On December 28th, ASD and partner C4ADS published a case study on the First Czech-Russian Bank, exposing how the private Russian bank became a key vector for Russian interference in Europe, exploiting campaign finance loopholes and other structural weaknesses in Western democracies to pursue Russian foreign policy objectives.
In a new blog post, ASD’s Joshua Kirschenbaum discusses the implications of the U.S. Treasury Department’s decision to remove sanctions against Oleg Deripaska’s EN+ Group and Rusal.
ASD’s David Salvo contributed to GMF’s “What to Watch in 2019” blog post, warning that the “technological tools authoritarian regimes use to interfere in democracies are advancing rapidly,” and underscoring the importance of governments, civil society, and the private sector working together to counter these threats.
News and Commentary
House unveils legislation to improve election security: According to Axios, the new House Democratic majority bill introduced on January 4, H.R. 1, aims to provide substantial improvements for election cybersecurity, drawing heavily on the 2018 Secure Elections Act. Several of the bill’s provisions include voting machine vendor cyber-security standards, grants to states for improving election systems, election infrastructure innovation, an election security bug bounty program that would reward ethical hackers for finding holes in states’ electoral infrastructure, and $120 million for states to acquire new voting machines, provided they also use paper ballots for auditing purposes. The new bill also contains the Honest Ads Act, which would require political ads to disclose who paid for them. Election security experts have applauded the bill, especially its call for paper ballots, which are seen as much more secure than their digital counterparts. While the bill is unlikely to pass the Senate, it previews the new House’s agenda for election security in the lead up to the 2020 presidential election. (Axios, Congress.gov, Politico, Washington Post)
Hack-and-leak campaign targets German politicians, sparking debate over reporting on stolen documents: Last week, unidentified hackers published personal information, private communications, and the financial details of numerous German politicians, journalists, and celebrities, including German Chancellor Angela Merkel. The hackers targeted politicians from every major German political party with the exception of the far-right Alternative for Germany (AfD) party. In the wake of the attack, observers compared the operation to the Russian hack-and-leak campaign that targeted the U.S. presidential election in 2016, and called on journalists to report responsibly on the leak and to resist spreading stolen material. Speaking to Newsweek, ASD Director Laura Rosenberger stated, “it will be important for media organizations covering the leaks to think carefully about how to cover the story without serving as a megaphone to spread the leaked information—likely one of the attacker’s goals.” (BBC, New York Times, Twitter, Newsweek)
U.S. and EU seek to counter Chinese government interference: On January 4, Senators Marco Rubio (R-FL) and Mark Warner (D-VA) proposed new legislation to create a White House Office of Critical Technologies and Security, which would “advise the president and coordinate the government’s response to intellectual property theft and supply chain risks,” according to Axios. The office is intended to help the U.S. counter economic espionage from the People’s Republic of China (PRC), a threat the EU is also seeking to address. On January 2, the Financial Times reported that the EU is looking “to toughen scrutiny of potential security risks with Chinese [PRC] technology companies,” especially as PRC companies such as Huawei bid to provide 5G infrastructure to EU members’ mobile phone networks. However, attempts to coordinate such efforts have fallen short, as members are reluctant to give up their freedom to manage lucrative auctions to secure a 5G provider. (Axios, Financial Times)
In Other News:
– Michael Chertoff and Anders Fogh Rasmussen write that malign foreign powers are contributing to declining faith in democracy “by weaponizing the infrastructure that underpins democratic societies.”
– Bloomberg reports that “the threat of foreign money influencing U.S. elections and the need for increased disclosure of campaign funding” will be top priorities for Ellen Weintraub, the incoming chair of the Federal Election Commission.
– The Washington Post examines Russia’s military intelligence agency and Putin’s efforts to influence the West.
– Senator Elizabeth Warren (D-MA) called for a lifetime ban on Members of Congress serving as lobbyists, along with a ban on foreign lobbying, to prevent foreign countries from gaining influence over U.S. politics.
– TechCrunch reveals that hackers are using a Twitter flaw to spread ISIS propaganda.
– BBC reports that a popular weather app is harvesting data and sending it to Chinese servers.
– New York Times journalists Julian E. Barnes and Neil MacFarquhar unpack the arrest of Paul Wheelan, a former U.S. marine that was arrested in Moscow on espionage allegations.
– The Hill identifies the top 10 overlooked cybersecurity risks in 2018.
– Italian Interior Minister Matteo Salvini is scheduled to meet with the leader of Poland’s ruling conservatives, Jarosław Kaczyński, on January 9.
– Russia accused the U.K. of helping Ukraine spread disinformation after a deadly collapse of an apartment block in central Russia on New Year’s Eve.
– Experts express concern over Vietnam’s new cybersecurity law that puts strict controls on technology companies operating inside the country and censors what its citizens read online.
Quote of the Week
“China continues to conduct a coordinated assault on U.S. intellectual property, U.S. businesses, and our government networks and information with the full backing of the Chinese Communist Party. The United States needs a more coordinated approach to directly counter this critical threat.”
– Senator Marco Rubio (R-FL), January 4, 2019
The views expressed in GMF publications and commentary are the views of the author alone.