By Joseph Marks
Sen. Kirsten Gillibrand, D-N.Y. (AP Photo/Manuel Balce Ceneta)
Out of 20 Democratic presidential candidates polled by The Post, 18 renounced using hacked material in their campaigns to some degree while two didn’t respond, my colleagues Sean Sullivan and Michael Scherer reported. President Trump’s reelection campaign, however, declined to say whether or how it would use hacked materials in the race.
The message isn't just shared by those running for the highest office: Democratic Congressional Campaign Committee Chairwoman Cheri Bustos (Ill.) has challenged her Republican counterpart Tom Emmer (Minn.) to make a similar pledge.
Bumping this for you, Rep. @tomemmer!— Cheri Bustos (@CheriBustos) April 26, 2019
In case you forgot, I’m still waiting for a response on whether the @NRCC will continue to use hacked or stolen material in our elections. I sincerely hope you'll join our pledge to protect America's treasured democracy. https://t.co/3hASL0LY5j
And Trump, who openly sought to make hay of the hacked documents in the 2016 race, may be especially vulnerable to charges he isn't serious about stopping Russian election interference in 2020.
While special counsel Robert S. Mueller III didn’t find evidence any Trump campaign officials knowingly assisted the Russian hacking effort, the Mueller report documented numerous contacts between Trump campaign officials and WikiLeaks, which published the hacked emails. Trump frequently urged his supporters to read the hacked documents -- and even publicly urged Russia to find more of Clinton’s emails.
Democrats are seizing the pledge as a way to press the issue this time around. From Democratic National Committee Chairman Tom Perez:
No surprise coming from the same person who openly called for Russia to steal and spread his opponent’s data. https://t.co/NWnUUTv9dc— Tom Perez (@TomPerez) April 25, 2019
Russia is a foreign adversary of the US, and the Trump administration is refusing to stop them from attacking our elections again.— Kirsten Gillibrand (@SenGillibrand) April 22, 2019
I pledge that my campaign won't use stolen or hacked information from foreign actors, and I urge 2020 candidates to join me. https://t.co/cgjVIGfY3E
But with Trump at the top of the ticket, any effort at compromise seems to be out of the question.
The president’s attorney Rudy Giuliani stoked Democrats’ ire when he said on CNN last week that there’s "nothing wrong" with taking dirt on an opponent from Russian sources.
That drew a quick rebuke from Perez:
Why don’t Republicans see this as a national security issue? Because they benefit from it. It’s party over country every time with Trump’s team. https://t.co/97cBox2aEf— Tom Perez (@TomPerez) April 23, 2019
Vice President Mike Pence refuses to answer if 1) he regrets using hacked emails during the 2016 campaign & 2) if he pledges not to do so in the next presidential campaign. He walked away upon attempted follow-up. pic.twitter.com/l2TficTFn2— Vaughn Hillyard (@VaughnHillyard) April 24, 2019
A spokeswoman for Democratic candidate Marianne Williamson, for example, said the campaign reserved the right to talk about hacked material if it had already been reported and verified by the mainstream media.
And some want the candidates to go further and make specific pledges about how they’ll deal with online disinformation operations and other tactics used by Russian agents in 2016.
“Refusal to forgo both hacking and the use of hacking materials is a great start, but clear stances on use of fake social media accounts, fake websites and images, high-volume bots, troll farms, and other illicit tactics in common use today by Russia, Saudi Arabia, China and other authoritarian nations will also be necessary,” Simon Rosenberg, who was a senior adviser to the House Democratic campaign arm in 2016 and helped run a program to search for online election interference, told Sean and Michael.
|You are reading The Cybersecurity 202, our must-read newsletter on cybersecurity policy news.|
|Not a regular subscriber?|
PINGED: Russian hackers were “in a position” to alter voter roll data in one Florida county in advance of the 2018 elections, Sen. Marco Rubio (R-Fla.) told the New York Times’s Frances Robles this weekend, ratcheting up concerns about a vulnerability that was mostly dismissed before the midterm contest.
Russian hackers probably compromised election systems in that county with a malware-laden email that appeared to come from the county’s voting system vendor, Robles reported. But U.S. intelligence agencies that discovered the breach didn’t alert the county, Rubio said — instead issuing a general warning to all counties.
Before the 2018 contests, Rubio and then-Sen. Bill Nelson (D-Fla.) sent a letter to all Florida election officials warning about Russian hacking — written at the request of Senate Intelligence Chairman Richard Burr (R-N.C.) and ranking Democrat Mark Warner (Va.). Nelson also warned that Russians were actively inside Florida county networks at the time, but that wasn’t confirmed by the Department of Homeland Security or the other senators.
The issue was reopened by the Mueller report, which revealed for the first time that FBI officials believed Russian hackers had penetrated a Florida county government’s computer networks. Nelson told me last week he felt vindicated by the report.
The FBI will brief Sen. Rick Scott (R-Fla.), who was governor at the time of the breach, and Gov. Ron DeSantis (R) in the next few weeks, Politico reported.
Former White House chief of staff Denis McDonough. (Glen Stubbe/Star Tribune/AP)
The dispute between law enforcement officials who say such systems allow criminals and terrorists to “go dark” online and tech companies that say there’s no way to give police special access to encrypted communications without weakening cybersecurity for everyone reached a climax in 2016. That's when Apple refused to help the FBI crack into an encrypted iPhone used by San Bernardino, Calif., shooter Syed Farook.
The new working group plans to “take a step back” from that big question about police access and focus on broader encryption issues that haven’t received as much focus, Tim Maurer, co-director of the Carnegie Endowment’s Cyber Policy Initiative, told me. One of the group’s first white papers, for example, focuses on how new super-powerful quantum computers will require more powerful encryption systems.
The group may or may not ultimately weigh in on law enforcement access to encryption, Maurer told me.
The group does not include any representatives from law enforcement or the tech industry but is weighted toward former government officials, including former FBI general counsel Jim Baker, former CIA deputy director Avril Haines and former NSA deputy director Chris Inglis as well as former Obama White House chief of staff Denis McDonough and homeland security adviser Lisa Monaco.
Facebook CEO Mark Zuckerberg delivers the keynote speech at F8, Facebook's developer conference, in San Jose. (Marcio Jose Sanchez/AP)
“The latest regulatory headache for Facebook comes a day after it confirmed to investors that the company had set aside $3 billion for a potential privacy fine linked to an ongoing investigation by the U.S. Federal Trade Commission,” Politico’s Mark Scott reported.
And “Canada’s federal privacy commissioner on Thursday announced the results of a probe that found Facebook had committed serious contraventions of privacy law and failed to take responsibility for protecting the personal information of citizens,” Reuters noted.
Facebook earlier acknowledged it stored the passwords in an unencrypted format on an internal server that employees could access. There’s no evidence any of the passwords leaked out to malicious hackers or that employees used the passwords inappropriately, Facebook has said.
Cybersecurity news from the public sector:
Cybersecurity news from the private sector:
Source: The Washington Post