How the midterms could change cyber policy- POLITICO

With help from Eric Geller

— If GOP lawmakers take back the House or Senate in November, a slate of lawmakers is prepared to take on coveted cyber leadership roles. But each of the candidates for those jobs has a different idea of which policies to prioritize.

— Agencies are turning back to their cyber to-do lists with a jam-packed week of meetings and event appearances.

— The volatile cryptocurrency market isn’t slowing down North Korean state hackers who still have a strong interest in targeting blockchain companies and crypto heists, cybercrime investigators tell MC.

HAPPY MONDAY, and welcome back to Morning Cybersecurity! I’m your host, Sam Sabin. For all the “Stranger Things” nerds out there, well-known hacker Marcus Hutchins has reviewed the hacking scene in the latest season. It’s a fun one.

Want to receive this newsletter every weekday? Subscribe to POLITICO Pro","link":{"target":"NEW","attributes":[],"url":"https://www.politicopro.com/act-on-the-news?cid=promkt_20q1_corenews_act_energy","_id":"00000181-efc3-d004-ad9d-efdbaa400002","_type":"33ac701a-72c1-316a-a3a5-13918cf384df"},"_id":"00000181-efc3-d004-ad9d-efdbaa400003","_type":"02ec1f82-5e56-3b8c-af6e-6fc7c8772266"}">POLITICO Pro. You’ll also receive daily policy news and other intelligence you need to act on the day’s biggest stories.

Have any tips and secrets to share with MC? Or thoughts on what we should track down next? Send what you’ve got to [email protected]. Follow along at @POLITICOPro and @MorningCybersec. Full team contact info below. Let’s get to it.

CHANGING OF THE GUARD — Cybersecurity is poised to become a significantly more confrontational issue if Republicans take power on Capitol Hill in this fall’s midterm elections, especially with the retirements of the moderate GOP ranking members of both homeland security committees.

As Eric reports in a story out this morning for Pros, newly empowered Republicans would likely closely scrutinize critical infrastructure regulations from CISA, the SEC, the TSA and other agencies for signs that they’re overly burdensome to industry, push back on continued increases in CISA’s budget as part of their overall debt-and-deficit messaging, and cast a skeptical eye on election security activities, especially efforts to combat right-wing election-fraud disinformation.

Rep. John Katko","link":{"target":"NEW","attributes":[],"url":"https://directory.politicopro.com/congress/member/227625","_id":"00000181-efc3-d004-ad9d-efdbaa430001","_type":"33ac701a-72c1-316a-a3a5-13918cf384df"},"_id":"00000181-efc3-d004-ad9d-efdbaa430002","_type":"02ec1f82-5e56-3b8c-af6e-6fc7c8772266"}">John Katko (N.Y.), the retiring House Homeland Security ranking member who’s supported two CISA budget increases and its election security work, said he expects Republicans to pursue “some battles that I wouldn’t engage in … if very conservative people get appointed to lead roles with respect to cybersecurity.” But despite new partisanship on the issue “because of rabble-rousers within our party,” he said, there will still be “a lot of very good legislation.”

— Who to watch: Much depends on who replaces Katko and his Senate colleague Rob Portman (Ohio). Reps. Michael Guest (Miss.), Clay Higgins (La.) and Mark Green (Tenn.) are eyeing Katko’s job, but all three cited border security as their top priority. Portman’s replacement is likely to be either the firebrand Rand Paul (Ky.) or the relatively more moderate James Lankford (Okla.).

Beyond the Homeland Security leadership spots, Republicans who might take a more active role on cyber policy include Rep. Mike Gallagher (Wisc.), who co-chaired the Cyberspace Solarium Commission; Rep. Stephanie Bice (Okla.), a freshman who sits on the armed services and science committees; Sen. Ben Sasse (Neb.), a Solarium member; and Sen. Steve Daines (Mont.), who has sponsored multiple cyber bills.

— A note of optimism: One cyber-focused Republican who’s sticking around predicts continued cooperation on cybersecurity no matter what wing of the GOP holds sway. “We’ve got members that are part of every caucus” on the House Homeland Security cyber subcommittee, said Rep. Andrew Garbarino (N.Y.), the subcommittee’s ranking member. That includes the center-right Tuesday Group, GOP members of the bipartisan Problem Solvers Caucus and lawmakers in the right-wing Freedom Caucus. “Nobody has given major pushback on anything,” Garbarino said.

Sen. Angus King","link":{"target":"NEW","attributes":[],"url":"https://directory.politicopro.com/congress/member/197755","_id":"00000181-efc3-d004-ad9d-efdbaa440012","_type":"33ac701a-72c1-316a-a3a5-13918cf384df"},"_id":"00000181-efc3-d004-ad9d-efdbaa440013","_type":"02ec1f82-5e56-3b8c-af6e-6fc7c8772266"}">Angus King (I-Maine), who co-chaired the Solarium Commission with Gallagher, agreed that “we are going to be able to maintain bipartisan momentum” on cybersecurity.

It will help that CISA has a strong reputation among the businesses whose perspectives Republicans value highly. “They’re going to hear out loud and clear from the private sector that CISA’s working,” Katko said.

But things will still get more contentious, and the Biden administration will have to start preparing for that. “You’ll see some pretty aggressive oversight in general and in some of these areas in particular,” said Andy Keiser, a Republican lobbyist and former senior House Intelligence Committee staffer.

ON THE AGENDA — After a somewhat sleepy Fourth of July holiday week, agency officials are gearing up for a cyber-filled week of events. Here’s the lowdown on what MC will be watching:

— Updates from NIST: Members of NIST’s Information Security and Privacy Advisory Board will meet Wednesday and Thursday this week. Advisers are expected to get updates on the agency’s work to safeguard encrypted devices against future quantum computing, as well as about the process of updating the agency’s Cybersecurity Framework, which the private sector leans on heavily to determine its own security strategies.

— Focus on information sharing: The Coast Guard’s National Maritime Security Advisory Committee is set to share suggestions for how to encourage more organizations to provide it details about cyberattacks and other incidents, during a meeting Tuesday.

— Inside the supply chain: Members of the ICT Supply Chain Risk Management Task Force, a public-private partnership inside CISA, on Wednesday will discuss the initiatives and programs they think the government should take up to further secure the information technology and cybersecurity supply chain. Panelists include officials from the Office of the National Cyber Director, Microsoft, the National Risk Management Center and the telecom industry.

MEANWHILE IN CONGRESS — House members are tackling a few cyber-related bills as they settle back in after last week’s recess. On Tuesday, the House Rules Committee will meet to discuss the hundreds of amendments submitted to this year’s National Defense Authorization Act before sending it to the floor, and the full chamber is scheduled to vote on Rep. Ro Khanna's (D-Calif.) Quantum Computing Cybersecurity Preparedness Act, H.R. 7535.

CAN’T STOP ME NOW — The bear market for cryptocurrencies isn’t driving North Korean hackers away from their cybercrime ways, despite losing millions of dollars in value while laundering stolen funds, criminal investigators and researchers told MC.

Over the last decade, North Korean hackers have zeroed in on company hacks, ransomware attacks and, as of late, cryptocurrency heists to bring in hundreds of millions of dollars in revenue to their walled-off country. North Korea is suspected of stealing nearly $615 million in crypto from blockchain network Ronin earlier this year

— But for North Korea, there’s just one downside: The process of laundering crypto has always been arduous and long. To avoid tipping off international investigators who could seize their ill-gotten profits or arrest co-conspirators, hackers can only launder a small amount of their stolen funds at a time. That doesn’t pair well with crypto market volatility. During the laundering process for the Ronin hack, investigators told Reuters last month that $615 million is now worth less than $10 million.

But the dip in crypto’s worth isn’t changingNorth Korea’sbehavioryet. Nick Carlsen, an intelligence analyst at blockchain analytics company TRM Labs, said cybercrime and cryptocurrency hacks still have a better payoff than other revenue sources for North Korea’s government, including coal exports, which require higher labor costs. Now, they can steal $615 million worth of crypto with just five hackers.

“It’s still the golden goose for them,” said Nick Carlsen, an intelligence analyst at blockchain analytics company TRM Labs. “It’s good money, no matter what.”

— Data to back it up: Research from blockchain analytics company Chainalysis shared with MC suggests North Korea has been ramping up its hacks into decentralized finance platforms this year, despite the market downturn. If North Korea state-sponsored hackers are confirmed to be behind a recent hack of crypto startup Harmony, Chainalysis estimates the country will have stolen $1 billion from eight hacks this year, accounting for 60 percent of all crypto funds stolen so far in 2022.

— Part of a larger trend: North Korea isn’t the only entity refusing to let the drop in the crypto market sway them from online crime. Chainalysis estimates that cryptocurrency “funds stolen in hacks in 2022 are significantly above 2021 values.”

HEAD IN THE CLOUD — In a report out this morning, researchers at CrowdStrike said hackers are taking advantage of three cloud security bad practices most often in their attacks: the presence of neglected cloud infrastructure with access to sensitive company information, a lack of restrictions on who can export and download data stored in cloud servers, and flaws in companies’ transitions to multi-factor authentication.

— Christian Walker has joined consulting firm Cornerstone as a vice president on the federal government relations team. Most recently, he was the deputy chief of staff and legislative director for Rep. Ann Kirkpatrick (D-Ariz.), where he advised on intelligence, cybersecurity, national security and defense issues.

During the weekend, cyber Twitter blew up over the latest, unproven claims criticizing verifiable research into NSO Group’s spyware. Most took to Twitter to critique the research’s methodologies and to explain why these critiques matter. But SCMagazine senior reporter Joe Uchill posted a thread MC appreciated about a different part of the problem: “Cybersecurity has a lot of really weird internal drama. I'm going to skip rebroadcasting the latest one, except for one claim:  A guy said someone who only had a bachelor's degree couldn't critique his PhD-level research. This is a thread about cybersecurity and the institution.”

— ICYMI: Privacy advocates are pushing the Biden administration and Congress to do more to protect abortion patients’ personal information following the Roe decision. (POLITICO)

— U.S. defense contractor L3 Harris has walked away from talks to acquire spyware firm NSO Group after The White House raised “serious” security concerns. (The Guardian)

— Pro-Russia hacktivist group Killnet is believed to be behind a distributed denial of service attack that temporarily affected access to the Congress.gov website. (CyberScoop)

— Sens. Amy Klobuchar (D-Minn.) and Michael Bennet (D-Colo.), alongside Rep. Elissa Slotkin (D-Mich.), introduced legislation Friday to set up a grant program at the Commerce Department for educational programs focused on media literacy and personal cybersecurity.

— “How the FBI Wiretapped the World” (Motherboard)

— “After Dobbs, Advocates Fear School Surveillance Tools Could Put Teens at Risk” (The Markup)

FOR YOUR CALENDAR (Send your events to: cybercalendar@politicopro.com","link":{"target":"NEW","attributes":[],"url":"mailto:cybercalendar@politicopro.com","_id":"00000181-efc3-d004-ad9d-efdbaa50000a","_type":"33ac701a-72c1-316a-a3a5-13918cf384df"},"_id":"00000181-efc3-d004-ad9d-efdbaa50000b","_type":"02ec1f82-5e56-3b8c-af6e-6fc7c8772266"}">[email protected])

Monday

No events scheduled.

Tuesday

1 p.m. — DHS and the Coast Guard hold a virtual meeting of the National Maritime Security Advisory Committee to discuss cyber incident information sharing and other matters.

Wednesday

9 a.m. — Day 1 of the National Defense Industrial Association’s Joint All-Domain Command and Control symposium.

10 a.m. — Day 1 of NIST’s meeting of the Information Security and Privacy Advisory Board.

1 p.m. — CISA webinar on securing the supply chain with members of the ICT Supply Chain Risk Management Task Force.

2 p.m. — The Government Executive Media Group’s virtual discussion about the “digital battlefield,” featuring speakers from SalesForce and IBM.

Thursday

10 a.m. — Day 2 of NIST’s meeting of the Information Security and Privacy Advisory Board.

11 a.m. — Puesh Kumar, head of the Energy Department’s Office of Cybersecurity, Energy Security, and Emergency Response, participates in Nozomi Networks’ webinar about preparing critical infrastructure for cyberattacks.

Friday

10 a.m. — House Intelligence Committee’s closed hearing on the CIA budget.

Chat soon. 

Stay in touch with the whole team: Eric Geller (egeller@politico.com","link":{"target":"NEW","attributes":[],"url":"mailto:egeller@politico.com","_id":"00000181-efc3-d004-ad9d-efdbaa50001c","_type":"33ac701a-72c1-316a-a3a5-13918cf384df"},"_id":"00000181-efc3-d004-ad9d-efdbaa50001d","_type":"02ec1f82-5e56-3b8c-af6e-6fc7c8772266"}">[email protected]); Konstantin Kakaes (kkakaes@politico.com","link":{"target":"NEW","attributes":[],"url":"mailto:kkakaes@politico.com","_id":"00000181-efc3-d004-ad9d-efdbaa50001e","_type":"33ac701a-72c1-316a-a3a5-13918cf384df"},"_id":"00000181-efc3-d004-ad9d-efdbaa50001f","_type":"02ec1f82-5e56-3b8c-af6e-6fc7c8772266"}">[email protected]); Maggie Miller (mmiller@politico.com","link":{"target":"NEW","attributes":[],"url":"mailto:mmiller@politico.com","_id":"00000181-efc3-d004-ad9d-efdbaa500020","_type":"33ac701a-72c1-316a-a3a5-13918cf384df"},"_id":"00000181-efc3-d004-ad9d-efdbaa500021","_type":"02ec1f82-5e56-3b8c-af6e-6fc7c8772266"}">[email protected]); Sam Sabin (ssabin@politico.com","link":{"target":"NEW","attributes":[],"url":"mailto:ssabin@politico.com","_id":"00000181-efc3-d004-ad9d-efdbaa500022","_type":"33ac701a-72c1-316a-a3a5-13918cf384df"},"_id":"00000181-efc3-d004-ad9d-efdbaa500023","_type":"02ec1f82-5e56-3b8c-af6e-6fc7c8772266"}">[email protected]); and Heidi Vogt (hvogt@politico.com","link":{"target":"NEW","attributes":[],"url":"mailto:hvogt@politico.com","_id":"00000181-efc3-d004-ad9d-efdbaa500024","_type":"33ac701a-72c1-316a-a3a5-13918cf384df"},"_id":"00000181-efc3-d004-ad9d-efdbaa500025","_type":"02ec1f82-5e56-3b8c-af6e-6fc7c8772266"}">[email protected]).

Comments are closed.