Overnight Cybersecurity: Facebook's Sandberg backs release of Russian ads | Watchdog to probe alleged FCC cyberattack | Trump officially nominates new DHS head

Overnight Cybersecurity: Facebook's Sandberg backs release of Russian ads | Watchdog to probe alleged FCC cyberattack | Trump officially nominates new DHS head
© Getty Images

Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We're here to connect the dots as leaders in government, policy and industry try to counter the rise in cyber threats. What lies ahead for Congress, the administration and the latest company under siege? Whether you're a consumer, a techie or a D.C. lifer, we're here to give you ...

 

THE BIG STORIES:

--FACEBOOK'S SANDBERG BACKS RELEASE OF RUSSIAN ADS: Facebook Chief Operating Officer Sheryl Sandberg said on Thursday that she "absolutely" agrees with the decision to release the 3,000 political ads that her company believes were purchased by Russians. "Things happened on our platform during this election that should not have happened," Sandberg said during a live interview with Axios's Mike Allen. "We know that we have a responsibility to do everything we can to prevent this kind of abuse." The House Intelligence Committee announced Wednesday that it would be making the ads public, a month after Facebook first revealed that it had sold $100,000 in ads to the Internet Research Agency, which Facebook says is a Russian "troll farm." Sandberg also met with House leaders and congressional investigators on Wednesday. During the interview on Thursday, she was grilled about her talks with lawmakers and what the company has learned about the alleged influence campaign on Facebook's platform. She told Allen that Facebook would assist in stripping the content of any personally identifiable information.

To read the rest of our piece, click here.

--KASPERSKY INTRIGUE GROWS: The intrigue surrounding Moscow-based Kaspersky Lab is deepening after reports that the company's software may have aided Russian spying operations against the United States. On Tuesday, The New York Times reported that Israeli intelligence officers alerted the U.S. that Russian agents were broadly utilizing Kaspersky software to search for American secrets. The revelations triggered worry in Washington and arrived ahead of a key hearing on Capitol Hill in which lawmakers are expected to explore the possible risks posed by Kaspersky software to U.S. information systems. The House Science, Space and Technology Committee, led by Rep. Lamar Smith (R-Texas), is planning to hold a series of hearings on Kaspersky software beginning Oct. 25. Kaspersky is a multinational company with headquarters in Moscow that serves 400 million customers worldwide. But the company has attracted scrutiny in the wake of Russia's interference in the 2016 U.S. presidential election. The company was thrust further into the spotlight in September when the Department of Homeland Security (DHS) barred federal agencies and departments from using Kaspersky software on their systems, citing potential risks to national security.

To read the rest of our piece, click here.

--EQUIFAX TAKES DOWN WEBSITE AMID NEW BREACH CONCERNS: Equifax has taken a customer help page on its website offline as its security team investigates another cybersecurity incident. Ars Techica reported that an independent security analyst had discovered Wednesday that hackers had manipulated part of the credit-reporting giant's website to push out malicious, fraudulent Adobe Flash updates to visitors. Equifax initially confirmed that it had temporarily taken the credit report assistance link on its website offline "out of an abundance of caution" as its IT and security teams looked into the matter. Later, a spokesman clarified that the issue involved a third-party vendor whose code was running on an Equifax website and serving malicious content, and that Equifax's own systems were not compromised. "Equifax can confirm that its systems were not compromised and that the reported issue did not affect our consumer online dispute portal," Equifax said. "The issue involves a third-party vendor that Equifax uses to collect website performance data, and that vendor's code running on an Equifax website was serving malicious content," the company said. "Since we learned of the issue, the vendor's code was removed from the webpage and we have taken the webpage offline to conduct further analysis." The incident comes just over a month after Equifax disclosed a massive data breach in which hackers stole the personal information of more than 145 million U.S. consumers.

To read the rest of our piece, click here.

--GAO TO PROBE FCC CYBERATTACK: The government's top watchdog has agreed to investigate the reported cyberattack that targeted the Federal Communications Commission (FCC) earlier this year while the agency was preparing to roll back net neutrality regulations. A spokesman for the Government Accountability Office (GAO) confirmed it has accepted a request from two Democratic lawmakers to probe the distributed denial of service (DDoS) attack that the FCC said disrupted its electronic comment filing system in May. The investigation will also examine the FCC's broader cybersecurity efforts. Sen. Brian SchatzBrian Emanuel SchatzSenate panel moves forward with bill to roll back Dodd-Frank GOP on verge of opening Arctic refuge to drilling Dems rip GOP over handwritten changes to tax plan MORE (D-Hawaii) and Rep. Frank Pallone Jr. (D-N.J.) wrote to the GAO in mid-August asking it to investigate the DDoS attack that the FCC blamed for slowing its comment filing system on May 8. The agency's comment filing system was brought down the day after comedian John Oliver slammed the FCC for trying to ease Obama-era net neutrality regulations during a segment on his HBO show. The incident generated speculation that the system had been overwhelmed with traffic because Oliver directed his viewers to file comments supporting the regulations. However, the FCC later said the system had been targeted with a DDoS attack, which overwhelms a website with massive amounts of fake traffic.

To read the rest of our piece, click here.

 

A LEGISLATIVE UPDATE: OPPOSITION MOUNTS TO SURVEILLANCE REFORM BILL: A carefully crafted compromise proposal to reform the NSA's warrantless surveillance program is in trouble, with opposition coming from libertarian-leaning conservatives and members of the House Intelligence Committee.

The House Freedom Caucus appears dissatisfied with the National Security Agency reform measure, which was drafted by a bipartisan group of Judiciary Committee lawmakers led by Chairman Bob GoodlatteRobert (Bob) William GoodlatteRosenstein to testify before House Judiciary Committee next week Conservative pressure on Sessions grows Clock ticking down on NSA surveillance powers MORE (R-Va.).

Freedom Caucus members often find common ground with progressives on surveillance issues, potentially putting them in a position to decide the fate of the legislation.

"If there is a ground zero for that debate, it's probably in my caucus," said Freedom Caucus Chairman Mark Meadows (R-N.C.).

"I don't know that [the bill] goes far enough. I think there's still a lot of unanswered questions with regards to Fourth Amendment protections."

The Freedom Caucus hasn't staked out an official position on the bill yet, but will likely do so in the next few weeks, Meadows said.

Complicating matters further, the Intelligence Committee isn't totally on board with Goodlatte's bill either. Rep. Tom Rooney (R-Fla.), the chairman of the House subcommittee with oversight of the NSA, on Thursday suggested the Intelligence Committee might draft its own bill.

The Trump administration, meanwhile, has been stumping hard for a clean, permanent reauthorization of the NSA wiretapping program. But Goodlatte has said a clean renewal does not have the votes to pass the House.

The dispute centers on a law that lets the government collect emails and text messages sent by foreign spies, terrorists and other foreign targets overseas. Under the law, federal investigators are allowed to search that database for Americans who may have communicated with a foreign target.

The intelligence community calls the program a critical tool in identifying and disrupting terrorist plots. Civil liberties advocates say it infringes on the Fourth Amendment.

On Friday, several top Trump administration officials, including Director of National Intelligence Dan CoatsDaniel (Dan) Ray CoatsNational counterterrorism chief to retire at the end of year Former intel chief Hayden: Think twice on a Trump job offer Counterintelligence needs reboot for 21st century MORE, are scheduled to appear at the Heritage Foundation to discuss the renewal of the law, called Section 702 of the Foreign Intelligence Surveillance Act (FISA).

To read the rest of our piece, click here.

 

A LIGHT-ISH CLICK: Not the Onion: Russian accounts on Pokemon Go seeked to meddle in U.S. politics. (CNN)

 

AN OPINION IN FOCUS: DON'T FEAR THE MACHINE: Americans should not fear the transformative power of artificial intelligence (AI), but rather embrace it, writes William Carter, deputy director of the Center for Strategic and International Studies' technology policy program, in a new essay.

His piece comes in response to a Pew Research Center survey released last week, which found that the majority of Americans are more afraid of the potential developments in artificial intelligence than they are excited about it.

The survey also found that the vast majority of Americans would support policies that limit machines "to doing dangerous or unhealthy jobs."

The public needs to be better educated to assuage unrealistic fears about the development of AI, Carter argues. He also warns that "any laws or policies that constrain the development and deployment of these technologies in the United States will have far-reaching consequences" that could result in America falling behind other technological superpowers.

"If we allow ourselves to fall behind in the development and deployment of AI, the biggest impact on our job market will be that fewer AI-enabled jobs will become available to Americans, and fewer U.S. businesses will benefit from the efficiencies and new capabilities provided by AI," Carter writes.

To read his full essay, click here.

 

WHO'S IN THE SPOTLIGHT: KIRSTJEN NIELSEN: President Trump on Thursday formally announced he will nominate his deputy chief of staff, Kirstjen Nielsen, to lead the Department of Homeland Security (DHS).

"I call upon the Senate ... to confirm this tremendously qualified and talented nominee," Trump said during a ceremony in the East Room of the White House.

Trump cheered Nielsen as "a dedicated leader whose priority is always the safety and security of our country and our citizens, not politics or ideology."

If she is confirmed, Nielsen will lead a sprawling Cabinet agency charged with securing the nation's borders and airports, enforcing immigration laws, coordinating disaster relief efforts and overseeing the Secret Service and Coast Guard.

DHS is also responsible for protecting civilian federal networks and critical infrastructure from cyberattacks. Nielsen has been cheered for her cyber experience, having served as a senior fellow at George Washington University's Center for Cyber and Homeland Security before joining the department earlier this year.

The 45-year-old previously worked at the Transportation Security Administration and served on President George W. Bush's Homeland Security Council.

"I share the president's profound commitment to the security of our country and the safety of the American people," Nielsen said during the ceremony. "Mr. President, if confirmed, it will be the highest honor of my life to again work with and support these remarkable public servants and to continue to serve all of the American people."

To read the rest of our piece, click here.

 

IN CASE YOU MISSED IT:

Links from our blog, The Hill, and around the Web.

Op-ed: Equifax breach shows the need for radical overhaul in privacy laws. (The Hill)

GOP rep moves to end use of Social Security numbers as credit bureau ID. (The Hill)

Trump adviser acknowledges slow pace of IT hires. (The Hill)

Kaspersky inks threat intel sharing agreement with Interpol. (The Hill)

GOP rep on responsible encryption: 'You can call it whatever you want.' (The Hill)

Twitter responds to criticism over blocking Rose McGowan. (The Hill)

Hackers steal details on Australian defense programs. (BBC)

Cyber Command stands up new planning entities within combatant commands. (Defense News)

Mistaken Internet connection helped North Korean hackers steal U.S.-South Korea war plans. (Wall Street Journal)

A Republican phone polling firm was hacked. (ZDNet)

Irish court greenlights Apple data center. (Reuters)

If you'd like to receive our newsletter in your inbox, please sign up here.