SPONSORED:

Election security, ransomware dominate cyber concerns for 2020

Election security, ransomware dominate cyber concerns for 2020
© iStock

Headed into 2020, with a presidential election on the horizon, cyber concerns are certain to be in the spotlight in Washington.

Atop the list of cyber issues will be persistent questions about election security. Officials at the federal, state and local levels say they will be vigilant to any efforts to interfere in the election after 2016, even as lawmakers weigh additional actions to safeguard the vote.

But lawmakers will also be looking to tackle other issues as well, such as the ransomware attacks spreading across the country and the growing concerns over companies with foreign ties accessing Americans' data.

ADVERTISEMENT

Here's what we are watching on the cyber front for 2020.

 

Election security

2020 will see a presidential election, along with nationwide elections for the House and a third of the Senate. It will be a major test for efforts to improve security after Russian interference efforts in the 2016 election.

U.S. intelligence agencies, former special counsel Robert MuellerRobert (Bob) MuellerCNN's Toobin warns McCabe is in 'perilous condition' with emboldened Trump CNN anchor rips Trump over Stone while evoking Clinton-Lynch tarmac meeting The Hill's 12:30 Report: New Hampshire fallout MORE and the Senate Intelligence Committee have all concluded that Russia conducted a sweeping and systematic attack against the 2016 elections, using both hacking and disinformation campaigns.

Mueller has warned that Russia would attempt to interfere again, testifying to the House Intelligence Committee in July that the Russians were trying to interfere “as we sit here.” 

ADVERTISEMENT

Fiona Hill, the former National Security Council senior director for Europe and Russia, sounded the alarm on this issue as well, testifying during the impeachment inquiry into President TrumpDonald John TrumpIvanka Trump, Jared Kusher's lawyer threatens to sue Lincoln Project over Times Square billboards Facebook, Twitter CEOs to testify before Senate Judiciary Committee on Nov. 17 Sanders hits back at Trump's attack on 'socialized medicine' MORE that "right now, Russia’s security services and their proxies have geared up to repeat their interference in the 2020 election.”

The years following 2016 have seen election security become a big talking point on Capitol Hill, but with Republicans and Democrats divided over what needs to be done to ensure that similar interference does not happen again.

A big step Congress has taken is appropriating funds for state and local election officials to improve election security efforts, with Congress sending $380 million to the states in 2018, and an additional $425 million to states in appropriations bills this month. 

However, beyond those funds, many Democrats have complained that Congress has not done enough to address attempted Russian interference. 

Senate Democrats have repeatedly tried to force Senate Majority Leader Mitch McConnellAddison (Mitch) Mitchell McConnellOvernight Health Care: Following debate, Biden hammers Trump on coronavirus | Study: Universal mask-wearing could save 130,000 lives | Finger-pointing picks up in COVID-19 relief fight On The Money: Finger-pointing picks up in COVID-19 relief fight | Landlords, housing industry sue CDC to overturn eviction ban Finger-pointing picks up in COVID-19 relief fight MORE (R-Ky.) to schedule votes on a raft of various election security bills. The House has passed three major pieces of election security legislation this year that have stalled amid Republican objections in the Senate. 

In 2020, there could be more focus on election security. 

Sen. Ron JohnsonRonald (Ron) Harold JohnsonSenate panels to interview former Hunter Biden business associate Friday Trump and advisers considering firing FBI director after election: WaPo Biden: Johnson should be 'ashamed' for suggesting family profited from their name MORE (R-Wis.), the chairman of the Senate Homeland Security and Governmental Affairs Committee, told The Hill this week that he “definitely intends” to hold a hearing on election security sometime in the new year. 

“I want to take a look at the whole gamut,” Johnson said of election security issues. “I’m of the belief that we are doing a pretty good job from a cyber standpoint, it is almost impossible to get into voting machines and if you are an election official and you are not aware of the fact that you should not have your machine hooked up to the internet, shame on you.”

House Administration Committee Chairwoman Zoe LofgrenZoe Ellen LofgrenWhy prevailing wage reform matters for H-1B visas Fears grow of voter suppression in Texas Business groups start gaming out a Biden administration MORE (D-Calif.), whose committee approved the main three House election security bills this year, told The Hill that there may be “some oversight” from her committee on the subject of election security in 2020. 

The Senate Intelligence Committee is also expected to drop the third of its five reports based on its investigation into Russian interference in the 2016 elections sometime in January. The third volume will look at the Obama administration’s response to Russian interference.

“We have gotten the third one back for redactions, and we have volleyed about 20 questions back to them that probably won’t get answers and vote next week, but it will be out as soon as we get back,” Senate Intelligence Committee Chairman Richard BurrRichard Mauze BurrAs Trump downplayed the virus publicly, memo based on private briefings sparked stock sell-offs: NYT Hillicon Valley: Subpoenas for Facebook, Google and Twitter on the cards | Wray rebuffs mail-in voting conspiracies | Reps. raise mass surveillance concerns Bipartisan representatives demand answers on expired surveillance programs MORE (R-N.C.) told The Hill earlier this month.

 

Ransomware attacks

Ransomware attacks, in which an attacker infiltrates a system and locks it until a ransom is paid, were endemic nationwide in 2019, hitting government entities and cities repeatedly.

The city governments of Baltimore, New Orleans and Pensacola, Fla., were hit by ransomware attacks this year, with city services affected for days afterward, while a coordinated attack hit almost two dozen small town governments in Texas in August.

School districts have also borne the brunt of ransomware attacks, with Louisiana Gov. John Bel Edwards (D) declaring a state-wide emergency in July after several school districts were hit. The school district for Flagstaff, Ariz. was forced to close for two days in August to recover from a ransomware attack, affecting almost 10,000 students. 

Congress is grappling with the threat. Members of the Senate Cybersecurity Caucus received a classified briefing on the issue earlier this month from the Department of Homeland Security (DHS).

Sen. Mark WarnerMark Robert WarnerSenate Intel leadership urges American vigilance amid foreign election interference Intel officials say Iran, Russia seeking to influence election Senate Intel leaders warn of election systems threats MORE (D-Va.), co-chairman of the caucus, said in a statement that “the continued prevalence of ransomware should really capture our attention.” 

ADVERTISEMENT

Sen. Cory GardnerCory Scott GardnerThe Hill's Campaign Report: 2020 spending wars | Biden looks to clean up oil comments | Debate ratings are in Democrats seek to block appeal of court ruling ousting Pendley, BLM land plans Senate is leaning to the Democrats, big time, with a wave MORE (R-Colo.), the other co-chairman, told The Hill that he thought it was “important that the American people understand what’s at risk.”

Several pieces of legislation have been introduced in the wake of the attacks, including one bipartisan Senate bill to help school districts defend against ransomware, and another bipartisan House bill to give resources to state and local governments to address the attacks. 

The bipartisan Cyber Hunt and Incident Response Teams Act, another piece of legislation around this issue, was included in the 2020 appropriations bills. This will enable DHS to maintain permanent teams to help in response efforts to cyberattacks.

During a hearing on cyber threats against state and local governments earlier this year, Rep. Cedric RichmondCedric Levon RichmondThe Hill's Morning Report - Sponsored by Facebook - Trump combative, Biden earnest during distanced TV duel Cedric Richmond's next move: 'Sky's the limit' if Biden wins Democrats preview strategy on Barrett's Supreme Court confirmation hearings this week MORE (D-La.), the chairman of the House Homeland Security subcommittee on cybersecurity, noted that ransomware and other cyber threats are “not a state or local problem, but a national one–and we should invest accordingly, at the Federal level.”

As the attacks spread, lawmakers can expect growing pressure to act.


Foreign-affiliated apps

ADVERTISEMENT

Recent months have seen a build-up of bipartisan concern around foreign-affiliated apps such as video sharing site TikTok and face editing app FaceApp. 

These concerns look likely to intensify in 2020 as Capitol Hill grows increasingly wary of foreign-linked technology.

Senate Minority Leader Charles SchumerChuck SchumerTrump announces opening of relations between Sudan and Israel Five takeaways on Iran, Russia election interference Pelosi calls Iran 'bad actor' but not equivalent to Russia on election interference MORE (D-N.Y.) has expressed concerns around both FaceApp, which was created by a St. Petersburg-based developer, and TikTok, which is owned by Chinese company ByteDance.

In response to Schumer’s concerns on FaceApp, the FBI wrote to the lawmaker in November that the agency “considers any mobile application or similar product developed in Russia, such as FaceApp, to be a potential counterintelligence threat, based on the data the product collects, its privacy and terms of use policies, and the legal mechanisms available to the Government of Russia that permit access to data within Russia’s borders.”

Schumer and Sen. Tom CottonTom Bryant CottonCotton mocks NY Times over claim of nonpartisanship, promises to submit op-eds as test Barrett fight puts focus on abortion in 2020 election COVID outbreak threatens GOP's Supreme Court plans MORE (R-Ark.) requested that the U.S. intelligence community investigate TikTok in October. The lawmakers wrote to acting Director of National Intelligence Joseph MaguireJoseph MaguireRetired Navy admiral behind bin Laden raid says he voted for Biden Congressional Democrats request FBI briefing on foreign election interference efforts Wells Fargo told employees to delete TikTok from work phones MORE that “security experts have voiced concerns that China’s vague patchwork of intelligence, national security, and cybersecurity laws compel Chinese companies to support and cooperate with intelligence work controlled by the Chinese Communist Party.”

Both TikTok and FaceApp have pushed back against concerns over how they use and store American data, with TikTok particularly stressing that it does not store the data of Americans in China. 

Rep. Stephen LynchStephen Francis LynchOVERNIGHT DEFENSE: Top general negative for coronavirus, Pentagon chief to get tested after Trump result l Top House lawmakers launch investigation into Pentagon redirecting COVID-19 funds Top House lawmakers launch investigation into Pentagon redirecting COVID-19 funds Overnight Defense: Pentagon redirects pandemic funding to defense contractors | US planning for full Afghanistan withdrawal by May | Anti-Trump GOP group puts ads in military papers MORE (D-Mass.) added to those concerns, sending letters earlier this month to Google and Apple asking them how they vet mobile apps and safeguard data security. The companies have until Jan. 10 to respond. 

“Given the pervasiveness of smartphone technology in the United States, as well as the vast amounts of information stored on those devices, foreign adversaries may be able to collect sensitive information about U.S. citizens, which presents serious and immediate risks for U.S. national security,” Lynch wrote.