Overnight Cybersecurity: Trump taps finance exec as federal CIO | White House downplays talk of 5G takeover | Massive cryptocurrency heist sparks scrutiny

Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We’re here to connect the dots as leaders in government, policy and industry try to counter the rise in cyber threats. What lies ahead for Congress, the administration and the latest company under siege? Whether you’re a consumer, a techie or a D.C. lifer, we’re here to give you …

 

THE BIG STORIES:

–THE NEW FEDERAL CIO: President Trump on Friday afternoon announced that he plans to nominate Suzette Kent to serve as federal chief information officer (CIO) in his administration. Kent is a financial services executive who currently works as a principal at Ernst and Young, and has also served in high-level roles at Accenture and JPMorgan. In the role, she will take on a vast number of responsibilities, setting information technology policies for federal agencies and departments and leading the federal government’s CIO Council. The Trump administration has made modernizing government IT a major priority, and it will fall to Kent to spearhead many of the administration’s priorities on federal technology. In a statement, the White House described Kent as “an industry leader of large-scale business transformation using technology, for the world’s most complex organizations.” Kent will fill a role that has had no permanent occupant for over a year. Currently, Margie Graves, the deputy CIO, is serving in the role in an acting capacity. The Trump administration, like those before it, has faced a challenge in recruiting and retaining skilled individuals to serve in top tech roles throughout the government.

–WHITE HOUSE SAYS ‘NO DECISIONS’ MADE ON 5G NETWORK: The White House said Monday there had been “no decisions” made about creating a nationalized 5G broadband network after reports about the proposal sparked fierce blowback.

“Right now we’re in the very earliest stages of the conversation. There are absolutely no decisions made on what that would look like, what role anyone would play in it,” White House press secretary Sarah Huckabee Sanders said at Monday’s press briefing.

She added that the focus for now was “simply the need for a secure network.”

Her comments came after Axios reported Sunday that a National Security Council memo floated creating a nationalized broadband network for better security against foreign state-sponsored hacks by countries like China.

The idea of nationalizing the 5G network being built by private companies was quickly criticized by Republicans and the telecom industry.

All five members of the Federal Communications Commission, from both parties, came out against the proposal.

“Any federal effort to construct a nationalized 5G network would be a costly and counterproductive distraction from the policies we need to help the United States win the 5G future,” Republican FCC Chairman Aji Pai said in a statement Monday.

To read more of our coverage, click here and here.

–ROSENSTEIN REPORTEDLY APPROVED SURVEILLANCE EXTENSION FOR TRUMP AIDE: Deputy Attorney General Rod Rosenstein approved an application last year to extend surveillance of former Trump campaign associate Carter Page, according to a secret Republican memo detailed in a report from the New York Times. According to the Times, which cited three people familiar with the memo, the FBI and Justice Department’s application was based partially on research by investigator Christopher Steele, who compiled a dossier containing unverified claims about Trump’s ties to Russia. The GOP memo reportedly alleges officials did not sufficiently explain their reasoning for extending the surveillance. Congressional Republicans on Sunday pleaded their case for releasing the classified, four-page memo, which was produced by staff for Rep. Devin Nunes (R-Calif.), chairman of the House Intelligence Committee, based on classified documents provided by the Justice Department and FBI. The memo is said to contain allegations that senior FBI officials abused a surveillance program to target the Trump campaign last year. The House Intelligence Committee could vote as early as Monday evening to release the controversial memo.

To read more of our coverage, click here and here.

 

A LEGISLATIVE UPDATE: 

‘DETER’ ACT GETS A HOUSE COUNTERPART: A Senate bill aimed at deterring future foreign interference in U.S. elections now has a bipartisan counterpart in the House.

Reps. Ileana Ros-Lehtinen (R-Fla.) and Brad Schneider (D-Ill.) have introduced the House version of the Defending Elections from Threats by Establishing Redlines (DETER) Act, which would impose penalties on Russia or other foreign powers that engage in efforts to interfere in U.S. elections.

Sens. Marco Rubio (R-Fla.) and Chris Van Hollen (D-Md.) introduced the original bill in the Senate earlier this month.

“Russian efforts to undermine U.S. leadership and interests know no boundaries, including at home,” Ros-Lehtinen said in a statement. “Russia blatantly meddled in our 2016 elections, as well as previous elections, in an attempt to erode public trust in our electoral process and undermine our democratic institutions. It will undoubtedly do so again.”

The bill lays out specific actions that would warrant retaliation, including a foreign power or agent buying political advertisements to sway an election, spreading false information through social media and hacking into election or campaign infrastructure and releasing or modifying information obtained through the hack.

The legislation spells out specific penalties for Moscow, drawing on legislation that Congress passed and President Trump signed last summer to sanction Russia for its behavior. The bill directs the administration to decide on specific retaliatory measures for nations like China, Iran or North Korea.

The U.S. intelligence community said last January that Russia waged an influence operation against the 2016 election, which Moscow has denied. The revelations have sparked fears that Russia or another foreign power could similarly meddle in future elections.

To read the rest of our piece, click here.

 

A LIGHTER CLICK: 

Lesson: Don’t buy drugs with bitcoin. (Wired)

 

A REPORT IN FOCUS: 

Dutch intelligence officials provided the FBI with crucial evidence that helped pave the way for the bureau’s probe into Russian interference in the 2016 election, according to Dutch media reports that emerged late last week.

The Volkskrant newspaper is reporting that officials with the Netherland’s AIVD, the General Intelligence and Security Service, penetrated networks used by Russian hackers in 2014 and observed them subsequently breaking into networks used by the Democratic National Committee (DNC).

A similar report also appeared in Nieuwsuur, a Dutch current affairs television program, both resulting from a joint investigation by the two news outlets.

The Dutch intelligence officials made their way into networks used by cyber espionage group Cozy Bear, also known as APT 29, which has been linked by experts to Russian intelligence, possibly Moscow’s Federal Security Service.

The Dutch were able to spy on the hackers for up to two and a half years, determining the location of their operations and also capturing the hackers on film, according to the reports.

The technical evidence that the AIVD and the Netherlands’s MIVD, or Military Intelligence and Security Service, passed to the FBI is described as “crucial” in providing the grounds for the bureau’s probe into Russia’s election meddling, though it is unclear what it entailed. Former FBI Director James Comey has confirmed that the investigation started in July 2016.

The reports cited anonymous U.S. and Dutch sources. The AIVD declined to comment to Volkskrant. The FBI declined to comment when reached by The Hill.

To read the rest of our piece, click here.

 

WHAT’S IN THE SPOTLIGHT: 

COINCHECK: A Tokyo-based cryptocurrency exchange is coming under the scrutiny of Japanese regulators after hackers pulled off what may be the largest cryptocurrency theft to date.

The hackers made off with hundreds of millions in virtual currency from the exchange, Coincheck, on Friday.

Japan’s financial regulator, the Financial Services Agency (FSA), on Monday ordered the exchange to “improve business operations” following the “illicit transfer,” Coincheck announced in a blog post.

The FSA ordered Coincheck to investigate the incident, submit a written report, provide proper support to customers, and to strengthen and develop new methods to prevent future thefts. The agency gave the exchange a Feb. 13 deadline to comply.

“In moving towards reopening our services, we are putting all of our efforts towards discovering the cause of the illicit transfer and overhauling and strengthening our security measures while simultaneously continuing in our efforts to register with the Financial Services Agency as a Virtual Currency Exchange Service Provider,” Coincheck said.

Reports vary on the how much NEM, a type of cryptocurrency, the hackers snatched from the exchange with estimates ranging from $400 million and $530 million.

Coincheck, which describes itself as “the leading bitcoin and cryptocurrency exchange in Asia,” pledged to provide a partial refund to the roughly 260,000 users affected by the theft, but did not offer a timeline.

The theft could be the biggest cryptocurrency heist on record, possibly bypassing the estimated $400 million bitcoin lost in the 2014 Mt. Gox heist.

The site, which suspended trading in cryptocurrencies except for bitcoin, has apologized that the theft caused “immense distress to our customers, other exchanges, and people throughout the cryptocurrency industry.” The exchange offered their “deepest and humblest apologies to all of those involved.”

The exchange stored the NEM coins in a “hot wallet” rather than the more secure “cold wallet” that operates outside the internet, Reuters reported, citing Coincheck.

In April 2017, Japan began requiring cryptocurrency exchange sites to register with the government. Those operating before the registration requirement went into effect were able to continue offering their services during the approval process. Coincheck’s application is still reportedly pending.

To read the rest of our piece, click here

 

IN CASE YOU MISSED IT:

Links from our blog, The Hill, and around the Web.

Dems press Gowdy to subpoena Homeland Security for election hacking documents. (The Hill)

Deputy FBI Director Andrew McCabe has reportedly stepped down. (The Hill)

Twitter says Russian bots retweeted Trump nearly 500,000 times in last months of election. (The Hill)

Social media giants pressed on foreign bots after memo campaign. (The Hill)

Experts suggest fitness tracking data reveals locations of US military bases. (The Hill)

Treasury expected to issue ‘name and shame’ list of companies doing business with blacklisted Russian entities. (CNN)

A company is netting millions of dollars selling fake followers on Twitter. (New York Times)

Intel told Chinese companies about chip flaws before alerting the U.S. government. (The Wall Street Journal)

Secret Service sounds alarm over ‘jackpotting‘ ATM cyberattacks. (ABC)

The U.K. will fine organizations providing critical services that have poor cybersecurity. (BBC)

 

Tags Andrew McCabe Brad Schneider Chris Van Hollen Devin Nunes Donald Trump Ileana Ros-Lehtinen James Comey Marco Rubio Rod Rosenstein

Copyright 2023 Nexstar Media Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.