A chat with Rob Strayer, the new cyber chief at State

With help from Eric Geller and Martin Matishak

Q&A WITH NEW TOP CYBER DIPLOMAT — Secretary of State Rex Tillerson hasn’t yet decided how to structure his department’s cyber diplomacy mission, but in the meantime, Rob Strayer is forging ahead. As the deputy assistant secretary overseeing State’s cyber and telecom policy teams, Strayer is responsible for promoting America’s cyber agenda abroad, forging partnerships with allies, and helping President Donald Trump’s administration develop strategies for deterrence. In a wide-ranging interview with Eric in his office in Foggy Bottom on Monday, Strayer said he was making progress in convincing other countries to embrace America’s view of cyberspace. “I’ve had some very good meetings with countries you would not normally associate with our core like-minded group,” he said.

As the nation’s top cyber diplomat, Strayer faces a wide range of challenges, from China’s aggressive promotion of its “internet sovereignty” agenda to Russia’s use of information warfare and disruptive attacks by Iranian and North Korean hackers. He is also playing a key role in the development of Trump’s cyber engagement strategy, which the president called for in his May executive order. Strayer said his team was leading working groups with representatives from several agencies to draft that report, as well as a companion report on cyber deterrence. “I would characterize them as pretty advanced at this point,” he told Eric. “But I can’t say they’re done yet.”

As cyber experts wait to see how Trump’s approach to cyber issues differs from Barack Obama’s, Strayer emphasized continuity with Obama-era international norms but said he wanted to move into the next phase. “We now need to think about how to impose consequences on entities that do not act consistent with those norms,” he said. “It’s a very fair question [that] I think everyone in the country and a number of industry participants are asking: What are we doing to do to enforce those norms? And that’s the next step in all this.”

The U.S. has especially struggled to contain a top violator of international cyber norms: the Chinese government. Strayer praised the Obama administration for a 2015 deal in which both nations pledged not to use government hackers for economic espionage, but he then brought up recent charges against Chinese hackers that — while omitting references to government involvement — have experts wondering if Beijing violated the deal. “This recent indictment shows very clearly that we have a friction point with the Chinese,” he said, adding that the National Security Council-led interagency process is constantly “revisiting” the issue of China’s compliance with the deal. Pros can read the full Q&A with Strayer here.

HAPPY TUESDAY and welcome to Morning Cybersecurity! The family of basketball Balls is America’s real-life running soap opera. Send your thoughts, feedback and especially tips to [email protected] and be sure to follow @timstarks, @POLITICOPro and @MorningCybersec. Full team info below.

NEW DHS SECRETARY ON TRACK The Senate advanced the nomination of Kirstjen Nielsen to lead the Homeland Security Department in a procedural vote Monday. “With responsibilities ranging from cybersecurity, to protecting our borders, to the continued recovery efforts from the recent natural disasters, the Department of Homeland Security requires strong leadership to get the job done,” Senate Majority Leader Mitch McConnell said in a floor speech teeing up the vote. “As chief of staff to the previous DHS secretary, Gen. John Kelly, she understands the daily operations of the department and shares our goals for its future.”

The vote was 59-33, with a final vote due later this week. While no senators spoke in opposition to Nielsen, some Democrats have raised concerns about Nielsen’s management experience and whether it’s enough to oversee such a large department. Others have questioned how she might stand up to her former DHS boss Kelly, now White House chief of staff, after Kelly reportedly pressured acting Secretary Elaine Duke over an immigration decision.

SESSIONS TOUTS CYBER CRIME PROSECUTIONS — Cyber-enabled theft of intellectual property is a top priority for the Justice Department, Attorney General Jeff Sessions proclaimed on Monday. During a speech at the World Bank Global Forum on Asset Recovery, the attorney general highlighted DOJ’s prosecution of Chinese trade-secrets thieves, who allegedly caused losses of more than $800 million. Sessions noted the figure was “more than 10 times the largest bank robbery.”

The attorney general also pointed to the G-20 nations’ commitment not to support the theft of trade secrets to benefit their commercial sectors, a landmark international norm that also formed the core of a 2015 agreement between the U.S. and China. DOJ recently charged three Chinese hackers with exactly this type of crime, though prosecutors did not allege that the Chinese government aided the cyber criminals, which would violate the 2015 deal.

Sessions took an oblique shot at Beijing for stymieing American investigations of cyber criminals based in China. “We believe we have a strong record of fairly and professionally prosecuting global criminal activity and we will work hard to assist our global partners in their efforts to crack down on fraud and abuse,” he said. “But we will insist on cooperation from our global partners.” Despite a law enforcement cooperation provision in the 2015 agreement, Chinese authorities have not granted many American requests for information and assistance, including in the case that led to the three recent indictments. “The Department of Justice is committed to bringing those responsible for intellectual property-related crimes to justice,” Sessions said. “The United States has too often been a victim, and we intend to fight these crimes vigorously.”

CYBER SEC — A new SEC team devoted to fighting hackers and other cyber-related misconduct announced its first charges Monday. The SEC Cyber Unit halted an alleged $15 million initial coin offering scam from two Canadian nationals and their business, PlexCorp, whom the SEC accused of falsely promising huge profits in a complaint filed in the U.S. District Court in the Eastern District of New York.

“This first Cyber Unit case hits all of the characteristics of a full-fledged cyber scam and is exactly the kind of misconduct the unit will be pursuing,” said Robert Cohen, chief of the Cyber Unit. “We acted quickly to protect retail investors from this initial coin offering’s false promises.”

Although the case isn’t focused much on cybersecurity, it’s a significant development for a unit that was first announced in September. The digital crime fighters plan to go after a range of online offenses, including hackers seeking to obtain private information, dark web misconduct, intrusions into retail brokerage accounts and cyber threats to trading platforms.

— IN OTHER FINANCIAL OVERSEER NEWS: “The Trump administration’s interim director of the Consumer Financial Protection Bureau said he has frozen the agency’s collection of personal information due to cybersecurity concerns, a step in changing policies criticized by the financial industry,” The Wall Street Journal reported Monday. “Mick Mulvaney, who is splitting his time as acting CFPB director and the White House’s budget chief, on Monday said the decision is part of his effort to improve the agency’s data-security program.”

On the negative side of the collection: “Critics of the CFPB have long complained about the bureau’s efforts to collect consumer data on credit cards and mortgages through its disclosure rules, consumer complaint database and enforcement actions. They say such actions threaten privacy and information security.” On the plus side: “CFPB officials have in the past said such data help the agency identify discrimination and other industry misconduct, and can serve as a basis for writing rules.”

WYDEN TARGETS SECTION 702 — Sen. Ron Wyden on Monday skewered the arguments many government officials have made to tamp down efforts to revise warrantless surveillance programs. In an op-ed, Wyden, a senior member of the Senate Intelligence Committee, said the “public relations campaign” against a congressional push to revise Section 702 of the Foreign Intelligence Surveillance Act “are rife with misleading statements and omissions that require correction.”

The Oregon Democrat targeted what he called six “myths” about the electronic spying tools, including the argument that the 702 programs can’t be abused because of existing privacy and transparency provisions. Wyden’s op-ed comes as congressional leaders look for a way to reauthorize the efforts, which are slated to sunset on Jan. 1. It’s likely that a bill renewing the digital programs will be attached to a piece of must-pass legislation.

PASSWORD RESERVOIR DRIES UP — A website that sold access to indexed packages of stolen usernames and passwords has seemingly shut down. An anonymous source told cybersecurity journalist Brian Krebs that the site, dubbed Leakbase, may have been closed due to a Dutch law enforcement sting that took down dark web marketplace Hansa, which the site’s operators had allegedly used to sell its goods. Leakbase denied the charge on Twitter.

RECENTLY ON PRO CYBERSECURITY An international law enforcement coalition that included the FBI took down the Andromeda botnet that infected millions of computers, European police agency Europol announced. … President Donald Trump said he felt bad for former national security adviser Michael Flynn following his guilty plea, contrasting Flynn’s treatment by the FBI to what Trump considered lenient handling of former Secretary of State Hillary Clinton over her private email server.

TWEET OF THE DAY — Most people don’t know that the first Crypto Wars were between dinosaurs.

QUICK BYTES

“The White House’s chief lawyer told President Donald Trump in January he believed then-national security adviser Michael Flynn had misled the FBI and lied to Vice President Mike Pence and should be fired, a source familiar with the matter said Monday.” CNN.

K.T. McFarland, Trump’s former deputy national security adviser, appeared to contradict herself on what she knew about contacts between the former Russian ambassador and Flynn. The New York Times.

CIA Director Mike Pompeo said Trump’s Twitter usage has helped the agency gain intelligence. Federal Times.

Chinese President Xi Jinping told an audience that included top tech giant leaders that every country has the right to govern the internet within its borders as it pleases. Variety.

PayPal provided an update on the breach of recently acquired payment process TIO Networks, saying it affected approximately 1.6 million customers. ZDNet.

Stewart Baker argues in Lawfare that maybe the “unmasking” language in the House Intelligence bill reauthorizing expiring surveillance tools isn’t so bad.

New America kicked off a series of blog posts about cyberspace being contested.

The judge overseeing the Waymo/Uber legal feud is getting saucy over secret messaging app usage, according to Ars Technica and The Financial Times.

Members of the British parliament are flouting a ban on sharing their passwords, despite a big hack, according to The Associated Press.

The Government Accountability Office said U.S. Cyber Command and other combatant commands need to clarify how they interact with civilian agencies and the private sector. CyberScoop.

Now hackers might be able to go after… digital smart pens. Dark Reading.

CyberPatriot, an Air Force Association program, released a cybersecurity storybook for kids.

What makes a cryptocurrency crypto? Motherboard.

MacAuley-Brown won a five-year, $37 million contract with the Department of Defense Information Analysis Center’s Cybersecurity Technical Area Task.

That’s all for today. Your MC host just wants the Ball on his fantasy team to not be one of the worst shooters of all time.

Stay in touch with the whole team: Cory Bennett ([email protected], @Cory_Bennett); Bryan Bender ([email protected], @BryanDBender); Eric Geller ([email protected], @ericgeller); Martin Matishak ([email protected], @martinmatishak) and Tim Starks ([email protected], @timstarks).