Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We’re here to connect the dots as leaders in government, policy and industry try to counter the rise in cyber threats. What lies ahead for Congress, the administration and the latest company under siege? Whether you’re a consumer, a techie or a D.C. lifer, we’re here to give you …
THE BIG STORY:
–SENATE WORRIED CYBER DETERRENCE MOVING AT “GEOLOGIC TIME”: Top cyber officials from the Pentagon, FBI, and Department of Homeland Security faced questions about missed deadlines in planning for cyber warfare at a Senate Armed Services committee hearing Thursday. Last year, Lawmakers inserted language into annual defense policy legislation requiring the Pentagon to spell out the military and nonmilitary options for deterring and responding to malicious cyber activity – a report that has not yet arrived. “We will be submitting it to you shortly,” said Kenneth Rapuano, the Assistant Defense Secretary for Homeland Defense and Global Security “Shortly doesn’t make me feel better. Is that geologic time?” answered Sen. Angus King (I-Maine).
{mosads}
–…”WE’RE STILL TRYING TO GET OUR ARMS AROUND IT”: Officials acknowledged Thursday that, while agencies have made progress, more work needs to be done. “I would suggest that we’re getting there, that we’re working on the coordination,” said Christopher Krebs, a top official at DHS’s National Protection and Programs Directorate (NPPD). “This is a battle that is going to be going on for many years. We’re still trying to get our arms around it.” Sen. John McCain (R-Ariz.), the chairman of the Senate Armed Services Committee, has helped lead a charge to insert language into Senate-approved defense legislation that spells out a specific cyber warfare doctrine. The White House has sternly objected to the provision, saying it would infringe on the president’s powers.
To read the rest of our piece, click here.
–…WHITE HOUSE WITHHOLDS CYBER CZAR, MCCAIN THREATENS SUBPOENA: Rob Joyce was invited to testify. However, John McCain (R-Arizona), the panel chairman, said in his opening remarks that the White House had declined to have him testify, citing executive privilege and “precedent against having nonconfirmed NSC staff testifying before Congress.” Such a move has been consistent with past practices by both Republican and Democratic administrations, but nonetheless irked both Republicans and Democrats at the meeting. “I would also like to note at the outset the empty chair at the witness table,” McCain said during opening remarks. “Unfortunately, but not surprisingly, the White House declined to have its cyber coordinator testify.” He said Joyce’s absence underscored the “fundamental misalignment between authority and accountability in our government today when it comes to cyber.” Later, McCain signaled that Joyce could be subpoenaed, in response to a suggestion from Sen. Bill Nelson (D-Fla.). “I think that has to be discussed,” McCain said. McCain told reporters after the hearing that the committee would meet and consider whether or not to subpoena Joyce. “We’re going to have a meeting of the committee and discuss the issue,” he said.
To read the rest of our piece, click here.
–…TENSIONS RUN HIGH: Senators took issue with a chart dated January 2013 that officials circulated to committee members to explain the government’s efforts in cyberspace. “To hand out a five-year-old chart as to how we are going to fix this situation is just — is totally, totally insufficient,” said Sen. Bill Nelson (D-Fla.).
A REGULATORY UPDATE:
REGULATORY PROPOSES NEW RULES FOR ENERGY SECTOR:
The federal entity responsible for regulating the energy sector on Thursday proposed new rules to enhance the cybersecurity of the U.S. electric grid, including those aimed at addressing risks posed by malware.
The Federal Energy Regulatory Commission (FERC) outlined new proposed security management controls for operators of electric grid systems aimed at enhancing “the reliability and resilience of the nation’s bulk electric systems,” according to a release.
“These include mandatory controls to address the risks posed by malware from transient electronic devices like laptop computers, thumb drives and other devices used at low-impact bulk electric system cyber systems,” the commission said.
To read the rest of our piece, click here.
A LIGHTER CLICK:
POKEMON GOES TO THE WHITE HOUSE. Gotta catch ’em all for national security reasons.
TWO REPORTS IN FOCUS:
TERRORIST CONTENT DOUBLES AFTER ATTACKS: On the anniversary of September 11 and the day following the Las Vegas shootings, postings of new terrorist media content doubled, reports Crisp Thinking, a firm specializing in identifying such content to help social networks eliminate it.
“Generally, almost all terrorist groups jump on the back of any major incident covered in the media,” said Adam Hildreth, Crisp’s chief executive.
The company tracks propagandist content from multiple ideologies across chat platforms, social media, forums and other potential hang-outs — tens of millions of user generated posts a day.
ONE IN FOUR EMAILS FROM A FED .GOV ACCOUNT IS FAKE:
More than 25 percent of emails from federal email addresses are not actually from the government, according to an email security company with extensive federal contracts.
The figure comes from a study released Thursday by the contractor Agari.
Agari fights email fraud on behalf of more than 400 federal websites, including the official sites of the departments of Health and Human Services and Veterans Affairs, the Census Bureau and the Senate.
Though emails list who a message is “from,” the email protocol does nothing to check if a message actually was sent by the address listed in the “from” field.
There is a newer protocol that can automatically authenticate emails, known as DMARC. That protocol double-checks that messages were sent by their listed senders, allowing fake emails to be deleted or sent to spam. The Department of Homeland Security (DHS) this week issued a directive requiring all federal agencies to implement DMARC.
Agari and other providers can be used to set up DMARC and Agari based its statistics on DMARC authentication.
In more than 335 million federal emails Agari studied, more than 85 million were fake.
To read the rest of our piece, click here.
WHO’S IN THE SPOTLIGHT:
Tamir Pardo, the former director of the Israeli intelligence and counterterrorism agency Mossad, said that recent intelligence leaks would not have substantially hampered his relationship with his counterparts in the United States.
“We don’t have any other choice,” Pardo, who served as the Mossad’s head until January 2016, told The Hill in an interview.
Recent media reports about Kaspersky Lab’s role in Russian espionage operations were based on alleged Israeli intelligence, and were leaked to the media by people in the United States.
Apparently leaked copies of the NSA’s tightly guarded hacking tools appear to have been used in international malware outbreaks WannaCry and NotPetya.
In May, Israel reportedly changed its intelligence sharing protocols with the United States after President Trump was said to have told Russian diplomats highly classified information that could have endangered the life of an Israeli operative.
“What we had to clarify with our friends in the United States, we did,” defense chief Avigdor Liberman told Israeli Army Radio at the time, although he did not explain what protocols changed and whether or not they would restrict intelligence sharing from its then-current state.
“I think when I was in my position, I would say I am not happy about it, but it does not stop our need to share intelligence,” said Pardo, who said he was sure the NSA had done its best to protect its files.
To read the rest of our piece, click here.
IN CASE YOU MISSED IT:
‘Links from our blog, The Hill, and around the Web.
George Bush says just say no to cyber criminals. (The Hill)
Trump accuses the FBI, Russia and Democrats of paying for the infamous Steele dossier. (It was first paid for by Never-Trump Republicans and later Democrats). (The Hill)
China may be more efficient in archiving security vulnerabilities than the U.S. (Recorded Future)
Facebook unveils plans to halt election interference in Canada. (Motherboard)
The GAO snuffed Northrop Grumman’s challenge to a $1 billion Raytheon cybersecurity contract. (NextGov)
DEF CON’s election hacking presentations are now online! (YouTube)
Kromtech releases free tool to stop Amazon Cloud leaks. (Kromtech)
Eugene Kaspersky is “Proud to keep on protecting – no matter the false allegations in the U.S. media.” (Kaspersky)
Europe is looking for some middle ground in the encryption debate. (ZDNet)
If you’d like to receive our newsletter in your inbox, please sign up here.