Wednesday, September 4, 2024

Dance of the cyber superpowers

From the SitRoom to the E-Ring, the inside scoop on defense, national security and foreign policy.
Sep 04, 2024 View in browser
 
POLITICO's National Security Daily newsletter logo

By Maggie Miller and Eric Bazail-Eimil

Merrick Garland (center) speaks at an Election Threats Task Force meeting.

“We will be relentlessly aggressive in countering and disrupting attempts by Russia and Iran, as well as China or any other foreign malign actor to interfere in our elections and undermine our democracy,” said Attorney General Merrick Garland (center) during a meeting of DOJ’s election threats task force today. | Andrew Harnik/Getty Images

With help from John Sakellariadis and Daniel Lippman

Subscribe here | Email Eric

The U.S. is firing on all cylinders to address Russia’s digital mischief ahead of the election, while also working to defend against a persistent, dangerous threat from Chinese hacking group Volt Typhoon.

As part of a major announcement around efforts to combat Russian election interference, the Justice Department announced today it had seized more than 30 websites linked to the Russian government that were used to spread disinformation and linked to the well-known Russian “Doppelganger” campaign. The Justice, State and Treasury Departments also indicted employees of Russian state-controlled outlet RT and sanctioned RT’s editorial leadership and leaders of its allegedly-aligned hacking group RaDHit.

“These actions that we undertook today really show and are an example of the, I think, more diverse and more aggressive foreign malign influence efforts that we are seeing in this election cycle,” Deputy Attorney General LISA MONACO said at the Justice Department’s Election Threats Task Force meeting today.

Other state actors are also trying to interfere in the elections. Iran was linked last month to a hack and leak effort aimed against the presidential campaign of former President DONALD TRUMP, while social media analytics company Graphika published findings on Tuesday indicating that Beijing is behind some limited disinformation efforts aimed at U.S. elections.

But amid the concerns about the elections, one Chinese hacking group, in particular, is constantly being brought up at this week’s Billington Cyber Summit in downtown Washington: Volt Typhoon.

China claims it is not responsible for the group’s activities, but top Biden administration officials have raised the group’s activities with Chinese counterparts in the past year. Though Volt Typhoon has not (so far) been caught targeting U.S. elections, hackers linked to the group, which experts and the U.S. believe is backed by Beijing, have been found in U.S. critical infrastructure networks across a wide range of sectors, including military networks in Guam, and could be waiting to cause chaos in the event of a future war with the U.S. over Taiwan or other geopolitical issues.

“They’re repositioning, or positioning, this enormous hacking enterprise to be able to attack us at a time of their choosing,” CYNTHIA KAISER, deputy assistant director of the FBI’s Cyber Division, said Wednesday during a panel at the conference. “Being able to get all of the specific details to everybody, how they’re doing it, what might be occurring, it’s just so important to understanding it.”

“They are not there for intelligence purposes, they are there to gain access, they are there to maintain access,” MATTHEW HARTMAN, deputy assistant director of the Cybersecurity and Infrastructure Security Agency, said during a Tuesday panel. Hartman added that the federal government’s response to Volt Typhoon’s activity — and calling it out publicly — was “the biggest change to the environment I have seen during my 16 years at CISA.”

The group’s tactics for accessing networks are expansive and ever-evolving. They include the use of basic phishing emails to steal login credentials, but also the use of far more sophisticated efforts, such as strategies created for specific networks, and even the use of zero-day vulnerabilities, which can be exploited to hack into a network without the owner doing anything.

“We’re watching threat actors, Volt Typhoon is one that comes top of mind, who are evolving to the point that it is becoming very difficult to detect what they’re doing,” SANDRA JOYCE, vice president of Google Threat Intelligence at Google Cloud, said during a Tuesday panel.

Secretary of State ANTONY BLINKEN and other U.S. diplomats confronted Chinese officials about the group’s activities during in-person meetings in Beijing in April. But Volt Typhoon’s activities have not stopped. Cybersecurity experts at the recent BlackHat and DEFCON conferences in Las Vegas all told POLITICO they didn’t see any end in sight for Volt Typhoon’s activities — but that doesn’t mean the federal government should stop trying to root them out of critical networks.

“What we’re looking at is a strategic, persistent, patient campaign that’s going to go on and on and on,” ANDREW SCOTT, a leader at the CIA’s Center for Cyber Intelligence, said at the conference Wednesday. “So, this is about collectively government and industry continuing to work together.”

The U.S. government agrees. “We will be relentlessly aggressive in countering and disrupting attempts by Russia and Iran, as well as China or any other foreign malign actor to interfere in our elections and undermine our democracy,” said Attorney General MERRICK GARLAND during a meeting of DOJ’s election threats task force today.

A message from Lockheed Martin:

Next-gen missions demand next-gen digital innovations

We’re transforming the way the U.S. Navy deploys combat system capability to defend against sophisticated threats. Learn more.

 
The Inbox

BLINKEN IN HISPAÑOLA: SecState Blinken is headed to Haiti and the Dominican Republic Thursday and Friday, State Department spokesperson MATTHEW MILLER said in a press release today. Blinken will meet with the leaders of Haiti’s transitional government and the multinational security support mission working to defeat the country’s gangs. He will also meet with Dominican President LUIS ABINADER.

DOWN, BUT NOT OUT: Mediators’ confidence in reaching a cease-fire and hostage release deal may have been dashed following Hamas’ execution of six Israeli hostages this past weekend, but the U.S. and other international brokers are preparing for another push to finally secure an agreement between Israeli leadership and Hamas.

As The New York Times’ RONEN BERGMAN, ADAM RASGON, AARON BOXERMAN and JULIAN BARNES report, Qatar and Egypt are revising existing proposals and discussing changes with U.S. and Israeli officials. And U.S. officials are telegraphing that they hope to finalize the proposal by today or Thursday.

U.S. officials are experiencing a sense of renewed urgency following the killings, per The Wall Street Journal’s ALEX WARD, particularly after the death of American-Israeli citizen HERSH GOLDBERG-POLIN, whose story received widespread attention and who friends and family described as an advocate for justice and peace. But negotiators acknowledge that any cease-fire proposal released in the coming days, though it might be the most detailed to date, will not be the final draft, as Israeli leadership doubles down on its demands for control of the Philadelphi corridor, a strip of territory separating Gaza and Egypt that Israel says it wants to manage for security reasons.

CHINA’S CHARM OFFENSIVE: China is pulling out the red carpet for African heads of state this week as it continues to expand its economic and political footprint on the continent.

As the Wall Street Journal's SHA HUA and GABRIELE STEINHAUSER report, China is expanding its trade with the continent, and countries on the continent view Beijing as a development model to be emulated. And China is billing its efforts to finance developing countries’ debts and expand trade as a move toward deeper “solidarity and cooperation.” However, Western critics have cautioned against China’s expansion plans and have warned about African nations being pushed into a debt trap that could pressure them into becoming vassal states.

China’s increased connections with Africa come as the U.S. has struggled to shore up its own footing in the region over the last few years. A spate of coups in West Africa have strained ties with previously critical security partners in the global war on terror and the U.S. has struggled to match Chinese investment on the continent.

SAILOR DETAINED IN VENEZUELA: A U.S. Navy sailor was detained by Venezuelan intelligence in the South American country’s capital of Caracas, per the Associated Press’ TARA COPP. U.S. officials told the AP that the enlisted sailor, who was not on authorized leave or official travel, was taken into Venezuelan custody on or around Aug. 30.

IT’S WEDNESDAY. Thanks for tuning in to NatSec Daily! This space is reserved for the top U.S. and foreign officials, the lawmakers, the lobbyists, the experts and the people like you who care about how the natsec sausage gets made. Aim your tips and comments this week at ebazail@politico.com, and follow Robbie and Eric on X @RobbieGramer and @ebazaileimil.

While you’re at it, follow the rest of POLITICO’s national security team: @nahaltoosi, @PhelimKine, @connorobrienNH, @paulmcleary, @magmill95, @johnnysaks130, @ErinBanco, @reporterjoe, and @JGedeon1

 

Advertisement Image

 
ELECTION 2024

TRUMPS GET HACKED: Add TIFFANY TRUMP and LARA TRUMP to the list of Trump friends, family and associates who have been hacked recently.

As our own MERIDITH McGRAW reported Tuesday night, X accounts for Lara Trump, the co-chair of the Republican National Committee and the former president’s daughter-in-law, and Tiffany Trump, his youngest daughter, posted in support of a bogus cryptocurrency venture last night. ERIC TRUMP, the Republican nominee’s son, wrote on the social media platform that they had been hacked.

“This is a scam!!!” Eric Trump said. “@LaraLeaTrump and @TiffanyATrump‘s Twitter profiles have been compromised!!” The posts by Lara and Tiffany were then deleted.

Eric Trump then posted “@twitter was amazing” and that the women’s accounts were locked down “within minutes.”

The Complex

BALTIC BOOST FOR UKRAINE: Lawmakers visited NATO allies on the alliance’s eastern flank last week, and as our friends at Morning Defense (for Pros!) report, they got an earful from Finnish, Latvian, Lithuanian and Estonian officials about the need to remove restrictions on Ukraine’s use of U.S. weapons against Russia.

“We heard everywhere we went" about changing the policy, Sen. MARK KELLY told our own CONNOR O’BRIEN. "All four countries, from almost everybody." The Baltic leaders, he explained, remain worried that “If [Putin] is allowed to win in Ukraine, we will be next."

The entreaties appear to be working. Kelly, who once opposed lifting restrictions, changed his tune in an appearance on CBS News’ Face the Nation over the weekend. The Arizona Democrat told Connor that he’ll raise the concerns from Baltic leaders with the White House.

"I think it's the right thing to do. There are supply depots and air bases that they could range with the ATACMS rounds that the Russians are using in areas that have become essentially a safe haven that they can freely operate in," he added. "And it's not a fair fight. Why do they get that?"

On the Hill

FIRST IN NATSEC DAILY — SUPPLEMENTAL FUNDING WORRIES: A leading advocate for supporting Ukraine is sounding the alarm that billions of dollars in military assistance to Ukraine remain unspent and could disappear by the end of September if congressional appropriators fail to act quickly.

In a letter to the top Democrats and Republicans on the House and Senate Appropriations Committee, shared exclusively with NatSec Daily, MYKOLA MURSKYJ, the director of advocacy at Razom for Ukraine, argued that the presidential drawdown authority written into the April supplemental is essential for keeping Ukraine’s war effort going, and that allowing the billions to remain unspent will set back Kyiv’s progress on the battlefield.

“To give the Biden administration the ability to continue robust military assistance for Ukraine and send a clear signal to Russian President Vladimir Putin that the United States will not back down in its support for Ukraine, existing PDA must be extended,” Murskyj wrote.

The future of Ukraine aid is likely to become another item on Congress’ to-do list as they work to avoid a government shutdown and broker a longer-term spending deal for the country’s military when they return from August recess next week.

Broadsides

MORE HEADS ROLL IN KYIV: More cabinet ministers are on the outs as Ukrainian President VOLODYMYR ZELENSKYY launches another major government reshuffle amid Russia’s invasion.

Foreign Minister DMYTRO KULEBA tendered his resignation today, providing no reason for his departure. And a top member of Zelenskyy’s political party said as many as half of the country’s ministers could be replaced, as Zelenskyy seeks to infuse “new energy” into the Ukrainian government two years into its war effort.

It’s not the first time Zelenskyy has cleared out his cabinet — earlier this year, Zelenskyy subbed out VALERII ZALUZHNYI as the country’s top military commander — but it is the largest and most extensive reshuffling since the war began. And it comes as Ukraine seeks to steady its advances in Russian border regions and thwart Russia’s gains in its eastern provinces.

Read: ‘We behave like humans’: How Ukraine frames its fighting and the laws of war by our own VERONIKA MELKOZEROVA

Transitions

— Former Ambassadors NIKKI HALEY and MAX BAUCUS have joined Edelman. Haley, formerly U.S. ambassador to the United Nations, will be vice chair of Edelman Global Advisory. Baucus, a former U.S. Senator and ambassador to China, will be senior adviser.

— Swedish Foreign Minister TOBIAS BILLSTROM will resign from his post, per our own JOE STANLEY-SMITH. Billstrom, who is leaving politics completely, oversaw Sweden’s entry into the NATO alliance.

SHANE J. PARKER is now director for budget review and assessment in the Office of the National Cyber Director. He most recently served as the budget director and deputy performance improvement officer for the Department of Homeland Security’s Science and Technology Directorate.

— Forterra has added CHANNING LEE FOSTER as head of public affairs and PAUL BENFIELD as head of strategy. Foster previously was with Invariant’s defense and national security practice. Benfield previously was a director at Pallas Advisors.

SUSAN BUIKEMA-MILLER is now head of public sector communications at Amazon Web Services. She most recently was director of public affairs for government affairs at Lockheed Martin and is a CIA and ODNI alum. SYDNEY ERHARDT is also shifting to public relations specialist for U.S. public sector at Amazon Web Services. Erhardt most recently was a press officer at the FBI.

JAMIE LAWRENCE is now director of government affairs and public policy at Adobe. She most recently was deputy assistant secretary for private sector at the Department of Homeland Security.

A message from Lockheed Martin:

21st Century Security® Solutions that Power Multi-Domain Operations

Lockheed Martin and the U.S. Navy’s Integrated Combat System utilizes common software and computer infrastructure to rapidly field capability across the surface fleet and all domains. Learn more.

 
What to Read

IRIE SENTNER, POLITICO: Foreign governments are increasing their attempts to influence US officials. Here are some recent examples.

SYLVIE KAUFFMANN, Le Monde: Western policy allows Ukraine to wage war, but not win it or survive afterward

JUAN GABRIEL TOKATLIAN, Americas Quarterly: Donald Trump and the return of the Monroe doctrine

Tomorrow Today

Arab American Institute, 10:30 a.m.: Release of a poll on "American Attitudes: Shifting Realities After the Unfolding Genocide in Gaza"

Brookings Institution, 11:30 a.m.: Lessons in leadership at home and abroad, a conversation with Ambassador SUSAN RICE

George Washington University Elliott School of International Affairs, 12 p.m.: Leadership in national security

National Endowment for Democracy, 4:30 p.m.: Honoring former Guatemalan Ambassador to the United States FRANCISCO VILLAGRAN and discussing "the challenges and opportunities for Guatemala's democracy today"

Thanks to our editor, Rosie Perper, who is always preparing for cyber warfare. 

Thanks to our producer, Giselle Ruhiyyih Ewing, who has no affiliations with cyber criminals. 

 

Follow us on Twitter

Eric Bazail-Eimil @ebazaileimil

 

Follow us

Follow us on Facebook Follow us on Twitter Follow us on Instagram Listen on Apple Podcast
 

To change your alert settings, please log in at https://login.politico.com/?redirect=https%3A%2F%2Fwww.politico.com/settings

This email was sent to edwardlorilla1986.paxforex@blogger.com by: POLITICO, LLC 1000 Wilson Blvd. Arlington, VA, 22209, USA

Unsubscribe | Privacy Policy | Terms of Service

No comments:

Post a Comment