News : Gallagher’s farewell tour

Monday, February 12, 2024

Gallagher’s farewell tour

Feb 12, 2024

— With help from Maggie Miller, John Sakellariadis and Daniel Lippman

Driving the day

— A key Republican on cyber policy announced that he’s not seeking reelection, creating a leadership vacuum and raising concerns about America's defenses as bipartisan efforts against China gain momentum.

HAPPY MONDAY, and welcome to MORNING CYBERSECURITY! What a win! Côte D’Ivoire came from behind to beat Nigeria for the African Cup of Nations. Oh, was there another football game on?

Have any tips or secrets to share with MC? Or thoughts on what we should be covering? Find me on X at @JGedeon1 or email me at jgedeon@politico.com. You can also follow @POLITICOPro and @MorningCybersec on X. Full team contact info is below.

YOUR VIP PASS TO THE MUNICH SECURITY CONFERENCE: Dive into the heart of global security with POLITICO's Global Playbook at the 2024 Munich Security Conference. Gain exclusive insights and in-depth analysis as author Suzanne Lynch navigates the crucial discussions, key players and emerging trends that will shape the international security landscape. Subscribe now to Global Playbook and stay informed.

Want to receive this newsletter every weekday? Subscribe to POLITICO Pro. You’ll also receive daily policy news and other intelligence you need to act on the day’s biggest stories.

Today's Agenda

Director of the Center for Democracy and Technology’s AI Governance Lab Miranda Bogen, R Street resident senior fellow Adam Thierer and AI and privacy policy lead at Workday Evangelos Razis are joining the R Street Institute for a discussion on AI governance. 11:30 a.m..

On the Hill

END OF AN ERA — Rep. Mike Gallagher (R-Wisc.), one of the leading Republican voices on cybersecurity on the Hill, plans to step away from Congress at the end of his term.

And the four-term congressman’s departure sets up a major leadership shuffle on cyber issues on the House side.

— Why it matters: Gallagher has been a go-to Republican on cyber matters in the House, acting as congressional co-lead to the influential Cyberspace Solarium Commission 2.0 alongside Sen. Angus King (I-Maine), and as an active chair to both the House Armed Services cyber subcommittee and the House Select China Communist Party committee.

As the House's leading advocate for military cyber additions in the National Defense Authorization Act, Gallagher spearheaded key priorities like protecting mobility systems from cyber threats and studying whether the Pentagon needs its own cyber office.

His exit leaves King as the last man standing from the original CSC — a congressional group which sunsetted in 2022 — following the retirement of former Rep. Jim Langevin and Sen. Ben Sasse. The CSC and its private-public successor CSC 2.0 have driven most major cyber legislation on the Hill since 2020, which includes the creation of the Office of the National Cyber Director.

“Mike Gallagher has had a major impact on the cybersecurity legislation that has moved through Congress, he has a lot to be proud of,” Langevin told Morning Cyber. “So the work will continue, and be much more challenging without Mike there.”

— What comes next: Gallagher’s impending exit leaves a significant vacuum in GOP cyber expertise on the Hill at a critical policy juncture.

With Gallagher as the main driver behind cyber military provisions in the NDAA, critical issues he's pushed – such as securing ports and rails from cyberattacks, exploring a cyber office at the Pentagon and spotlighting cyber threats through prominent hearings – will need new Republican champions going forward.

“This will make 2024 an especially important year for cyber,” CSC 2.0 executive director Mark Montgomery tells MC on Gallagher’s departure.

That includes Gallagher serving as a counterweight to far-right Republicans pushing to defund CISA over anti-censorship talks (more on this later).

— Who’s up: Even though filling Gallagher’s shoes won’t be easy, his retirement looks to accelerate the rise of newer Republican voices on cyber like Rep. Andrew Garbarino (R-N.Y.), who chairs the House Homeland Security cyber subcommittee, and Rep. Morgan Luttrell (R-Texas), according to Montgomery.

Freshman Rep. Zach Nunn (R-Iowa), a former White House cyber director, has also expressed interest in leading on cyber policy, with his office telling Morning Cyber he “would be happy to consider any opportunities that become available” due to the retirement.

— Not close to over yet: We’re watching for some movement on legislation to come out of the Select China committee, with ranking member Raja Krishnamoorthi (D-Ill.) telling reporters the recent high-profile hearing with the government’s top cyber leaders on threats from China served as a catalyst for renewed focus on bipartisan efforts to combat hackers.

It also jump-started a conversation between Krishnamoorthi and Gallagher on pushing forward their bipartisan bill that would funnel unused federal Covid-19 funds into replacing Chinese tech in U.S. telecom systems due to concerns about potential spying.

Gallagher has said the committee is working to advance around 20 previously published recommendations aimed at strengthening defenses against Chinese cyber threats.

And “definitely” watch for the efforts to improve cybersecurity for critical infrastructure that facilitates military mobility before the year ends, Montgomery said.

BLAST FROM THE PAST — As House Speaker Mike Johnson eyes a potential floor vote this week on a revised Section 702 spy powers bill, Republican House candidate Joe Kent on Sunday tweeted out screenshots of a 2008 news article that made it seem like he thought Democrats were currently in charge of deciding what to do on FISA and wanted a secret debate on the issue, our Daniel Lippman writes in.

“House Democrats want a closed door ‘secret’ session to justify FISA warrantless spying on Americans,” Kent, a retired Green Beret who’s running for a second time in Washington state, posted on X. “If there was a common sense reason for FISA they’d argue for it in front of the American ppl. Given the natsec state’s record, why should we give them our blind trust?”

Reached for comment, Kent said in a brief interview that he “should have been more clear” when he included the old Roll Call article that it was about a past debate in Congress.

Soon after POLITICO reached out for comment — and five hours after the original post — Kent tweeted a follow-up: “The article below in the original post is from 2008, when FISA violations of our civil liberties were debated behind closed doors. FISA will likely be debated again this week, hopefully in front of the American people.

At the Agencies

CISA IN PERIL? — Democratic lawmakers are increasingly anxious that former President Donald Trump could decimate CISA if he wins reelection in 2024.

— Locked and loaded: CISA was in Trump's crosshairs in the final days of his term for disputing his baseless claims of election fraud. Now, with growing GOP calls to weaken CISA over allegations it pressured tech platforms to censor conservatives, Trump may see an opening to hobble the agency tasked with protecting critical infrastructure from cyberattacks.

"I'd be very concerned for CISA if Trump won a second term," said Rep. Glenn Ivey (D-Md.), one of almost a dozen members of Congress who spoke with Maggie and John. "There's a good chance he'd try to either eliminate it or totally neutralize it."

— Being really real: While Trump can't unilaterally abolish CISA, he could pack it with loyalists to slash operations, urge lawmakers to erase its budget and end efforts to fight foreign disinformation, Democrats fear.

Some Republicans are already laying the groundwork, with a House Judiciary Committee report blasting CISA as a federal "censorship" hub and more than 100 House Republicans trying to cut its budget by 25 percent. Even if Dems keep the Senate, Trump could veto attempts to protect CISA.

Get the full story from Maggie and John.

AN NSA LOOKBACK — Despite hanging up his government hat, former National Security Agency deputy director George Barnes remains deeply concerned about China’s growing cyber threat and the potential loss of critical U.S. surveillance tools to counter Beijing.

— China’s “long view”: In an interview last week with Maggie, Barnes — now leading Red Cell Partners’ cyber practice — says he’s witnessed China’s “methodical, strategic, long-view” evolution in cyberspace over his three decades at the NSA.

“They are patient learners and they would much rather forgo a quick win today if they can watch things play out and learn for tomorrow,” Barnes told Maggie in an interview last week. “That learning has made them better.”

This assessment comes as the Biden administration cracks down on Chinese cyber activities, disrupting a major hacking operation while raising alarms about a potential "cyber invasion." An early February report further confirmed Chinese hackers’ presence in U.S. networks for “at least” five years.

— Election security woes: During last year's meeting between President Joe Biden and Chinese president Xi Jinping, the Chinese leader reportedly promised no election interference. While generally being met with skepticism, Barnes believes any meddling would be "more careful and thoughtful" to avoid detection considering inroads made between the U.S. and China economically.

“That means we will have to be better to understand if it's happening and how it's being directed,” Barnes said.

— See to be seen: Barnes made clear how critical renewal of authorities under Section 702 of the Foreign Intelligence Surveillance Act is to countering threats from China and other adversaries, noting the provision is “a major tool that the U.S. relies upon for cybersecurity.”

The former deputy director warned that adversarial nations, such as China, are keeping a close eye on U.S. surveillance authorities to understand how to get around them.

“We're an open society,” Barnes said. “But we have to be mindful that we are educating the world.”

DON’T MISS POLITICO’S GOVERNORS SUMMIT: Join POLITICO on Feb. 22 to dive into how Governors are wielding immense power. While Washington remains gridlocked, governors are at the center of landmark decisions in AI and tech, economic development, infrastructure, housing, reproductive health and energy. How are they setting the stage for the future of American politics, policies and priorities? How are they confronting major challenges? Explore these questions and more at the 2024 Governors Summit. REGISTER HERE.

Vulnerabilities

CHINA’S MEDIA OFFENSIVE — Over the past two years, China has aggressively pushed narratives of alleged U.S. hacking operations through state media outlets and domestic cybersecurity firms in an apparent effort to counter growing Western criticism of Chinese cyber espionage activities.

According to a new report by SentinelLabs, China’s propaganda tactics intensified following a rare joint statement in July 2021 by the United States, the United Kingdom and the European Union condemning Beijing for “irresponsible behavior in cyberspace.”

Researchers found that China’s approach evolved from simply rehashing old leaked U.S. intel to making bold but evidence-free hacking claims aimed squarely at shaping global opinion.

— The truth is complicated: “Repeating China’s allegations helps the PRC shape global public opinion of the U.S. China wants to see the world recognize the U.S. as the ‘empire of hacking,’ the report says. “But outright ignoring China’s claims undermines public knowledge and discourse.”

The problem? China's allegations lack the technical analysis that gives Western cybersecurity firms' findings credibility.

Making matters worse, Chinese cybersecurity companies likely can't release supporting data due to state secrecy laws. So they're left parroting the Communist Party's evidence-free anti-U.S. narratives.

— Get this: China's propaganda push coincides with its Ministry of State Security launching a WeChat account to disclose alleged foreign spying cases, Sentinel Labs reported. Yet the bold accusations still lack hard evidence.

In July 2023, China's state-run Global Times alleged the U.S. hacked seismic sensors in Wuhan — without citing any technical evidence.

"To date, China has provided no reasonable evidence to support any of its claims," the report concludes.

— Exhibit A: Just last week, we reported China’s Foreign Ministry spokesperson Wang Wenbin blasting the U.S. for supporting “long-lasting, continuous cyberattacks” after outlining two reports from Chinese cybersecurity firm 360 Digital Security group that claimed to find numerous instances of U.S. cyber espionage and infrastructure hacking globally.

“Without exaggeration, the U.S. is the No. 1 source of cyber risks and challenges,” Wang said last Wednesday. “No country in the world can ever insulate itself from the threat of U.S. cyberattack.”

Tweet of the Day

Being vigilant doesn’t always work out.

Quick Bytes

RUSSIA USING STARLINK — Ukrainian intelligence claims Russian soldiers in occupied areas are using Starlink terminals for internet access, citing intercepted conversations and saying it's becoming "systematic." SpaceX denies selling to Russia and says Starlink isn't active there, reports POLITICO Europe’s Varg Folkman.

NOW YOU KNOW — WinStar's mobile app developer Dexiga left a database containing customer information unsecure, exposing details like names, addresses and phone numbers. Dexiga secured the database after being notified by TechCrunch, according to Zack Whittaker.

USERS EXPOSED — A bug in ExpressVPN's split tunneling feature leaked user browsing data to their ISPs for nearly two years. Affected users were exposed from May 2022 to February 2024, writes Bleeping Computer’s Bill Toulas.

Chat soon.

Stay in touch with the whole team: Joseph Gedeon (jgedeon@politico.com); John Sakellariadis (jsakellariadis@politico.com); Maggie Miller (mmiller@politico.com); and Heidi Vogt (hvogt@politico.com).