Overnight Cybersecurity: Spy chief Clapper resigns

Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We’re here to connect the dots as leaders in government, policy and industry try to counter the rise in cyber threats. What lies ahead for Congress, the administration and the latest company under siege? Whether you’re a consumer, a techie or a D.C. lifer, we’re here to give you …

 

THE BIG STORY:

–DIRECTOR OF NATIONAL INTELLIGENCE JAMES CLAPPER RESIGNS: DNI Clapper tendered his resignation which will be effective at the end of the presidential term. He made the announcement at a hearing Thursday, having submitted the formal letter last night. “I submitted my letter of resignation last night, which felt pretty good,” Director of National Intelligence James Clapper told a House Intelligence Committee hearing. “I have 64 days left and I would have a hard time with my wife for anything past that.”

To read the rest of our piece, click here.

{mosads}

–HIS LEGACY: Clapper, who took office in 2010, will forever be tied to electronic surveillance. He led the nation’s 17 top intelligence agencies during Edward Snowden’s document leaks and it was under his watch that a foreign power apparently hacked voter rolls and a political party.

–HIS LEGACY AS SEEN BY HIS TOP DEM CRITIC: Sen. Ron Wyden (D-Ore.), who repeatedly clashed with Clapper on the Senate Intelligence Committee, scolded the intel chief, accusing him in a press release of repeatedly misleading the American people and lying to Congress. “During Director Clapper’s tenure, senior intelligence officials engaged in a deception spree regarding mass surveillance,” said Wyden, a champion of civil liberties. “Top officials, officials who reported to Director Clapper, repeatedly misled the American people and even lied to them.”

To read the rest of our piece, click here. 

–WHO’S NEXT? Sens. Angus King (I-Maine) and James Lankford (R-Okla.) quickly wrote to Donald Trump to urge the president-elect to promptly consider a successor. “A successful DNI makes the intelligence community more efficient, more collaborative, limits redundancies, and advances seamless information sharing across our intelligence agencies,” they wrote. They added: “If selected early, your DNI could advise on candidates for directors of the intelligence agencies he or she will work with most often.”

–THE BRUSHBACK PITCH: Elsewhere in the same hearing, Clapper said Russian scanning of state election infrastructure was “curtailed” after the U.S. publicly blamed Moscow for hacking several U.S. political organizations. Russia is believed to have been behind pre-election attempts to penetrate voter information databases in Arizona and Illinois.

To read the rest of our piece on curtailing Russian hacks, click here.

 

A POLICY UPDATE: 

–NOT SO FAST: A bipartisan bill would delay controversial changes to search and seizure rules that would permit some forms of hacking by law enforcement.

Rule 41, the rule that governs searches, is set to change on Dec. 1. But a bipartisan, bicameral group of lawmakers have offered the Review the Rule Act, which would delay the start date until July 1, 2017, to give Congress time to consider the changes.

The updates to Rule 41, which are backed by the Department of Justice, would allow judges to issue warrants to hack computers when the computer’s location is obscured by technological means.

It would also allow a single warrant to permit hacking across five or more districts, which could be used to mitigate networks of hijacked computers called botnets, used to attack other computers or send spam.

The Review the Rule Act “will give Congress time to do our job and carefully consider and evaluate the merits of these proposed changes to the government’s ability to search personal computers and other digital devices,” said Sen. Chris Coons (D-Del.), one of the sponsors.

The act is sponsored by Coons, with Sens. Steve Daines (R-Mont.), Al Franken (D-Minn.), Mike Lee (R-Utah) and Ron Wyden (D-Ore.) signing on; Reps. John Conyers, Jr. (D-Mich.) and Ted Poe (R-Texas) are cosponsors in the House.

To read the rest of our piece, click here

 

A REPORT IN FOCUS: 

–AN INTERNET-WIDE SECURITY RUSH MIGHT LEAVE SITES IN DUST. By early next year, many web browsers, including Chrome, Edge and Firefox will stop allowing websites to use an outdated security system in authentication certificates – what’s known as the SHA-1 algorithm. It’s not difficult or particularly costly to upgrade. Yet a study by Venafi (who sell software to manage certificates) claims 35 percent of the 11 million sites they scanned are still using SHA-1. Major sites successfully upgraded, said Venafi, but smaller sites and sites that are no longer maintained often were unprepared for the future of browsing. Browsers will begin triggering warning messages when users visit the third of sites caught in the past.

 

WHO’S IN THE SPOTLIGHT: 

–FACEBOOK. Facebook is suspending the collection of WhatsApp user data in Europe for advertising.

The move comes in the face of pressure from watchdog and civil liberty groups and pending investigations on data protection violations from several European countries including the U.K., Germany, France and Italy, reports the Financial Times. Europe’s data protection agency group also slammed WhatsApp’s data collection practices in an open letter last month.

The Palo Alto, Calif.-based company had previously halted its WhatsApp data collection in the United Kingdom after pressure from British authorities.

“I don’t think users have been given enough information about what Facebook plans to do with their information, and I don’t think WhatsApp has got valid consent from users to share the information,” said Elizabeth Denham, U.K. information commissioner, in a statement this month.

To read the rest of our piece, click here.

 

A LIGHTER CLICK: 

–FROM THE ANNALS OF VERY SPECIFIC SCIENCE: Behold the roundest object ever discovered in the universe.

 

IN CASE YOU MISSED IT:

Links from our blog, The Hill, and around the Web. 

A man in Fort Worth was convicted in a hacking scheme to steal in-game currency from the FIFA soccer video game. (Kotaku)

Hackers briefly set the Canadian army recruitment website to forward visitors to a Chinese government site. (Motherboard)

“Nearly four in ten Americans would rather be abstinent for a year than risk being hacked, according to the results of a survey published Thursday.” (Washington Times)

Data breaches at Britain’s National Health Service jumped from 3,133 in 2014 to 4,177 in 2015, with cyber breaches jumping from 8 to 60. (SkyNews)