| | | | |  | | By Joseph Gedeon | With help from Daniel Lippman, Maggie Miller and John Sakellariadis
| | — A South Korean company’s voting machines were at the center of major technical issues in recent elections in Iraq and Congo, raising alarms among experts who argue the U.S. should urge countries whose elections it supports to avoid working with such companies with questionable track records. HAPPY MONDAY and welcome to MORNING CYBERSECURITY! While most of Washington’s media stars aligned for the glitzy White House Correspondent’s Dinner Saturday evening, your MC host was on his couch in trackpants with a drink rationalizing LeBron James’ legacy while watching the Los Angeles Lakers win spectacularly in the playoffs. He’s still the GOAT, and you can always trust your MC host to be concerned about the important things. Have any tips or secrets to share with MC? Or thoughts on what we should be covering? Find me on X at @JGedeon1 or email me at jgedeon@politico.com. You can also follow @POLITICOPro and @MorningCybersec on X. Full team contact info is below.
| | | | THE GOLD STANDARD OF POLICY REPORTING & INTELLIGENCE: POLITICO has more than 500 journalists delivering unrivaled reporting and illuminating the policy and regulatory landscape for those who need to know what’s next. Throughout the election and the legislative and regulatory pushes that will follow, POLITICO Pro is indispensable to those who need to make informed decisions fast. The Pro platform dives deeper into critical and quickly evolving sectors and industries—finance, defense, technology, healthcare, energy—equipping policymakers and those who shape legislation and regulation with essential news and intelligence from the world’s best politics and policy journalists.
Our newsroom is deeper, more experienced, and better sourced than any other—with teams embedded in the world’s most active legislative and regulatory power centers. From Brussels to Washington, New York to London, Sacramento to Paris, we bring subscribers inside the conversations that determine policy outcomes and the future of industries, providing insight that cannot be found anywhere else. Get the premier news and policy intelligence service, SUBSCRIBE TO POLITICO PRO TODAY. | | | | | Want to receive this newsletter every weekday? Subscribe to POLITICO Pro. You’ll also receive daily policy news and other intelligence you need to act on the day’s biggest stories.
| | CISA director Jen Easterly, FCC Commissioner Anna Gomez and Rep. Bob Latta (R-Ohio) are headed to the Rural Broadband Association’s 2024 Legislative + Policy conference that kicks off today. Starts at 9 a.m.
| | | POLL PROBLEMS — As tense as debates over voting machine security in the U.S. can get, there are even larger questions about certain voting technology being used abroad in countries that receive U.S. funding and advice for their elections. A South Korean election technology company, Miru Systems, has been blamed for technical failures in ballots in Iraq and Congo in recent years, Daniel Lippman writes in. — Iraq imbroglio: In Iraq’s provincial election last December, which used Miru’s voting machines, a group of election monitors said that machines in 70 percent of voting stations had malfunctioned by not transmitting and recording the results properly. That led to worries that the election could get manipulated by corrupt political parties. — Congo issues: Miru supplied the voting machines for an election in Congo last year where 45 percent of polling stations reportedly experienced equipment malfunctions, with the situation being called “catastrophic” by electoral observers. Corruption issues have also popped up with Miru’s work in Congo. Following Congo’s 2018 election, the Treasury Department sanctioned the president of the election commission for corruption — saying he inflated a contract for Miru’s machines by up to $100 million, which was then deposited into a company he controlled. — The U.S. role: The U.S. Agency for International Development — which provides financial support for elections in both countries — said in a statement that it did not provide any financial or technical support specifically to Miru. A spokesperson said that USAID’s support for Congo’s elections have been limited to “training and shared international best practices for electoral administration” and not direct funds to the election bodies of Congo and Iraq. But some experts argue the U.S. should be weighing in more — and steering these countries away from Miru or other election technology companies with questionable track records. “Miru has a long, troubling and well-documented history,” said one tech expert at a democracy NGO supported by the U.S. government, who was granted anonymity since they didn’t have authorization to comment publicly on specific companies in the election space. “Rigorous review of commercial election technology and how it is procured is urgently needed in every democracy. Vendors like Miru need to prove their trustworthiness, and we are failing to demand that of them.” Alex Halderman, a professor of computer science and engineering at the University of Michigan, added: “Miru’s reported track record raises serious concerns because conducting national elections is a technically complex undertaking, and upholding voters’ trust requires utmost care in the design, testing and operations of the equipment.” — Miru’s defense: The company said in a statement that it’s not to blame if its machines aren’t used properly. In the case of Congo, Miru said that the “election was conducted successfully with no device malfunctions.” The company also pointed to a press release from Congo’s electoral commission that said the “domestic deployment of certain electoral materials consequently delayed the opening of some polling stations.” “We only provide devices that, when adequately used, provide expected results,” Miru said. “Blaming Miru for the responsibilities of electoral management bodies is like blaming the manufacturer of a knife for someone who gets injured by improper use of this knife.”
| | | | CYBER UPON US — It may be hot outside, but on the Hill it’s beginning to look a lot like Christmas — at least for cyber sleuths like us. Here’s what’s on our radar in Washington this week. — United in stress: The big boss at UnitedHealth is about to get put through the wringer over the company's massive data breach nightmare. UnitedHealth CEO Andrew Witty will testify in front of House Energy and Commerce Committee and Senate Finance Committee leaders on Wednesday, who are hauling him in to answer for February’s cyberattack that devastated the insurer’s payment processing arm, Change Healthcare. The hack is said to have caused $872 million in damages and affected tens of millions of Americans — including 15 million veterans. House Chairs Cathy McMorris Rodgers (R-Wash.) and Morgan Griffith (R-Va.) fired off a letter earlier this month demanding records and a full rundown related to the hacking incident from UnitedHealth. They want the deets on:
- Exactly when the breach was first spotted and how the company initially responded
- If any sensitive patient data was swiped and how customers were looped in
- What UnitedHealth's internal investigation uncovered
- The cyber defenses in place before and after acquiring Change Healthcare
The Republican brass say they need Witty to spell out the play-by-play to potentially shape new cybersecurity rules down the road.
— Show me the money: CISA director Jen Easterly is appealing to Congress this week to fulfill the Biden administration’s wishes for a boost in cybersecurity funding. Easterly will face the House Appropriations Homeland Security subcommittee to push for a proposed $3 billion budget for the agency in fiscal 2025 — a $103 million increase over 2023 levels. Lawmakers will likely grill Easterly about a March revelation that CISA itself was the victim of a hacker breach, and what the agency is doing to prevent future breaches as it seeks an injection of nearly $400 million to bolster its internal cybersecurity capabilities. Also tucked into CISA’s budget ask is $115.9 million to go toward standing up its upcoming reporting regime mandated by last year’s Cyber Incident Reporting for Critical Infrastructure Act. — Take it to the House: Multiple industry groups have bristled over CIRCIA’s broad reporting mandates, which CISA argues are necessary to combat cascading cyber intrusions. Prepare for those issues to be addressed in a Wednesday hearing by the House Homeland Security’s cyber subcommittee. Chair Andrew Garbarino (R-N.Y.) said in a statement the hearing will ensure "complete alignment with Congress' intent" on the law, aimed at boosting public-private collaboration and interagency info sharing against escalating digital threats. But the GOP has pushed back on pieces of CISA's plan, which the agency defends as vital for shoring up national cyber defenses. Republicans like Garbarino have also raised concerns about overlap between CIRCIA and the SEC's new public company cyber disclosure requirements, worried about piling on corporate compliance burdens. However, it's unclear what leverage, if any, CISA would have over the independent securities regulator.
| | | | DON’T MISS POLITICO’S ENERGY SUMMIT: The future of energy faces a crossroads in 2024 as policymakers and industry leaders shape new rules, investments and technologies. Join POLITICO’s Energy Summit on June 5 as we convene top voices to examine the shifting global policy environment in a year of major elections in the U.S. and around the world. POLITICO will examine how governments are writing and rewriting new rules for the energy future and America’s own role as a major exporter. REGISTER HERE. | | | | | | | | | LOCKED AND LOADED — The Financial Services Information Sharing and Analysis Center led more than a dozen finance sector companies in one of the world’s largest cyberattack exercises last week — and it’s only the beginning of implementing new strategies to protect against hackers. Cameron Dicker, global head of business resilience at the FS-ISAC, told Maggie on Friday following the end of NATO’s annual Locked Shields exercise that the group sees this as a “learning opportunity” for the next six to 12 months. “Even though the exercise is over, our job is far from over,” Dicker said. “The exercise is sort of the catalyst for a whole lot of other work that FS-ISAC gets to now dive into.” — Kind of a big deal: Locked Shields, hosted by NATO’s Cooperative Cyber Defense Centre of Excellence, involved teams from nations across NATO — and some non-NATO members such as Ukraine — competing to defeat a wide array of cyberattacks on a fictional island nation. Dicker said the exercise involved a wide array of simulated attacks, including ransomware attacks, the use of deepfake technologies and, for the first time in the exercise, artificial intelligence-derived attacks. “Most of the attacks were focused on the goal of disruption rather than profit-making,” Dicker said. — Let’s be friends: According to NATO CCDCOE, the multi-day exercise resulted in a huge growth in cooperation between nations to defeat the enemy hackers, prioritizing sharing threat information over focusing on competition. The three highest scoring teams were Latvia and the coalition teams of Estonia-France and Finland-Poland.
| | KREMLIN POUNCES ON PROTESTS — The heavy-handed police response to student demonstrations at the University of Texas has provided fresh ammunition for Russian state-backed disinformation campaigns accusing the U.S. of applying double standards on human rights, according to new research shared with Morning Cybersecurity. Influential Russian Telegram channels with followings ranging from 250,000 to 1.3 million subscribers have been coordinating to amplify coverage of the Texas protests, as well as similar demonstrations at UCLA and Columbia University, disinformation-tracking firm Logically has analyzed. — What that looks like: The channels are pushing narratives that the forceful response by law enforcement against the student protesters lays bare American double standards on human rights and tolerance for dissent. The firm also uncovered that U.S.-based pro-Russian influencers — who also had recent history of pro-Palestinian advocacy — invoked comparisons between the forceful police tactics against the Texas protesters and Israeli military actions in Gaza. “Russian messaging around U.S. domestic issues has become more targeted,” Kyle Walter, Logically’s global head of investigative research and innovation explains to MC, while “seeking to increase tensions between groups and portray the U.S. as a hypocritical, failing state.” — Par for the course: The findings demonstrate how quickly Moscow's propaganda machine has pivoted to seizing on domestic U.S. flashpoints, given that its disinfo efforts had been heavily focused on the Ukraine war for the past two years. Logically believes it’s likely Russia is reverting to its disinformation playbook of prior U.S. election cycles by amplifying divisive cultural issues now that the 2024 election cycle is well underway.
| | | | Let me be the first to tell you that I don’t mind that we have an emotional and logical edge over AI. Developers, please don’t fix that.
|  | | | PHISH PHRENZY — Phishing campaigns impersonating USPS receive surprisingly high traffic, sometimes even exceeding the real site, especially during peak seasons. Bill Toulas with BleepingComputer has the story. MICRO PROBLEM — Microsoft is looking to prioritize cybersecurity after a series of attacks has eroded public trust — and is pledging to make it its top focus, Sam Sabin writes for Axios.
| | Department of Corrections | | A write-up in Friday’s newsletter now details a survey from Duke University and the Digi Americas Alliance. Chat soon. Stay in touch with the whole team: Joseph Gedeon (jgedeon@politico.com); John Sakellariadis (jsakellariadis@politico.com); Maggie Miller (mmiller@politico.com); and Heidi Vogt (hvogt@politico.com). | | | | Follow us on Twitter | | | | Follow us | | | | |
