facebook linkedin twitter

FEC Rules Campaigns Can Get Discounts on Cybersecurity

July 12, 2019 by Dan McCue

WASHINGTON – The Federal Election Commission ruled Thursday that federal candidates and political committees can accept low-cost cybersecurity services from a Silicon Valley security company so long as the firm continues to offer the same rates to its non-political clients.

The firm, Area 1 Security, Inc., first approached the commission in June, requesting permission to offer low-to-no-cost services to political candidates during the 2020 election cycle.

The company was founded in 2013 by a group of former National Security Agency hackers, and it specializes in crawling the web for signs of phishing.

In December, it successfully uncovered a phishing attack on the Ministry of Foreign Affairs in Cyprus that compromised the entire EU’s diplomatic communication network.

In approaching the FEC, the company cited a 2018 ruling by the agency that allowed Microsoft to offer free account security to political candidates.

In Microsoft’s case, it stood the risk of long-term damage to its reputation if its clients were hacked.

But at a hearing on Area 1’s request in June, lawyers for the commission said the company’s request should be rejected on the grounds that it would be violating campaign finance laws that prohibit corporations from offering free or discounted services to federal candidates.

The same law also prevents political parties from offering candidates cybersecurity assistance because it is considered an “in-kind donation.”

The attorneys dropped their opposition after learning Area 1 would simply be offering the same low-cost services to candidates as it does to its regular clients.

In its ruling, technically an “advisory opinion,” the commission stated that Area 1 could charge candidates a fixed fee of $1,337 for its phishing services, “because doing so would be in the ordinary course of Area 1’s business and on terms and conditions that apply to similarly situated non-political clients.”

As a result, wrote commission chair Ellen Weintraub, “the commission concludes that the proposal would not result in prohibited in-kind contributions and thus is permissible.”

She did note, however, that any change in the material facts on which the opinion was based, would effectively render it null and void.

She also said the conclusions in the advisory opinion could be affected by subsequent developments in the law including, but not limited to, statutes, regulations, advisory opinions, and case law.

In June, House Democrats passed sweeping legislation that would require voting systems to use backup paper ballots in federal contests, while also banning voting machines from being connected to the internet and being produced in foreign countries.

In addition the Securing America’s Federal Elections Act, introduced by Representative Zoe Lofgren, D-Calif., authorized $600 million for the Election Assistance Commission, which would be allocated to states to enhance their security ahead of 2020, and $175 million that would be provided biannually for “sustainment” funds intended to maintain election infrastructure.

The House voted 225-184 in favor of the bill, with only one Republican, Florida Representative Brian Mast, voting for the measure.

To date, Senate Majority Leader Mitch McConnell has declined to bring it — or any other election security bill to the Senate floor.

Cybersecurity

October 14, 2021
by Victoria Turner
Cybersecurity Experts Point to More Investment Needed in Detection, Response

WASHINGTON -- If everyone were to employ proper cyber hygiene like multi-factor authentication or not clicking on links in phishing... Read More

WASHINGTON -- If everyone were to employ proper cyber hygiene like multi-factor authentication or not clicking on links in phishing emails, more than 85% of cyberattacks would be prevented, said Sen. Angus King, I-Maine, Thursday.  “The best hack is the one that doesn’t happen,” King said... Read More

October 5, 2021
by Victoria Turner
Cybersecurity Minimum Standards Needed to Keep North America Secure

North American governments should come together to create a trilateral strategy to assess and address threats in a holistic risk-based... Read More

North American governments should come together to create a trilateral strategy to assess and address threats in a holistic risk-based approach to cybersecurity that includes a minimum set of standards, said three experts yesterday. As much as the pandemic has accelerated the rate in which governments... Read More

September 29, 2021
by Victoria Turner
Aspen Cyber Summit Explores Collective Defense in a Digital World

WASHINGTON -- The Cybersecurity Infrastructure and Security Agency has met President Biden’s cybersecurity executive order’s “highly aggressive deadlines so far,”... Read More

WASHINGTON -- The Cybersecurity Infrastructure and Security Agency has met President Biden’s cybersecurity executive order’s “highly aggressive deadlines so far,” but there is “still a lot of work to do,” said CISA Director Jen Easterly Wednesday.  Kicking off the 6th annual Aspen Cyber Summit, Exploring Collective... Read More

September 22, 2021
by Victoria Turner
Identity Authentication Key Piece of Cybersecurity Puzzle

WASHINGTON -- Identity authentication is taking a front-and-center role in the administration's approach to ensuring robust cybersecurity across the U.S.... Read More

WASHINGTON -- Identity authentication is taking a front-and-center role in the administration's approach to ensuring robust cybersecurity across the U.S. government, according to Carole House, director of cybersecurity and secure digital Innovation at the White House National Security Council.  It “sits at the heart of zero... Read More

September 1, 2021
by Tom Ramstack
Executives Advocate for Legislation to Unite Government and Private Cybersecurity

WASHINGTON -- A cybersecurity expert told a congressional panel Wednesday that private industry alone cannot be expected to effectively confront... Read More

WASHINGTON -- A cybersecurity expert told a congressional panel Wednesday that private industry alone cannot be expected to effectively confront the kinds of cyberattacks that have wreaked havoc on U.S. computer networks in recent years. He testified to a House Homeland Security subcommittee as it considers... Read More

August 27, 2021
by Reece Nations
FBI Warns of New Hive Ransomware Threat

WASHINGTON — The Federal Bureau of Investigation distributed a Flash report on Friday warning of indicators of compromise from the... Read More

WASHINGTON — The Federal Bureau of Investigation distributed a Flash report on Friday warning of indicators of compromise from the Hive ransomware known to have infiltrated business networks. The ransomware utilizes multiple mechanisms as attachments to gain access and “Remote Desktop Protocol” to operate once embedded,... Read More

News From The Well
scroll top