Overnight Cybersecurity: Feds, Silicon Valley to discuss online terror threat

Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We're here to connect the dots as leaders in government, policy and industry wrap their arms around cyberthreats. What lies ahead for Congress, the administration and the latest company under siege? Whether you're a consumer, a techie or a D.C. lifer, we're here to give you ...

THE BIG STORIES:

--AT LEAST HEAR US OUT: Top Obama administration officials will meet with Silicon Valley executives on Friday about ways to combat terrorists' use of social media. A number of technology companies, including Google and Twitter, confirmed the meeting, which was first reported by the Wall Street Journal, to The Hill and said they will participate. Facebook and Apple are also said to be attending. The Journal reported that invitations went out to more than a dozen companies. Government officials will press the tech companies on ways to amplify other voices to undercut messages from terrorists, like the Islamic State in Iraq and Syria, according to one source. Encryption could be a secondary topic at the meeting as well, according to the Journal. Most tech and social media companies already have policies to quickly remove violent or terror-related content when prompted, but they have resisted legislation that would mandate them to report terrorist activity on their platforms. Increasing calls to crack down on terrorist activity on social media have come in the wake of a series of attacks in recent months, including one in Paris that left more than 100 dead and a December shooting in San Bernardino, Calif., that killed 14. To read our full piece, click here.

ADVERTISEMENT
--CAN I HAVE SOME MORE, PLEASE?: A long-running fight over the initial discovery of the massive data breach at the Office of Personnel Management (OPM) resurfaced Thursday at a House Oversight Committee hearing. Lawmakers tussled repeatedly with an OPM official about an outside contractor, CyTech, that was brought in to examine the OPM networks shortly before the agency disclosed two breaches that exposed personal information for more than 20 million people involved in federal background checks. At the center of the argument is CyTech's digital forensics tool, called CyFir, that was used during the inspection. Before the OPM gave the tool back to the company in August, the agency wiped the information that CyFir had gathered. Since then, House Oversight Committee Chairman Jason ChaffetzJason ChaffetzIRS chief blasts impeachment push in Chaffetz's home state Overnight Energy: Volkswagen faces another emissions lawsuit Fast and Furious: Are you listening Congress? MORE (R-Utah) has been seeking that data. "We've been asking for months," Chaffetz said on Thursday. "When will we get 100 percent of those requests?" Jason Levine, director of the OPM Office of Congressional, Legislative, and Intergovernmental Affairs, told Chafftez, "We do expect another set of documents coming, I would say this month, if not in the next couple weeks." But things only got more heated from there. "There's no excuse in withholding that information from Congress. You have it," Chaffetz said. "It's in your systems. We know it because we're looking at hard copies. And we're checking to see if you give it to us as well. And you're not. And that's why you're going to be back before this committee." To read our full piece, click here.

--BETTER SAFE THAN SORRY: A pseudo-governmental electricity industry group in the U.S. has advised its members to boost their network security after reports emerged that a cyberattack downed a Ukrainian utility for six hours. The Dec. 23 incident left roughly 700,000 homes without power and is thought to be the first major blackout caused by hackers. The Electricity Information Sharing and Analysis Center (E-ISAC) called the blackout a "coordinated effort by a malicious actor" and last week urged its members to "do a better job" at layering digital security to keep out hackers. The nine-page confidential document did not lay out specific weaknesses in the U.S. grid that might allow a similar breach to occur domestically. "There is no credible evidence that the incident could affect North American grid operations and no plans to modify existing regulations or guidance based on this incident," a spokeswoman for E-ISAC said. But experts have long warned that outdated systems and an increasingly connected grid have left vital infrastructure vulnerable. To read our full piece, click here.

 

AN UPDATE ON CYBER POLICY:

--LET OUR POWERS COMBINE. The biggest U.S. tech powers have joined forces to oppose a proposed British surveillance law that could give government investigators greater access to encrypted digital data. The draft measure, known as the Investigatory Powers Bill, would require Internet companies to retain customers' Web activity for up to a year and compel them to help investigators access that data upon request.

In a joint submission to a committee of British lawmakers, Facebook, Google, Microsoft, Twitter and Yahoo cautioned that the bill would set "a very dangerous precedent."

Enabling governments to manipulate companies' encrypted devices "could involve the introduction of risks or vulnerabilities into products or services," the coalition said in its comments, which the committee published Thursday. "We would urge your government to reconsider."

Tech giant Apple recently filed its own separate submission making the same argument.

Check out our full piece, here.

 

LIGHTER CLICK:

--HACK ALL THE THINGS. Because there's nothing that the Internet does better than make fun of itself, here is a YouTube video of what it looks like to hack the Internet. Key features: FRANTIC, ERRATIC TYPING, EDM, and a ski mask. (Actually, this is pretty much how Cory rolls every day.)

Watch, here.

 

WHO'S IN THE SPOTLIGHT:

--PROPUBLICA. The nonprofit newsroom this week became the first major news outlet to launch a version of its site on the Tor network, or "dark Web."

The move grants users of the site complete anonymity. Not only will an Internet service provider be unable to see what content readers are browsing, the fact that they visited the site at all will be cloaked.

"Everyone should have the ability to decide what types of metadata they leave behind," a ProPublica developer who worked on the service told Motherboard. "We don't want anyone to know that you came to us or what you read."

Read on, here.

 

A LOOK AHEAD:

FRIDAY

--The House is scheduled to vote on the Furthering Asbestos Claim Transparency (FACT) Act, a bill that aims to reduce asbestos lawsuit fraud. Public interest groups have argued the bill would expose more of Americans' personal data to cyber criminals. The bill's backers dismiss this argument, saying the bill only requires people to provide data they have likely already disclosed elsewhere. Read our piece, here.

-Two House subcommittees will hold a joint hearing at 9 a.m. titled, "Cybersecurity: What the Federal Government Can Learn from the Private Sector."

 

IN CASE YOU MISSED IT:

Links from our blog, The Hill, and around the Web.

Rep. Jim Langevin (D-R.I.) on Thursday said he will bring Tim Hebert, CEO of information technology firm Atrion, as his guest to President Obama's State of the Union. (The Hill)

Uber will implement additional data security measures as part of a settlement with New York's attorney general. (The Hill)

The National Security Agency said on Thursday it was "confident" in its powers under a new phone records collection scheme, a claim that backs up assertions from Sen. Ted CruzTed CruzHot air balloon crash kills 16 in Texas 100 days to go in volatile race Voting Trump because of the Supreme Court isn't enough MORE (R-Texas). (The Hill)

House lawmakers on Thursday pushed the leader of the Small Business Administration to work quickly to resolve cybersecurity concerns at the agency. (The Hill)

The writers of hit show "Mr. Robot" want to make you paranoid about all the technology you use. (Business Insider)

The latest tech support scam has stoked concerns Dell customer data was breached. (Ars Technica)

Twitter has sued the Turkish government after it fined the social-media company for not removing what it called extremist content. (The Daily Dot)

Google has banished 13 Android apps from its Play marketplace after security researchers found the apps made unauthorized downloads. (Ars Technica)

 

If you'd like to receive our newsletter in your inbox, please sign up here: http://goo.gl/KZ0b4A