McCaul calls for ‘red lines’ on political hacking

635654708901936363-fed-michael-mccauljpg.jpg

Committee chairman U.S. Rep. Michael McCaul (R-TX) delivers his opening remarks during a House Homeland Security Committee hearing entitled 'The Boston Marathon Bombings, One Year On: A Look Back to Look Forward,' on Capitol Hill, April 9, 2014 in Washington, DC. The first anniversary will be of the Boston Marathon bombings is April 15, whicj killed three people were and injured hundreds. (Photo by Drew Angerer/Getty Images)

Cyberattacks against the U.S., particularly domestic Democratic institutions, are a “red line we should not allow anyone to cross,” Rep. Michael McCaul, chairman of the House Homeland Security Committee, told the crowd at the 2017 RSA Conference in San Francisco.

“There is no doubt in my mind that the Russian government tried to influence and undermine our election,” said McCaul, a Texas Republican. “If we don’t hold the line on sanctions and deliver meaningful consequences, they will do it again.”

McCaul was a bit vague as to what those consequences should be, pointing to cooperation with foreign partners and “striking back” when appropriate, as well as sanctions. McCaul said he was briefed in spring 2016 about hacking concerns and raised the issue with then-President Barack Obama and then-candidate Donald Trump, but was disappointed by how both responded.

To McCaul, this is not a partisan issue. “Cyber intrusions can hurt our republic,” he said.

 

In addition to nation-state attacks, McCaul also highlighted the threat of online radicalization and tools that can hide dangerous activity.

“Terrorists are abusing encryption and social media to crowdsource the murder of innocent people,” said McCaul. “We can’t allow groups like ISIS to remote control terrorist attacks form the darkness of the web.”

McCaul used the phrase “going dark,” which is often used by law enforcement to describe when a device or an individual uses encryption tools that make it difficult or impossible to intercept their communications.

When the feds discuss this issue, as the U.S. Attorney General did last year in the context of the Apple-FBI case, the suggested solution is usually a mechanism that would allow law enforcement to decrypt messages as necessary. In security terms, this is called a “backdoor,” and is reviled in the security community because it undermines the robustness of any service or system.

McCaul agreed. “We cannot undermine encryption, it’s the bedrock of our internet security,” he said.

Instead, McCaul called for a new commission to examine the issue and suggest real solutions. He positioned the Department of Homeland Security as a potential home for a consolidated cybersecurity agency and said information sharing between agencies is critical. Companies, too, “need to step up to the plate and start sharing with each other,” said McCaul.

While he admitted the challenges facing the U.S. in cyberwarfare are profound and frightening, he ended his remarks on a more positive note.

Last year, he said, “was a watershed year in cyberspace and for a lot of the wrong reasons.” The experience has made country more realistic about the broad dangers posed by cyberattacks, but we must not be reactionary. “We cannot let the fear of the unknown outweigh what we do know.”

This article originally appeared on PCMag.com.