Welcome to the first Codebook of the new year. Axios haxios is baxios.
Questions? Comments? Tips? Reply to this email.
Nancy Pelosi. Photo: Tom Williams/CQ Roll Call
H.R. 1, the gargantuan first bill the new House Democratic majority will unveil Friday, is an anti-corruption grab bag that most prominently tackles campaign finance, sexual harassment and voting rights. But election cybersecurity will quietly play a major role in the bill, too.
The big picture: This bill will likely clear the House and then die in the Senate. "These are things [Senate] Majority Leader McConnell has spent his entire career fighting," noted a source familiar with the final content of the bill. Beyond the Senate, President Trump is unlikely to welcome a provision requiring presidential candidates to release tax returns.
But H.R. 1 is more than just a flag in the sand. Everyone who blocks the Democrats' crackdowns on government misconduct will have to explain why they are opposed to:
Enter cybersecurity. Details aren't final, but those who have worked on the bill say its election cybersecurity efforts will borrow heavily from the 2018 Secure Elections Act proposed by Rep. Bennie Thompson (D-Miss.). That bill:
The new funding would augment $380 million allocated last year for election cybersecurity.
H.R. 1 also contains the Honest Ads Act, a Senate bill that would require political ads online to disclose who paid for them. That kind of regulation already exists for other kinds of media.
What's next: A source knowledgable about H.R. 1 deliberations said that Democrats would ultimately be comfortable breaking out those parts of the bill that could pass the Senate into standalone legislation — and the cybersecurity provisions would be among the most likely to achieve Senate support.
While Codebook was in its winter hibernation, more than a few big news stories slipped through the cracks. Here's a brief rundown.
Tribune newspapers were hit hard by ransomware, affecting publication of several papers.
Michigan passed cyberbullying legislation.
North Dakota announced it will consider centralizing its cybersecurity operations.
Hacker group The Dark Overlord released a sampling of documents to demonstrate it had stolen a cache of files related to 9/11.
The documents, claim the hackers, come from the insurance firms Hiscox Syndicates and Lloyd's of London, real estate company Silverstein Properties, and various federal agencies. There may be as many as 18,000 documents.
The big picture: It's very possible that all of the documents come from one or a few third-party sources. CyberScoop reports Hiscox industries believes its documents were stolen from a breached law firm and that Lloyd's believes its documents were not stolen from internal systems.
The samples include Powerpoint presentations and other documents from Lloyd's and Hiscox employees surrounding 9/11 business from 2003.
The Dark Overlord ran afoul of several sites' terms of service for posting hacked files as they performed the 9/11 document dump, kicking the group off of Twitter and other sites.
The group is best known for ransoming "Game of Thrones" and "Orange is the New Black" content in attempts to extort HBO and Netflix, respectively.
Officials from South and North Korea stand in front of a road sign in Kaesong, North Korea. Photo: Korea Pool/Getty Images
Reuters reports that 997 North Korean defectors to South Korea had data posted online after a breach at a South Korean resettlement agency.
The big picture: Hackers targeted the Hana center, one of 25 organizations run by the South Korean Unification Ministry to help relocate North Korean refugees. The ministry is notifying victims.
The ministry did not blame North Korea for the attack and an investigation into the hack is ongoing.
Codebook returns to its Tuesday/Thursday schedule next week, just in time for Pat Benatar's birthday.