Overnight Cybersecurity: Trump standing by wiretapping claim | Cyber gets boost in Trump budget | Bad bots on the rise | McDonald's Twitter hack

Overnight Cybersecurity: Trump standing by wiretapping claim | Cyber gets boost in Trump budget | Bad bots on the rise | McDonald's Twitter hack
© Greg Nash

Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We're here to connect the dots as leaders in government, policy and industry try to counter the rise in cyber threats. What lies ahead for Congress, the administration and the latest company under siege? Whether you're a consumer, a techie or a D.C. lifer, we're here to give you ...



-- BUDGET DAY: President TrumpDonald John TrumpTom Arnold claims to have unreleased 'tapes' of Trump Cohen distances himself from Tom Arnold, says they did not discuss Trump US military indefinitely suspends two training exercises with South Korea MORE released his 2018 budget blueprint, and cybersecurity makes a few appearances. The proposal twice uses cites "effectiveness, efficiency, cybersecurity, and accountability" as a goal.

--...ONE BILLION DOLLARS TO DHS CYBER PROGRAMS: President Trump's first federal budget blueprint proposes $1.5 billion for the Department of Homeland Security (DHS) to protect federal networks and critical infrastructure from cyberattacks. The budget request, which bolsters DHS funding by 6.8 percent while making deep cuts to other agencies and departments, also calls for heightened cooperation between the government and the private sector on cybersecurity.  The proposed budget "safeguards cyberspace with $1.5 billion for DHS activities that protect federal networks and critical infrastructure from an attack," according to the blueprint, which was publicly released Thursday morning.

To read the rest of our piece, click here.

--...CALLS FOR TREASURY, PENTAGON AND NASA TO BOOST INTERNAL CYBERSECURITY: Cybersecurity is included as one of the  "pressing shortfalls" in U.S. Armed Forces' infrastructure. The blueprint also funds IT initiatives in NASA and the Treasury.

--...AND AN INTERESTING NOTE ABOUT JUSTICE. In its section on the Department of Justice, the blueprint calls for "The FBI [to] devote $61 million more to fight terrorism and combat foreign intelligence and cyber threats and address public safety and national security risks that result from malicious actors' use of encrypted products and services." Overnight Cybersecurity spoke to a few policy experts, none of which were certain what "address public safety and national security risks that result from malicious actors' use of encrypted products and services" exactly meant. The line is an obvious reference to what FBI Director James Comey has described as the problem of "going dark" - that bad guys both criminal and terrorist can use encryption to evade surveillance. Comey has advocated for laws requiring manufacturers to develop special access systems to allow law enforcement to defeat otherwise undefeatable encryption - something Trump supported during the campaign. But Trump's budget blueprint seems to suggest he has moved away from that stance. Lawmakers, including a bipartisan study group, and encryption researchers say Comey's call for encryption backdoors would make all products vulnerable to new attacks. It's unclear what the budget blueprint wants the FBI to do. In theory, the FBI could develop hacking techniques or purchase them from contractors and hackers. The figure allocated, $61 million, strikes experts as a low number to accomplish that, especially when divided u up between "fighting terrorism and combating foreign intelligence and cyberthreats."



--JUST WHEN WE'RE ALL ON THE SAME PAGE...: On Wednesday, House Intelligence Chairman Devin Nunes reiterated that there is no evidence that then-President Obama wiretapped then-nominee Donald Trump's phones. On Thursday, Paul RyanPaul Davis RyanGeorge Will: Vote against GOP in midterms Trump tweet may doom House GOP effort on immigration On The Money — Sponsored by Prudential — Trump floats tariffs on European cars | Nikki Haley slams UN report on US poverty | Will tax law help GOP? It's a mystery MORE joined in. "The intelligence committees, in their continuing, widening, ongoing investigations of all things Russia, got to the bottom -- at least so far with respect to our intelligence community -- that no such wiretap existed," Ryan said during a news conference." He was soon followed by a joint statement from the Senate Intelligence Commiteee leadership. "Based on the information available to us, we see no indications that Trump Tower was the subject of surveillance by any element of the United States government either before or after Election Day 2016," wrote Sens. Richard BurrRichard Mauze BurrHillicon Valley: New FTC chief eyes shake up of tech regulation | Lawmakers target Google, Huawei partnership | Microsoft employees voice anger over ICE contract On The Money — Sponsored by Prudential — Senators hammers Ross on Trump tariffs | EU levies tariffs on US goods | Senate rejects Trump plan to claw back spending Senate Intel requests more testimony from Comey, McCabe MORE (R-N.C.) and Mark WarnerMark Robert WarnerVirginia Dems want answers on alleged detention center abuse Wray defends FBI after 'sobering' watchdog report Top Dems: IG report shows Comey's actions helped Trump win election MORE (D-Va.). Also Thursday, Rep. Adam SchiffAdam Bennett SchiffOvernight Defense: Defense spending bill amendments target hot-button issues | Space Force already facing hurdles | Senators voice 'deep' concerns at using military lawyers on immigration cases Rubio heckled by protestors outside immigration detention facility MSNBC’s Ruhle fires back at ‘Fox & Friends’ over ‘propaganda’ about migrant children MORE (D-Calif.) confirmed he expected FBI Director James Comey to debunk the wiretap claims during their hearing Monday.

To read more, click here for a story on Ryan, here for one on Senate Intelligence and here for Schiff.

--...WE'RE STILL NOT ALL ON THE SAME PAGE: White House press secretary Sean Spicer, though, again argued at his Thursday press briefing that the president did not mean wiretapping when he tweeted four times that former President Barack ObamaBarack Hussein ObamaObama to visit Kenya, South Africa for Obama Foundation in July Overnight Energy: EPA declines to write new rule for toxic spills | Senate blocks move to stop Obama water rule | EPA bought 'tactical' pants and polos Clarifying the power of federal agencies could offer Trump a lasting legacy MORE had ordered the wiretapping of Trump Towers. In two tweets, Trump had put the phrase in quotes: "Terrible! Just found out that Obama had my 'wires tapped' in Trump Tower just before the victory. Nothing found. This is McCarthyism!" and "Is it legal for a sitting President to be 'wire tapping' a race for president prior to an election? Turned down by court earlier. A NEW LOW!" But Spicer said that indicated the president meant any kind of surveillance, not just wiretapping. He then recited a list of news articles that said Trump officials might have been caught in the surveillance of foreign targets. Nunes made a similar point during his press conference, that Trump was only inaccurate if his tweets are taken literally and that he may have been making a broader point. This explanation does not completely explain the tweets. So-called incidental surveillance can not legally be targeted at U.S. persons, like Trump, and is never directed by the president. It is solely in the hands of the intelligence community. Incidental surveillance may explain why wiretapping was in quotes, but not why Obama is explicitly being blamed.

--HOUSE COULD DEMAND DOCUMENTS: Rep. Mike Quigley (D-Ill.), a member of the House Intelligence Committee, introduced a special resolution of inquiry on Thursday requesting that Trump and Attorney General Jeff SessionsJefferson (Jeff) Beauregard SessionsTrump administration creating family reunification task force: report Mexican airline pledges to reunite immigrant families separated by Trump policy for free Jennifer Lopez sounds off on Trump immigration policy MORE give Congress any evidence to explain Trump's claim that his predecessor illegally ordered the wiretapping of Trump Tower ahead of the presidential election. Such evidence would include "copies of any document, record, memo, correspondence, or other communication in their possessions, or any portion of any such communication" that relates to Trump's claims." As a member of the Intelligence Committee, I have seen absolutely no evidence that supports the president's claims," Quigley said on the House floor Thursday. "President Trump and the Department of Justice have a responsibility to completely clarify the President's statements on Twitter."

To read the rest of our piece, click here.



UK'S MEME ARSENAL LAGGING: UK's National Cyber Security Centre tried and failed to RickRoll someone on Twitter.



NOW WE'VE GOT BAD BOTS: "Bad bots" – automated crawlers of the World Wide Web designed to perform malicious tasks – made up nearly 20 percent of the web's traffic in 2016, according a research from a firm that sells bot blocking solutions.

Distil Networks released its fourth annual bot report Thursday, providing internally determined statistics.

Bots serve multiple functions on the internet. Search engines, RSS feeds and other web staples are legitimate uses of technology – Distil classifies them as "good bots." Bad bots include programs to illicitly scrape content off of websites, rapidly corner markets on resalable products like tickets and automate certain types of password attacks.

While good bot use relative to total internet traffic has been on the decline – comprising 36 percent of traffic in 2014, 22 percent in 2015, and just under 19 percent last year – bad bot traffic has steadily been around 20 percent of online traffic. 2016 is the first year in Distil's records when bad bot traffic outdid good bot traffic.

Distil looked at different sized sites – the 10,000 largest sites ("large"), the next 40,000 ("medium"), the next 100,000 ("small") and all other sites. The company calculates that bad bots make up more than one in five visits to the largest sites on the internet, and no less than one in seven visits for sites. "Small" had the smallest proportion of bad bot traffic at slightly under 15 percent.

The report also notes that much of the bad bot campaigns take advantage of cloud computing services as base centers. More bad bots originated at Amazon's cloud services than anywhere else.



MCDONALD'S: McDonald's on Thursday said its corporate Twitter account had been hacked, after a tweet went out mocking President Trump on Thursday.

The fast food empire's corporate account sent out a tweet reading "@realDonaldTrump You are actually a disgusting excuse of a President and we would love to have @BarackObama back, also you have tiny hands."

It was soon deleted.

"Twitter notified us that our account was compromised. We deleted the tweet, secured our account and are now investigating this," McDonald's wrote on Twitter, roughly an hour after the original tweet was sent.

McDonald's later said they believed the account was "hacked by an external source."

To read the rest of our piece, click here.



Links from our blog, The Hill, and around the Web

Did President Trump accidentally reveal classified information during last night's Tucker Carlson interview? (The Hill)

Experts tell House that the U.S. needs to improve its anti-propaganda efforts. (The Hill)

Dems. look to boost rural access to broadband. (The Hill)

President Trump will meet with Bill Gates. (The Hill)

Intel launched a bug bounty program. (HackerOne)

Canada's Privacy Commissioner is investigating phone seizures at the U.S. border. (National Post)

Today's best headline: Tim Shields Wants You to Save Tortoises by Piloting Laser Robots With Your Phone. (Motherboard)

The USB Kill Stick - a USB stick that physically destroys computers - now does a more thorough job. (ZDNet).


If you'd like to receive our newsletter in your inbox, please sign up here.