Welcome to Axios Codebook, the cybersecurity newsletter with a heart of gold and kidneys of silicon.
Tips? Please reply to this email.
Photo by Chris McGrath/Getty Images
If there was any hope that this presidential administration might ever take Russian cyber threats seriously, President Trump's meeting Monday with Vladimir Putin in Helsinki laid it to rest.
Axios' Jonathan Swan reports that Trump advisers are increasingly certain that the president is not capable of understanding the difference between collusion and a cyberattack.
That's a real problem. Russia can't compete militarily, economically, culturally or almost any other way with the U.S. Its only active threat is in cyber and information operations. To ignore the very real damage from those campaigns is to ignore what Russia is as an international actor today.
Helsinki in brief: Nonetheless, that kind of denial permeated Trump's trip — at least, the parts in front of the cameras.
Trump kept asking "Where is the [DNC] server?" We debunked that issue here. In short: It's common for organizations not to hand their servers over to the FBI during hacking investigations. The practice limits the potential for the FBI to damage something, or for sensitive information to leak.
Don't take my word for it: Sean Joyce, former deputy director of the FBI and current leader of PwC's U.S. cybersecurity and privacy practice, emailed Axios: "When the victim of a cybersecurity breach interacts with law enforcement (local, state, federal), it is not uncommon for the victim to only provide either targeted information (i.e. specific logs, images, or investigation details), or not provide any of this information, but rather just provide a finalized investigative report from the incident."
What now? After the Helsinki press conference, Republican lawmakers once again expressed discontent with the president for not standing up to Putin or behind the intelligence community. But it's unclear whether GOP leaders are prepared to take more resolute actions.
Russia attacked the United States. National security, and cybersecurity, should warrant taking that seriously.
Photo: Johannes EIsele/AFP via Getty Images
The United States' company-freezing penalties against ZTE came to an end on Friday, but Reuters reports they may have longstanding effects on international sales of the products.
The background: ZTE was twice caught selling banned technology to North Korea and Iran, triggering a ban on the Chinese telecom manufacturer using U.S. technology.
The fallout: Reuters reports the brief stoppage in ZTE's manufacturing caused ZTE to lose contracts, including:
A list of account information on more than 15,000 users of file-sharing site Mega has surfaced, raising the possibility that the site and its users' accounts have been breached.
Why it matters: Particularly concerning was that, beyond email addresses and passwords, the list included the file names users had uploaded. That means whoever compiled the list would need to have entered the accounts to have scraped that data.
The details: Patrick Wardle, co-founder of Digita Security, found the list uploaded to malware research site VirusTotal — an antivirus aggregator that shares new samples with its component security firms.
Mega what? If you've heard of Mega, that's probably because of its colorful, trollish former owner Kim Dotcom, a New Zealand conspiracy theorist known for legal jousting with the U.S.
Vendor Election Systems and Software (EE&S) admitted to installing remote access software on election management systems sold to “a small number of customers between 2000 and 2006.” The admission came in a letter to Sen. Ron Wyden (D-Ore.) detailed by Kim Zetter in Motherboard.
Why it matters: Those systems, which among other tasks tabulate votes from voting machines, could hypothetically be manipulated by a hacker. EE&S claims the software was configured not to allow incoming connections, which significantly reduces the risk of an attack but does not outright eliminate it.
The intrigue: Zetter wrote an earlier story for the New York Times on the use of remote access software in voting machines, in which EE&S denied installing the software.
Codebook will be back on Thursday.