Overnight Cybersecurity: Senators unveil election security bills | North Korea denies WannaCry role

Overnight Cybersecurity: Senators unveil election security bills | North Korea denies WannaCry role
© Greg Nash

Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We're here to connect the dots as leaders in government, policy and industry try to counter the rise in cyber threats. What lies ahead for Congress, the administration and the latest company under siege? Whether you're a consumer, a techie or a D.C. lifer, we're here to give you ...

 

THE BIG STORY:

--SENATORS UNVEIL ELECTION SECURITY BILL: A bipartisan coalition of Senate lawmakers introduced legislation on Thursday meant to strengthen U.S. election cybersecurity following Russian election interference. The bill would authorize block grants for states to upgrade outdated voting technology. It would also create a program for an independent panel of experts to develop cybersecurity guidelines for election systems that states can implement if they choose, and offer states resources to implement the recommendations. In addition, the legislation aims to expedite the process by which state officials receive security clearances necessary to review sensitive threat information and instructs the Department of Homeland Security (DHS) and other federal entities to more quickly share this information with relevant state officials. The "Secure Elections Act" was introduced Thursday morning by Sens. James LankfordJames Paul LankfordGOP seeks separation from Trump on Russia Hillicon Valley: EU hits Google with record B fine | Trump tries to clarify Russia remarks | Sinclair changing deal to win over FCC | Election security bill gets traction | Robocall firm exposed voter data Election security bill picks up new support in Senate MORE (R-Okla.), Susan CollinsSusan Margaret CollinsThe Hill's Morning Report — Russia furor grips Washington Overnight Health Care: Novartis pulls back on drug price hikes | House Dems launch Medicare for All caucus | Trump officials pushing ahead on Medicaid work requirements Senate panel to vote next week on banning 'gag clauses' in pharmacy contracts MORE (R-Maine), Lindsey GrahamLindsey Olin GrahamSunday shows preview: Questions linger over Trump-Putin summit Soccer ball Putin gifted to Trump gets routine security screening Graham: Biggest problem is Trump ‘believes meddling equals collusion’ MORE (R-S.C.), Amy KlobucharAmy Jean KlobucharGOP seeks separation from Trump on Russia Hillicon Valley: EU hits Google with record B fine | Trump tries to clarify Russia remarks | Sinclair changing deal to win over FCC | Election security bill gets traction | Robocall firm exposed voter data Election security bill picks up new support in Senate MORE (D-Minn.), Kamala HarrisKamala Devi HarrisTrump: ‘Dems have a death wish’ Election Countdown: Senate, House Dems build cash advantage | 2020 Dems slam Trump over Putin presser | Trump has M in war chest | Republican blasts parents for donating to rival | Ocasio-Cortez, Sanders to campaign in Kansas Senate Democrats block resolution supporting ICE MORE (D-Calif.), and Martin HeinrichMartin Trevor HeinrichCNN congressional correspondent talks about her early love of trolls and family Overnight Energy: DNC to reject fossil fuel donations | Regulators see no security risk in coal plant closures | Senate committee rejects Trump EPA, Interior budgets Energy commission sees no national security risk from coal plant closures MORE (D-N.M.).

To read the rest of our piece, click here.

--...HIGHLIGHTS MEASURES FROM EARLIER BILLS: Experts widely agree that the two major problems addressed by the bill need attention. Our aging elections equipment often uses old components now known to be vulnerable to various hacking techniques. And if officials don't have security clearances, it is impossible to promptly share threats between the federal government and the states that run elections. Two bills, both introduced by cosigners of the Secure Elections Act, used similar solutions to address the problem. Collins and Heinrich introduced comprehensive legislation on Halloween that included streamlining the process for state officials to get security clearances. Similarly, Graham and Klobuchar introduced legislation for federal grants for equipment upgrades.

--...NOT JUST A SECURITY ISSUE: Age doesn't just introduce security concerns. Over time, things break. Some of the earliest digital voting machines are rapidly approaching their expected end of life. Whether a hacker changes a vote or a broken touch screen misrecords the vote, the result is the same - someone's vote didn't count.

 

A REGULATORY UPDATE:

702: As of press time, the House passed in its funding bill a short-term extension of the 702 provisions of the FISA act, allowing law enforcement agencies to surveil foreign citizens outside the U.S. without a warrant.

Earlier Thursday, law enforcement agencies were getting anxious.

Midday, the heads of the FBI, CIA and NSA, alongside the Director of National Intelligence cosigned a letter imploring the Legislative Branch to reauthorize the prograam.

"There is no substitute for Section 702. If Congress fails to reauthorize this authority, the Intelligence Community will lose valuable foreign intelligence information, and the resulting intelligence gaps will make it easier for terrorists, weapons proliferators, malicious cyber actors, and other foreign adversaries to plan attacks against our citizens and allies without detection," they wrote.

A sizable group of opponents, including the Sens. Rand PaulRandal (Rand) Howard PaulThe Hill's Morning Report — Trump and Congress at odds over Russia GOP leader blocks resolution backing intelligence community on Russia Rand Paul blocks Sanders's Russia resolution, calls it 'crazy hatred' against Trump MORE (R-Kent.), and Ron WydenRonald (Ron) Lee WydenSunk judicial pick spills over into Supreme Court fight House passes measure blocking IRS from revoking churches' tax-exempt status over political activity Senators introduce bipartisan bill to improve IRS MORE (D-Ore.) argue that U.S. citizens slip through the safety measures meant to filter out people not supposed to be surveilled.

 

A LIGHTER CLICK: 

LONG ISLAND ICED TEA COMPANY TRIPLES ITS STOCK PRICE BY CHANGING ITS NAME TO 'LONG BLOCKCHAIN.' To be fair, Long Island is not known for its non-alcoholic iced tea. 

 

AN ATTRIBUTION IN FOCUS: 

NORTH KOREA NOT THRILLED BEING BLAMED FOR WANNACRY: North Korea's Ministry of Foreign Affairs on Wednesday fiercely denied the United States assertion Pyongyang launched the disastrous WannaCry malware.

"As we have clearly stated on several occasions, we have nothing to do with cyber-attack and we do not feel a need to respond, on a case-by-case basis, to such absurd allegations of the U.S.," a spokesman told the state media publication KCNA.

"However, we can never tolerate the U.S. reckless move of using the issue of cyber-attack for the purpose of making direct accusation against our state," he said.

Though the KCNA website was down, the statement was archived at North Korean media aggregator KCNA Watch.

WannaCry infected hundreds of thousands of computers in only a few days, forcing the British national hospital system to turn away patients and harming government systems in Russia, India and China.

On Tuesday, U.S. homeland security adviser Tom Bossert announced that the U.S. had conclusively linked WannaCry with North Korean leadership.

"This move is a grave political provocation by the U.S. aimed at inducing the international society into a confrontation against the DPRK," the spokesman said.

To read the rest of our piece, click here.

 

WHAT'S IN THE SPOTLIGHT:

RUSSIA (AGAIN) (SORRY): A string of U.S. actions raises questions of whether the U.S.'s strategy of ignoring Russian hacking will ever pay off with the close ties with Moscow the president promised.

In June of 2016, Donald TrumpDonald John TrumpSchiff: Surveillance warrant docs show that Nunes memo 'misrepresented and distorted these applications' Chicago detention facility under investigation following allegations of abuse of migrant children Ex-Trump aide: Surveillance warrants are 'complete ignorance' and 'insanity' MORE asked a rally in California "Wouldn't it be nice if we actually got along with Russia? Wouldn't that be good?"

And for 18 months, Trump has stood behind that line. He has delayed a sanctions bill for the DNC affair, revealed code-word classified information to Russian ambassadors, and generally denied any Russian involvement in the 2016 elections - despite the full confidence his intelligence agencies have in that fact.

Within the last 48 hours, Trump has approved an arms sale to Ukraine to push back Moscow's forces, and invoked Magnitsky act sanctions against five Russians including the son of the Russian prosecutor general. The Department of Defense has also accused Russia of violating the deconfliction boundaries in Syria.

The moves garnered praise from security hawks in the Senate.

"With this decision [to arm Ukraine], the Trump administration is reminding Vladimir Putin and his cronies that they lost the Cold War, and we won't tolerate their bullying of our friend Ukraine," Said Sen. Tom CottonThomas (Tom) Bryant CottonBipartisan group introduces retirement savings legislation in Senate Overnight Defense: Fallout from tense NATO summit | Senators push to block ZTE deal in defense bill | Blackwater founder makes new pitch for mercenaries to run Afghan war Hillicon Valley: DOJ appeals AT&T-Time Warner ruling | FBI agent testifies in heated hearing | Uproar after FCC changes rules on consumer complaints | Broadcom makes bid for another US company | Facebook under fire over conspiracy sites MORE (R-Ark.) in a statement.

But it did not get the same praise by Russia.

State-run media referred to the Ukraine sale as "a sideways move to nowhere," and Russia's Foreign Ministry called the new Magnitsky list"grotesque" and vowed a response.

 

IN CASE YOU MISSED IT:

Links from our blog, The Hill, and around the Web.

The latest poll shows more than half of Americans disapprove of Trump's handling of the Russia investigation. (The Hill)

Eric Schmidt, the executive chairman of Google parent company Alphabet, will step down. (The Hill)

Lithuania follows America's lead and bars Kaspersky Lab from sensitive computers. (Reuters)

The Russian bank Globex was hacked over the SWIFT network, to the tune of $940,000. (Reuters)

How the newly negotiated Wassenaar Arrangement fixes the old version's flaws - including the part where it inadvertently banned the international sale of critical cybersecurity products. (Cyberscoop)