Senate bill bans joint cyber initiative with Russia

An authorization bill introduced Aug. 18 by Sen. Richard Burr (R-N.C.) pushes back against a proposal floated by the Trump administration to set up a joint cyber initiative with Russia. The bill also establishes a strategy to protect U.S. election systems and pushes for increased pay rates for federal cyber professionals.

It is not the first bill to call for a prohibition on potential U.S.-Russia cyber cooperation. Following President Donald Trump's tweet on July 9 stating that he and Russian President Vladimir Putin had "discussed forming an impenetrable Cyber Security unit" in the future to guard against election hacking, a bipartisan group of legislators expressed alarm at the idea. Although Trump later backtracked, Senate Democrats introduced a standalone bill three days later to deny funding for any such plan.

However, a similar proposal coming from the president's own party and chairman of the Senate Intelligence Committee signals that congressional Republicans may also be serious about closing the door on the Trump's suggestion. Burr's bill would place the authority to establish any joint cyber arrangement in the hands of the Director of National Intelligence.

Burr's office has not responded to a request for comment on this bill.

The bill also calls on federal agencies to "develop a whole-of-government strategy for countering the threat of Russian cyberattacks and attempted cyberattacks against electoral systems and processes in the United States, including Federal, State, and local election systems, voter registration databases, voting tabulation equipment, and equipment and processes for the secure transmission of election results."

Jason Healey, senior fellow for the Atlantic Council's Cyber Statecraft Initiative, said the language around election hacking in particular seems like a rebuke to the president, who has often downplayed the narrative of Russian election meddling.

"Normally that wouldn't be seen as a partisan swipe, but with this president he will probably see it as a swipe," Healey said.

At a House hearing in June, former Homeland Security Secretary Jeh Johnson called the extent of Russian state interference with U.S. voting systems "unprecendented in scale and scope" but said that officials do not believe it extended to manipulating vote counts. 

The bill instructs Office of the Director of National Intelligence to produce an after-action report on holes in the U.S. election infrastructure.  Healey said he would like to see the language in the bill expanded to include cyberattacks on foreign allies as well.

"Certainly the report should focus on if this is against allies and not just the U.S.," he said. "If not, that's missing a big part of the picture."

Burr's bill would also beef up the ODNI in several significant ways, giving the director power to appoint the intelligence community's CIO. Current law leaves that authority in the hands of the president.

The same day the bill was introduced, Trump named CIA tech official John Sherman to the post of intelligence community CIO.

The bill also provides the National Security Agency the ability to award special, higher rates of pay to a pool of 100 cyber professionals in government. Federal agencies and military and intelligence officials have been grappling with how to retain their cybersecurity workforce in the face of increased competition from the private sector.

Healey noted that pay is perhaps less important than fast-track authorities to get personnel hired, cleared and onboard quickly.

"I have had numerous students get better (or at least faster) offers from the private sector, diverting them from public service," Healey said.