Protecting Covid-19 research from hackers — CISA needs budget help, administration says — Solarium talks cyber workforce

Delivered every Monday by 10 a.m., Weekly Cybersecurity examines the latest news in cybersecurity policy and politics.

Sep 08, 2020 View in browser   By Tim Starks With help from Eric Geller and Martin Matishak Editor's Note: Weekly Cybersecurity is a weekly version of POLITICO Pro's daily Cybersecurity policy newsletter, Morning Cybersecurity. POLITICO Pro is a policy intelligence platform that combines the news you need with tools you can use to take action on the day's biggest stories. Act on the news with POLITICO Pro. Quick Fix — Feds have been sounding the alarm about foreign nations stealing U.S. Covid-19 research. So: Do researchers have the defenses they need? — Joe Biden said Russian election interference remains a threat, while Hill Democrats demanded a briefing from the administration on election meddling. — The White House published a strategy on cybersecurity in space, which sounds at first like it would make a good science fiction movie. It probably wouldn't. HAPPY TUESDAY and welcome to Morning Cybersecurity! The last one's for the cyber heads. Send your thoughts, feedback and especially tips to tstarks@politico.com. Be sure to follow @POLITICOPro and @MorningCybersec. Full team info below. Health Care FENDING OFF COVID-19 RESEARCH HACKERS — The organizations now conducting Covid-19 research — hospitals, universities, pharmaceutical companies — had cyber worries aplenty even before the onset of the pandemic and the U.S. government's warnings that China and Russia were trying to steal their coronavirus work.   KEEP UP WITH THE WORLD FROM HOME: Our Global Translations newsletter, presented by Bank of America, layers international news, trends, and decisions that you may have missed with contextual analysis from the world's sharpest minds. For news, insight, and a unique perspective that you cannot find anywhere else, SUBSCRIBE TODAY.     But industry orgs and government agencies say they've mounted additional digital defenses to address new threats posed to Covid-19 research specifically, and they've made some progress — although everyone agrees there's still a lot to fix. — Playing catch-up: "The health care sector, broadly, has really been an underperformer from a cybersecurity perspective," Bryan Ware, assistant secretary for cybersecurity at CISA, told MC. Health care had the most breaches by industry in 2019, according to a Verizon report. Cyber firm RSA wrote last month that the sector relies on older IT systems and hasn't made cybersecurity a priority. While the picture isn't as dire for universities , they have "a bit of a different challenge," Ware said. "The university model is to be very open and transparent and to share and collaborate," he said, and adversaries can exploit that openness. In 2018, for example, prosecutors said Iranian hackers primarily seeking to steal research made off with at least 31 terabytes of data from 144 American universities, and broke into 176 foreign universities. Verizon's 2019 report said that despite some improvements in higher education, "the news still isn't great." Researchers defend their defenses. The health care sector has been improving on cybersecurity as it becomes aware of more threats, said John Riggi, senior adviser for cybersecurity and risk at the American Hospital Association. In education,"data has to be made public, but it's made public at a certain time on certain servers, but not in a way that should open you up to cyberattack," said Toby Smith, vice president for policy at the Association of American Universities. — The threat now: Some have questioned whether it would be so bad if China or Russia hacked U.S. Covid-19 research. Riggi answered: "If an adversarial nation steals U.S. Covid-19 vaccine research and develops it on their own, there's no guarantee that they would make it available to us." And it's not just hypothetical. Federal prosecutors in July charged two Chinese men with hacking hundreds of companies in the U.S. and elsewhere, as well as targeting three U.S. firms researching the coronavirus. Hackers are reportedly leaning on known, unpatched vulnerabilities to try to break into Covid-19 research companies and institutions. — What's been done, and what more is needed: In addition to public warnings and prosecutions, feds have offered classified and unclassified briefings to research institutions. Since March, CISA has increased network scanning of enlisted health care entities by 70 percent, Ware said, while noting that they're patching faster than other industry sectors. Riggi's association has also held briefings on the threat to hospitals during the pandemic. Smith's association updated its list of ideal actions to improve research cybersecurity as recently as May. Universities want the government to share more threat information they can act on, Smith said, but also said he'd like to see universities train faculty better on cybersecurity fundamentals. Riggi said Congress could help as well by passing legislation introduced this summer that's designed to crack down on foreign nations' theft of U.S. taxpayer-funded research. BIDEN, HARRIS SOUND RUSSIA ALARMS — Biden and his Democratic running mate Sen. Kamala Harris (Calif.) warned of Russian election interference over the weekend, even as top Trump administration officials — in contrast with U.S. intelligence statements — touted China as the greater election threat. Harris told CNN on Sunday that she believed Russian meddling could "theoretically" cost Democrats the election. Biden had emphasized Russia earlier. "There are a lot of countries around the world I think would be happy to see our elections destabilized," Biden said at a news conference on Friday. "But the one who's working the hardest most consistently and never has let up is Russia." He singled out Attorney General William Barr for contradicting the briefings Biden said he'd received. SCHIFF DRAWS A LINE — In what is likely a precursor to a subpoena, House Intelligence Chair Adam Schiff (D-Calif.) on Friday demanded that senior clandestine community officials participate in a classified briefing on election security next week. In a letter to Director of National Intelligence John Ratcliffe, Schiff requested that officials from the NSA, CIA, FBI and DHS participate in the session, adding that he "expects" National Counterintelligence and Security Center chief Bill Evanina and Shelby Pierson, the intelligence community's election security czar, to attend as well. An ODNI spokesperson declined to comment. Ratcliffe last month informed congressional committees that in-person briefings on election security would no longer take place in order to avoid leaks. Instead, lawmakers would receive written "intelligence products." However, Senate Intelligence Committee Chairman Marco Rubio (R-Fla.) last week said he expected to continue to receive in-person briefings. On Sunday, Schiff accused Attorney General William Barr of lying when he said China posed the greatest threat to the 2020 election. "That's just a plain false statement by the attorney general, a flat-out false statement," he said in an interview with CNN. "What Bill Barr just did in that statement was just flat-out mislead the American people."   A BETTER WAY TO WORK: 62% of policy professionals still track policy manually, but there's a better way. Keep your policy team aligned as you work to achieve your policy goals with "Projects," a new tool available through the POLITICO Pro Platform. Learn more.     Space PUTTING THE "SPACE" IN "CYBERSPACE" — Space assets such as satellites must be able to receive security updates and handle remote troubleshooting given their distant nature and increasingly vital role in American life, President Donald Trump said in a space policy directive establishing cybersecurity principles for spaceborne platforms . The order, issued Friday, comes as the Pentagon stands up its new Space Force and as military leaders plan for a rising tide of cyberattacks on the space assets that power GPS and other vital networks. It also reflects the fact that, while the military's new space warfare branch may have stolen some of Cyber Command's thunder with a more viscerally appealing mission, cybersecurity is vital to that mission, too. Trump's order lays out essential security features for all space systems, including the ability to recover control of wayward space vehicles, the prevention of unauthorized access and resilience in the face of jamming and spoofing efforts. Ground-based systems that communicate with space assets must also be secure, according to the directive, and should rely on the NIST cybersecurity framework and other guidance "to reduce the risk of malware infection and malicious access to systems, including from insider threats." ANOMALOUS BEHAVIOR — CISA needs Congress' help to be able to spend money in an upcoming stopgap funding measure using the structure of the fiscal 2021 budget request, according to a list of funding exceptions, or anomalies , obtained by POLITICO. Otherwise, it would have to spend operations and support account funds under the fiscal 2020 budget structure. "This administrative burden would adversely impact CISA's mission execution, as staff would devote more time to duplicate administrative work," the document reads. Additionally, CISA needs Congress to authorize its payments to non-CISA winners of the cybersecurity President's Cup, it says. SOLARIUM DRILLS DOWN ON WORKFORCE — The Cyberspace Solarium Commission has released its third white paper to expand on its report from earlier this year , this time on workforce development. Published on Friday, it says a commission-recommended national cyber director should develop a strategy based on five structural elements, each with further policy proposals. Those elements, and some examples, are: organize (identifying cyber occupational classifications); recruit (expanding CyberCorps: Scholarship for Service); develop (investing in apprenticeship programs); retain (making pay more flexible); and stimulate growth (promoting diversity). TWEET OF THE WEEKEND — And this is why Boston Dynamics STILL must be stopped. RECENTLY ON PRO CYBERSECURITY — A CISA directive spelled out steps for creating vulnerability disclosure government programs, and federal agencies have until March 1 to launch them. … The FBI and CISA clarified that they haven't seen cyberattacks on voter registration databases this year. … Electronic pollbooks have grown more popular despite security questions. … Two threat sharing centers are expanding a free service touted for blocking ransomware to more local governments and election agencies. … Democratic senators want the Treasury Department to sanction Russia over 2020 election interference. A federal appeals court ruled that an NSA program that vacuumed up details on billions of Americans' phone calls was illegal and perhaps unconstitutional. … "The Justice Department and the FBI rolled out a series of reforms ... intended to fortify procedures for seeking approval of intelligence-related surveillance of elected officials and campaign staff." The FCC found that replacing Huawei and ZTE gear would cost at least $1.84 billion. … The Office of Management and Budget solicited feedback on the structure of a council on supply chain security. The chairman of the Senate Banking Committee called on the Office of the Comptroller of the Currency to develop rules for banks using cryptocurrencies. … Florida school officials said a local high school student was behind attacks that hit Miami-Dade County's first week of online classes. … Proofpoint said that Chinese hackers used coronavirus-themed emails to target European diplomatic and policy-oriented services. … A potential TikTok breakup in the U.S. is complicating things for European regulators. Quick Bytes — Transportation Department inspector general: The Federal Aviation Administration et al have made some progress on the Aviation Cyber Initiative. — SchmooCon 2021 won't be live. — ACFCS: The Treasury's Department's Financial Crimes Enforcement Network issued a vague notice of a breach. — C4ISRNET: Army Cyber Command says its new HQ will allow it to take a more direct role on its offensive mission. — ZDNet: SWIFT said cryptocurrencies play only a small role in laundering hacked bank funds. — Gizmodo: A prison phone app exposed millions of inmates' personal data and messages. — Forbes: What'sthe cyber take on K-pop fans? — The Washington Post: The president and his allies are ramping up disinformation. — The New York Times: It's not likely Facebook's late-election political ad blocking will be very effective. — The Wall Street Journal: The FBI is intensifying its probe of Chinese researchers for ties to their country's military. — ZDNet: A Chilean bank hit by ransomware shut down all its branches. — Bleeping Computer: The Argentinian government also got hit by ransomware. — Also also hit by ransomware, via CyberScoop: government-run organizations in the Middle East and North Africa. That's all for today. Stay in touch with the whole team: Eric Geller (egeller@politico.com, @ericgeller); Bob King (bking@politico.com, @bkingdc); Martin Matishak (mmatishak@politico.com, @martinmatishak); Tim Starks ( tstarks@politico.com, @timstarks); and Heidi Vogt (hvogt@politico.com, @heidivogt).   Follow us on Twitter Heidi Vogt @HeidiVogt Eric Geller @ericgeller Martin Matishak @martinmatishak Tim Starks @timstarks   Follow us

To change your alert settings, please log in at https://login.politico.com/_login?base=https%3A%2F%2Fwww.politico.com This email was sent to majed2aboshddad.majed@blogger.com by: POLITICO, LLC 1000 Wilson Blvd. Arlington, VA, 22209, USA Please click here and follow the steps to unsubscribe.