A newsletter briefing on cybersecurity news and policy.

with research by Aaron Schaffer

A newsletter briefing on cybersecurity news and policy.

Welcome to The Cybersecurity 202! Congratulations to Canada and Denmark for peacefully ending their 49-year border spat over a barren Arctic island. 

Below: A 2020 election denier is the GOP nominee to lead elections in Nevada, and the White House warns of ‘serious’ security concerns about a U.S. company’s proposal to buy NSO hacking tools.

The Biden administration and Congress are struggling to fulfill one of the main components of their program to protect U.S. telecom systems from Chinese spying — removing Huawei gear from rural wireless networks.  

The big problem: A more than $3 billion funding shortfall.

The Federal Communications Commission is closing in on a $1.9 billion plan for the program, which will deliver funding to dozens of rural telecoms to strip the Chinese tech giant’s components from their 4G wireless networks. The agency has finished its initial review of telecoms' requests for funding and will deliver a projected deadline for making its final decisions to Congress today, an FCC official told me. 

But the agency has received a whopping $5.6 billion in requests from rural telecoms that want to replace their Huawei gear. It’s not clear if Congress is ready to fill that gap — even as concerns about Chinese spying and other digital treachery are reaching a fever pitch.

Some clarity could come today. The House Energy and Commerce Committee will consider legislation during a business meeting today that would commit an additional $3.4 billion to the program — covering most of the shortfall. But there’s still a long way to go before that proposal becomes law. 

The risk: The project is part of a years-long push to restrict Huawei and other Chinese firms from U.S. telecom infrastructure over fears that access could make it far easier for Beijing to spy on or sabotage U.S. communications.

Huawei could theoretically scoop up information that would give Chinese firms an advantage over U.S. competitors or improve the Chinese position in a military conflict with the United States. 

If more funding doesn’t arrive, the FCC will be legally required to mostly allocate funding to the smallest rural telecoms that serve fewer than 2 million people. 

That could risk leaving Huawei gear in some telecom networks where it poses significant national security risks but that serve between 2 million and 10 million customers  — such as telecoms located around military bases or major energy facilities. 

“Many of our most important defense and intelligence assets are located in rural America, and we have to protect those,” Michael Wessel, a member of the U.S.-China Economic and Security Review Commission, told me. 

The concern isn’t so much that Chinese spies will scoop up data directly from U.S. military facilities, which communicate their most sensitive information on classified systems. But they could have a field day with data culled from the personal cellphones of servicemembers and civilian staffers who live near such facilities. 

“The intelligence that could be gathered from all those cellphones is invaluable,” Wessel told me.

China watchers favor a more strategic approach. 

Ideally, [the U.S. government] would want to rip and replace it all, but if it can't then there should be some prioritization of the networks — is there some critical infrastructure that is nearby that might be impacted,” Council on Foreign Relations cyber and China expert Adam Segal told me. 

Huawei has steadfastly denied that it aids Chinese government spying. U.S. officials have never presented smoking gun evidence of such snooping, but have said the risk the Chinese government could compel Huawei’s cooperation in spying is dangerous enough. 

“For smaller rural carriers, it’s harder to value security in the same way and cost efficiency sometimes trumps it,” the FCC official told me. The official spoke on the condition of anonymity because he was not authorized to speak on the record about the funding program, which is still in progress.  

U.S. officials argue that Huawei gear is artificially cheap compared to its mostly European competitors because the Chinese government makes up for its losses. 

The FCC received 181 applications from rural telecoms interested in swapping out their Huawei gear — 162 of which it initially found to be eligible.

Telecoms that don’t receive funding will be in a tight spot.

That’s bound to make life very difficult for those telecoms and could prompt them to replace the gear on their own dime.

Former Nevada state Assemblymember Jim Marchant won the state’s GOP primary for secretary of state last night. Marchant has said he would not have certified Biden’s victory and has pledged to dump Nevada’s voting machines in favor of hand-counted ballots.

Marchant is effectively the third 2020 election denier to win a GOP primary to lead a state’s election so far this year. The trend is sounding alarms for election security advocates who fear those candidates could intentionally degrade the security of election machines, launch shoddy, partisan audits and generally rig the system to aid their preferred candidate’s election.

In other election news: Katie Arrington, a former Trump Pentagon cyber official, lost a GOP congressional primary fight in South Carolina to incumbent Rep. Nancy Mace. Mace had attacked Arrington for allegedly having her security clearance pulled after sharing classified information with a Pentagon contractor. Arrington said she hadn’t shared information improperly.

A potential deal by NSO Group to sell its hacking code to U.S. defense firm L3Harris raises “serious” security issues and the White House is “deeply concerned,” according to a senior White House official who spoke on the condition of anonymity because of the sensitivity of the matter. The sale, which hasn’t been announced, would include NSO’s hacking code and access to its developers, Ellen Nakashima and Craig Timberg report.

The transaction appears to be an attempt to salvage some utility from the embattled spyware firm. NSO has come under fire following reports by The Post and other publications that its government clients routinely used its hacking tools to target journalists and dissidents. 

L3Harris said it would restrict its sales of the tools to the U.S. government and some allies.

L3Harris declined to comment on the existence of talks with NSO. “We are constantly evaluating our customers’ national security needs,” an L3Harris spokesperson said. NSO declined to comment. The talks were first reported by digital publication Intelligence Online.

The Belarusian Cyber Partisans group is touting the alleged wiretaps as evidence that Belarus spied on its ally Russia, CyberScoop’s AJ Vicens reports. 

It appears to be an attempt by the hacktivists to drive a wedge between Russian President Vladimir Putin and Belarus President Alexander Lukashenko.

“The ‘brotherly’ state turns out to be not so brotherly after all,” the group wrote on YouTube.

The Cyber Partisans are a group of pro-democracy opposition advocates who oppose Lukashenko. For months, they have released records like tapped calls and sensitive documents. The group also claimed responsibility for breaching the country’s railroad system to disrupt Russian troops’ movements to the front lines of the war in Ukraine.

Deputy U.S. Marshal Adrian Pena is accused of using Securus Technologies's phone-tracking tool to check the locations of people he knew, Devlin Barrett reports. He’s also accused of lying to investigators when they asked him about it in 2017.

Officials wouldn’t comment on why it took nearly five years to charge Pena, who has apparently been a paid Marshals Service employee in that time. Pena said he had done “tests on my phone” and used the software “to find either a phone that’s been lost or misplaced,” according to the indictment. He also said he hadn’t used the system to track family members, friends or ex-girlfriends.

Pena didn’t respond to a request for comment. The Marshals Service didn’t immediately comment.

Securus said it shut down the tracking system more than four years ago. The tool was only available to law enforcement, and the company “relied on the integrity of law enforcement to operate it ethically,” it said. 

Cyber Ninjas' emails touch on irony, deceit, challenge coins (Arizona Republic)

Iran arrests suspect allegedly involved in Tehran hacking (By Associated Press)

Ukraine Has Begun Moving Sensitive Data Outside Its Borders (Wall Street Journal)

New Canadian bill would compel key industries to bolster cyber security — or pay a price (CBC News)

Children are targets for ID theft. Here’s what parents need to know. (By Tatum Hunter)

Hacker advertises ‘crappy’ ransomware on Instagram (Motherboard)

Wave of Discord hacks is making the crypto crash more painful for investors (Motherboard)

Microsoft to acquire foreign cyberthreat analysis vendor Miburo (ZDNet)

Today’s third @washingtonpost TikTok features 100+ GOP primary winners https://t.co/e7f1OwVdyK pic.twitter.com/RDW6Lej3vJ

“The groundwork for peaceful resolution was laid with the semi-regular exchange of alcohol. On decamping, the Canadian military would leave behind a bottle of whiskey and the Danes would reciprocate with schnapps.” Thanks for reading. See you tomorrow.