Emergency Response. The office prioritizes cyber while consolidating some operations. The funding level is more than Trump sought, since his budget proposal called for $96 million. Of the $120 million, $10 million is set aside for the DarkNet project to separate some grid functions from the public internet. That project is operated by Oak Ridge National Laboratory in Tennessee, home state of the Senate chairman of the panel that put together that chamber’s version of the bill, Lamar Alexander.
Overall the energy section of the bill would send tens of millions more to cybersecurity programs related to research and development, DOE’s chief information officer, natural gas, renewable fuels and nuclear nonproliferation.
Under the military construction section of the measure, the conference report directs the Defense Department to produce reports on overcrowded parking lots and roads near its facilities, focusing heavily on Fort Meade, home of the NSA and Cyber Command. The conference report notes that personnel at Fort Meade has ballooned from 35,000 in 2005 to 57,000, more than double the number of people at the Pentagon proper. It also includes $17 million for an IT project at the Department of Veterans Affairs. “As stated in the House
report, VA is urged to ensure that patient records being transferred from DOD to VA have the same level of security and data-level protections as provided by the Department of Defense,” the conference report states.
Last, the legislative branch section includes a ban on organizations under its jurisdiction buying telecommunications or IT products from Chinese companies ZTE and Huawei, unless they complete a checklist of assessments to make sure the products pose no cyber espionage or supply chain risks.
RUSSIA WHO? LOOK OVER THERE! — The Trump administration is “certainly” worried about Chinese election interference, Secretary of State Mike Pompeo said late last week on Fox News. “We worry about election interference from lots of places, certainly from China,” Pompeo told Fox’s Rich Edson. “We’ve seen what the Russians did back in 2016, and frankly, we know what the Russians have done for decades now. But it’s not simply Russia and China. North Korea too has a great capacity to do things in the cyber world that could have an impact on our elections. Iran, too.” Pompeo added that even “non-state actors” were suspected of digitally meddling in U.S. elections.
Asked whether the Trump administration, through its own intelligence work and its partnership with state and local election officials, had hardened the country’s cyber defenses in time for the midterms, Pompeo somewhat demurred. “I think we are in a place that we have never been before in terms of our preparedness,” he said.
BLACKOUT PREVENTION — G7 energy ministers discussed cybersecurity cooperation for the first time at a meeting last week in Halifax, Canada, signaling the increasing importance of grid protections to the world’s seven leading economies. “Energy cybersecurity, lessons learned in modernizing power systems and grids, and resilient energy systems in the context of extreme weather events” were the three new topics on the agenda at this year’s G7 Energy Ministerial, according to an Energy Department statement. Deputy Secretary Dan Brouillette represented the U.S. at the meeting. In a statement, Brouillette said the Trump administration favored “a common approach for open, competitive, sustainable, and secure energy systems,” adding that the administration was excited about cooperation “across the full range of energy technologies and energy policy, notably the G7 Canadian Presidency’s proposals for cooperation in energy cybersecurity and resilient energy systems.”
SLIDING INTO YOUR DMs — Twitter on Friday notified a small group of users that a bug may have caused their private messages to be shared with the wrong people. The issue, which affected less than 1 percent of all Twitter users, started in May 2017 and lasted until it was discovered and fixed by the social media giant on Sept. 10, the company disclosed in a statement. The glitch involved direct messages and protected tweets sent to businesses and other accounts managed by software developers, according to Twitter.
RECENTLY ON PRO CYBERSECURITY — A man who helped hackers fool anti-virus software was sentenced to 14 years in prison. ... The final compromise fiscal 2019 defense appropriations bill excludes a ban on doing business with Chinese telecommunications firms ZTE and Huawei.
TWEET OF THE DAY — Two sides of the same coin.
— Indiana Secretary of State Connie Lawson, up for reelection this year, penned an op-ed about Indiana’s election security highlights with Chris Krebs, undersecretary of DHS’s main cyber division. Indianapolis Star
— Local governments aren’t adopting free federal and industry election security aid very much. BuzzFeed
— Russia worked on an abandoned plan to get WikiLeaks founder Julian Assange out of the U.K. Guardian
— Ecuador gave Assange a diplomatic post in Russia but ultimately rescinded it. Reuters
— Voting vendor ES&S made remote access software available in 300 jurisdictions. NPR
— Hackers are moving away from anonymity. The New York Times
— Speaking of The New York Times, it’s suing the FCC over alleged Russian meddling in the net neutrality debate. Ars Technica
— How the Baltic region has fought Russian election interference. Bloomberg
— “Former top White House official revises statement to special counsel about Flynn’s calls with Russian ambassador.” The Washington Post
— DHS is trying to define what a network disruption is. Nextgov
— Forbes takes a look at what’s secure and what’s not with the new iPhones.
— Claroty’s Dave Weinstein reviews the new Pentagon cyber strategy. Lawfare
That’s all for today. I didn’t score Canelo-GGG II closely, but it looked an awful lot like a draw.
Stay in touch with the whole team: Mike Farrell (email@example.com, @mikebfarrell); Eric Geller (firstname.lastname@example.org, @ericgeller); Martin Matishak (email@example.com, @martinmatishak) and Tim Starks (firstname.lastname@example.org, @timstarks).
elections 2018 elections elections in hungary elections in sweden elections 2019 elections in spain elections usa elections in france elections in poland elections in sweden 2018