Aug 26, 2020

Axios Codebook

Axios

Hello, and welcome to this week’s Codebook, where we’re thinking about political campaigns and cybersecurity, and the idea that if history doesn’t exactly repeat itself, it often rhymes.

Today's newsletter is 1,522 words, a 6-minute read.

1 big thing: The missed cyber opportunity in the Senate Intel report

Illustration: Aïda Amer/Axios

The Senate Intelligence Committee detailed shocking new revelations about the 2016 Trump campaign's dealings with Russia in the landmark final volume of its report on the matter, but it missed an opportunity to recommend cybersecurity fixes for today’s campaigns and parties — perhaps by design.

Why it matters: The DNC and RNC could be considered a type of “critical infrastructure,” because without them and the presidential and congressional fundraising they facilitate, U.S. politics as we know it wouldn’t exist. But because they fall outside the government’s protective cybersecurity remit, they are also uniquely vulnerable to outside threats.

  • As the 2016 hacking of John Podesta’s emails showed, the personal devices and accounts of major politicos are also major targets for foreign intelligence services.

Where it stands: The Senate Intelligence report, out last week, lays out key recommendations for preventing 2016-style meddling from happening. They include:

  • Strengthening enforcement of the Foreign Agents Registration Act.
  • Reorienting the U.S. intelligence community to prioritize gathering information on foreign electoral interference schemes.
  • Having the FBI do more to brief candidates and campaigns on foreign counterintelligence threats.
  • Making the FBI develop more robust systems for alerting nongovernment actors — like political campaigns — that have been hacked.

Yes, but: The 966-page report does not go into detail about what these campaigns, or the larger party infrastructure supporting them, should do to prevent cyber intrusions from foreign governments.

  • It also doesn’t provide a broader framework for how (or if) federal agencies like Homeland Security’s Cybersecurity and Infrastructure Security Agency, charged with securing domestic networks, could coordinate or cooperate with political parties on basic cybersecurity.

This is no small matter. As the report makes clear, the hack and leak of materials from the Democratic National Committee was the single most effective prong of Russia’s 2016 active measures campaign.

  • The report does detail the DNC’s 2016 cybersecurity practices, but these were plainly insufficient to prevent catastrophe.
  • “The DNC's IT staff did not understand the nature of the threat it faced, despite multiple entreaties from an FBI agent at the Washington Field Office,” says the report.
  • The FBI also failed to sufficiently convey the seriousness of the breach to the DNC, and it did not follow up with DNC executives when its warnings seemed to go unheeded, the report concludes.
  • “The uniquely political nature of the DNC as an organization and the FBI's approach towards victims of cyber attacks led to miscommunications and missed opportunities to thwart, or eradicate, the Russian cyber actors from the DNC systems,” says the report.

Between the lines: The paucity of material on how to protect political party infrastructure from malign cyber activity may not be an oversight.

  • After all, the committee is composed of Republicans and Democrats. Shining a bright light on the cybersecurity practices — and deficiencies — of the RNC and DNC today would force lawmakers to scrutinize the political machinery at the heart of their own parties. That’s a tough sell in hyperpartisan Washington.
  • Meanwhile, it's unclear if the 2020 political campaigns have fully absorbed the cybersecurity lessons of 2016. Democratic presidential candidate Joe Biden only hired a chief information security officer in July — over a month after formally clinching his party’s nomination.

The bottom line: Empowering the government to help encourage best practices within political parties’ networks, or even legislating minimum cybersecurity standards for these entities, could help avoid a repeat of 2016-type interference.

  • But government actors have to want these changes first, and the Senate Intelligence report suggests they’re not happening.
2. Cyber Command is baring its teeth more, says chief

Cyber Command leader Paul Nakasone. Photo: Loic Venance/AFP via Getty Images

U.S. Cyber Command has gone from playing defense against threats to U.S. military networks to now assertively preempting malign cyber activity at home and abroad, the Pentagon unit’s head and a senior adviser write in a new article.

The big picture: Cyber warfare will only become a more common way for world powers to clash and undermine each other, but it remains a largely clandestine and dimly understood arena among the general public.

What they’re saying: “[S]o much of the corrosive effects of cyber attacks against the United States occur below the threshold of traditional armed conflict. Yet much of Cyber Command’s combat power had been devoted toward preparations in the event of future contingencies,” Cyber Command chief (and NSA director) Paul Nakasone and senior adviser Michael Sulmeyer write in Foreign Affairs.

  • “We realized that Cyber Command needs to do more than prepare for a crisis in the future; it must compete with adversaries today,” they continue.

One aspect of this expanded mission, write Nakasone and Sulmeyer, has been traveling to allied countries, at their request, to try to dislodge malicious cyber actors from local networks.

  • For example, Cyber Command personnel traveled to Montenegro in 2019 to help eject Russian cyber operators from government networks.
  • Such missions have led to the “mass inoculation of millions of systems, which has reduced the future effectiveness of the exposed malware and our adversaries,” they write.

Between the lines: Nakasone and Sulmeyer’s article only obliquely hints at a major part of Cyber Command’s activities: offensive cyber operations, including facilitating and even executing U.S.-backed cyberattacks.

My thought bubble: Clearly, not everything Cyber Command does can be described as “defending forward” or “persistent engagement” or “proactive defense.” Sometimes, it plainly executes — or at least develops plans to execute — cyberattacks.

  • There’s nothing inherently wrong with that. States must sometimes take an offensive stance in cyberspace. But the American people would benefit from more transparency about exactly what the nation’s cyber warriors are empowered to do.
3. Ex-Army officer and cyber instructor spied for Russia, says DOJ

Last week, the Justice Department unveiled an indictment of a former Army Special Forces officer, Peter Debbins, for allegedly spying for Russia from 1996 to 2011.

The big picture: Debbins’ arrest comes on the heels of the shocking indictment of a former CIA officer for spying for China.

Details: Debbins was recruited by the GRU, the Russian military intelligence agency, while studying abroad as a university student, say prosecutors.

  • The indictment depicts a relatively rare "ideological penetration" by Moscow of the U.S. government. That is, Debbins, who is Russian American, considered himself "pro-Russian and a loyal son of Russia," says the indictment. "Debbins thought the United States was too dominant in the world and needed to be cut down to size."
  • Debbins’ GRU recruiters encouraged him to serve in the military, and particularly the Special Forces, DOJ says. He passed secrets to his Russian intelligence handlers about his unit’s activities in Azerbaijan and the country of Georgia, according to the indictment.

Of note: Though the indictment only involves Debbins’ activities through 2010, his activities since then may well have offered more intelligence value to his Russian handlers than his time in the Special Forces.

  • Debbins worked as an NSA contractor with top-secret clearance for Booz Allen, where he was a Russia analyst.
  • He also worked as a cyber instructor for CACI International and was later hired as a Russia instructor for NATO and the U.S. European Command in the U.K.
4. Fund supporting dissident tech tools faces assault

Illustration: Aïda Amer/Axios

Congressional Democrats and Republicans are crying foul as evidence mounts that an agency meant to promote U.S. interests abroad is undermining the Open Technology Fund, Axios’ Sara Fischer and Alayna Treene report.

Why it matters: The OTF supports tech tools to help dissidents in authoritarian regimes escape government surveillance and censorship. That mission is in jeopardy as the U.S. Agency for Global Media (USAGM), which is looking to revive its own Office of Internet Freedom, threatens OTF funding.

Driving the news: Democrats and Republicans on the House Foreign Affairs Committee were stunned by a recent phone call with the USAGM during which an agency official gave misleading answers to basic questions about recent personnel changes and missing funds, sources on the call tell Axios.

  • Recent correspondence obtained by Axios shows the USAGM pressing the OTF to immediately produce highly detailed and lengthy information about its operations and use of funds, threatening to pull the grant it relies on to operate if it fails to do so.

Catch up quick: The USAGM has had the OTF in its sights since President Trump-appointed CEO Michael Pack took over the agency in June and swiftly launched a leadership purge of the OTF and other USAGM-affiliated organizations. The OTF is an independent grantee of the USAGM.

  • A federal appeals court last month turned back Pack's attempt to replace the OTF board with Trump loyalists, but both the documents obtained by Axios and lawmaker complaints suggest the push to sideline the OTF is still ongoing.

What we're hearing: During an Aug. 13 call, USAGM deputy chief of staff Diane Cullo misled a bipartisan group of Foreign Affairs Committee members about whether funds were withheld from the OTF and the circumstances behind senior OTF advisers being dismissed, sources on the call said.

  • “We spent a half-hour on these pretty basic questions, which they just flat-out refused to answer in a substantive way. They were incredibly evasive," one source said.
  • Cullo wouldn't answer directly whether other federal agencies consulted in the personnel changes recommended making them or not, committee sources said.

Where it stands: OTF is now suing the administration over funding it says it’s still owed.

5. Odds and ends
Axios