Securing Democracy Dispatch

The U.S. annual defense spending bill includes measures to improve cybersecurity, but not election security: On June 13, the House Appropriations Committee approved the 2019 National Defense Authorization Act (NDAA) that will allocate nearly $675 billion to the Pentagon in the next fiscal year. The legislation contains measures to improve cybersecurity, including mandates for the Department of Defense to develop a “cloud strategy” for dealing with cyber threats and to brief both Appropriations committees every quarter about its cyberspace activities. The committee also approved an amendment that encourages the Pentagon to continue developing prototypes that boost cyber situational awareness and electronic warfare capabilities. The Senate version of the bill establishes a policy that the United States should employ all instruments of national power, including the use of offensive cyber capabilities, to deter and respond to cyber-attacks that target U.S. interests, and authorizes the National Command Authority to direct U.S. Cyber Command to take appropriate and proportional action through cyberspace to disrupt, defeat, and deter systematic and ongoing attacks by Russia in cyberspace. Finally, the Senate bill includes measures that would ban government agencies from buying or leasing telecommunications equipment and services from Chinese telecom firms Huawei and ZTE. However, the final Senate bill failed to include amendments that would have put the power of legislation behind Department of Homeland Security (DHS) efforts to improve election security, and raised security requirements for internet-connected devices purchased by the government. (House.gov, Senate.gov, Politico, The Hill)

Senate holds hearings on preventing foreign election interference ahead of the U.S. midterms: According to Politico, Special Counsel Robert Mueller’s office asserted in a court filing that Russian intelligence agencies are trying to meddle in the 2018 U.S. midterm elections. The Senate Judiciary Committee held a hearing to discuss what the federal government can do to secure U.S. elections moving forward, and how to improve communication and collaboration between federal agencies and state election officials. Senior cybersecurity advisor at DHS Matthew Masterson explained that the recent $380 million allocated to election infrastructure was a good start, but it would not be enough to secure elections. Masterson agreed that the primary challenge for election manipulation is disinformation; Sen. Amy Klobuchar (D-MN) argued that passing the Honest Ads Act would be a step in the right direction to defend against this threat. Wilson Center Global Fellow Nina Jankowicz emphasized that America needs to educate its citizenry to deal with disinformation though critical thinking, civics education, source evaluation, and discourse. Separately, the Senate Rules Committee announced plans to bring state and county election officials to DC on June 20 for the first in a series of hearings examining the nation’s readiness to fend off hackers in the midterm elections. According to the Committee, the hearing will include “a discussion of issues relating to information sharing efforts coordinated by [DHS], the awarding of $380 million in grants to states to improve their election infrastructure, and current legislative proposals before the Senate.” (Politico, Senate.gov, Inside Cybersecurity)

Democratic Senators introduce legislation to require paper ballot voting for federal elections: A group of Democratic senators led by Ron Wyden (D-OR) introduced the Protecting American Votes and Elections Act of 2018, which would require paper ballots and statistically rigorous “risk-limiting” audits for all federal elections. Currently, 18 states use paperless machines in at least some jurisdictions, and 22 states do not require any post-election audits. Congressman Earl Blumenauer (D-OR) plans to introduce a House companion bill. Newly-confirmed Undersecretary of the National Protection and Programs Directorate (NPPD) at DHS, Chris Krebs, visited Arlington, Virginia to study how the county is managing its voting technology ahead of the state’s primaries on June 12. County Registrar Linda Lindberg noted that the county uses paper ballots for all of its elections, and Krebs stated the need to maintain a “voter-verifiable paper trail.” Election security experts have increasingly urged states to abandon electronic voting machines in favor of having a paper record of all ballots cast, in order to prevent hackers from breaching their systems and attempting to alter voter data. (ARL now, Senate.gov)

The EU calls for coordinated responses to hybrid threats: The European Parliament adopted a resolution calling for more European cooperation on cyber defense in response to recent cyber-attacks on critical EU infrastructure by Russia, China, and North Korea. Members of Parliament (MEPs) also advised EU member states to improve their cyber defense expertise, with MEP Marietje Schaake urging them to appoint an EU cyber envoy to coordinate the bloc’s efforts to advance an open and secure internet in its dealings with third countries: “Currently, cybersecurity and the promotion of norms for responsible state behavior online are still being treated as an afterthought. That needs to change.” The EU commission also called for governments to publicly attribute blame for attacks in a report published on June 13: “The EU and its member states need to improve their capacity to attribute cyber-attacks, not the least through enhanced intelligence sharing. Attribution would deter potential aggressors and increase the chances that those responsible will be made properly accountable.” The report describes the Commission’s strategy for coordinating EU-wide responses to hybrid threats, and a plan to expand the Commission’s Stratcom East unit, which responds to Russian online “disinformation campaigns conducted by hostile actors.” (Telecompaper, European Commission)

U.S. anti-money laundering (AML) bill neglects beneficial ownership as Denmark pushes on AML: The United States is a leader in anonymous company formation, allowing illicit actor to move money into the country opaquely. The U.S. House Financial Services Committee marked up the Counter Terrorism and Illicit Finance Act, removing provisions that could have ended the U.S. role as the world’s anonymous company capital. While the initial draft of the bill contained detailed measures to collect information about shell companies’ beneficial owners (“natural persons” who actually own a company as opposed to a legal entity or nominee), the marked up bill contains almost no language on beneficial ownership, instead calling for a “study” on the topic. The Committee’s decision comes even as support for beneficial ownership legislation builds. On June 8, Delaware’s Secretary of State Jeffrey Bullock wrote a letter to the Committee Chairman and Ranking Member in support of the beneficial ownership principles included in the original Act. Meanwhile, investors in Denmark urged Danske Bank to step up the pace of money laundering reform, following shortcomings in its anti-money laundering controls in Estonia. The bank says it closed down the Estonian non-resident accounts in question and is doing all it can to prevent criminal abuse. Additionally, the Danish government has called on the EU to play a bigger role in helping national authorities fight money laundering. Latvia, amid money-laundering investigations and a corruption probe into its central bank governor, is also stepping up its efforts to fight money laundering following increased pressure from Washington. (Congress.gov, ThinkProgress, FACT Coalition, Reuters, Bloomberg)

Facebook responds to U.S. lawmakers` questions amid ongoing challenges: Facebook turned in more than 450 pages of documents to Members of Congress, answering the questions posed to CEO Mark Zuckerberg during his congressional hearings in April. The company emphasized that it is learning from its mistakes and giving users more control over their information, but deflected questions about Facebook’s increasing market power and influence in the world. The company also announced new privacy controls, which it claims will better inform users about the way companies are targeting them with advertising. Meanwhile, a group of seven media associations sent Facebook a letter protesting its issue ads policy that would bunch news articles in with political and advocacy ads as part of an effort to be more transparent about political advertising on the social network. (The Wall Street Journal, Bloomberg, Reuters, Digiday)

Apple takes measures to protect user data: Apple Inc. announced plans to close the technological loophole that allows law enforcement to hack into iPhones to obtain evidence for criminal investigations. The company also updated its rules to restrict app developers’ ability to harvest data from mobile phones, which could affect a Facebook-owned data security app called Onavo Protect that feeds information to Facebook about other apps on users’ phones and how much they use them. Ryan Dochuk, CEO of VPN TunnelBear, explained that Onavo “talks about being a VPN that keeps your data private, but behind the scenes it’s harvesting your data for Facebook.” Apple’s new App store rules explicitly ban the collection of “information about which other apps are installed on a user’s device for the purposes of analytics or advertising/marketing.” The Wall Street Journal reported that as Apple tries to enforce new privacy policies across its vast network of iPhone and iPad apps, “the process is exposing longstanding gaps that left users’ data vulnerable to abuse.” (The New York Times, The Guardian, The Wall Street Journal)

Experts express concern over China’s expanding influence: The Wall Street Journal reported that China is establishing an electronic identification system to track cars nationwide, “adding to a growing array of surveillance tools the government uses to monitor its citizens.” Experts are concerned that once this system is implemented in the world’s biggest automotive market, it will significantly expand China’s surveillance network. Ben Green, a fellow at Harvard University’s Berkman Klein Center for Internet and Society, observed that in the backdrop of an authoritarian government, “it’s really hard to imagine that the primary use case is not law enforcement surveillance and other forms of social control.” At the same time, Wired revealed that over the past five years, the Chinese government donated computers and equipment to governments in over 35 countries. Author Elise Thomas suggests that “in the highly charged context of China’s global rise to power, and against the long history of Chinese cyber operations, perhaps governments should be asking themselves whether such gifts are really free.” In the United States, a bipartisan group of senators wrote a letter to President Trump urging him to create a “comprehensive strategy” to combat Chinese interference in democracies around the world. (The Wall Street Journal, Wired, The Daily Beast)

U.K. Committee questions Russia-Brexit connection as experts weigh in: As part of its inquiry into “fake news,” the U.K. Digital, Culture, Media and Sport Committee questioned Arron Banks and Andy Wigmore, prominent figures in the 2016 campaign for the Leave campaign. Banks and Wigmore accused the committee members of being biased against people who campaigned in favor of Brexit and called the investigation a “witch hunt.” The committee meeting came to an end when both men refused to answer any more questions. The Guardian’s Carole Cadwalladr suggested that while it is unknown whether the Leave campaign colluded with the Russian government, it is established that there was coordination. CEPA’s Edward Lucas clarified that “the problems Britain is facing are new only to the inattentive,” and added, “Britain and other countries should acknowledge, with humility, that others were in the firing line earlier and that we have a lot to learn from them.” (Parliament.uk, CNN, The Guardian, CEPA)

Belgium warns of Russian election interference, and Mexico experiences election-related cyber-attack: Guy Rapaille, who oversees the watchdog for intelligence services in Belgium, Comité R, urged intelligence services to pay close attention to Russian meddling in Belgium’s upcoming local elections in October, as well as regional, federal and European elections in May 2019. Meanwhile, the website of Mexican opposition National Action Party (PAN) was targeted by a suspected distributed denial of service attack (DDos) during the final televised presidential debate before the July 1 general election in Mexico. PAN said that its website, targeting front-runner Andres Manuel Lopez Obrador, likely suffered a DDoS cyber-attack with the bulk of traffic to the site nominally coming from Russia and China. (Politico, Reuters)

ASD Director Laura Rosenberger joined the Atlantic Council’s “Raising the Curtain on the 2018 NATO Brussels Summit” to discuss the challenges facing the transatlantic community ahead of the NATO Summit in Brussels: “In addition to having different threat perceptions about Russia across the alliance, there is a differing threat perception in terms of the weight to attach to asymmetric and hybrid threats versus conventional threats versus strategic threats … it’s really important that we understand these not as mutually exclusive or zero sum equations, but to look at them holistically and understand the role that each of them plays in the threat equations in different ways across the alliance space.”

ASD’s Bradley Hanlon exposed how Google’s Top Stories feature consistently promoted Kremlin propaganda in his blogpost “From Nord Stream to Novichok: Kremlin Propaganda on Google’s Front Page.” He argued that the appearance of Kremlin propaganda in Google searches for key issues like the downing of flight MH17, the poisoning of Sergei Skripal, and the chemical attack in Douma, Syria, turned “the most popular site in the world into a mouthpiece for an autocratic regime intent on covering up human rights abuses and international crimes with conspiracy theories and disinformation.”

Hamilton 68 dashboard: In the past week, chatter on the Hamilton 68 dashboard focused on a range of issues from international conflicts to domestic politics, with consistent support for President Trump the one unifying theme throughout the Top URLs. Early in the week, accounts tracked on the dashboard focused on diverse issues, including the G7 summit, anticipation for the Trump-Kim meeting in Singapore, and various conspiracy theories. While chatter on the dashboard coalesced around positive reactions to the Trump-Kim meeting, and later in the week, the release of the Department of Justice Inspector General’s report, accounts on Hamilton lacked a consistent, coherent narrative. The Top URLs shared throughout the week included articles discussing alleged human rights abuses in Yemen, the success of the Assad regime’s military in Syria, the destruction in post-Gaddafi Libya, and an allegation that Canadian PM Justin Trudeau has a fake eyebrow. The lack of a strong or consistent message this week indicates that the pro-Kremlin accounts tracked by Hamilton struggled to identify a unifying issue to rally around in order to promote their worldview.

“Imposing sanctions on Russia for interfering in our 2016 election and now attacking our energy grid sends an important message that we will not tolerate Russia’s behavior. But sanctions alone will not stop Russian cyber-attacks …Congress must act immediately to protect our country from future attacks by securing our election systems and increasing transparency and disclosure requirements for online political advertisements. Failure to do so emboldens Russia and puts our democracy at risk.”

– Sen. Amy Klobuchar (D-MN), June 12, 2018

According to reporting from The Hill, Google’s social media platform, Google Plus, has become a repository for white nationalist, neo-Nazi, and pro-ISIS groups kicked off of other social media sites. Journalist Ali Breland identified dozens of Google Plus “communities” (the equivalent of Facebook groups) posting racist and anti-Semitic content. According to Breland, the groups range in size from hundreds to thousands of users. Reporting by The Hill previously identified dozens of pro-ISIS users and communities that remained active on the site even after being flagged for Google. Researchers argue that Google has neglected the social media platform since it failed to generate significant revenue following its 2011 launch, leaving the door open for radical groups that are pushed off of other more attentive platforms.

The views expressed in GMF publications and commentary are the views of the author alone.