With help from Maggie Miller and Daniella Cheslow 

Driving the day

— NATO leaders could be grappling with a surprising dilemma: a weakened Russia on the battlefield but a more dangerous one in cyberspace.

HAPPY MONDAY and welcome to MORNING CYBERSECURITY! This weekend I realized that a cyberattack is what saved the world from aliens in the movie Independence Day. The connection between catching a cold and installing a virus in the alien mothership is a massive stretch, but I’m not mad at it.

Have any tips or secrets to share with MC? Or thoughts on what we should be covering? Find me on X at @JGedeon1 or email me at [email protected]. You can also follow @POLITICOPro and @MorningCybersec on X. Full team contact info is below.

Today's Agenda

Deputy NATO assistant secretary general for innovation, hybrid and cyber James Appathurai is headed to a Foreign Policy forum to discuss the role of cyber deterrence in modern warfare. 1 p.m.

Former Defense Secretary and CIA director Leon Panetta, Latvian President Edgars Rinkēvičs, former Croatian President Kolinda Grabar-Kitarović, Estonian Defense Minister Hanno Pevkur and House Intelligence ranking member Jim Himes (D-Conn.) are talking the future of NATO at the International Spy Museum. 6:30 p.m.

And on Tuesday, July 9th: Join POLITICO and WELT for a roundtable discussion with the top defense officials in NATO countries that share a border with Russia, including Estonia, Latvia and Lithuania. These are the crucial officials tasked with armoring these front-line states against Vladimir Putin’s aggressive expansionism. We will discuss how they are adapting to this new period of danger and explore the future of the NATO alliance and their relationship with the United States. Register here.

Want to receive this newsletter every weekday? Subscribe to POLITICO Pro. You’ll also receive daily policy news and other intelligence you need to act on the day’s biggest stories.

The International Scene

DUALITY OF THREATS — NATO's got a paradoxical security problem on its hands as leaders huddle in Washington this week: diminished near-term military threats from Russia, but some added heartburn over hackers and X bots.

At least that's how House Intelligence ranking member Jim Himes (D-Conn.) sees it. The committee's top Democrat sat down with us to dish on the alliance's threat landscape ahead of an intense week with global leaders around town.

— Less missiles, more malware: "Counterintuitively, I would tell you that the threat to NATO today, in the near term, is far lower than it has been in a long time," Himes told Morning Cyber in an interview on Sunday, a day ahead of his discussion with Latvian president Rinkēvičs and Estonian defense minister Pevkur, both leaders in NATO countries that are situated on Russia’s front lines.

"Because [a conventional attack is] far less likely, I worry more, and I think we collectively need to worry more about asymmetrical warfare," Himes said. "That means cyberattacks, it means the spreading of disinformation in particular."

— The reason: Russia's military has been "hollowed out" by its invasion of Ukraine, suffering an estimated half million casualties, Himes said. He expressed confidence that NATO members like Estonia and Poland face a much lower risk of an imminent Russian troop invasion.

But Himes warned the picture could change in the long term, with Russian President Vladimir Putin unlikely to ever reconcile with the West. The congressman argued NATO should focus on helping Ukraine decisively defeat Russia to deter future adventurism — including by China vis-à-vis Taiwan.

— Russia’s cyber strategy: While a new conventional attack seems remote, the congressman said NATO has to be vigilant for what’s happening on its digital airwaves.

Himes characterized Russia’s approach to cyber operations as “vandals in the international arena” who are more aimed at sowing discord than they are at achieving specific geopolitical goals, like China.

"The Russians are just out to create chaos," Himes warned.

— Cyber threats in focus: Both disinformation campaigns and cybersecurity look to be an intriguing topic of discussion in the NATO leader camp, following news that member countries will be standing up a new cybersecurity defense center this week.

No details have emerged just yet on the new center, but a State Department cyber bureau spokesperson said in a statement that the administration has “worked intensively with allies on this effort over the past year.”

Nate Fick, the State Department’s ambassador at large for cyberspace and digital policy, told Maggie last week that the summit will serve to “reaffirm” the bloc’s commitment to defending Ukraine against Russian cyber and physical attacks. He predicted that the summit will also include focuses on emerging technologies and cyber threats from China.

— Intel sharing progress: Himes emphasized the importance of enhanced cooperation among NATO allies to counter Russian threats. The congressman noted U.S. intelligence warnings about Russia's invasion plans in 2022 were initially met with skepticism by many allies. But he said that "bad problem was rapidly fixed," spurring closer coordination.

"We can't just train together,” Himes said. “We need to conduct our intelligence activities cooperatively.”

POLAND BURNISHES ITS CYBER CREDS —  Poland has become, by at least some accounts, the nation in Europe most targeted by Russian cyberattacks — and it’s hoping to turn lemons into lemonade by leveraging its battle-won experience into a global reputation.

“For sure, our ambition is to be a leader of cybersecurity in the European Union,” Poland’s digital affairs minister and deputy prime minister Krzysztof Gawkowski told POLITICO’s Daniella Cheslow in an interview.

— Ran around town: He was in Washington last week as part of a U.S. visit that included meetings with top cyber officials at the White House and a handshake with Intel CEO Pat Gelsinger, who has presided over a landmark investment in Poland.

Gawkoswki said he also met with Anne Neuberger, deputy national security adviser for cyber and emerging technology; Arati Prabhakar, director of the White House Office of Science and Technology Policy; Tim Haugh, head of both U.S. Cyber Command and the National Security Agency; and officials at the FBI. CISA said Gawkoswki met with executive director Brandon Wales. The White House did not confirm the meetings. Gawkowski said he pitched the FBI on a Polish-U.S. exchange of cyber crime experts and found a receptive audience. He hopes to have an agreement by the end of the year. The FBI did not confirm the agreement.

— NATO calling: Gawkowski’s visit came just before the NATO summit, and he hinted that Poland was anxiously awaiting the alliance’s broader position on “strengthening the eastern flank of NATO” (read: Ukraine).

Poland is deeply involved in Ukraine’s war. Gawkowski said his ministry is paying for 25,000 Starlink systems to provide internet for its neighbor’s army and civilians (“not only devices, but also services”). It is also hosting Ukraine’s taxation system on its servers, he said.During NATO, he said, “we will be discussing the exchange of information from secret services about cyberthreats. And we also want to discuss technologies which allow for the automatization of finding and recognition and fighting cyberattacks surveillance.”

The meeting of world leaders gives Poland a stage to test out messaging before its upcoming presidency of the European Union, which begins January 2025. Gawkowski outlined priorities for Warsaw’s leadership, including cybersecurity, the development of AI and digital transformation. “The most important is cybersecurity,” he said. “From the Polish perspective, Poland is not in a cold but warm cyberwar with Russia.”

Vulnerabilities

BE PREPARED — The NATO alliance and its member states are facing “a barrage of malicious cyber activity from all over the globe,” including ever-increasing threats from Russia and China, Mandiant assesses in a new report out today.

As Maggie writes in, the report — released to coincide with the NATO summit in Washington this week — details how multiple Russian government-linked hacking groups have targeted organizations in NATO countries in recent years, particularly following the full Russian invasion of Ukraine in 2022.

John Hultquist, chief analyst for Mandiant Intelligence, wrote in the report that “NATO must contend with covert, aggressive malicious cyber actors seeking to gather intelligence, preparing to or currently attacking critical infrastructure, and working to undermine the alliance with elaborate disinformation schemes.”

As a result of ongoing and persistent threats from Russian, Chinese and other nation state and cybercriminal hacking groups, Hultquist called for NATO to work towards a “collective commitment to defense” in cyberspace. This includes collaborating with the private sector, which often has more insight into cyber threats against critical infrastructure networks than government does.

Tweet of the Day

The good ol’ days when nothing could get in the way of my sweet tunes, not even a computer implosion.

Quick Bytes

THEY’RE ALWAYS WATCHING — Europol wants to address privacy features in Home Routing that make it difficult for law enforcement to intercept communications for investigations, writes Bill Toulas for BleepingComputer.

NOT THE WORST — An OpenAI breach exposed employee discussions but not secret data, highlighting the value of AI companies as targets for hackers. Devin Coldewey has the insight for TechCrunch.

“There's a new government in the UK. What can we expect from it on cyber?” (The Record)

Chat soon. 

Stay in touch with the whole team: Joseph Gedeon ([email protected]); John Sakellariadis ([email protected]); Maggie Miller ([email protected]); and Heidi Vogt ([email protected]).