Sign up for our daily briefing

Make your busy days simpler with Axios AM/PM. Catch up on what's new and why it matters in just 5 minutes.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Denver news in your inbox

Catch up on the most important stories affecting your hometown with Axios Denver

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Des Moines news in your inbox

Catch up on the most important stories affecting your hometown with Axios Des Moines

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Minneapolis-St. Paul news in your inbox

Catch up on the most important stories affecting your hometown with Axios Twin Cities

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Tampa Bay news in your inbox

Catch up on the most important stories affecting your hometown with Axios Tampa Bay

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Charlotte news in your inbox

Catch up on the most important stories affecting your hometown with Axios Charlotte

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Illustration: Aïda Amer/Axios

The Senate Intelligence Committee detailed shocking new revelations about the 2016 Trump campaign's dealings with Russia in the landmark final volume of its report on the matter, but it missed an opportunity to recommend cybersecurity fixes for today’s campaigns and parties — perhaps by design.

Why it matters: The DNC and RNC could be considered a type of “critical infrastructure,” because without them and the presidential and congressional fundraising they facilitate, U.S. politics as we know it wouldn’t exist. But because they fall outside the government’s protective cybersecurity remit, they are also uniquely vulnerable to outside threats.

  • As the 2016 hacking of John Podesta’s emails showed, the personal devices and accounts of major politicos are also major targets for foreign intelligence services.

Where it stands: The Senate Intelligence report, out last week, lays out key recommendations for preventing 2016-style meddling from happening. They include:

  • Strengthening enforcement of the Foreign Agents Registration Act.
  • Reorienting the U.S. intelligence community to prioritize gathering information on foreign electoral interference schemes.
  • Having the FBI do more to brief candidates and campaigns on foreign counterintelligence threats.
  • Making the FBI develop more robust systems for alerting nongovernment actors — like political campaigns — that have been hacked.

Yes, but: The 966-page report does not go into detail about what these campaigns, or the larger party infrastructure supporting them, should do to prevent cyber intrusions from foreign governments.

  • It also doesn’t provide a broader framework for how (or if) federal agencies like Homeland Security’s Cybersecurity and Infrastructure Security Agency, charged with securing domestic networks, could coordinate or cooperate with political parties on basic cybersecurity.

This is no small matter. As the report makes clear, the hack and leak of materials from the Democratic National Committee was the single most effective prong of Russia’s 2016 active measures campaign.

  • The report does detail the DNC’s 2016 cybersecurity practices, but these were plainly insufficient to prevent catastrophe.
  • “The DNC's IT staff did not understand the nature of the threat it faced, despite multiple entreaties from an FBI agent at the Washington Field Office,” says the report.
  • The FBI also failed to sufficiently convey the seriousness of the breach to the DNC, and it did not follow up with DNC executives when its warnings seemed to go unheeded, the report concludes.
  • “The uniquely political nature of the DNC as an organization and the FBI's approach towards victims of cyber attacks led to miscommunications and missed opportunities to thwart, or eradicate, the Russian cyber actors from the DNC systems,” says the report.

Between the lines: The paucity of material on how to protect political party infrastructure from malign cyber activity may not be an oversight.

  • After all, the committee is composed of Republicans and Democrats. Shining a bright light on the cybersecurity practices — and deficiencies — of the RNC and DNC today would force lawmakers to scrutinize the political machinery at the heart of their own parties. That’s a tough sell in hyperpartisan Washington.
  • Meanwhile, it's unclear if the 2020 political campaigns have fully absorbed the cybersecurity lessons of 2016. Democratic presidential candidate Joe Biden only hired a chief information security officer in July — over a month after formally clinching his party’s nomination.

The bottom line: Empowering the government to help encourage best practices within political parties’ networks, or even legislating minimum cybersecurity standards for these entities, could help avoid a repeat of 2016-type interference.

  • But government actors have to want these changes first, and the Senate Intelligence report suggests they’re not happening.

Go deeper

Mike Allen, author of AM
Dec 3, 2020 - World

Scoop: Trump's spy chief plans dire China warning

Xi Jinping reviews troops during a military parade in Beijing last year. Photo: Thomas Peter/Reuters

Director of National Intelligence John Ratcliffe on Thursday will publicly warn that China's threat to the U.S. is a defining issue of our time, a senior administration official tells Axios.

Why it matters: It's exceedingly rare for the head of the U.S. intelligence community to make public accusations about a rival power.

Journalism enters dangerous new era

Illustration: Brendan Lynch/Axios

The Capitol attack on Jan. 6 resulted in at least nine physical assaults against journalists and at least five arrests, per the U.S. Press Freedom Tracker's top editor.

Why it matters: President Trump's harsh rhetoric towards the press has empowered leaders abroad and locally in the U.S. to continue to attack press that they don't like.

Ben Geman, author of Generate
3 hours ago - Politics & Policy

The beginning of the beginning for Biden's climate push

Illustration: Annelise Capossela/Axios

Joe Biden's inauguration and the days right after will bring a rat-tat-tat burst of climate policy moves, but keep this in mind amid the splashy pledges: pushing through most of his agenda will be a long, uncertain slog.

Why it matters: Biden's climate plan is far more expansive than anything contemplated under President Obama. But for all the immediate pledges, it will take years to see how far Biden gets.

You’ve caught up. Now what?

Sign up for Mike Allen’s daily Axios AM and PM newsletters to get smarter, faster on the news that matters.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!