Overnight Cybersecurity: Obama budget seeks to boost cyber spending

Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We're here to connect the dots as leaders in government, policy and industry try to counter the rise in cyber threats. What lies ahead for Congress, the administration and the latest company under siege? Whether you're a consumer, a techie or a D.C. lifer, we're here to give you...


--I CAN HAS MONEY?: President Obama on Tuesday is expected to request a dramatic boost in federal funding for cybersecurity, according to multiple Hill offices, industry representatives and digital privacy advocates. As part of the annual White House budget proposal, the Obama administration will ask for $19 billion cyber spending, a 35 percent jump over last year's request of roughly $14 billion. The request would be a big jump for the White House after only asking for an additional $1 billion last year, a roughly 10 percent increase. Obama is also expected to use the budget as a platform to establish a new senior federal cybersecurity official and a commission on cybersecurity as part of a final push to bolster the government's digital defenses before leaving office. The White House held a late Tuesday afternoon briefing with cybersecurity stakeholders, presumably to discuss the proposals. To read our full piece, click here.

--DON'T SAY I DIDN'T WARN YOU: An anonymous hacker on Monday made good on his threat to post the details of 20,000 FBI employees online, less than 24 hours after he dumped the data for 10,000 Department of Homeland Security (DHS) personnel. The hacker, who claims to have obtained the information by hacking the Department of Justice, shared both datasets with Motherboard in advance of the hack. The publication performed a spot check and found that most of the names, email addresses and job descriptions -- including around 1,000 intelligence analysts -- appear to be legitimate. Officials have downplayed the alleged breach. A DHS spokesperson said this morning that the agency is looking into the purported disclosure but that "there is no indication at this time that there is any breach of sensitive or personally identifiable information." A Department of Justice spokesperson provided an almost-identical statement to Motherboard. The hacker told Motherboard that he obtained the data by first compromising a Department of Justice email account, then tricking an agency representative into giving him a token code that allowed him to gain access to the work computer of the email account owner. A Twitter account tweeting out the databases suggested the hack was motivated by support for Palestine. To read about the DHS dump, click here. To read about the FBI dump, click here.



--WHICH SIDE ARE YOU ON? Sen. John McCainJohn McCainIs Georgia turning blue? High anxiety for GOP Trump: 'Very disappointed' GOP senator dropped support MORE (R-Ariz.) is calling for legislation that would require tech firms to build their products in such a way that they can crack open encrypted content in response to legal requests from authorities.

"By taking advantage of widely available encryption technologies, terrorists and common criminals alike can carry out their agendas in cyber safe havens beyond the reach of our intelligence agency tools and law enforcement capabilities. This is unacceptable," the Senate Armed Services chairman writes in a Bloomberg op-ed.

McCain's proposal would not dictate "what those systems should look like." Instead, it would require "technological alternatives" to end-to-end encryption, which prevents even the manufacturer from accessing communications.

"This would allow companies to retain flexibility to design their technologies to meet both their business needs and our national security interests," McCain said.

The proposal comes with lawmakers increasingly divided on the need for legislation to address encryption technology.

To read our full piece, click here.



--AH, AH, AH, YOU DIDN'T SAY THE MAGIC WORD. In the olden days -- like the 80s and 90s -- malware would often display a troll-y little graphic to announce its presence on your PC. (Dennis Nedry shaking his finger at Samuel L. Jackson comes to mind.)

Now, there's an online museum of all these fantastically dated animations that you can safely watch play out on your 2016 computer.

Check it out, here.



--THIS WEEK ON... The Hill's weekly Tuesday profile series focuses this week on Ari Schwartz, former senior director for cybersecurity on the White House National Security Council.

Here's a little preview:

After more than a decade of pressing the government on digital rights and transparency as a privacy advocate, Ari Schwartz found himself at the White House defending the government's bruised and often impenetrable intelligence community in the wake of the Snowden leaks.

But Schwartz -- who comes across as structured and pragmatic -- thought he was well suited to his dual mandate as the "privacy guy" working on security.

"It's important to have a defender of the other side in that atmosphere," he told The Hill. "And knowing both worlds, I think I was able to -- particularly in the White House -- be a good translator and bring in people who could help to have a real conversation about where we should go and move it forward."

Schwartz started at the White House in June 2013 as the director for cybersecurity privacy, civil liberties and policy, the same month that Edward Snowden revealed the government's secret surveillance underbelly. 

"I ended up doing a lot of work on the intelligence reform," he said, chuckling, "that I don't think I had planned to do originally."

To read the full profile, check back tomorrow morning.



--FACEBOOK. France's privacy regulator on Monday threatened to fine Facebook Inc. if it doesn't change some of its data tracking practices and halt transatlantic transfers under a recently invalidated data flow agreement.

The French order is the first significant action taken by a European data protection authority since the EU high court struck down the agreement last October over privacy concerns.

Legal sources tracking the new deal already expected that some countries might target large tech companies seen to have collaborated with U.S. surveillance efforts prior to reforms made under the Obama administration.

Facebook has three months to comply with the French regulator's demands. According to the watchdog, the social media giant plants cookies on non-users' computers and collects data on sexual orientation and the religious and political views of users without the explicit consent of account holders.

"The formal notice is made public due to the seriousness of the violations and the number of individuals concerned by the Facebook service (more than 30 million users in France)," the agency said in a statement.

Other countries, including Germany, Belgium, Spain and the Netherlands, have also been probing the company's privacy policy for violations of EU law.

To read our full piece, click here.




--The Senate Committee on Homeland Security and Governmental Affairs is slated to consider the nomination of Beth Cobert to become OMP director at 10 a.m.


--Three senior White House tech officials will discuss President Obama's cybersecurity priorities in 2016 at a New America event at 2 p.m.

--The House Oversight Committee will hold a hearing on the Internal Revenue Service's data security, among other things, at 1 p.m.

--Homeland Security Secretary Jeh Johnson will deliver his annual "State of Homeland Security" speech at 10 a.m.



Links from our blog, The Hill, and around the Web.

Hackers used malware to infiltrate a regional Russian bank and manipulate the ruble-dollar exchange rate by more than 15 percent in minutes, according to a cybersecurity firm investigating the attack. (The Hill)

The House Oversight Committee is pushing the State Department to renegotiate parts of an international export agreement that governs cyber weapons. (The Hill)

The U.S. National Security Agency on Monday outlined a reorganization that will consolidate its spying and domestic cyber-security operations. (Reuters)

The FBI's campaign to identify budding terrorists via the Internet before they can carry out violence is playing an increasingly prominent role. (The Wall Street Journal)

Venmo suffered a post-Super Bowl outage -- sparking some, em, sporting theories as to why... (ABC News)


If you'd like to receive our newsletter in your inbox, please sign up here: http://goo.gl/KZ0b4A