But stealing vaccine research during a global pandemic – seen as a digital extension of classic espionage – doesn’t directly violate rules of the road for which U.S. officials have spent years advocating in cyberspace. And some cybersecurity experts worry the push could undermine the effort to instill those global norms.
“There are a lot of things the Russian and Chinese intelligence services are doing that we should be absolutely outraged about. This is pretty low on my list of concerns,” Dmitri Alperovitch, former chief technology officer at the cybersecurity company CrowdStrike, told me. Alperovich is now chairman at the Silverado Policy Accelerator, a nonprofit think tank.
On the other hand, experts fear that the new hacking authorities President Trump granted the Central Intelligence Agency could be a slippery slope that ends up undermining the push to define acceptable and unacceptable behavior for nations online. The kind of broad authorization described in the Yahoo News .. https://news.yahoo.com/secret-trump-order-gives-cia-more-powers-to-launch-cyberattacks-090015219.html .. report, they worry, could open the door to hacks that affect foreign elections or disrupt energy service or financial transactions — just the sort of hacking the United States has traditionally condemned.
The developments each underscore the difficulty of creating and abiding by hard-and-fast rules as cyberspace constantly changes. That has been particularly challenging during the Trump administration, when the White House has primarily focused on projecting strength in cyberspace and pledging to punch back against adversaries rather than working with allies on creating norms for good behavior.
President Trump disembarks Marine One. (Jabin Botsford/The Washington Post)
Several top GOP lawmakers are taking their concerns about Chinese vaccine hacking straight to the president.
They’re calling on Trump to sanction Chinese government hackers for stealing that research and other data in a letter this morning, saying it “puts the very lives of our citizens at risk.” The letter was signed by Reps. Michael McCaul (Texas), leading Republican on the House Foreign Affairs Committee; Greg Walden (Ore.), leading Republican on the Energy and Commerce Committee and Patrick McHenry (N.C.), leading Republican on the Financial Services Committee.
Experts, meanwhile, are savaging Trump for the CIA move, saying it could erode years of efforts to impose rules in cyberspace.
Chris Finan, cybersecurity director on the National Security Council during the Obama administration who’s now CEO of Manifold Technology:
Chris Finan @CTFinan The Trump admin giving carte blanche to agencies for norm- breaking cyber activities undermines two decades of norm- building as a cyber policy objective where open societies benefit most
The 2018 authorization basically gave the CIA broad powers to conduct convert actions in cyberspace without first getting a go-ahead from the White House and specifically mentions Russia, China, Iran and North Korea as possible targets, Yahoo reports. Since it was approved, the agency has launched dozens of secret hacking operations, the article says.
The reactions reveal just how murky the rules can be in the shadowy world of cyberspace.
In the case of the vaccine hacks, there has been no evidence so far that China or Russia wants to do anything other than to steal information that will help their own scientists work faster on combating the novel coronavirus. Experts say that focus on promoting public health makes this kind of hacking far different from the economic espionage U.S. officials have traditionally pilloried China for and which centers on raiding American companies' intellectual property to benefit Chines companies’ bottom lines.
But that could change down the road. For instance, China might use the stolen information to help its companies get a leg up on U.S. competitors in the market for coronavirus treatments. Even worse, hackers could use the access they gained to U.S. research labs’ computer networks to sabotage future work.
“The biggest concern is doing something in a way that disrupts or a slows down a potential cure,” said Chris Painter, who was the State Department’s top cybersecurity diplomat during the Obama administration. “If they do things that are impeding the manufacture or research of a vaccine in any way, that would clearly cross a line.”
Chinese President Xi Jinping learns about the progress on the research into covid-19 vaccine candidates. (Ding Haitao/Xinhua/AP)
In the case of the new CIA authorities, part of what the agency is reportedly doing is hacking and releasing information that might be embarrassing to U.S. opponents. The Yahoo article points to a handful of recent data leaks that might be connected to the CIA including information about an ostensibly independent Russian company that was working with Moscow's intelligence services and about the personal information of Iranian intelligence officers.
Those operations could raise problems if they seemed aimed at affecting an election and could undermine U.S. efforts to insist that such hacks should be off the table.
“I happen to think the Russians actually need some payback in the hacking and dumping department, but it should stay the heck away from anything that looks like an electoral intervention,” Brookings Senior Fellow Benjamin Wittes said during the Rational Security podcast. “You want to be super cautious about anything that could look like an intervention into a foreign election because that is a norm that we want to strongly support.”
Diplomatic efforts to impose global cyber rules have slowed since a burst of diplomatic activity between 2013 and 2017.
Since then officials have largely focused on the harder task of imposing consequences on nations that flout those rules.
“We have countries signing onto these norms…but we haven’t done a very good job at imposing consequences when those norms get violated,” Painter told me. “We’ve become a little better at trying to disrupt them. But we still don’t see quick actions that change the calculus of people violating the norms. And if they get a benefit from violating them then they’ll keep doing it.”
The keys
Early evidence suggests a massive Twitter hack was not politically motivated.
A bird flies near signage displayed outside Twitter headquarters in San Francisco. (David Paul Morris/Bloomberg News)
“This was not a hack of Biden’s campaign,” the official said. “Or of Elon Musk. This was all about a fraud scheme and not about trying to turn the political winds in a certain direction.”
Hackers were also able to view personal information including email addresses and phone numbers for the 130 accounts targeted. For the 45 accounts they took over, that could have included "additional information," though Twitter didn't give specifics.
Trump, citing mail-in voting, declined to say that he will accept the election results.
VIDEO - Trump's Fox News interview, in 4 minutes In an interview that aired July 19, "Fox News Sunday" host Chris Wallace asked President Trump about the coronavirus, upcoming elections and civil unrest. (The Washington Post)
Fox News host Chris Wallace asked Trump if he “might not accept the results of the election.” Trump replied, “I have to see. Look, you — I have to see. No, I’m not going to just say ‘yes.’ I’m not going to say ‘no.’ And I didn’t last time, either.”
Biden's campaign slammed the remarks. “The American people will decide this election,” Biden spokesman Andrew Bates said. “And the United States government is perfectly capable of escorting trespassers out of the White House.”
“Compared to where things were in 2016, we are not seeing that level of coordinated, determined cyber activity from adversaries,” Krebs said during a virtual event hosted by the Brookings Institution. “We absolutely have better visibility across the networks, and we are just not seeing that same level of activity that we saw in 2016.”
The Trump campaign is attacking TikTok and accusing it of spying on users.
Market Data 
Markets 
AI
