News: Presidential campaigns in the cyber spotlight

Monday, August 12, 2024

Presidential campaigns in the cyber spotlight

Aug 12, 2024

With help from Maggie Miller

Driving the day

— Experts are sounding the alarm on long-existing major cyber threats to campaigns following a hack and leak operation aimed at the presidential campaign of former President Donald Trump.

HAPPY MONDAY, and welcome to MORNING CYBERSECURITY! Seeing everyone at Black Hat and DEF CON was great, now excuse me while I recharge my social battery by staring at the wall for the next three days. If you need me (no you don’t), John’s inbox can’t wait to hear all the details.

Have any tips or secrets to share with MC? Or thoughts on what we should be covering? Find me on X at @JGedeon1 or email me at jgedeon@politico.com. You can also follow @POLITICOPro and @MorningCybersec on X. Full team contact info is below.

Want to receive this newsletter every weekday? Subscribe to POLITICO Pro. You’ll also receive daily policy news and other intelligence you need to act on the day’s biggest stories.

During unprecedented times, POLITICO Pro Analysis gives you the insights you need to focus your policy strategy. Live briefings, policy trackers, and and people intelligence secures your seat at the table. Learn more.

Today's Agenda

It’s Day 1 of TechCon365 Microsoft 365 and Power Platform Conference. Starts at 9 a.m.

Election Security

BUCKLE UP — After a week running around Las Vegas for Black Hat and DEF CON, Maggie and I thought we’d have some time to relax, but no.

The hack and leak operation aimed at former President Donald Trump’s presidential campaign is raising concerns around the cybersecurity of campaigns — though according to experts, there should have been red flags long ago.

As Maggie writes in, the leak, first reported by POLITICO on Saturday, involved what the campaign described as “foreign sources hostile to the United States” accessing, stealing and leaking confidential campaign information. The campaign blamed Iran, citing a Microsoft report out Thursday that noted Iranian hackers were targeting an unnamed presidential campaign, though POLITICO has not confirmed this.

— There’s history: Election security experts say this was predictable, given past incidents like the 2016 Russian operation against Clinton's campaign and attempts from Iran in 2020 to break into Trump presidential campaign emails. That same year, Google found evidence that China was trying to breach email accounts for staffers on the presidential campaigns of both Trump and Joe Biden.

Defending Digital Campaigns President Michael Kaiser calls it "a wakeup call to all campaigns."

“We can't speak to the cybersecurity of the Trump campaign and we of course don't know how the documents were obtained,” Kaiser said. “However, this should be a wakeup call to all campaigns large and small that campaigns are targets of nation states, hacktivists and cybercriminals.”

— Follow the money: A survey from earlier this year by DDC and Yubico found that 42 percent of respondents who had donated to a campaign say they’d be less likely to give again if it got hacked — and 30 percent said it could even sway their vote.

— Asking the hackers: The news broke during the annual DEF CON hacking conference in Las Vegas, sending ripples through the crowd at the Voting Village in particular, where attendees can root out vulnerabilities in voting machines.

“Campaigns are always targeted,” Harri Hursti, co-founder of the Voting Village and election security researcher, said Saturday on the sidelines of the conference. “When you’re dealing with the politicians, they don’t take security seriously, and shit happens.”

It’s an issue that Mick Baccio, former chief information security officer for Pete Buttigieg’s 2020 presidential campaign, saw firsthand. And in the four years since, he doesn’t believe campaigns have gotten better at prioritizing cybersecurity.

“I know there are campaigns who have lost several thousand dollars just to scams,” Baccio told Maggie last week at the Black Hat conference prior to the Trump campaign hack being revealed. “Campaigns are kind of on their own. There's no standard that says … I'm running for office, I need to have multi-factor authentication on all the accounts of people that touch me. … There's no best practices for that.”

— Old news: Jake Braun, the former White House acting principal deputy national cyber director, worked on the 2008 presidential campaign of former President Barack Obama, and said Chinese hackers went after that campaign for espionage purposes almost two decades ago.

“Unfortunately this isn’t even the new normal, it’s just the normal,” Braun said Saturday.

THE CONFERENCE CIRCUIT

COKER ON THE SCENE — Amid a sea of hackers sporting every look under the sun — including a notable furry contingent — National Cyber Director Harry Coker made his first appearance at the iconic DEF CON conference over the weekend.

Apart from the casual nature of the weekend, Coker used the opportunity to hear directly from a community on the front lines and offered insights into the Biden administration’s cyber priorities in a sit-down with Morning Cyber.

“It’s good to get outside of Washington and talk to different people with different perspectives,” Coker said.

— Technical policy appreciation: Coker mentioned a conversation he had during a tour of the villages, where someone brought up ONCD’s building blocks report from February. The person told Coker it was “unusual” for such a technical policy piece to come out of the White House — and they were grateful for it.

That feedback for substantive policy work resonated strongly with Coker and suggests a growing alignment (or at least explicit acknowledgment) between policymakers and the broader cybersecurity community.

— Streamlining cyber regulations: The ONCD chief also strongly backs a bipartisan bill from Senate Homeland Security and Governmental Affairs committee chair Gary Peters (D-Mich.) and James Lankford (R-Okla.) that looks to establish an interagency committee led by the ONCD to coordinate and streamline cyber requirements across federal agencies.

Coker framed the effort as both enhancing security and reducing compliance burdens for businesses and “hoping it becomes law by the end of this year.”

While specific agency involvement is still being determined, you can bet CISA will be involved.

— Actions incoming: Coker hinted at forthcoming efforts in the coming weeks to improve internet routing security, specifically mentioning Border Gateway Protocol as an area of focus — which addresses securing bulk internet routing.

The director highlighted Resource Public Key Infrastructure as a proposed solution to enhance routing security.

Coker also revealed that ONCD is working with the State Department to address the global nature of the issue. "There's no borders on the internet, and so securing capability based in the U.S. would be an improvement, but we need to secure capabilities around the globe.”

He also confirmed ONCD is collaborating on a new cybersecurity executive order expected this fall, though he deferred to Anne Neuberger, deputy national security adviser for cyber and emerging tech, for details. He did share that they hold meetings together at least once a week.

— Elephant in the room: The elections are just a couple months away, and because President Joe Biden is no longer running, there would be a definite administration change. Coker tells MC that he is a “yes” to staying on as the national cyber director in a new administration if asked.

"I would do that because the importance of cybersecurity and the challenges are not going away," he said, adding that he hopes cybersecurity “remains nonpartisan, because it affects us all.”

— We had to ask: Morning Cyber sat down with Coker right before the U.S. men's Olympic gold medal win in basketball on Saturday. With all things considered, we asked him the question of our time: Who is the GOAT, Michael Jordan or LeBron James?

Without hesitation he pointed to his shoes. They were Jordans.

DEF CON RECAP — Beyond speaking with Coker, your MC host along with Maggie spent the weekend at the DEF CON conference wandering the halls of the massive Las Vegas Convention Center and taking in the panels. Here are a few highlights:

— Hello from the AI-side: The robocalls to New Hampshire voters earlier this year that used a deepfake audio of President Joe Biden’s voice urging them to skip the primary vote was “disinformation,” the state’s top election official told Voting Village attendees — and more needs to be done to fight this threat.

“We’re taking the whole education component seriously, not just about AI, but the whole election process generally,” New Hampshire Secretary of State David Scanlan told Maggie after discussing the incident during a Voting Village talk. “We have to get back to fundamentals, basic understandings of how election systems work.”

It’s something the Biden administration is also keeping a close eye on. Anne Neuberger told Maggie and other reporters at DEF CON that the White House last week hosted banks, AI experts and voice actors on concerns around audio deepfakes. Neuberger said it was the second such meeting, and fed into work that Vice President Kamala Harris had done to tackle risks around the use of artificial intelligence.

— White House priorities: Neuberger also previewed a new cyber executive order that the White House is working on, and said that independently, the Biden administration is working with Congress to put together legislation to secure U.S.-made AI models from being stolen by adversarial nations.

— Vulnerability rebrand: During a drink and chat AMA on stage with conference founder Jeff Moss, CISA Director Jen Easterly quipped that it may be time to retire the word “vulnerability.”

"We should stop calling things vulnerabilities, because it really diffuses responsibility. We should start calling them product defects,” Easterly said, aiming to refocus the conversation on vendor responsibility.

The suggestion — which underlies shifting blame from cyberattackers to product quality — got a raucous applause from the room. Did somebody say Secure By Design?

— Threats are alive: While most of the DEF CON villages were hosted in partitioned off sections of the vast floor space of the Las Vegas Convention Center, the Voting Village was held in a small room upstairs — and this was no random decision.

Hursti, co-founder of the village, said having solid walls around the village’s voting infrastructure hacking area was essential to address threats, and helped the event’s security to better run the space. Despite this, Hursti said some of the individuals who have attempted to “incite violence” against the village online were present at DEF CON.

“I know who they are,” Hursti told Maggie, noting that in the case of one man, “our security had a word with him about, ‘You’ve haven’t done anything wrong, you can stay, but we are watching you.’”

The International Scene

DISINFO CALLING — Amid the recent violent clashes in the United Kingdom over false claims that a Muslim immigrant killed three girls, Russian disinformation agents waded in to amplify the racist messages already spreading organically on social media.

According to a report out today from Blackbird.AI, the company linked Russian state actors to just under 10 percent of posts pertaining to the riots. This was on top of around 14 “sub-narratives” that the company tracked on social media that were pushing engagement to fuel the rallies, according to Blackbird.AI CEO and co-founder Wasim Khaled.

“Ten years ago, or even five years ago, it would take state actors, or take bot networks to amplify some of these things, but today, there is almost a baseline to people that are ideologically aligned,” Khaled told Maggie on the sidelines of DEF CON.

It’s an issue the British government is aware of. Felicity Oswald, interim CEO of the U.K.’s National Cyber Security Centre, told reporters during a briefing at the Black Hat conference last week that while her agency “doesn’t have a specific role … it is clear that technology and social media has played a part in what’s happened.”

DON’T MISS OUR AI & TECH SUMMIT: Join POLITICO’s AI & Tech Summit for exclusive interviews and conversations with senior tech leaders, lawmakers, officials and stakeholders about where the rising energy around global competition — and the sense of potential around AI and restoring American tech knowhow — is driving tech policy and investment. REGISTER HERE.

Tweet of the Day

Petition to have more drinking on stage at conferences.

Screenshot of X post.

Quick Bytes

HAMSTER WHEEL — China is not slowing down its efforts to compromise U.S. critical infrastructure networks, despite a full-court press by the Biden administration to put the pressure on, Maggie reported from Black Hat.

NOTABLE ABSENCE — Ukrainian officials, and any panels on the cyber portions of the war against Russia, were entirely absent from both Black Hat and DEF CON, your MC hosts reported.

HELP FROM HACKERS — The organizers of DEF CON are looking to harness the skills of hacker attendees to create a volunteer group to secure critical infrastructure, Kevin Collier reported for NBC News.

AN INTERNATIONAL ICYMI — The first ever global cybercrime treaty was approved by a United Nations ad hoc committee, marking a victory for Russia which pushed for the treaty despite U.S. and other Western objections that it will justify state online repression, POLITICO’s Antoaneta Roussi reported.

Chat soon.

Stay in touch with the whole team: Joseph Gedeon (jgedeon@politico.com); John Sakellariadis (jsakellariadis@politico.com); Maggie Miller (mmiller@politico.com); and Heidi Vogt (hvogt@politico.com).