Compliance Management, Threat Intelligence, Government Regulations

Proposed legislation discourages Russia-U.S. cyber pact, while prioritizing election security

A U.S. intelligence bill that recently passed committee in the Senate contains key provisions designed to defend the electoral process from Russian meddling and other foreign interference, as well as curtail any possible White House effort to form a joint cybersecurity unit with the Kremlin.

Passed in the Senate Intelligence Committee by a 14-1 margin this past July and made public just days ago, the Intelligence Authorization Act for Fiscal year 2018 explicitly forbids the U.S. government from using federal resources to form a cyber partnership with Russia, unless the U.S. Director of National Intelligence (DNI) first submits a report that congressional intelligence committee members can review 30 days in advance of such an agreement. This key clause is a blatant rebuke of President Donald Trump, who fleetingly announced a U.S.-Russian cyber unit in July before backing off the idea amidst backlash.

Under the terms of the bill, which is sponsored by Intelligence Committee Chairman Sen. Richard Burr (R-N.C.), any report submitted by the DNI would need to explain the purpose of forming such a joint cyber unit, specify what cyber intelligence would be shared, communicate the value of such an alliance to national security, express any counterintelligence concerns arising from such an arrangement, and recommend steps to mitigate these concerns.

The proposed act also directs key executive branch officials to submit a series of reports, assessments and recommendations regarding election security in the recent past, present and future.

Specifically, the bill states that within 90 days of the legislation's passage, the DNI must coordinate with other relevant officials and agencies to develop "a whole-of-government strategy for countering the threat of Russian cyberattacks and attempted cyberattacks against electoral systems and processes in the United States, including federal, state, and local election systems, voter registration databases, voting tabulation equipment, and equipment and processes for the secure transmission of election results."

This comprehensive strategic plan would include suggested measures for securing voting machines and related electoral technologies, detecting threats, improving attack attribution, deterring future threats, and communicating with state and local election officials.

The DNI (who is currently Dan Coats) would also be tasked with conducting a postmortem assessment of the U.S. intelligence community's ability to adequately analyze Russia's interference in the 2016 elections, including whether intel resources were properly aligned to detect and respond to the threat, and the effectiveness of information sharing efforts. This report would be due one year after the bill's passage.

Starting one year before any regularly scheduled federal election, the DNI, along with other key intelligence community members, would be required to evaluate the vulnerabilities of state election systems and send Congressional leaders the results of this assessment within 180 days of the official vote.

Within 60 days of the bill's enactment, the Under Secretary of Homeland Security for Intelligence and Analysis would be expected to submit to Congress a report describing cyberattacks attempted or perpetrated by any foreign government on the 2016 elections, as well as any anticipated future attacks. Separately, this same official would be required to submit within 180 days a plan for implementing bug bounty programs at various U.S. agencies and departments, much like the Department of Defense recently did.

Finally, the DNI, in coordination with the Secretary of Homeland Security and directors of the CIA, NSA and FBI, would be asked to submit a report on any foreign government's attempts to conduct surveillance on Americans by exploiting cybersecurity vulnerabilities in U.S. telecommunications networks, including SS7.

"...We continue the Committee's inquiry into Russian interference in the 2016 U.S. elections," said Sen. Burr in an official press release. "The overwhelming bipartisan support for this bill shows that we all understand the gravity of the threats and how vital our intelligence community is to combating them.  We are holding the intelligence community to account for every dollar they spend, and we are committed to giving them the resources they need to continue to be the best in the world."

"This Intelligence Authorization Act will provide the women and men of the Intelligence Community with the resources they need to do their jobs, which is to collect and analyze intelligence and present their best assessment to the nation's leadership," said Sen. Mark Warner (D-Va.), vice chairman of the Intelligence Committee, also in the press release. "This bill... includes important measures to protect election systems and improve information sharing with states to ensure the integrity of the election process.”

This Intelligence Authorization Act is next scheduled for a vote by the full Senate.

Bradley Barth

As director of multimedia content strategy at CyberRisk Alliance, Bradley Barth develops content for online conferences, webcasts, podcasts video/multimedia projects — often serving as moderator or host. For nearly six years, he wrote and reported for SC Media as deputy editor and, before that, senior reporter. He was previously a program executive with the tech-focused PR firm Voxus. Past journalistic experience includes stints as business editor at Executive Technology, a staff writer at New York Sportscene and a freelance journalist covering travel and entertainment. In his spare time, Bradley also writes screenplays.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.