At a glance.
- Head of Europe's central bank warns that a major cyber attack could bring on a liquidity crisis.
- US state parties seek to avoid repetition of the Iowa Democratic caucus technical mess.
- Conservative MPs kick against British Prime Minister Johnson's qualified decision to allow Huawei into the UK's 5G buildout.
- How US Congressional staffers get security clearances.
Averting a cyber-driven liquidity crisis.
In a speech last Wednesday Christine Lagarde, president of the European Central Bank, discussed the implications of a report by the European Systemic Risk Board (ESRB) that highlighted the risk cyberattacks posed. Lagarde, as quoted by the Independent, said the ESRB estimated that the global cost of cyberattacks ran between $45 billion and $654 billion. An attack that destroyed or encrypted the balance accounts of a major financial institution could escalate from a simple operational problem to a liquidity crisis and then into a systemic crisis. “History shows that liquidity crises can quickly become systemic crises,” Lagarde said. “The ECB is well aware that it has a duty to be prepared and to act pre-emptively.”
Forbes points out a relatively minor recent attack, the ransomware infestation that caused Travelex to take itself offline, affected other institutions. Travelex, a currency exchange service, is not a "major financial institution," but the example is intructive. A well-planned and effectively executed attack on a major financial institution by a determined nation-state service could have the cascading effects Lagarde warned against.
What happens in Iowa stays in Iowa (says Nevada).
Senator Sanders (Independent, Vermont) is requesting a partial recanvass of the Iowa caucus results, the AP reports. Today is the deadline for campaigns to ask for a recanvass; the Iowa Democratic Party's delegate awards remain, the New York Times writes, provisional.
All is well, tweeted the Nevada Democratic Party this past week as it prepared for its February 22nd Presidential caucus: "NV Dems [that is, Nevada Democrats] can confidently say that what happened in the Iowa caucus last night will not happen in Nevada on February 22nd. We will not be employing the same app or vendor used in the Iowa caucus. We had already developed a series of backups and redundant reporting systems, and are currently evaluating the best path forward."
But there's been some unclarity about exactly what they intend to do instead. Party officials told the Nevada Independent Thursday that they'd decided to forego using any mobile applications whatsoever for their caucus. The same paper, however, reported Saturday that precinct chairs would receive iPads onto which a tool to facilitate determination of results had been preloaded. That tool would "flow your precinct early vote data, so that you can have the information for your precinct caucus, so that when you do your viability calculations, you’re able to get the number of people who voted early and then when you see the results of your first alignment, you’re able to key in that early vote information so that you have every piece of information you need to run your precinct caucus.”
The Nevada Independent said precinct leaders received training on their iPads Saturday, during which the party cautioned them not to refer to the software on their iPads as an "app," because it wasn't an "app," but rather a "tool." This will strike many as a distinction without a difference. In any case, it doesn't appear that the tool comes from ACRONYM-backed Shadow Inc., the developers of the ill-starred IowaReporterApp, a version of which the Nevada party had intended to use until it became clear last week that the software was embarrassingly buggy. The Wall Street Journal is less sanguine than the Nevada Democrats' Twitter feed, describing preparations for the caucus as "cobbled together."
It's worth noting that caucuses aren't primaries. Primaries, like the one coming in New Hampshire, are much closer to a preliminary election than are the more informal caucuses. Primaries are run by state governments, the less-transparent caucuses by state parties, and the Washington Post says Democrats are worried about other caucuses reliving the Iowa experience. Still, Iowa's problems are being mined for lessons even by officials responsible for primaries. The Concord Monitor comments on the ways in which New Hampshire intends to learn from Iowa's experience.
Reassurances about Huawei don't satisfy all Tories.
A group of senior Conservative MPs led by Ian Duncan-Smith have circulated a letter to other Tories asking that ways be found to exclude high-risk vendors from critical national infrastructure, the Guardian reports. Duncan-Smith explains that they want Huawei and other high-risk vendors completely excluded from Britain's 5G networks, and that they want the 35% of non-core market share the Government currently intends to allow driven down to zero.
For its part Huawei continues to insist that it represents no threat whatsoever. Andy Purdy, Huawei's chief security officer in the US, on Friday offered such reassurances during an interview with NPR. His argument was fundamentally economic: US carriers need affordable Huawei equipment, and Huawei can reassure skeptics that it presents no threat. The skeptics are unlikely to be comforted. In the UK, for example, RedSeal argued to the Express that any espionage service would be delighted to have access to 35% of a target's networks.
Security clearances in the US Congress?
Senators and Representatives don't undergo security clearance checks--their Constitutional offices entitle them to access to information. But the members of their staffs do, and those staffers are indispensable in sifting through the classified material their principals are supposed to understand. The ways in which staffers are cleared can be obscure, and differ in various ways from the more familiar process undergone by members of the Executive Branch and their contractors. POGO has an interesting overview of security clearance processes in the Legislative Branch.