Overnight Cybersecurity: Questions linger after Clinton email probe

Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We’re here to connect the dots as leaders in government, policy and industry try to counter the rise in cyber threats. What lies ahead for Congress, the administration and the latest company under siege? Whether you’re a consumer, a techie or a D.C. lifer, we’re here to give you …

THE BIG STORIES:

–A VERY REAL POSSIBILITY: The head of the FBI on Tuesday refused to rule out the possibility that hackers may have broken into Hillary Clinton‘s private email server. Federal investigators found no direct evidence that hackers had managed to break into the server or access the email account hosted on it, Director James Comey told reporters on Tuesday, while announcing that the FBI would not recommend charges against the former secretary of State and presumptive Democratic presidential nominee. “But, given the nature of the system and of the actors potentially involved, we assess that we would be unlikely to see such direct evidence,” he said. “Hostile actors” did gain access to people with whom Clinton was regularly communicating, he noted, such as longtime associate Sidney Blumenthal. The existence of her private email account was also relatively well-known, and she used it while in foreign countries that possess “sophisticated” cyber operations. So Comey could not rule out that a hacker somewhere had managed to break into her system, unbeknownst to the federal government. “Given that combination of factors, we assess it is possible that hostile actors gained access to Secretary Clinton’s personal email account,” Comey said. To read our full piece, from Julian Hattem, click here.

–MEANWHILE…: The State Department took issue with Comey’s criticism of its ability to protect classified information. The “security culture” at the State Department, Comey said during his announcement, “was generally lacking in the kind of care for classified information found elsewhere in the government.” In particular, the FBI head said, the State Department has trouble using unclassified email systems to discuss sensitive matters. State Department spokesman John Kirby quickly pushed back. “We don’t share that assessment of our institution,” Kirby told reporters in Washington. “We don’t share the broad assessment made of our institution that there’s a lax culture here when it comes to protecting classified information,” he added. “We take it very, very seriously.” Kirby’s comments were rare for the public challenge they posed to another branch of the Obama administration, and the FBI in particular. The spokesman felt comfortable rebuking the nation’s top law enforcement official, he said, because Comey acknowledged that the State Department’s security culture was not the target of the FBI’s investigation. “As the director said himself, that wasn’t part of their investigations or the findings and recommendations that they made inside that investigation,” Kirby said. To read our full piece, from Julian Hattem, click here.

A POLICY UPDATE:

–COMING SOON TO A THEATER NEAR YOU. The Senate Committee on Energy and Natural Resources’ subcommittee on Energy will hold a hearing on the Securing Energy Infrastructure Act next Tuesday.

The bill instructs the National Laboratories to explore replacing critical computer-connected components that regulate power plants and electric grids with analogue ones. With fewer computerized components, there would be fewer high-value targets to hack, supporters say.

The measure was proposed by Senate Intelligence committee members including Sens. Angus King (I-Maine), Jim Risch (R-Idaho), Martin Heinrich (D-N.M.), and Susan Collins (R-Maine).

“National security officials and cyber-experts have repeatedly warned us about the dangerous impact a cyber-attack could have on major components of our national infrastructure, like our electric grid,” said King in a release.

To read our full piece, click here.

A LIGHTER CLICK:

–SHED A TEAR. The last day of The Toast was Friday (when there was no Overnight Cybersecurity), so you’re getting our favorite pieces from the annals today. You’re welcome, birds and brigands. Happy Tuesday.

Owl Faces in Order. You’re going to see a lot of birds in your life, my mens- and womensfolk…

Pitch Meeting for Wishbone. “Like a cartoon dog?” “No, no. A live Jack Russell Terrier.”

“Oh…No, My Thing Is Happening”: Women leaving Tactfully In Western Art History. “I’m sorry, Pierre, but you know I can’t hear you when I’m sitting down.”

A REPORT IN FOCUS:

–SO GLAD YOU’RE HERE, OFFICER. Over the past 5 years, British police officers breached confidential information no less than 2,300 times, the advocacy group Big Brother Watch reports in a study based on public records requests.

Incidents ranged from a police officer hacking a Facebook account to trying to send a friend a photograph of the driver’s license of someone with an amusing name. The study found more than 800 instances of officers inappropriately accessing information and more than 800 instances of passing data off to a third party.

“The job of the police is to protect us and in a digital society that also means protecting our data. We need to be able to trust those in authority with our personal information, unfortunately that trust is being regularly undermined,” reads the report.

One of the chief concerns with bulk data collection, according to the group, is abusing access — something both local and national law enforcement and counterterrorism units have been caught doing in the U.S.

Earlier this year, the Denver Police Department reported that three officers had been caught accessing confidential, personal information for inappropriate reasons, including investigating infidelity.  

A LOOK AHEAD:

WEDNESDAY

–The House Committee on Small Business will hold a hearing on the cyber threat to small business, at 2 p.m.

–The Senate Homeland Security Committee will hold a hearing to examine ISIS online, focused on countering radicalization and recruitment using the internet and social media.

WHO’S IN THE SPOTLIGHT:

–CHINA. (AGAIN.) (SORRY.) Cyber experts are debating the effectiveness of an anti-hacking pledge struck by President Obama and Chinese President Xi Jinping.

A pair of high-profile reports recently claimed that China has curtailed its online espionage against U.S. interests, which many hailed as a win for Obama’s diplomacy.

But others say Chinese hacking hasn’t decreased at all — Beijing has simply gotten better at targeting its quarry and covering its tracks.

To read our full piece, click here.

IN CASE YOU MISSED IT:

Links from our blog, The Hill, and around the Web.

The parent company of the infidelity dating website Ashley Madison is under investigation by the Federal Trade Commission. (The Hill)

A Brazilian court has frozen $6 million worth of Facebook’s assets in a scuffle over encrypted messages, according to local media. (The Hill)

Fears that global markets would tank in the days since the U.K. moved to exit the EU have eased, but the shocking vote has still left companies that handle personal data in an uncomfortable limbo. (The Hill)

A new documentary argues that the failure of the Stuxnet malware used against Iran was primarily Israel’s. (The Hill)

The European Union is cracking down on prepaid credit cards and bitcoin to “tackle terrorism financing, tax avoidance and money laundering.” (The Hill)

A U.S. federal agency issued a security alert over a vulnerability in Symantec Corp’s anti-virus software that allows attackers to remotely control affected computers. (Reuters)

If you’d like to receive our newsletter in your inbox, please sign up here.