| Welcome to The Cybersecurity 202! I give "Being the Ricardos" a B-minus overall, but the performances were great, especially J.K. Simmons as William Frawley. It sparked some real "Nick at Nite" memories. Below: Senators want details about government cyber protections for the transportation sector, and a Russian extradited to the United States may have inside information about the Kremlin's 2016 election interference. | Fears are mounting about possible Russian cyberattacks of Ukraine |  President Biden speaking on the phone with Russian President Vladimir Putin from his residence in Wilmington, Delaware. Photo by Adam Schultz/The White House. | | | Fears are mounting about a possible Russian military invasion of Ukraine — and the cyberattacks that would undoubtedly come with it. Ukraine has been the target of Russia's most brazen cyber operations in recent years. Such attacks would surely accompany any land invasion launched by the roughly 175,000 Russian troops currently massed on the Ukraine border. A case in point: In the most significant known cyberattack against an electric grid to date, Kremlin hackers briefly shut off power for thousands of Ukrainian citizens in 2015. An attack of similar magnitude during a military conflict could sow chaos among the populace and dramatically reduce Ukraine's ability to defend itself. Cybersecurity experts are already noting an uptick in Russian cyber intrusions into Ukrainian government and civilian computer networks that could lay the groundwork for a major cyberattack. U.S. and United Kingdom officials are trying to forestall such attacks. They've sent cyberwarfare experts to Ukraine to help improve preparations and planning, the New York Times reports. But with Russia's immense offensive cyber capabilities, it's unlikely Ukraine could fully fend off an attack. U.S. officials believe Russian President Vladimir Putin may also opt to launch cyberattacks that cripple Ukrainian infrastructure in place of a physical invasion, the Times reports. | | The situation offers a harrowing example of the major role cyber capabilities are likely to play in any future military conflict — especially those involving the top tier of cyber-capable nations including Russia and China. "We can certainly anticipate [Russian military action in Ukraine] will be accompanied by disinformation operations of all kinds and cyber incidents. ... It's part of their toolbox," Suzanne Spaulding, a top government cyber official during the Obama administration and director of the Defending Democratic Institutions project at the Center for Strategic and International Studies, told me. | | @SpauldingSez | "We can certainly anticipate [Russian military action in Ukraine] will be accompanied by disinformation operations of all kinds and cyber incidents. ... It's part of their toolbox." | | | | | | | | "Going forward, all physical kinetic military action that would be occurring in Eastern Europe will be preceded by a cyber pulse," Tom Kellermann, head of cybersecurity strategy at VMware predicted to the Hill. | Russia is no stranger to mixing cyberattacks with conventional military operations | | Russia peppered Ukrainian computers with malware during 2014, according to the cybersecurity firm FireEye — probably aimed at stealing information to aid its invasion of Crimea that year. | - The nation's 2008 invasion of Georgia was accompanied by "denial-of-service" cyberattacks, which rendered numerous Georgian government websites inoperable by flooding them with more Internet traffic than they could handle.
- Russia pummeled Estonia with a denial-of-service attack in 2007 that's widely viewed as the first major case of nation-on-nation hacking.
- There's also the 2017 NotPetya malware bug, which U.S. officials say was initially unleashed by the Russian military and aimed at crippling computers in Ukraine. It spread far more widely, wreaking havoc across dozens of nations in what the White House called at the time the "most destructive and costly cyberattack in history."
| | The Biden administration is pushing to forestall a Ukraine invasion. Officials are prepping a raft of sanctions targeting Russia's financial sector and preparing a range of export controls, as Paul Sonne, Ellen Nakashima and Michael Birnbaum report. Biden told Putin during a phone call last week that the United States will "respond decisively" to an invasion, according to a statement by press secretary Jen Psaki. The intense focus on the Ukraine conflict has distracted from other points of U.S.-Russia tension, including a Biden administration push for Putin to rein in Russia-based criminal ransomware attacks that pummeled U.S. schools, local governments and businesses last year. | | There's some evidence that effort may have yielded positive results. But rising tensions between the nation could thwart any progress. | | |  | The keys | | A bipartisan group of senators wants to know how the Biden administration is defending the transportation sector against hacking |  The letter requests information from Transportation Secretary Pete Buttigieg and Homeland Security Secretary Alejandro Mayorkas. (Demetrius Freeman/The Washington Post) | | | The lawmakers are asking for a trove of information from Homeland Security Secretary Alejandro Mayorkas and Transportation Secretary Pete Buttigieg, including how the departments "detect, prevent, and respond to cyber threats" and the roles of each department's subcomponents in protecting critical transportation infrastructure. The letter also presses for an update to the transportation sector's cybersecurity risk plan, which dates back to 2015 — that's practically ancient in the fast-paced world of cybersecurity. Ten senators signed on to the letter, which was led by Sens. Jacky Rosen (D-Nev.) and Roger Wicker (R-Miss.). The letter cites numerous cyber threats to transportation infrastructure — most prominently a 2021 ransomware attack on Colonial Pipeline that threatened to cut off gas supplies to the southeastern United States. | A Russian hacker extradited to the United States reportedly has information on Russia's 2016 election interference |  Prosecutors unveiled the charges against a Russian hacker in December. (Brian Snyder/Reuters) | | | Prosecutors last month extradited Vladislav Klyushin from Switzerland to the United States after he was charged with hacking and fraud in connection with a campaign against private companies that prosecutors said netted tens of millions of dollars worth of inside information. But Klyushin's greater value could be inside information about Russia's 2016 election operations, Bloomberg's Henry Meyer, Irina Reznik and Hugo Miller report, citing people close to the Kremlin and Russia's security services. Russian intelligence has concluded that Klyushin "has access to documents relating to a Russian campaign to hack Democratic Party servers during the 2016 U.S. election," Bloomberg reports. "His transfer to the U.S. represents a serious intelligence blow to the Kremlin, several of the people said, one that would deepen if Klyushin decides to seek leniency from U.S. prosecutors by providing information about Moscow's inner workings," Meyer, Reznik and Miller write. The charges against Klyushin involve an elaborate insider trading scheme. He and associates allegedly hacked into companies that top firms use to file Securities and Exchange Commission reports and then bought and sold stocks based on the secret information. "The U.S. government has not publicly connected Klyushin to Russian interference in the 2016 election. But one of Klyushin's co-defendants in the securities fraud case is Ivan Ermakov, who was one of a dozen GRU officers whom a federal grand jury indicted in 2018 for interfering in the 2016 election by hacking and leaking documents from the Democratic National Committee," as CNN's Sean Lyngaas reports. Klyushin may also have access to information about other Russian intelligence operations, sources told Bloomberg. | The fight to end the filibuster could deliver election security reforms (if it works) |  Senate Majority Leader Charles E. Schumer (D-N.Y.) and Senate Democrats haven't been able to pass voting rights legislation. (Jabin Botsford/The Washington Post) | | | Senate Majority Leader Charles E. Schumer (D-N.Y.) set Jan. 17 as a deadline for changing Senate filibuster rules if Republicans continue to block voting rights legislation, John Wagner reports. The move is "Schumer's strongest endorsement yet of trying to muscle through legislation that has been stymied because of Senate rules requiring a 60-vote threshold," John writes. One of the bills Senate Democrats want to pass is the Freedom to Vote Act, which primarily focuses on ballot access but is also chock-full of proposals sought by election security advocates. It would: | - Require states to conduct post-election audits
- Set up an advisory committee focused on election audits at the Commerce Department
- Formally add "election infrastructure" to the Department of Homeland Security's list of "critical infrastructure" sectors
- Block states from using voting machines that aren't manufactured or assembled in the United States and require them to have their software "developed and stored in the United States"
| | Reining in the filibuster is an uphill climb because all 50 Senate Democrats must be onboard — including moderates who've rejected changing the filibuster such as Sens. Joe Manchin III (D-W. V.) and Kyrsten Sinema (D-Ariz.). In a letter to lawmakers, Schumer emphasized that legislation proposed by Senate Democrats aims to counter "voter suppression and election nullification laws." | | |  | Chat room | | | As we approach the anniversary of the Jan. 6 Capitol attacks, election security expert and Georgetown University professor Matt Blaze examines how disinformation trumped facts about election integrity that day. |  | | | | | |  | Cyber insecurity | | | By Mark Montgomery and Samantha F. Ravich ● Read more » | | | | | |  | Global cyberspace | | | |  | Securing the ballot | | | |  | Daybook | | - The Atlantic Council hosts an event on the next National Defense Strategy on Wednesday at 2 p.m.
| | |  | Secure log off | | | Thanks for reading. See you tomorrow. | | |
