Monday, April 22, 2024

Gallagher’s ominous farewell

Delivered every Monday by 10 a.m., Weekly Cybersecurity examines the latest news in cybersecurity policy and politics.
Apr 22, 2024 View in browser
 
POLITICO's Weekly Cybersecurity newsletter logo

By Joseph Gedeon

With help from Alfred Ng

Driving the day

America's digital frontlines lie perilously exposed as the House's outgoing China committee chair makes one final warning that Beijing's hackers have burrowed deep into U.S. networks.

HAPPY MONDAY and welcome to MORNING CYBERSECURITY! Now that it’s officially company softball season I get to practice my trash talk. But these days it has a more cyber-y tilt. I can’t help it that my base running is more resilient than your company’s network.

Have any tips or secrets to share with MC? Or thoughts on what we should be covering? Find me on X at @JGedeon1 or email me at jgedeon@politico.com. You can also follow @POLITICOPro and @MorningCybersec on X. Full team contact info is below.

 

THE GOLD STANDARD OF POLICY REPORTING & INTELLIGENCE: POLITICO has more than 500 journalists delivering unrivaled reporting and illuminating the policy and regulatory landscape for those who need to know what’s next. Throughout the election and the legislative and regulatory pushes that will follow, POLITICO Pro is indispensable to those who need to make informed decisions fast. The Pro platform dives deeper into critical and quickly evolving sectors and industries—finance, defense, technology, healthcare, energy—equipping policymakers and those who shape legislation and regulation with essential news and intelligence from the world’s best politics and policy journalists.

Our newsroom is deeper, more experienced, and better sourced than any other—with teams embedded in the world’s most active legislative and regulatory power centers. From Brussels to Washington, New York to London, Sacramento to Paris, we bring subscribers inside the conversations that determine policy outcomes and the future of industries, providing insight that cannot be found anywhere else. Get the premier news and policy intelligence service, SUBSCRIBE TO POLITICO PRO TODAY.

 
 

Want to receive this newsletter every weekday? Subscribe to POLITICO Pro. You’ll also receive daily policy news and other intelligence you need to act on the day’s biggest stories.

Today's Agenda

National Science Foundation chief digital and AI officer Dorthy Aronson, General Services Administration chief data officer Zach Whitman and former NASA chief information officer Renee Wynn are joining a virtual conversation with the Government Executive Media Group on how each organization is using AI. 2 p.m.

On the Hill

TA-TA FOR NOW — In his closing act as Congressman and Chair of the House Select committee on China, Mike Gallagher (R-Wis.) fired a parting shot about the existential cyber threat America faces from Beijing’s hackers.

“The Chinese government is prepositioning on networks across this nation with the clear intent to cause maximum destruction and societal chaos at a time of their choosing,” Gallagher said to Morning Cyber when asked about his staying China concerns now that he’s leaving Congress.

— Enemy No. 1: His blunt assessment came moments after the House overwhelmingly passed Gallagher’s and ranking member Raja Krishnamoorthi’s (D-Ill.) joint legislation to force the sale of TikTok from the United States over national security concerns, which was tied to Saturday’s sweeping aid package for Ukraine and Israel.

It also comes on the heels of a star-studded testimony earlier this year from administration officials who briefed the committee on the cyber capabilities and suspect intentions of China’s increasingly brazen hacking operations — notably Volt Typhoon infiltrating American systems.

And things may only be getting more drastic, now that Chinese President Xi Jinping reorganized their military for the first time in nearly 10 years to create separate information, space and cyber forces — all aimed at giving China an advantage in modern warfare, which is increasingly focused on information dominance.

“The digital world brings a daily contest in cyberspace to American soil, where all Americans are on the frontline,” Gallagher said. “The stakes could not be higher.”

— Plans on pause?: Following that blockbuster late January hearing, Krishnamoorthi said the duo had been reinvigorated to push bipartisan efforts against Chinese hackers, including moving a bill to rip and replace Chinese telecommunications tech from U.S. systems using unused Covid funds.

Gallagher at the time told a pool of reporters that the committee was working to advance 20 policy recommendations to boost cyber defenses against Beijing’s cyber threats.

But with Gallagher out of the picture, the fate of those plans are unclear.

— What the future holds: Republicans are passing the baton to Rep. John Moolenaar (R-Mich.). Though he lacks Gallagher’s high profile on cyber issues, the new chair has indicated he plans to stay the course in pulling the cover off China’s cyberattacks on America.

“We experienced hacking at the highest levels of the federal government,” Moolenaar said in an interview with Michigan Public Radio early April, referencing the Commerce and State Department email attacks. “So a lot of nefarious activity that we need to continue to expose.”

The changing of the guard may not derail the committee's momentum. The buzz around town is that the new chair is a smart pick to maintain the bipartisan vibes Gallagher and Krishnamoorthi carved out, while keeping Beijing’s malicious cyber antics squarely in the crosshairs.

And because he isn’t retiring, Moolenaar’s leadership selection could signal the select committee’s continued presence in future Congress, said Mark Montgomery, executive director of the influential Cyberspace Solarium Commission 2.0.

“I think he would continue the committee's current agenda that has really put China, and especially its malicious cyber activity, front and center and has worked to improve the government's readiness to deal with CCP threats,” Montgomery tells MC.

IT’S TIME TO ANSWER — House Energy and Commerce leaders are hauling in the chief executive of UnitedHealth Group next month to get answers about February's massive cyberattack on the health giant's payment processing subsidiary.

Committee Chair Cathy McMorris Rodgers (R-Wash.) and Oversight & Investigations Subcommittee Chair Morgan Griffith (R-Va.) announced ahead of the weekend that UnitedHealth CEO Andrew Witty will testify at a May 1 oversight hearing about the hacking incident that devastated Change Healthcare's platforms.

— Still seething: The cyber breach at the major health IT vendor left doctors, hospitals and millions of patients unable to access medical records and process insurance claims for weeks. While operations have largely resumed, lawmakers remain livid over the attack's disruptions and potential threats to patient safety.

"Americans are still dealing with the fallout of the Change Healthcare hack. Individuals and smaller providers, in particular, have struggled financially following the cyberattack, threatening critical access for patients," Rodgers and Griffith said in a joint statement on Friday.

— What you can expect: In a blistering mid-April letter, Rodgers, Griffith, subcommittee on health chair Brett Guthrie (R-K.Y.) and their committee’s top Democrats demanded UnitedHealth turn over records and a timeline related to the hacking, pushing for more information on the perpetrators and the company's initial response.

Some of those big questions include:

  • A detailed timeline of when the breach was first detected and the company's response to contain it
  • Whether protected health data was compromised and how customers were notified
  • Findings from UnitedHealth's internal probe into the attack
  • Cybersecurity processes before and after acquiring Change Healthcare last year

The Republican chairs noted they hope to learn more details from Witty about what happened in the lead up to and in the weeks following the attack, as the committee weighs potential cybersecurity reforms.

 

POLITICO IS BACK AT THE 2024 MILKEN INSTITUTE GLOBAL CONFERENCE: POLITICO will again be your eyes and ears at the 27th Annual Milken Institute Global Conference in Los Angeles from May 5-8 with exclusive, daily, reporting in our Global Playbook newsletter. Suzanne Lynch will be on the ground covering the biggest moments, behind-the-scenes buzz and on-stage insights from global leaders in health, finance, tech, philanthropy and beyond. Get a front-row seat to where the most interesting minds and top global leaders confront the world’s most pressing and complex challenges — subscribe today.

 
 
Data Privacy

REQUESTS FOR EXEMPTIONS — Business groups are seeking exemptions to allow selling anonymized data and inferences to nations like China and Russia, undermining President Biden's executive order limiting data brokers from providing such information to foreign adversaries.

Privacy experts argue these exemptions would defeat the order's purpose of preventing national security risks from adversaries collecting Americans' data.

During the recent public comment period on the Justice Department's rulemaking, which closed Friday, industry groups like the Interactive Advertising Bureau and Business Roundtable, representing firms like Google, Amazon and Microsoft, requested exemptions for de-identified and anonymized data.

"Anonymized, pseudonymized, de-identified or encrypted data should be excluded,” Business Roundtable wrote, “if processes prevent re-identification.”

— Requests disrespect the EO: Justin Sherman, a Duke University researcher who published a report about national security risks from data brokers, told POLITICO such requests would significantly diminish Biden’s regulation. The executive order recognized AI's ability to re-identify anonymized data and that buying inferences still poses risks.

"Foreign governments have the capability to combine datasets together and do analysis to link data to specific people,” Sherman said.

Even inference data could be a concern, he added, noting he purchased people's financial habits during research, though not direct information like account numbers.

“Through our research program, I bought data on people in debt and who gamble, where I was not getting their bank account and routing numbers, but I was getting their names and addresses and other sensitive data,” Sherman said.

The International Scene

NEW TOOLS DISCOVERED — Ukrainian cybersecurity officials have uncovered and disrupted a major Russian cyber plot to paralyze energy, water and heating systems across the country.

The plan, uncovered by Ukraine’s computer emergency response team CERTU-UA over the weekend, says Russian hackers from the Sandworm group aimed to deploy new malware strains like LOADGRIP and BIASBOAT to breach up to 20 utilities in 10 regions.

The cyber offensive was timed to coincide with renewed Russian missile barrages this spring and "enhance the effect" on Ukraine's battered infrastructure, according to the CERT-UA assessment.

— Able to make limited break-in: CERT-UA says the hackers compromised at least three IT supply chains to gain initial access at targeted organizations. They then moved laterally using web shells to spread within corporate networks.

— Quick response: From March 7 to March 15, Ukrainian officials notified affected utilities, removed malware, patched vulnerabilities and implemented defensive measures after uncovering the intrusions.

People on the Move

Richard Horne has been named the next CEO for the United Kingdom’s National Cyber Security Centre. Horne is currently the head of Price Waterhouse Cooper’s UK’s cybersecurity practice, and will head to the NCSC later this year.

Tweet of the Weekend

Your move, cyber geniuses.

Source: https://twitter.com/vxunderground/status/1781880607233962170

Quick Bytes

WHAT’S UP WITH TIKTOK — The House passed a bill that could force TikTok to be sold within a year or be banned from U.S. app stores. The bill is now headed to the Senate and could be signed into law by Biden. POLITICO’s Rebecca Kern has all the details on what that means.

GITHUB TROUBLES — Attackers are exploiting a way to upload malicious files to GitHub repositories and disguise them as legitimate downloads. This can trick users into downloading malware because the file paths look like they belong to trusted sources, writes BleepingComputer’s Lawrence Abrams.

Government Surveillance Keeps Us Safe,” writes former Bush era national security official Matthew Waxman and former chair of the Privacy and Civil Liberties Oversight Board Adam Klein for The New York Times’ Opinion section.

Chat soon. 

Stay in touch with the whole team: Joseph Gedeon (jgedeon@politico.com); John Sakellariadis (jsakellariadis@politico.com); Maggie Miller (mmiller@politico.com); and Heidi Vogt (hvogt@politico.com).

 

Follow us on Twitter

Heidi Vogt @HeidiVogt

Maggie Miller @magmill95

John Sakellariadis @johnnysaks130

Joseph Gedeon @JGedeon1

 

Follow us

Follow us on Facebook Follow us on Twitter Follow us on Instagram Listen on Apple Podcast
 

To change your alert settings, please log in at https://login.politico.com/?redirect=https%3A%2F%2Fwww.politico.com/settings

This email was sent to edwardlorilla1986.paxforex@blogger.com by: POLITICO, LLC 1000 Wilson Blvd. Arlington, VA, 22209, USA

Unsubscribe | Privacy Policy | Terms of Service

No comments:

Post a Comment

Why It's Time to Hope

The stench of the Nifty Fifty... The destructive power of human nature... 'A big economic boom'... Milei's chain saw comes to ...