The Jolt: The black-and-white cyber security debate behind that November surprise

FILE - In this Sept. 30, 2011, file photo, a reflection of the Department of Homeland Security logo is seen reflected in the glasses of a cyber security analyst in the watch and warning center at the Department of Homeland Security's secretive cyber defense facility at Idaho National Laboratory in Idaho Falls, Idaho. Through history, the United States has relied on its borders and superior military might to protect against and deter foreign aggressors. But a lack of boundaries and any rulebook in cyberspace has increased the threat and leveled the playing field today. (AP Photo/Mark J. Terrill, File)

Credit: Mark J. Terrill

Credit: Mark J. Terrill

FILE - In this Sept. 30, 2011, file photo, a reflection of the Department of Homeland Security logo is seen reflected in the glasses of a cyber security analyst in the watch and warning center at the Department of Homeland Security's secretive cyber defense facility at Idaho National Laboratory in Idaho Falls, Idaho. Through history, the United States has relied on its borders and superior military might to protect against and deter foreign aggressors. But a lack of boundaries and any rulebook in cyberspace has increased the threat and leveled the playing field today. (AP Photo/Mark J. Terrill, File)

Like any subset of society, the world of technology has its own culture, its own precepts of what separates good behavior from bad.

Some people find certain aspects of that culture baffling – specifically, the topic of cyber security. And many of those people can be found in and around the state Capitol.

Over the weekend, our AJC colleague Alan Judd posted a catch-up piece on one of Secretary of State Brian Kemp's last actions in that office – his Nov. 3 decision to announce that he had placed the Democratic Party of Georgia under investigation for an alleged attempt to hack the state's voter registration database.

Never mind that Kemp was the GOP nominee for governor, and Election Day was 72 hours away. From the Judd piece:

[A] Georgia man identified as Richard Wright logged onto the My Voter Page on the secretary of state's website. Wright wanted to make sure his registration information was up to date. It was. But not everything else appeared to be in order.

Wright, who apparently has a background in software development, discovered two significant security flaws that could jeopardize the election's integrity. First, downloading a sample ballot also "allows you to download any file on the system," he later wrote in an email to the Democratic Party.

Georgia Democrats passed the info to two computer security experts at Georgia Tech. One of the experts notified a national security agency. Kemp’s office was eventually brought into the loop. Then a technology journalist emailed the secretary of state, informing Kemp aides that the reporter intended to publish an article about the vulnerability. The news site asked Kemp for comment.

That’s when Secretary of State Brian Kemp turned a “white hat” notice of data-base vulnerability into a “black hat” conspiracy theory, issuing a press release that named his rival’s party as one of the villains.

It is difficult to find any evidence that an investigation has actually occurred. The secretary of state’s office is claiming lawyer-client privilege, blocking scrutiny of emails and such. Under state law, other documents are exempt from examination while the investigation continues. Which means the probe could have a long, long life.

What we can say is that an outline for Kemp’s action had already been debated and approved by the Legislature earlier this year. Senate Bill 315 would have created the crime of unauthorized computer access, targeting anyone who trespassed unbidden in another’s data system. Had it become law, it probably would have applied to the actions of the aforementioned Mr. Wright.

“[W]hile intending to protect against online breaches and hacks, SB 315 may inadvertently hinder the ability of government and private industries to do so,” Deal said.

Cyber security culture says “white hat” hacking has a place in its world. Yet legalized trespass unnerves many in the state Capitol, including Attorney General Chris Carr, who backed SB 315.

Others are more comfortable with the concept. Even as the AJC piece on Governor-elect Kemp was being digested, Georgia Trend magazine posted this notice:

University of North Georgia (UNG) is inviting its own students and those from other colleges to participate in the USA Hackers Challenge on Valentines Day at the Georgia Tech Research Institute. An enterprising hacker can win $100,000 if he or she can access and copy a confidential file from a Cyber 2.0 server. (Cyber 2.0 is an Israeli cybersecurity company that claims to be the only system in the world providing total defense against the spread of cyber attacks.)

A similar competition held in Israel defeated all competitors, but if someone does manage to win the USA challenge, Cyber 2.0 will be able to use the information gathered to improve its security service.

Georgia’s Republican leadership may want to jail hackers – never mind the color of their headgear. But Georgia’s university system appears bent on creating more of the “white hat” variety.

Georgia Trend reports that the University of North Georgia  this fall launched a bachelor’s degree in cyber security.

***

Gearing up: U.S. Sen. David Perdue, R-Ga., held an end-of-year fundraiser Sunday that drew more than 250 people and raised at least $250,000. Among the guests: Lt.Gov.-elect Geoff Duncan, Attorney General Chris Carr, Faith and Freedom Coalition head Ralph Reed and GOP financier Alec Poitevint.

***

Almost two years ago, U.S. Rep. John Lewis, D-Atlanta, received a surprise vote for speaker of the House.

It was a protest vote. U.S. Rep. Krysten Sinema, D-Ariz., a centrist who was recently elected to succeed Jeff Flake in the Senate, voted for the civil rights figure to lead the House rather than vote for party leader Nancy Pelosi.

Now Lewis is urging any Democratic colleagues mulling a similar move in January to suck it up and back the Californian.

"Dividing our caucus on this vote for Speaker serves no strategic purpose at this time, except to signal disarray," Lewis wrote in a letter to Democratic colleagues, first published in Politico. "That is why I must view a vote for me as Speaker as a vote for the Republican nominee … We must unite against this possibility at all costs."

Pelosi recently cut a deal with rebels in her party who wanted her out, agreeing to limit her tenure as speaker to a maximum of four year. That helped her flip seven of the 16 Democrats who had vowed to oppose her during the Jan. 3 floor vote.

Lewis has been using his clout in the Democratic caucus to push heavily for Pelosi. All five incoming Georgia Democrats, including newcomer Lucy McBath, have vowed to vote for Pelosi next month.

***

Never miss a minute of what's happening in Georgia Politics. Subscribe to PoliticallyGeorgia.com