www.politico.com
Open in
urlscan Pro
2606:4700::6812:10ca
Public Scan
URL:
https://www.politico.com/newsletters/weekly-cybersecurity
Submission: On January 30 via api from IE — Scanned from DE
Submission: On January 30 via api from IE — Scanned from DE
Form analysis
2 forms found in the DOMGET https://www.politico.com/search
<form class="slide-search__form" action="https://www.politico.com/search" method="get">
<input class="slide-search__input" type="search" name="q" id="searchTerm" aria-label="Search for any story" placeholder="Enter search term...">
<button class="slide-search__run" type="submit" aria-label="Start search">
<svg viewBox="0 0 20 20" aria-labelledby="title" xmlns="http://www.w3.org/2000/svg">
<title>Search</title>
<use href="#icon-search"></use>
</svg>
</button>
<button class="slide-search__close" id="search-close" type="button">
<svg viewBox="0 0 20 20" aria-labelledby="title" xmlns="http://www.w3.org/2000/svg">
<title>Close</title>
<path fill-rule="evenodd" clip-rule="evenodd" d="M17.513 16.6291L10.8839 9.99995L17.513 3.37082L16.6291 2.48694L10 9.11606L3.37088 2.48694L2.487 3.37082L9.11613 9.99995L2.487 16.6291L3.37088 17.513L10 10.8838L16.6291 17.513L17.513 16.6291Z">
</path>
</svg>
</button>
</form>
GET /signupModuleLegacy
<form target="get-the-weekly-cybersecurity-newsletter-full-0000014f-1646-d88f-a1cf-5f46b23b0000--0000015a-7ddb-d7a1-ad7e-ffdbe8970001" class="simple-signup simple-signup--stack" method="get" action="/signupModuleLegacy">
<input type="hidden" name="subscribeId" value="0000014f-1646-d88f-a1cf-5f46b23b0000">
<input type="hidden" name="processorId" value="0000015a-7ddb-d7a1-ad7e-ffdbe8970001">
<input type="hidden" name="validateEmail" value="true">
<input type="hidden" name="enhancedSignUp" value="true">
<input type="hidden" name="bot-field" value="" class="dn">
<input type="hidden" name="captchaUserToken" value="" autocomplete="off">
<input type="hidden" name="captchaPublicKey" value="6LfS6L8UAAAAAAHCPhd7CF66ZbK8AyFfk3MslbKV" autocomplete="off">
<input type="hidden" name="subscriptionModule" value="newsletter_page_standard_Weekly Cybersecurity - POLITICO">
<input type="hidden" name="source" value="signUpModuleEnhanced">
<fieldset>
<label for="ibff4edcbfd25454fb06b801129230852" class="simple-signup__label">
<b aria-hidden="true" class="icon icon-mail"></b>
<span class="icon-text">Email</span>
</label>
<input type="email" name="subscribeEmail" id="ibff4edcbfd25454fb06b801129230852" value="" class="simple-signup__input " aria-label="Enter Your Email" placeholder="Your email…" required="">
<button class="button type-link simple-signup__submit" type="submit"> Sign Up</button>
</fieldset>
</form>
Text Content
* Skip to Main Content POLITICO POLITICO LOGO * Magazine * Pro * E&E News * Search Search Close SECTIONS * Congress * White House * Magazine * The Agenda * Video * Podcasts * Congress Minutes ELECTIONS * News * All Election Results SERIES * The Fifty * The First 100 Days * Recovery Lab * The Vaccine Race * Women Rule THE EXCHANGE * Women Rule NEWSLETTERS * Playbook * Playbook PM * POLITICO Nightly * West Wing Playbook * The Recast * Huddle * All Newsletters POLITICO LIVE * Live Home * Upcoming Events * Previous Events * About POLITICO Live COLUMNS & CARTOONS * Rich Lowry * Jack Shafer * Matt Wuerker * Cartoon Carousel POLICY * Agriculture * Cannabis * Cybersecurity * Defense * Education * eHealth * Employment & Immigration * Energy & Environment * Finance & Tax * Health Care * Space * Sustainability * Technology * Trade * Transportation EDITIONS * California * Canada * Europe * Florida * New Jersey * New York * Pro FOLLOW US * Twitter * Instagram * Facebook * My Account * Log InLog Out WEEKLY CYBERSECURITY Delivered every Monday by 10 a.m., Weekly Cybersecurity examines the latest news in cybersecurity policy and politics. Get the Weekly Cybersecurity newsletter Email Sign Up By signing up you agree to receive email newsletters or updates from POLITICO and you agree to our privacy policy and terms of service. You can unsubscribe at any time and you can contact us here. This sign-up form is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. * Facebook * Twitter * Print ABOUT THE AUTHOR : SAM SABIN Sam Sabin is a reporter for POLITICO Pro. WEEKLY CYBERSECURITY - POLITICO ARCHIVE * MONDAY, 1/24/22 * TUESDAY, 1/18/22 * MONDAY, 1/10/22 * MONDAY, 1/3/22 * MONDAY, 12/13/21 * View the Full Weekly Cybersecurity Archives » * MOST READ 1. PENNSYLVANIA DEMS DECLINE TO ENDORSE IN SENATE PRIMARY 2. DEMS PUT IOWA CAUCUSES ON TRIAL 3. SUICIDE HOTLINE SHARES DATA WITH FOR-PROFIT SPINOFF, RAISING ETHICAL QUESTIONS 4. TRUMP FACES MAGA REVOLT OVER ENDORSEMENT 5. HOW A CELEBRATED LEGAL SCHOLAR GOT SWEPT UP IN THE POLITICAL SPIN MACHINE EXCLUSIVE: EAC’S TOP STAFFER HEADING TO CISA By SAM SABIN 01/24/2022 10:00 AM EST Presented by ManTech With help from Eric Geller QUICK FIX — CISA’s nabbed the executive director of the Election Assistance Commissionas the agency beefs up its election security staffing ahead of the 2022 midterms. — The Kremlin’s latest moves make an invasion of Ukraine appear imminent. But experts can’t agree on whether cyber’s role in the conflict will escalate. — Despite the near-passage of several major cyber bills last year, the top cybersecurity firms’ lobbying spending varied throughout 2021, according to recent lobbying disclosures. HAPPY MONDAY, and welcome back to Morning Cybersecurity! I’m your host, Sam Sabin, and I’m currently on the hunt for easy (and fun!) ways to sneak more veggies into my snacking habits while I write the newsletter. Bonus points for anyone with ideas that I can whip up in five minutes or less. Have tips and secrets to share with MC? Or thoughts on what we should track down next? Send what you’ve got to ssabin@politico.com. Follow along at @POLITICOPro and @MorningCybersec. (Full team contact info below.) Let’s get to it: A message from ManTech: ManTech’s cyber experts deliver advanced full-spectrum protection that stops adversaries in the planning stages of an attack. For decades, ManTech has invested in our people, technology and capabilities leading to increased protection of federal networks – thwarting cyber attacks while reducing the threat surface and contributing to safer infrastructure regardless of the threat. To learn more about ManTech’s capabilities, people and areas of expertise, visit https://www.mantech.com/federal-cyber. ELECTION SECURITY FIRST IN MC: FROM EAC TO CISA — The Election Assistance Commission’s top staffer is heading to CISA, just as the two agencies are discussing how to balance their responsibilities. Mona Harrington, who has served as the EAC’s executive director since October 2019, is joining CISA as the deputy assistant director of the National Risk Management Center, which houses the agency’s election security team, she told Eric. In this new role, she’ll help oversee the NRMC’s work protecting elections, 5G wireless networks, supply chains and critical infrastructure. The EAC announced Harrington’s departure on Friday but did not say where she was headed next. “Mona’s management experience and background in information security and risk management will be a huge asset,” Bob Kolasky, the CISA assistant director who leads the NRMC, told Eric. “She has been a great partner with us while at the Election Assistance Commission, and we will maintain the strong organizational relationship between CISA and the EAC as she begins her new role.” Kolasky said Harrington would focus on “helping mature the NRMC as we continue to build out our risk management and analysis work.” — Interesting timing: Some election security experts have been pushing lawmakers for years to transfer some of the EAC’s work to CISA. Matt Masterson, who served as an EAC commissioner before leading CISA’s election security program, told the House Homeland Security Committee last week that Congress should transfer the EAC’s voting system certification program to CISA, cementing the latter agency’s role as the “technical lead” for election security while freeing up the EAC to “focus on everything else,” from grants to poll worker training. “The EAC is small and has limited resources,” he said, while “CISA [is] much larger.” (EAC Chairman Don Palmer has previously said Masterson’s ideas are “personal animus over the dysfunction he participated in” and shouldn’t “interfere with the importance of the good election work the Commission is currently doing.”) — Taking matters into our own hands: CISA also recently recruited Kim Wyman, the most recent secretary of state for Washington state, as its senior elections lead. A message from ManTech: RUSSIA WHAT ROLE CAN CYBER HAVE — With an intelligence report this weekend warning Russia is planning to install a pro-Kremlin government in Ukraine if it invades, tensions are at an all-time high for U.S. officials navigating the conflict between Russia and Ukraine. But leading up to a possible invasion, a key question still remains: Will cyber’s role in the conflict continue to escalate at the same rate? — A helpful distraction: Some experts are arguing that cyber will remain a supporting character for the Russians. Dmitri Alperovitch, Crowdstrike co-founder and former chief technology officer, said in aQ&A with The Record that it’s likely Russia will continue to use cyberattacks to slowly weakened Ukraine’s defensives, such as by targeting the financial sector or launching a disinformation campaign arguing “resistance is futile.” — A Western retaliation tool: Meanwhile, others are preparing for Russian intelligence to launch cyberattacks against the U.S. and its allied countries’ infrastructure. “Though cyber espionage is already a regular facet of global activity, as the situation deteriorates, we are likely to see more aggressive information operations and disruptive cyber attacks within and outside of Ukraine,” John Hultquist, Mandiant’s vice president of threat intelligence, wrote in a blog post. But the situation in Ukraine is changing fast. Secretary of State Antony Blinken said Sunday on NBC’s “Meet the Press” that the situation on the ground is changing by the hour. And the Russian government could continue to lean on its allies in Belarus for cyber operations, throwing a wrench in Biden’s strategy for striking back. (The Kremlin has already started amassing Russian troops onthe border between Ukraine and Belarus, and Ukraine officials have blamed a cyberattack on its government websites earlier this month on Belarus intelligence) — Adding to the mix: President Biden said last week he’s willing to launch reciprocal actions against the Russians, including cyber offensive strikes. Preparing for the worst: Government officials are actively encouraging critical infrastructure operators to patch critical vulnerabilities and shore up their cyber defenses quickly. CISA issued a warning to operators last week. Canada and Poland have also issued similar warnings in recent days. As the week goes on, more countries could follow. INDUSTRY INTEL CYBER’S ANNUAL BUDGET REVIEW — Despite renewed congressional interest in passing major cybersecurity legislation in 2021, companies either went big or went home when it came to lobbying spending. According to an MC analysis of quarterly lobbying disclosures, including fourth quarter disclosures released last week, at least two companies nearly doubled their budgets in 2021, and eight others either made modest spending cuts or kept their budget flat. — Big spenders: FireEye increased its annual lobbying spending 71 percent in 2021. Last year, FireEye spent $274,000 last year, compared to the $160,000 it spent in 2020. The company was also navigating the sale of part of its business to McAfee Enterprise for most of the year. A spokesperson for Mandiant, which was a part of FireEye before the sale, attributed the increase to lobbying efforts surrounding mandatory cyber incident reporting legislation. Palo Alto Networks more than doubled its lobbying budget in the last year: In 2021, the company spent $708,000, compared with $334,000 in 2020. Most of that additional money went to Palo Alto Networks’ in-house lobbyists and $260,000 of it was spent in the last three months of 2021 to lobby on cyber issues in the National Defense Authorization Act and on mandatory incident reporting legislation. A spokesperson for Palo Alto Networks didn’t respond to a request for comment. Zscaler spent $20,000 more in the fourth quarter on lobbying to influence cyber issues in the Democrats’ social spending package and last year’s NDAA, as well as updates to FISMA and FedRAMP. That $20,000 increase brought its annual totals from $110,000 in 2020 to $130,000 in 2021. — Budget cuts: Another four companies instead made lobbying budget cuts: Tenable, Iron Mountain, McAfee and ForeScout. While Tenable spent more in the second half of the year than it did during the same period in 2020, its annual 2021 budget was $40,000 less than in 2020. In all, Tenable spent $1 million lobbying Congress and other Washington offices on cybersecurity issues, including on incident reporting and legislation targeting state and local cyber issues, last year. Iron Mountain cut its lobbying spending by $75,000 in 2021, spending $1.4 million in the last year compared to $1.5 million the year before. Most recently, the company focused on consumer data breach notification legislation and other data security bills. McAfee’s lobbying budget decreased $80,000 as it finalized its purchase of FireEye from Mandiant during much of the year. Most of its focus had been on cybersecurity provisions in the NDAA, changes to federal IT rules and legislation targeting consumer data breach notification. ForeScout Technologies cut its lobbying budget by $120,000, from $480,000 in 2020 to $360,000 in 2021. Its focus has been on the Pentagon and Department of Homeland Security’s appropriations. — Status quo: Four cybersecurity firms — Rapid7, Akamai Technologies, Cloudflare and CrowdStrike — didn’t change their annual lobbying budgets at all, even as lawmakers came closer than ever to passing mandatory incident reporting and updates to agencies’ cybersecurity rules. For example, Cloudflare consistently spent $40,000 in each quarter throughout both 2021 and 2020. EVOLVING MALWARE THREATS — The malware wiper found on some of the Ukrainian government’s systems earlier this month has more “components designed to inflict additional damage” than the NotPetya wiper that targeted Ukraine in 2017, according to researchers at Cisco Talos Intelligence Group. Ina report Friday, the researchers said the most recent wiper, known as WhisperGate, is similar to NotPetya because they both masquerade as ransomware that wipes the system rather than encrypting the data and holding it for ransom. However, WhisperGate was likely sitting on the victim’s network “for months before the attack,” researchers said. PEOPLE ON THE MOVE — Peiter Zatko, Twitter’s head of security who goes by the hacker name “Mudge,” has left the company. Rinki Sethi, Twitter’s chief information security officer, is leaving in the next few weeks. TWEET OF THE DAY Some perspective on choosing security tech from J Wolfgang Goerlich, Cisco’s advisory CISO: “Most of us learn to drive with a starter car. Maybe it's a hand-me-down. Maybe it's all we can afford. But if anything happens, we're only out a few thousand dollars. Once we master the road, we get a decent car. Skills first, investment second. Same goes for security tooling.” QUICK BYTES — Russian state media is reporting that the country has detained four members of the international cybercrime ring, the Infraud Organization. (Bloomberg) — CISA added 17 vulnerabilities last week to the list of flaws agencies must patch immediately. (Bleeping Computer) — American Airlines is accusing travel website The Points Guy travel of violating the Computer Fraud and Abuse Act, an anti-hacking law, because its app syncs the airline’s frequent flyer information. (The Verge) — Richard Grabowski, the acting program director for CISA’s Continuous Diagnostics and Mitigation Program, discusses how the agency is adapting the program to increase the visibility into the federal government’s security threats. (FedScoop) — Opinion: “The Russia Sanctions That Could Actually Stop Putin” (POLITICO) FOR YOUR CALENDAR (Send your events to: cybercalendar@politicopro.com) Monday 10 a.m. — Cyber Threat Alliance’s webinar about fostering collaboration in the cybersecurity industry. Tuesday 11 a.m. — Chris Painter, former cyber issues coordinator at State, and former Energy Secretary Ernest Moniz participate in the Nuclear Threat Initiatives’ virtual seminar about avoiding cyber escalation. 2 p.m. — Presidio Federal and Cisco’s virtual discussion about the future of collaborative technology. 2 p.m. — House Majority Leader Steny Hoyer and Michigan Secretary of State Jocelyn Benson participate in the Center for Tech and Civic Life and CQ Roll Call’s event about cyber funding for elections. Wednesday 8:30 a.m. — Federal Computer Week’s virtual workshop about cloud security, featuring officials from the Commerce Department, National Science Foundation, State Department and Red Hat. 10 a.m. — The German Marshall Fund’s virtual discussion about security resilience in Ukraine, including cybersecurity protections. 2 p.m. — The Information Technology Industry Council’s virtual discussion about cyber planning for state and local governments. 5:30 p.m. — The Bipartisan Policy Center’s virtual discussion about technology and national security issues. Thursday No events scheduled. Friday No events scheduled. Chat soon. Stay in touch with the whole team: Eric Geller (egeller@politico.com); Bob King (bking@politico.com); Maggie Miller (mmiller@politico.com); Sam Sabin (ssabin@politico.com); and Heidi Vogt (hvogt@politico.com). A message from ManTech: At ManTech, offense-informed defense is how we tackle the toughest cyber threats. We discover vulnerabilities, reverse-engineer malware, develop tools, exploit media and hardware, conduct advanced forensics, and support specialized missions at scale. Cybersecurity is integrated into everything we do, from securing our nation’s most sensitive intelligence and protecting the homeland, to defending our troops and securing our personal information. Decades of critical mission support, R&D and cutting-edge innovation provide the foundation of our work. Our breadth and depth in offensive and defensive cyber are unparalleled, resulting in capabilities that protect sensitive intelligence, infrastructure, weapons systems, and people. ManTech’s full-spectrum cyber operations help secure our nation and protect our citizens today and every day. To learn more, visit https://www.mantech.com/federal-cyber. « View Archives * About Us * Advertising * Breaking News Alerts * Careers * Credit Card Payments * Digital Edition * FAQ * Feedback * Headlines * Photos * POWERJobs * Press * Print Subscriptions * Write For Us * RSS * Site Map * Terms of Service * Privacy Policy * Do not sell my info * Notice to California Residents © 2022 POLITICO LLC ABOUT YOUR PRIVACY YOUR PRIVACY YOUR PRIVACY We process your data to deliver content or advertisements and measure the delivery of such content or advertisements to extract insights about our website. We share this information with our partners on the basis of consent and legitimate interest. You may exercise your right to consent or object to a legitimate interest, based on a specific purpose below or at a partner level in the link under each purpose. These choices will be signaled to our vendors participating in the Transparency and Consent Framework. More information List of IAB Vendors * STRICTLY NECESSARY COOKIES STRICTLY NECESSARY COOKIES Always Active Strictly Necessary Cookies These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information. Cookies Details * PERFORMANCE COOKIES PERFORMANCE COOKIES Performance Cookies These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance. Cookies Details * FUNCTIONAL COOKIES FUNCTIONAL COOKIES Functional Cookies These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly. Cookies Details * TARGETING COOKIES TARGETING COOKIES Targeting Cookies These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising. Cookies Details * GOOGLE GOOGLE Google Allowing third-party ad tracking and third-party ad serving through Google and other vendors to occur. Please see more information on Google Ads here. * STORE AND/OR ACCESS INFORMATION ON A DEVICE Targeting Cookies Cookies, device identifiers, or other information can be stored or accessed on your device for the purposes presented to you. * SELECT PERSONALISED ADS Targeting Cookies Personalised ads can be shown to you based on a profile about you. Object to Legitimate Interests Remove Objection * SELECT BASIC ADS Targeting Cookies Ads can be shown to you based on the content you’re viewing, the app you’re using, your approximate location, or your device type. Object to Legitimate Interests Remove Objection * MEASURE AD PERFORMANCE Targeting Cookies The performance and effectiveness of ads that you see or interact with can be measured. Object to Legitimate Interests Remove Objection * APPLY MARKET RESEARCH TO GENERATE AUDIENCE INSIGHTS Targeting Cookies Market research can be used to learn more about the audiences who visit sites/apps and view ads. Object to Legitimate Interests Remove Objection * DEVELOP AND IMPROVE PRODUCTS Targeting Cookies Your data can be used to improve existing systems and software, and to develop new products Object to Legitimate Interests Remove Objection * CREATE A PERSONALISED ADS PROFILE Targeting Cookies A profile can be built about you and your interests to show you personalised ads that are relevant to you. Object to Legitimate Interests Remove Objection List of IAB Vendors | View Full Legal Text Opens in a new Tab Back Button ADVERTISING COOKIES Filter Button Consent Leg.Interest Select All Vendors Select All Vendors Select All Hosts Select All * REPLACE-WITH-DYANMIC-HOST-ID View Third Party Cookies * Name cookie name Clear Filters Information storage and access Apply Confirm My Choices Allow All WE CARE ABOUT YOUR PRIVACY We and our partners store and/or access information on a device, such as unique IDs in cookies to process personal data. You may accept or manage your choices by clicking below, including your right to object where legitimate interest is used, or at any time in the privacy policy page. These choices will be signaled to our partners and will not affect browsing data. WE AND OUR PARTNERS PROCESS DATA TO PROVIDE: Store and/or access information on a device. Select personalised ads. Select basic ads. Measure ad performance. Apply market research to generate audience insights. Develop and improve products. Create a personalised ads profile. List of Partners (vendors) I Accept Show Purposes