Overnight Cybersecurity: Trump standing by wiretapping claim | Cyber gets boost in Trump budget | Bad bots on the rise | McDonald's Twitter hack

Overnight Cybersecurity: Trump standing by wiretapping claim | Cyber gets boost in Trump budget | Bad bots on the rise | McDonald's Twitter hack
© Greg Nash

Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We're here to connect the dots as leaders in government, policy and industry try to counter the rise in cyber threats. What lies ahead for Congress, the administration and the latest company under siege? Whether you're a consumer, a techie or a D.C. lifer, we're here to give you ...



-- BUDGET DAY: President TrumpDonald John TrumpDems make history, and other takeaways from Tuesday's primaries Pawlenty loses comeback bid in Minnesota Establishment-backed Vukmir wins Wisconsin GOP Senate primary MORE released his 2018 budget blueprint, and cybersecurity makes a few appearances. The proposal twice uses cites "effectiveness, efficiency, cybersecurity, and accountability" as a goal.

--...ONE BILLION DOLLARS TO DHS CYBER PROGRAMS: President Trump's first federal budget blueprint proposes $1.5 billion for the Department of Homeland Security (DHS) to protect federal networks and critical infrastructure from cyberattacks. The budget request, which bolsters DHS funding by 6.8 percent while making deep cuts to other agencies and departments, also calls for heightened cooperation between the government and the private sector on cybersecurity.  The proposed budget "safeguards cyberspace with $1.5 billion for DHS activities that protect federal networks and critical infrastructure from an attack," according to the blueprint, which was publicly released Thursday morning.

To read the rest of our piece, click here.

--...CALLS FOR TREASURY, PENTAGON AND NASA TO BOOST INTERNAL CYBERSECURITY: Cybersecurity is included as one of the  "pressing shortfalls" in U.S. Armed Forces' infrastructure. The blueprint also funds IT initiatives in NASA and the Treasury.

--...AND AN INTERESTING NOTE ABOUT JUSTICE. In its section on the Department of Justice, the blueprint calls for "The FBI [to] devote $61 million more to fight terrorism and combat foreign intelligence and cyber threats and address public safety and national security risks that result from malicious actors' use of encrypted products and services." Overnight Cybersecurity spoke to a few policy experts, none of which were certain what "address public safety and national security risks that result from malicious actors' use of encrypted products and services" exactly meant. The line is an obvious reference to what FBI Director James Comey has described as the problem of "going dark" - that bad guys both criminal and terrorist can use encryption to evade surveillance. Comey has advocated for laws requiring manufacturers to develop special access systems to allow law enforcement to defeat otherwise undefeatable encryption - something Trump supported during the campaign. But Trump's budget blueprint seems to suggest he has moved away from that stance. Lawmakers, including a bipartisan study group, and encryption researchers say Comey's call for encryption backdoors would make all products vulnerable to new attacks. It's unclear what the budget blueprint wants the FBI to do. In theory, the FBI could develop hacking techniques or purchase them from contractors and hackers. The figure allocated, $61 million, strikes experts as a low number to accomplish that, especially when divided u up between "fighting terrorism and combating foreign intelligence and cyberthreats."



--JUST WHEN WE'RE ALL ON THE SAME PAGE...: On Wednesday, House Intelligence Chairman Devin Nunes reiterated that there is no evidence that then-President Obama wiretapped then-nominee Donald Trump's phones. On Thursday, Paul RyanPaul Davis RyanDems make history, and other takeaways from Tuesday's primaries Ironworker and star of viral video wins Dem primary for Speaker Ryan's seat Live results: Wisconsin, Minnesota, Vermont, Connecticut hold primaries MORE joined in. "The intelligence committees, in their continuing, widening, ongoing investigations of all things Russia, got to the bottom -- at least so far with respect to our intelligence community -- that no such wiretap existed," Ryan said during a news conference." He was soon followed by a joint statement from the Senate Intelligence Commiteee leadership. "Based on the information available to us, we see no indications that Trump Tower was the subject of surveillance by any element of the United States government either before or after Election Day 2016," wrote Sens. Richard BurrRichard Mauze BurrFlorida questions Senate chairman over claim that Russians have ‘penetrated’ election systems WikiLeaks says Senate panel requested Assange testimony for Russia probe Tougher Russia sanctions face skepticism from Senate Republicans MORE (R-N.C.) and Mark WarnerMark Robert WarnerEurope a cautionary tale for privacy, not a guiding light Dustbin 2020: The best Dems who surely won’t get the nomination WikiLeaks says Senate panel requested Assange testimony for Russia probe MORE (D-Va.). Also Thursday, Rep. Adam SchiffAdam Bennett SchiffRepublicans and Democrats alike face troubling signals from voters Schiff blasts GOP for Russia probe conduct: 'That's how you obstruct an investigation, not how you conduct one' Treason! The new party game that everyone is playing MORE (D-Calif.) confirmed he expected FBI Director James Comey to debunk the wiretap claims during their hearing Monday.

To read more, click here for a story on Ryan, here for one on Senate Intelligence and here for Schiff.

--...WE'RE STILL NOT ALL ON THE SAME PAGE: White House press secretary Sean Spicer, though, again argued at his Thursday press briefing that the president did not mean wiretapping when he tweeted four times that former President Barack ObamaBarack Hussein ObamaFormer Teacher of the Year wins Connecticut primary What happened to the Tea Party? Democrats should fully embrace their union roots MORE had ordered the wiretapping of Trump Towers. In two tweets, Trump had put the phrase in quotes: "Terrible! Just found out that Obama had my 'wires tapped' in Trump Tower just before the victory. Nothing found. This is McCarthyism!" and "Is it legal for a sitting President to be 'wire tapping' a race for president prior to an election? Turned down by court earlier. A NEW LOW!" But Spicer said that indicated the president meant any kind of surveillance, not just wiretapping. He then recited a list of news articles that said Trump officials might have been caught in the surveillance of foreign targets. Nunes made a similar point during his press conference, that Trump was only inaccurate if his tweets are taken literally and that he may have been making a broader point. This explanation does not completely explain the tweets. So-called incidental surveillance can not legally be targeted at U.S. persons, like Trump, and is never directed by the president. It is solely in the hands of the intelligence community. Incidental surveillance may explain why wiretapping was in quotes, but not why Obama is explicitly being blamed.

--HOUSE COULD DEMAND DOCUMENTS: Rep. Mike Quigley (D-Ill.), a member of the House Intelligence Committee, introduced a special resolution of inquiry on Thursday requesting that Trump and Attorney General Jeff SessionsJefferson (Jeff) Beauregard SessionsSwalwell: I would have fired Strzok too Omarosa: Trump calls Education chief 'Ditzy' DeVos Ex-Reagan official: If Mueller had nothing, Trump 'would ignore him' MORE give Congress any evidence to explain Trump's claim that his predecessor illegally ordered the wiretapping of Trump Tower ahead of the presidential election. Such evidence would include "copies of any document, record, memo, correspondence, or other communication in their possessions, or any portion of any such communication" that relates to Trump's claims." As a member of the Intelligence Committee, I have seen absolutely no evidence that supports the president's claims," Quigley said on the House floor Thursday. "President Trump and the Department of Justice have a responsibility to completely clarify the President's statements on Twitter."

To read the rest of our piece, click here.



UK'S MEME ARSENAL LAGGING: UK's National Cyber Security Centre tried and failed to RickRoll someone on Twitter.



NOW WE'VE GOT BAD BOTS: "Bad bots" – automated crawlers of the World Wide Web designed to perform malicious tasks – made up nearly 20 percent of the web's traffic in 2016, according a research from a firm that sells bot blocking solutions.

Distil Networks released its fourth annual bot report Thursday, providing internally determined statistics.

Bots serve multiple functions on the internet. Search engines, RSS feeds and other web staples are legitimate uses of technology – Distil classifies them as "good bots." Bad bots include programs to illicitly scrape content off of websites, rapidly corner markets on resalable products like tickets and automate certain types of password attacks.

While good bot use relative to total internet traffic has been on the decline – comprising 36 percent of traffic in 2014, 22 percent in 2015, and just under 19 percent last year – bad bot traffic has steadily been around 20 percent of online traffic. 2016 is the first year in Distil's records when bad bot traffic outdid good bot traffic.

Distil looked at different sized sites – the 10,000 largest sites ("large"), the next 40,000 ("medium"), the next 100,000 ("small") and all other sites. The company calculates that bad bots make up more than one in five visits to the largest sites on the internet, and no less than one in seven visits for sites. "Small" had the smallest proportion of bad bot traffic at slightly under 15 percent.

The report also notes that much of the bad bot campaigns take advantage of cloud computing services as base centers. More bad bots originated at Amazon's cloud services than anywhere else.



MCDONALD'S: McDonald's on Thursday said its corporate Twitter account had been hacked, after a tweet went out mocking President Trump on Thursday.

The fast food empire's corporate account sent out a tweet reading "@realDonaldTrump You are actually a disgusting excuse of a President and we would love to have @BarackObama back, also you have tiny hands."

It was soon deleted.

"Twitter notified us that our account was compromised. We deleted the tweet, secured our account and are now investigating this," McDonald's wrote on Twitter, roughly an hour after the original tweet was sent.

McDonald's later said they believed the account was "hacked by an external source."

To read the rest of our piece, click here.



Links from our blog, The Hill, and around the Web

Did President Trump accidentally reveal classified information during last night's Tucker Carlson interview? (The Hill)

Experts tell House that the U.S. needs to improve its anti-propaganda efforts. (The Hill)

Dems. look to boost rural access to broadband. (The Hill)

President Trump will meet with Bill Gates. (The Hill)

Intel launched a bug bounty program. (HackerOne)

Canada's Privacy Commissioner is investigating phone seizures at the U.S. border. (National Post)

Today's best headline: Tim Shields Wants You to Save Tortoises by Piloting Laser Robots With Your Phone. (Motherboard)

The USB Kill Stick - a USB stick that physically destroys computers - now does a more thorough job. (ZDNet).


If you'd like to receive our newsletter in your inbox, please sign up here.