Surveillance bill advances in Senate, barely

With help from Eric Geller and Martin Matishak

SURVEILLANCE SURVIVES NAIL-BITER VOTE — Quiet drama overtook the Senate late Tuesday as lawmakers voted by a razor-thin margin to cap debate on a bill to reauthorize controversial surveillance programs for another six years. The 60-38 vote to invoke cloture on the legislation — which would renew with minimal changes the powerful spying tools allowed under Section 702 of the Foreign Intelligence Surveillance Act — limited debate over the proposal (S. 139) and tees up a final vote today or Thursday. The vote’s outcome was thrown into doubt when Senate Minority Leader Chuck Schumer announced he would oppose the procedural vote because GOP leaders had prevented lawmakers from offering amendments to the bill, freeing up other Democrats to vote “no.” “When Sen. Schumer shifted, it was inevitable that it would be close,” Senate Intelligence Chairman Richard Burr told Martin after the vote, which was held open for nearly 90 minutes. “If you look at the history of intelligence programs, they’re always close.”

Story Continued Below

Ultimately, it came down to a bipartisan pair of lawmakers — Sens. John Kennedy and Claire McCaskill — who dashed the hopes of 702 critics that wanted a vote on an alternative renewal bill (S. 1997). “I was undecided when I walked on the floor, but the program expires Friday and I don’t want to play with fire on this,” Kennedy said, declining to detail his conversations as he shuffled between privacy hawks and GOP leaders. “This is an important program. I was always going to vote for the program. My concern was the process.”

The loss left civil liberty-minded lawmakers frustrated. “To me, what happened tonight is the Senate voted to rubber-stamp a program over which most senators have not fulfilled their constitutional responsibilities,” Wyden told reporters after walking off the floor and shaking hands with Director of National Intelligence Dan Coats, who was on hand to answer last-minute questions and lobby for what the U.S. intelligence community had called its No. 1 legislative priority over the past year. “I think it’s just a surrender of our constitutional obligations,” Wyden added. “So when senators talk about oversight, I think people are going to say, ‘Where were you tonight?’”

Despite the last-minute spectacle, the outcome marked another key victory for national security hawks, who have been ceding ground to privacy advocates since government contractor Edward Snowden leaked a cache of documents in 2013 that exposed the massive underbelly of the government's surveillance apparatus — including details about the 702 programs. Yet Sen. Rand Paul, who spoke with President Donald Trump last week about the bill, predicted that there might be more theatrics ahead, speculating that Trump would be “horrified” if the Senate prevented a vote on his amendment, which it did Tuesday night. “These are fights that you very rarely win on the first round,” Wyden added. “We’re going to continue. It’s not as if we disappear.”

HAPPY WEDNESDAY and welcome to Morning Cybersecurity! We’ll get to this Senate Judiciary Committee hearing soon enough, but in the meantime… enjoy. Send your thoughts, feedback and especially tips to tstarks@politico.com and be sure to follow @POLITICOPro and @MorningCybersec. Full team info below.

** A message from Hewlett Packard Enterprise: How are Hewlett Packard Enterprise‘s supercomputers helping create the future in science, medicine and national security? Learn more: hpe.com/supercomputing **

TODAY: MOVING CDM AT THE PACE OF EDM — One of the Homeland Security Department’s biggest cybersecurity programs gets House scrutiny today when a Homeland Security subcommittee explores ways to speed it up. The subpanel on cybersecurity and infrastructure protection will hold a hearing on Continuous Diagnostics and Mitigation, the multibillion-dollar, multi-phase program for defending federal networks that kicked off in 2012. The panel will hear from industry representatives this afternoon, part of what subcommittee Chairman John Ratcliffe views as part of a series of hearings.

“While I understand that setting up new government programs, buying new and advanced technologies and deploying those technologies across a massive federal environment is not easy, the threats to federal agencies continue to grow every minute,” Ratcliffe will say in his prepared opening statement. “The maturity of the Continuing Diagnostics and Mitigation program has to move at the pace of new technologies and innovations, not at the pace of bureaucracy.”

SENATE COMMITTEE PROBES NIELSEN ON CYBER — DHS Secretary Kirstjen Nielsen said Tuesday that the subject of “active defense” is one her department needs to examine more closely. “Active defense” is a term some equate with “hacking back,” but Sen. Orrin Hatch, in questioning Nielsen at a Judiciary Committee hearing, said active defense stops short of the kind of offense typically associated with hacking. “There are some limitations with respect to liability, there are other questions with respect to insurance, and we do need to continue to work with the private sector to understand if there are any barriers that could prevent them from taking measures to protect themselves and the American people,” Nielsen said.

Nielsen told Hatch in direct response to a question about whether DHS was giving the private sector active defense tools: “It is, yes sir, but as you say there is wide disagreement with respect to what it means. What we mean is, we want to provide the tools and resources to the private sector to protect their systems.” She continued: “So, if we can anticipate or we are aware of a given threat — and as you know, we’ve gone to great lengths this year to work with the intel community to also include otherwise classified information with respect to malware, botnets, other types of infections — we want to give that to the private sector so that they can proactively defend themselves before they are in fact attacked."

Nielsen’s answer appears to describe DHS’s basic threat information sharing role rather than what many would deem “active defense.” But as if to illustrate the confusion over what constitutes the measures that Nielsen highlighted, various parties interpreted her remarks in a number of ways. Rep. Tom Graves (R-Ga.), for instance, who is sponsoring legislation some have tagged either with the “hacking back” or “active defense” label, welcomed Nielsen’s answer. "Today, I was pleased to hear Homeland Security Secretary Kirstjen Nielsen confirm her department is working with the private sector to employ active defense tools,” said Graves, who is backing the Active Cyber Defense Certainty Act (H.R. 4036) with Rep. Kyrsten Sinema. “This is a positive step forward for America First cyber policy.”

Nielsen also told the panel that her department was rethinking cybersecurity in a way that goes beyond the current limitations of the definition of “critical infrastructure,” a designation applied to vital networks in 16 industry sectors like banking and energy. “We’re moving toward a look at essential functions, which might cross sectors,” she said. On election-related matters: Nielsen said she didn’t anticipate her department taking on new voter fraud responsibilities as a result of the White House disbanding its voter fraud commission. And she endorsed the notion of sending more money to states to upgrade their election security.

HOW MUCH DMARC, REALLY? — A new estimate out late Tuesday from a cybersecurity firm on how many agencies have adopted a standard to fight email spoofing contradicts the estimate from another firm. Proofpoint found that only 35 percent of federal agencies had hit the first target set by DHS to adopt Domain-based Message Authentication, Reporting and Conformance, or DMARC. That’s compared to Agari’s figures, which put the number at 63 percent.

WE’LL TALK ABOUT IT — Trump discussed bringing Kazakhstan into a global cybercrime compact during a discussion Tuesday with the country’s president, Nursultan Nazarbayev. “The presidents committed to explore Kazakhstan’s interest in joining the Cybercrime Convention, which would provide a framework for global cooperation against threats to e-commerce and crimes committed over the internet,” said a readout of the meeting. The Budapest Convention on Cybercrime, which took effect in July 2004, is a landmark cyber agreement and is in fact the only formal cyber treaty. Fifty-five nations are party to the treaty, which binds them to certain practices for sharing information about cyber threats like botnets, hackers and software pirates.

VIRGINIA LOSES SECURITY-MINDED ELECTION OFFICIAL — The Virginia election supervisor who oversaw the state’s move away from paperless touchscreen voting machines has left his job. Edgardo Cortés ended his service as Virginia’s commissioner of elections on Friday, according to an email he sent to friends and colleagues. “I’m proud that over the past four years, we showed that modernizing elections, with a focus on making it easier for voters, can lead to increased participation and more secure elections,” he said in the email. Former Gov. Terry McAuliffe appointed Cortés to lead the state’s election agency in 2014, and his departure followed the Jan. 13 inauguration of McAuliffe’s successor, Gov. Ralph Northam.

Cortés made headlines in mid-2017 when he convinced Virginia’s board of elections to decertify the state’s direct-recording-electronic, or DRE, voting machines just two months before the November gubernatorial election. DRE machines, which do not produce a paper audit trail, have been heavily criticized by election security experts. “It’s really not equipment that we feel comfortable using,” Cortés told POLITICO at the time. Virginia was the first state to take this step, garnering widespread plaudits from the security community. And despite implementation concerns, Cortés confirmed on the day of the election that Virginia had successfully replaced all of its machines.

In his email Tuesday, Cortés said he was “not sure what my next adventure will be yet.” But there are numerous election security advocacy groups that would likely jump at the chance to hire someone with his experience.

RECENTLY ON PRO CYBERSECURITY — A House Democrat asked computer chip manufacturers for a briefing about newly disclosed vulnerabilities. … A bipartisan Senate bill seeks to punish future election meddlers. … New research blamed North Korea for hacking South Korean cryptocurrency users and exchanges late last year. … Kaspersky Lab discovered that a firm in Italy created new spyware tool for mobile phones.

TWEET OF THE DAY — Well, that’s a new phrase.

REPORT WATCH

— An American withdrawal from the international agreement to constrain Iran’s nuclear program would be a “flashpoint” that could provoke serious cyber conflict, according to a new report from the security firm Flashpoint. And changes to U.S. and EU sanctions against Russia could also alter digital security dynamics in 2018, as could a Trump administration approach to China that endangers Beijing’s “core interests,” the report said. Flashpoint also looked back at 2017 and noted that Russia didn’t appear to successfully meddle in Germany’s parliamentary elections. The firm suggested that perhaps the Kremlin “may be course-correcting” after its U.S. and French cyberattacks “appear to have yielded Moscow little in the way of strategic advantage.”

PEOPLE ON THE MOVE

— The National Cyber Security Alliance on Tuesday announced the appointment of Russell Schrader as interim executive director. Schrader is general counsel at Commerce Signals, a secure data collaboration company. He serves on DHS's Data Privacy and Integrity Advisory Committee and has held privacy, law and security jobs at companies including JPMorgan Chase and Visa. Schrader steps in for departing executive director Michael Kaiser.

QUICK BYTES

— A super-big, super-nasty bit of malware that forced a Middle East oil and gas facility to shut down is still a mystery to cyber experts. CyberScoop.

— Some lawmakers want AT&T to cut ties with Huawei. Reuters.

— The German Marshall Fund of the United States goes back four years on Russian cyber operations.

— Cryptographer Matthew Green examines the security of data after some iCloud changes in China.

— The Uber/Waymo/spying case is getting messy, with Uber’s big breach and payout getting pulled in. Reuters.

— Checking out some virtual reality porn? Your name might have been out there. BBC.

— “Blockchains: How to Steal Millions in 2^64 Operations.” Kudelski Security.

That’s all for today. And Unexpected Thug Life lives on, just like that.

Stay in touch with the whole team: Cory Bennett (cbennett@politico.com, @Cory_Bennett); Bryan Bender (bbender@politico.com, @BryanDBender); Eric Geller (egeller@politico.com, A@ericgeller); Martin Matishak (mmatishak@politico.com, @martinmatishak) and Tim Starks (tstarks@politico.com, @timstarks).

** A message from Hewlett Packard Enterprise: To super compete, America must super compute. Supercomputing is key to future breakthroughs in medicine, science and manufacturing. As the designer and builder of more supercomputers than any other company in the world, Hewlett Packard Enterprise is helping America increase its competitive edge in not only today‘s economy, but tomorrow’s. Visit hpe.com/supercomputing to learn more about how HPE supercomputers help America compete. **

Tim Starks has written about cybersecurity since 2003, when he began at Congressional Quarterly as a homeland security reporter. While at CQ Roll Call, he mainly covered intelligence, but he also had stretches as a foreign policy reporter and defense reporter. In 2009, he won the National Press Club's Sandy Hume Memorial Award for Excellence in Political Journalism.

He left CQ Roll Call in March of 2015. Before coming to Politico he spent several months freelancing, writing for the Economist, the New Republic, Foreign Policy, Vice, Bloomberg and the Guardian.

He grew up in Evansville, Ind. and graduated from the University of Southern Indiana with a degree in print journalism. His first full-time reporting job was covering city hall for the Evansville Press, the former afternoon daily. He was a Pulliam Fellow at the Indianapolis Star, and participated in the Politics and Journalism Semester at the chain of newspapers anchored by the Las Vegas Review-Journal. He also was the Statehouse Bureau Chief at the Evansville Courier & Press and established the Washington bureau of the New York Sun. Some of his other freelance work has been for the Chicago Tribune, Glamour, Deutsche Welle, Ring and BookForum.

He is the founder of The Queensberry Rules, dubbed an "indispensable boxing blog" by the Wall Street Journal. He's also fond of fantasy basketball and real-life basketball — he is from Indiana, after all — and gets way too bent out of shape over people rooting against the home team or not walking on the right side of the sidewalk.

'It's malpractice': Republicans give potential 2020 Trump foes a pass

Bad news for GOP: Mueller probe could collide with midterms

Federal budgeting is so broken only earmarks might fix it

House Republicans coalesce behind plan to avert shutdown

Democrats to Trump on infrastructure: Show us the money

Shutdown would backfire on GOP, Republicans say

Surveillance bill advances in Senate, barely

Lawmakers vow to force answers from Bannon in Russia probe after he defies subpoena

How China Infiltrated U.S. Classrooms

Trump’s revenge on California: The Census

House Republicans coalesce behind plan to avert shutdown

House GOP leaders may target Obamacare to avoid shutdown

Scott Walker calls Dem victory in GOP-leaning Wisconsin Senate seat 'a wake up call'

Former CIA officer arrested on Espionage Act charge

Pawlenty won't run for Senate in Minnesota

The media poke and prod at Trump’s health

White House doctor gives Trump ‘excellent’ bill of health

Wednesday, 1/17/18

Tuesday, 1/16/18

Friday, 1/12/18

Thursday, 1/11/18

Wednesday, 1/10/18

What Happens When Americans Try to Psychoanalyze Their Leaders

How Does Obama’s Foreign Policy Look a Year Into Trump?

Shutdowns Are For Losers

How China Infiltrated U.S. Classrooms