Overnight Cybersecurity: Trump Jr. reportedly corresponded with WikiLeaks before election | Shadow Brokers probe taking a toll on NSA | House panel taking up bill to save cyber diplomacy office | Trump stokes controversy with hacking comments

Overnight Cybersecurity: Trump Jr. reportedly corresponded with WikiLeaks before election | Shadow Brokers probe taking a toll on NSA | House panel taking up bill to save cyber diplomacy office | Trump stokes controversy with hacking comments

Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We're here to connect the dots as leaders in government, policy and industry try to counter the rise in cyber threats. What lies ahead for Congress, the administration and the latest company under siege? Whether you're a consumer, a techie or a D.C. lifer, we're here to give you ...

 

THE BIG STORIES:

--TRUMP JR. REPORTEDLY CORRESPONDED WITH WIKILEAKS ON TWITTER: President TrumpDonald John TrumpDems flip Wisconsin state Senate seat Sessions: 'We should be like Canada' in how we take in immigrants GOP rep: 'Sheet metal and garbage' everywhere in Haiti MORE's eldest son occasionally exchanged private messages with WikiLeaks on Twitter before the 2016 election, The Atlantic reported on Monday. The WikiLeaks Twitter account reportedly sent a direct message to Donald Trump Jr. in late September 2016 alerting him that an anti-Trump site run by a political action committee (PAC) was "about to launch." The message offered the password to the site. "The PAC is a recycled pro-Iraq war PAC. We have guessed the password. It is 'putintrump.' See 'About' for who is behind it. Any comments?" WikiLeaks wrote, according to The Atlantic. 

To read the rest of our piece, click here.

ADVERTISEMENT

--TRUMP REPORTEDLY TWEETED ABOUT PODESTA 15 MINS AFTER WIKILEAKS ASKED TRUMP JR.: President Trump tweeted about the hacked emails of then-Clinton campaign chairman John Podesta approximately 15 minutes after WikiLeaks requested Donald Trump Jr. ask him to do so, a reporter for The Wall Street Journal pointed out Monday, based on reporting from The Atlantic. "Very little pick-up by the dishonest media of incredible information provided by WikiLeaks." Trump tweeted on October 12, 2016.

To read the rest of our piece, click here.

--'SHADOW BROKERS' SAGA TAKING A TOLL ON NSA EMPLOYEES: The investigation into how alleged National Security Agency (NSA) hacking tools ended up being leaked to the public has started to take its toll on agency employees, according to a lengthy new report in The New York Times. Employees of the renowned hacking wing of the NSA, both longtime employees and new hires, are moving to better-paying jobs in the private sector under the stress of an investigation yet to find a suspect to focus on. "Snowden killed morale," an anonymous NSA hacker told the Times. "But at least we knew who he was. Now you have a situation where the agency is questioning people who have been 100 percent mission-oriented, telling them they're liars." The hacking tools have been sporadically leaked and sold by a group named the Shadow Brokers, who first appeared last spring. The Shadow Brokers publicly released large swaths of exploits – computer code used to circumvent security measures -- and other documents. The tools leaked by the Shadow Brokers have been quickly co-opted by at least three massive, international malware campaigns -- WannaCry, NotPetya and Bad Rabbit, each of which caused massive damages.

To read the full New York Times article, click here. For our coverage, click here. And here's our piece from back in May on why you should worry about the Shadow Brokers hack.

--TRUMP AGAIN PROMPTS CRITICISM WITH PUTIN, ELECTION HACKING COMMENTS: President Trump opened himself up to questions and criticism over the weekend when he told reporters aboard Air Force One that he believed Russian President Vladimir Putin's claim that Russia was not behind cyberattacks and disinformation during the 2016 presidential election. Trump and Putin met on Saturday on the sidelines of the Asia-Pacific Economic Cooperation Economic Leaders' Meeting in Danang, Vietnam. Later, Trump sought to clarify his remarks, saying that he believes U.S. intelligence agencies' assessment about Russian interference. "What I said is, I believe [Putin] believes that," Trump said at a press conference in Hanoi, Vietnam. "I believe that he feels that he and Russia did not meddle in the election. As to whether I believe it or not, I'm with our agencies, especially as currently constituted, with their leadership."

To read the rest of our piece, click here.

--SWIFT REBUKE: Trump's comments prompted swift rebuke on Saturday from lawmakers including Sen. John McCainJohn Sidney McCainMcCain rips Trump for attacks on press NSA spying program overcomes key Senate hurdle Meghan McCain says her father regrets opposition to MLK Day MORE (R-Ariz.) and Rep. Adam SchiffAdam Bennett SchiffIntel Dem decries White House 'gag order' after Bannon testimony 'Total free-for-all' as Bannon clashes with Intel members Mueller has subpoenaed Bannon in Russia probe: report MORE (D-Calif.), the ranking member of the House Intelligence Committee investigating Russian interference in the election. "The president fools no one. He understands that the Russians intervened through the hacking and dumping of his opponent's emails, the fruits of which he exploited time and again on the campaign trail. He understands that they mounted an unprecedented effort on social media to help him, hurt [Hillary] Clinton and divide and damage the country he is now supposed to serve," Schiff said in the statement. "He understands all this and more," Schiff continued. "He just doesn't understand how to put country over self."

To read the rest of our coverage, click here and here.

 

A LEGISLATIVE UPDATE: The House Foreign Affairs Committee is due to mark up legislation this week that would save the State Department cyber diplomacy office that Secretary Rex TillersonRex Wayne TillersonDecline in US travel spurs business push for visitors Overnight Defense: GOP chair blames Dems for defense budget holdup | FDA, Pentagon to speed approval of battlefield drugs | Mattis calls North Korea situation 'sobering' Mattis: North Korea situation 'sobering' MORE intends to close as part of his efforts to broadly reorganize the department.

The committee will consider the legislation, sponsored by the panel's leaders, at a meeting on Wednesday. The legislation would codify the Office on Cyber Issues into law and elevate its leader to the rank of ambassador, a presidentially appointed, Senate-confirmed position.

Back in September, Tillerson's deputy, John Sullivan, faced tough questions from lawmakers about the department's plans for cybersecurity. Lawmakers worried that the closure of the cyber office signaled a downgrade of the department's cybersecurity priorities.

At the time, Sullivan insisted that the department is "committed to raising this to a high level within the department and working with the White House on that issue."

Both Chairman Ed Royce (R-Calif.) and ranking member Elliott Engel (D-N.Y.) have more recently raised questions about Tillerson's efforts on cybersecurity. They wrote a letter to the secretary of State last week asking him for an update on a report on international cybersecurity cooperation, mandated by President Trump's cybersecurity executive order, that the State Department is required to soon turn over to the White House.

 

A LIGHTER CLICK: The iPhone X's facial recognition technology is not as smart as you think. (Motherboard)

 

A CASE IN FOCUS:  JUDGE LIMITS FED WARRANT FOR FACEBOOK DATA ON TRUMP PROTESTERS: A court in Washington, D.C., has moved to limit the scope of search warrants obtained by federal investigators for Facebook data in connection with an ongoing investigation into criminal rioting on Inauguration Day.

As a result of the order, the Department of Justice (DOJ) will be blocked from viewing identifying information on innocent third-party Facebook users who interacted with a page used to organize protests against President Trump on Jan. 20.

The particular case involves federal warrants targeting the personal Facebook accounts of two local D.C. activists as well as the public Facebook page for DisruptJ20, which has since been rebranded as "Resist This."

The American Civil Liberties Union (ACLU) filed a motion earlier this year to quash the government search warrants targeting the accounts and page, arguing that they are too broad and raised First and Fourth Amendment concerns.

In a new filing, Chief Judge Robert Morin of the D.C. Superior Court moved to implement a set of "procedural safeguards" to protect the rights of individuals whose data may be caught up in the search of the Facebook page but who are otherwise not connected to the investigation.

For instance, the court required federal prosecutors to report on their intended search protocols, which the court needs to approve before they move forward.

The court also directed Facebook to hand over the data in redacted form so that it omits identifying information on individuals that are not the account holder. The redactions would only be removed if the government successfully demonstrates to the court that it constitutes possible evidence of crime.

The safeguards are nearly identical to those instituted by the court in a similar case involving web hosting company DreamHost, which attracted massive attention earlier this year when federal investigators sought data from the company on an anti-Trump website in connection with the investigation into the inaugural protests.

To read the rest of our piece, click here.

 

WHAT'S IN THE SPOTLIGHT: THE PENTAGON'S BUG BOUNTY PROGRAM: Nearly a year after a rule change allowed good Samaritan hackers to notify the Department of Defense (DOD) about cybersecurity glitches that needed fixing, the Pentagon has mitigated more than 2,800 security problems.

The Pentagon opened its vulnerability disclosure program on November 21, 2016, inviting anyone who came across a security flaw in one of its public-facing websites to report it.

The program came on the heels of last year's "Hack the Pentagon" program, which offered cash rewards for anyone who reported a valid security problem. The vulnerability disclosure program offers no such incentives.

But even without incentives, the vulnerability disclosure program has netted valuable information for the Defense Department. Nearly than 650 hackers from more than 50 countries have submitted security shortcomings to be repaired.

The DOD operates its disclosure program using the firm HackerOne, which also ran the Hack the Pentagon program.

More than 100 of the bugs reported through the program were deemed of high or critical severity, meaning they would allow changes to important data or allow attackers to execute their own commands.

To read the rest of our piece, click here.

 

IN CASE YOU MISSED IT:

'Links from our blog, The Hill, and around the Web.

Speculation grows around Flynn and Mueller probe. (The Hill)

Democrats are pressing the FEC on online political ad rules. (The Hill)

CEO of data firm that aided Trump reportedly reached out to Assange in June 2016. (The Wall Street Journal)

Ex-NSA employees flourish in the start-up world. (The Washington Post)

An increasing number of states are purchasing cyber insurance. (Insurance Journal)

If you'd like to receive our newsletter in your inbox, please sign up here.