Search This Blog

Translate

Search Tool




May 6, 2020

Analysis | The Cybersecurity 202: John Ratcliffe, spy chief nominee, hedged on whether Russia favored Trump in 2016

By Joseph Marks


with Tonya Riley

Rep. John Ratcliffe (R-Tex.), in his Senate confirmation hearing to be the nation's next spy chief, took a pass on whether he agreed with the intelligence community's assessment that Russia's interference in the 2016 election was aimed at helping Trump's electoral chances.
When asked directly whether he agreed with that finding – which was reinforced by the Republican-led Senate Intelligence Committee's own investigation – Ratcliffe said he had not seen the underlying intelligence. 
He punted with a broader answer: My views are that Russia meddled in or interfered with active measures in 2016, they interfered in 2018, they will attempt to do so in 2020. They have a goal of sowing discord and they have been successful in sowing discord.”
But the fact that Russia's hacking and disinformation operation is still being asked as a question that could be disputed by Trump's national security nominees highlights a jarring reality more than three years into the Trump administration: That the president himself has never fully embraced the intelligence community’s conclusions about 2016 interference. Trump has also promoted conspiracy theories and unfounded claims that Ukraine was actually behind hacks at the Clinton campaign and the Democratic National Committee that upended the election.
This has also kept Russia an issue of public debate even as the months tick down to the 2020 contest during which intelligence, law enforcement and Department of Homeland Security officials have all said Moscow is determined to interfere again along with other U.S. adversaries.
And this makes it an especially pivotal question for Ratcliffe, who must win over Senate lawmakers despite accusations he’s overly partisan and underqualified for the spymaster post – but as a not-yet-confirmed nominee is unlikely to want to appear to put too much daylight between his public positions and those of the president.

Rep. John Ratcliffe (R-Tex.) testifies before a Senate Intelligence Committee nomination hearing. (Gabriella Demczuk/New York Times/AP)
Ratcliffe joined a chorus of previous Trump nominees who had to answer the Russian interference question at their confirmation hearings. 
The list includes former director of national intelligence Dan Coats, Secretary of State and former CIA Director Mike Pompeo and former Department of Homeland Security chief Kirstjen Nielsen.
Nielsen and several other nominees also refused to directly back the conclusion that Russia was trying to help Trump — the element of the intelligence community’s conclusion that seems to most irk the president.
That conclusion was affirmed by special counsel Robert S. Mueller III and by a unanimous bipartisan report from Senate Intelligence Committee last month. But it was rejected by a Republicans-only report from the House Intelligence Committee released in 2018. Democrats reopened the House investigation after taking control of the body in the 2018 midterm elections.
Ratcliffe, at his hearing, said he had “no reason to dispute” the conclusions of either congressional committee and “[has] not seen the underlying intelligence to tell me why there is a difference of opinion.”
The committee’s vice chairman, Mark Warner (D-Va.), bashed that answer and said it could undermine efforts to defend the 2020 contest.
“Respectfully, to me, to make that kind of assessment and decide how we're going to prevent Russia's further interference in 2020, if they had a clear preference for one candidate over another, that would just also alter how we counter those efforts,” he said.

Rep. John Ratcliffe (R-Tex.) is greeted by Senate Intelligence Committee Chairman Richard Burr (R-N.C.) and Vice Chairman Mark Warner (D-Va.). (Andrew Harnik/AP)
That was one of numerous tense exchanges between Ratcliffe and Democrats who fear the lawmaker won’t act independently from Trump.
Ratcliffe tried to quell those fears that he won't be able to break from the highly partisan positions he held as a lawmaker, as Shane Harris and Ellen Nakashima report, pledging: “Regardless of what anyone wants our intelligence to reflect, the intelligence I will provide if confirmed will not be altered or impacted by outside influence.”
Ratcliffe also contradicted Trump’s statement last year that the intelligence community had “run amok” and needed to be “rein[ed] in.”
I don’t think the men and women of the intelligence agencies are running amok,” he said.
Ratcliffe has little background in intelligence other than joining the House Intelligence Committee in 2019. But many senators who opposed his nomination when Trump first floated it this summer have become more eager to confirm him to replace acting DNI Richard Grenell, who is an outspoken Trump loyalist, Shane and Ellen report.
Ratcliffe does have some background in cybersecurity, having served as chairman of a House Homeland Security Committee panel focused on the government’s digital protections.
Ratcliffe also made several other concessions to allay Democratic concerns during the hearing. 
He pledged:
  • That he has no intention of making changes to an election security team based inside the DNI’s office.
  • To declassify as quickly as possible the fifth and final volume of the Senate Intelligence Committee’s investigation into Russian election interference, which will focus on any links between Russia and the Trump campaign.
  • To hold an annual hearing on global threats that has not yet been scheduled for this year and that Democrats feared might be skipped.
The keys
More than 800 public health experts are urging Congress to expand vote-by-mail funding. 

Voters at Riverside High School for Wisconsin's primary election in Milwaukee. (Morry Gash, File/AP)

“The right to vote is an essential element of our democracy and Americans should not have to choose between their rights of citizenship and their own health,” the experts say in a letter released by the left-leaning think tank Center for American Progress.
The letter backs a push by Sens. Amy Klobuchar (D-Minn.), Ron Wyden (D-Ore.) and Christopher A. Coons (D-Del.) for Congress to include $4 billion in the next round of coronavirus relief for states to ensure universal access to voting by mail and safe in-person voting in November. The lawmakers point to the Wisconsin primary, where voters were forced to wait in blocks-long lines to vote after legislators blocked the governor's effort to delay the election, as evidence for the need for safer voting options.
Many of us in public health looked on with horror as thousands of people in Wisconsin were forced to choose between exercising their right to vote and staying home to protect themselves from exposure to the new coronavirus,” the letter states.
Justice Department officials, meanwhile, are concerned a surge in mail-in voting could create disinformation opportunities for U.S. adversaries, the Associated Press reports.
“Is it possible, in particular for a foreign actor, to cause enough mischief in the vote-by-mail process to raise a question in the minds of Americans, particularly Americans perhaps whose candidate has lost, that somehow the result of this election is unfair?” Assistant Attorney General John Demers said.
Facebook announced it took down hundreds of fake Iranian social media accounts targeting U.S. voters.  

A demonstrator holds a “Q Anon” sign. (Elaine Thompson/AP)
Many of the accounts had low numbers of followers but used the same kinds of content as other Iranian networks Facebook has taken down in the past, the company said. Some of the pages, which were run by Iran's state broadcaster, were active as far back as the 2012 Republican primaries, researchers at the firm Graphika found. 
Ben Nimmo, director of investigations at Graphika:
The Iran set's particularly interesting. Different bits of sporadic activity going back as far as 2011, and even what looks like an early experiment (minimal impact and soon abandoned) in election interference.
Targeting the 2012 Republican primaries, no less. pic.twitter.com/Bae1mDZY8E
— Ben Nimmo (@benimmo) May 5, 2020
Facebook also took down two U.S. networks linked to the Q-Anon fringe conspiracy theory and white-supremacist websites VDare and Unz Review. QAnon promotes a conspiracy theory about a deep state that seeks to overthrow Trump and has pushed conspiracies that Bill Gates and 5G networks caused the coronavirus outbreak. VDare and Unz promote content with anti-Semitic and anti-Asian themes.
Facebook discovered the networks while investigating suspected inauthentic coordinated behavior ahead of the 2020 elections.
The takedowns show that domestic actors are learning from foreign influence campaigns, says Nathaniel Gleicher, head of security policy at Facebook.
6/ We've also seen that domestic actors learn from the tactics originally deployed by foreign or nation-state actors. That's one reason why we don't limit our investigations to only foreign cases.
— Nathaniel Gleicher (@ngleicher) May 5, 2020
Highly sophisticated hackers are targeting coronavirus responders, the top U.S and U.K. cybersecurity agencies warn.  

Members of the clinical staff in the intensive care unit at the Royal Papworth Hospital in Cambridge, England. (Neil Hall/AP)

Hospitals, pharmaceutical companies and university medical researchers are all being targeted by “advanced persistent threat” groups, a term that typically describes groups backed by a government, the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency and the U.K.’s National Cyber Security Centre warned in a joint alert.
The alert doesn’t name the nations that might be behind the attacks but warns they may be seeking “intelligence on national and international health care policy [and] sensitive data on covid-19-related research.”
Britain’s foreign minister, Dominic Raab, described the cyberattacks as “particularly dangerous and venal” in a media call reported by Reuters and warned they could go on for months.

Coronavirus roundup

Email addresses for executives at the 20 largest pharmaceutical companies are exposed on forums for hackers, a study finds.

A employee shows a protective face mask. (Yves Herman/Reuters)
Among the approximately 120 executives whose emails were available on the shady websites, about half also had passwords exposed, according to cybersecurity protection platform BlackCloak.
It’s unclear how many of the email and password combinations are still being used by the executives. But the finding could create serious vulnerabilities as the companies race to respond to the coronavirus pandemic, BlackCloak founder Chris Pierson said.
Hackers are also using fake web domains that mimic coronavirus information pages from top retailers to try to steal consumers' personal and financial information, another study finds.
The retailers include Walmart and Costco, threat intelligence researchers at Mimecast found.
More news on the virus and security:

Employers plan new tools to measure office interactions and track workers’ health. Some offices say it’s the only way to reopen without a vaccine; others worry the new technology could remain in place even after the coronavirus pandemic is under control.
Wall Street Journal

Cyber insecurity

Instacart quickly patched a vulnerability that would have allowed hackers to send text messages pretending to be the company. 

Instacart shopper Vanessa Bain receives a customer alert. (Nick Otto for The Washington Post)
Researchers at Tenable first discovered the vulnerability, which was patched on May 1. There is no evidence hackers exploited the bug, which they could have used to dupe recipients into downloading malware.
More news about hacks and breaches:

Messages typically include the name of the target organization in the subject line, and encourage downloading an attachment requiring “immediate attention.”
CyberScoop

Business software group SAP disclosed on Tuesday that some of its cloud products did not meet contractual or statutory security standards and said it would take remedial action to fix the problem as soon as possible.
Reuters

Global cyberspace

Hackers attacked Taiwan's state-owned energy company. 

Taiwan's national flag. (Oscar H. Matatquin/AFP/Getty Images)
The attack didn't disrupt energy production but did temporarily knock down payment systems, CyberScoop reports.

Chat room

Could coronavirus cancel this year's DefCon, one of the cybersecurity community’s largest annual conferences? Cybersecurity journalist Kim Zetter asked roughly 1,000 Twitter users and a majority said they would skip the conference if it's held in August and in person in Las Vegas as usual.
Defcon’s @thedarktangent has said his team will decide by May 15th if the con will occur in August in Las Vegas as planned or not. I’m wondering if people will attend if it does continue. Will you?
— Kim Zetter (@KimZetter) May 4, 2020

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.