Welcome to Codebook, the cybersecurity newsletter with tons of inside jokes that only people who have already voted will get. You should probably just go vote before you read this.
Story ideas? Feel free to reply to this newsletter.
Illustration: Aïda Amer/Axios
Time will tell whether controversial hacking allegations made in the final inning of the Georgia governor's race have any merit. But one thing is already clear: If other officials in other states need to make similar announcements, they can learn a lot from what just went down in Georgia.
The big picture: On Sunday, Georgia Secretary of State Brian Kemp accused Democrats of masterminding a "failed attempt to hack the state's voter registration system." The charge was incendiary: Kemp, who provided no evidence for his claims, is also the Trump-backed Republican nominee for governor, locked in a dead-heat race. The announcement landed with a thud in cybersecurity circles, where election-watchers recall Kemp's past cybersecurity controversies.
Experts pinpoint a number of ways Kemp could have avoided outrage this time around:
ID with caution. The first key lesson from Georgia is to think through publicly naming any supposed hacker, whether a criminal, a nation or a political rival. Unless an arrest has been made, there's a reasonable chance you might not even want to.
Be specific. Extraordinary claims call for extraordinary evidence. Kemp didn't provide any evidence. That makes his charge hard for experts to swallow.
Protect long-term security. While we still don't know exactly what happened, many of the people close to the matter believe Kemp is claiming that a researcher's attempt to alert the state to potential vulnerabilities in its systems was itself an act of hacking.
Create norms. Candidates and law enforcement agencies know that some actions during an election are out of bounds. But we don't yet have norms around states announcing election-related hacking attempts — let alone when political rivals are involved.
Photo: Justin Sullivan/Getty Images
In a blog post on Monday, Oracle's director of internet analysis Doug Madory confirmed internet routing anomalies extrapolated on in a controversial paper from the Naval War College.
The War College paper alleged that China had been using a technique known as border gateway protocol (BGP) hijacking to hack international internet traffic.
Background: BGP is a key piece of the duct tape that holds the internet together. The internet isn't one network — instead, its a bunch of massive networks owned by private companies and nations, not all of which link to each other.
The bottom line: Madory can't confirm the War College's accusations that China Telecom was intentionally rerouting traffic through China in order to monitor it. He can, however, say that traffic was routed through China Telecom, "intentionally or not," throughout 2017.
See you Thursday!