Overnight Cybersecurity: Senators unveil election security bills | North Korea denies WannaCry role

Overnight Cybersecurity: Senators unveil election security bills | North Korea denies WannaCry role
© Greg Nash

Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We're here to connect the dots as leaders in government, policy and industry try to counter the rise in cyber threats. What lies ahead for Congress, the administration and the latest company under siege? Whether you're a consumer, a techie or a D.C. lifer, we're here to give you ...

 

THE BIG STORY:

--SENATORS UNVEIL ELECTION SECURITY BILL: A bipartisan coalition of Senate lawmakers introduced legislation on Thursday meant to strengthen U.S. election cybersecurity following Russian election interference. The bill would authorize block grants for states to upgrade outdated voting technology. It would also create a program for an independent panel of experts to develop cybersecurity guidelines for election systems that states can implement if they choose, and offer states resources to implement the recommendations. In addition, the legislation aims to expedite the process by which state officials receive security clearances necessary to review sensitive threat information and instructs the Department of Homeland Security (DHS) and other federal entities to more quickly share this information with relevant state officials. The "Secure Elections Act" was introduced Thursday morning by Sens. James LankfordJames Paul LankfordA year into Trump's presidency, the media is still ignorant of his plan for a wall Trump's 's---hole' remark sparks bipartisan backlash GOP senator: Trump’s reported ‘s---hole’ comments ‘disappointing’ MORE (R-Okla.), Susan CollinsSusan Margaret CollinsDemocrats search for 51st net neutrality vote Overnight Tech: States sue FCC over net neutrality repeal | Senate Dems reach 50 votes on measure to override repeal | Dems press Apple on phone slowdowns, kids' health | New Android malware found Overnight Regulation: Dems claim 50 votes in Senate to block net neutrality repeal | Consumer bureau takes first step to revising payday lending rule | Trump wants to loosen rules on bank loans | Pentagon, FDA to speed up military drug approvals MORE (R-Maine), Lindsey GrahamLindsey Olin GrahamDHS chief takes heat over Trump furor Overnight Defense: GOP chair blames Dems for defense budget holdup | FDA, Pentagon to speed approval of battlefield drugs | Mattis calls North Korea situation 'sobering' Bipartisan group to introduce DACA bill in House MORE (R-S.C.), Amy KlobucharAmy Jean KlobucharOvernight Cybersecurity: Bipartisan bill aims to deter election interference | Russian hackers target Senate | House Intel panel subpoenas Bannon | DHS giving 'active defense' cyber tools to private sector Pawlenty opts out of Senate run in Minnesota Nielsen says 'possible' Trump used vulgar language in meeting MORE (D-Minn.), Kamala HarrisKamala Devi HarrisDHS chief takes heat over Trump furor NSA spying program overcomes key Senate hurdle Democrats will need to explain if they shut government down over illegal immigration MORE (D-Calif.), and Martin HeinrichMartin Trevor HeinrichTrump, GOP fire back over Fusion GPS testimony Overnight Cybersecurity: Computer chip flaws present new security challenge | DOJ to offer House key documents in Russia probe | Vulnerability found in Google Apps Script Overnight Cybersecurity: Senators unveil election security bills | North Korea denies WannaCry role MORE (D-N.M.).

To read the rest of our piece, click here.

--...HIGHLIGHTS MEASURES FROM EARLIER BILLS: Experts widely agree that the two major problems addressed by the bill need attention. Our aging elections equipment often uses old components now known to be vulnerable to various hacking techniques. And if officials don't have security clearances, it is impossible to promptly share threats between the federal government and the states that run elections. Two bills, both introduced by cosigners of the Secure Elections Act, used similar solutions to address the problem. Collins and Heinrich introduced comprehensive legislation on Halloween that included streamlining the process for state officials to get security clearances. Similarly, Graham and Klobuchar introduced legislation for federal grants for equipment upgrades.

--...NOT JUST A SECURITY ISSUE: Age doesn't just introduce security concerns. Over time, things break. Some of the earliest digital voting machines are rapidly approaching their expected end of life. Whether a hacker changes a vote or a broken touch screen misrecords the vote, the result is the same - someone's vote didn't count.

 

A REGULATORY UPDATE:

702: As of press time, the House passed in its funding bill a short-term extension of the 702 provisions of the FISA act, allowing law enforcement agencies to surveil foreign citizens outside the U.S. without a warrant.

Earlier Thursday, law enforcement agencies were getting anxious.

Midday, the heads of the FBI, CIA and NSA, alongside the Director of National Intelligence cosigned a letter imploring the Legislative Branch to reauthorize the prograam.

"There is no substitute for Section 702. If Congress fails to reauthorize this authority, the Intelligence Community will lose valuable foreign intelligence information, and the resulting intelligence gaps will make it easier for terrorists, weapons proliferators, malicious cyber actors, and other foreign adversaries to plan attacks against our citizens and allies without detection," they wrote.

A sizable group of opponents, including the Sens. Rand PaulRandal (Rand) Howard PaulNSA spying program overcomes key Senate hurdle Fix what we’ve got and make Medicare right this year Despite amnesty, DACA bill favors American wage-earners MORE (R-Kent.), and Ron WydenRonald (Ron) Lee WydenWeek ahead: Senate takes up surveillance bill This week: Time running out for Congress to avoid shutdown Senate Finance Dems want more transparency on trade from Trump MORE (D-Ore.) argue that U.S. citizens slip through the safety measures meant to filter out people not supposed to be surveilled.

 

A LIGHTER CLICK: 

LONG ISLAND ICED TEA COMPANY TRIPLES ITS STOCK PRICE BY CHANGING ITS NAME TO 'LONG BLOCKCHAIN.' To be fair, Long Island is not known for its non-alcoholic iced tea. 

 

AN ATTRIBUTION IN FOCUS: 

NORTH KOREA NOT THRILLED BEING BLAMED FOR WANNACRY: North Korea's Ministry of Foreign Affairs on Wednesday fiercely denied the United States assertion Pyongyang launched the disastrous WannaCry malware.

"As we have clearly stated on several occasions, we have nothing to do with cyber-attack and we do not feel a need to respond, on a case-by-case basis, to such absurd allegations of the U.S.," a spokesman told the state media publication KCNA.

"However, we can never tolerate the U.S. reckless move of using the issue of cyber-attack for the purpose of making direct accusation against our state," he said.

Though the KCNA website was down, the statement was archived at North Korean media aggregator KCNA Watch.

WannaCry infected hundreds of thousands of computers in only a few days, forcing the British national hospital system to turn away patients and harming government systems in Russia, India and China.

On Tuesday, U.S. homeland security adviser Tom Bossert announced that the U.S. had conclusively linked WannaCry with North Korean leadership.

"This move is a grave political provocation by the U.S. aimed at inducing the international society into a confrontation against the DPRK," the spokesman said.

To read the rest of our piece, click here.

 

WHAT'S IN THE SPOTLIGHT:

RUSSIA (AGAIN) (SORRY): A string of U.S. actions raises questions of whether the U.S.'s strategy of ignoring Russian hacking will ever pay off with the close ties with Moscow the president promised.

In June of 2016, Donald TrumpDonald John TrumpDems flip Wisconsin state Senate seat Sessions: 'We should be like Canada' in how we take in immigrants GOP rep: 'Sheet metal and garbage' everywhere in Haiti MORE asked a rally in California "Wouldn't it be nice if we actually got along with Russia? Wouldn't that be good?"

And for 18 months, Trump has stood behind that line. He has delayed a sanctions bill for the DNC affair, revealed code-word classified information to Russian ambassadors, and generally denied any Russian involvement in the 2016 elections - despite the full confidence his intelligence agencies have in that fact.

Within the last 48 hours, Trump has approved an arms sale to Ukraine to push back Moscow's forces, and invoked Magnitsky act sanctions against five Russians including the son of the Russian prosecutor general. The Department of Defense has also accused Russia of violating the deconfliction boundaries in Syria.

The moves garnered praise from security hawks in the Senate.

"With this decision [to arm Ukraine], the Trump administration is reminding Vladimir Putin and his cronies that they lost the Cold War, and we won't tolerate their bullying of our friend Ukraine," Said Sen. Tom CottonTom CottonMcCarthy: ‘No deadline on DACA’ DHS chief takes heat over Trump furor Lawmakers see shutdown’s odds rising MORE (R-Ark.) in a statement.

But it did not get the same praise by Russia.

State-run media referred to the Ukraine sale as "a sideways move to nowhere," and Russia's Foreign Ministry called the new Magnitsky list"grotesque" and vowed a response.

 

IN CASE YOU MISSED IT:

Links from our blog, The Hill, and around the Web.

The latest poll shows more than half of Americans disapprove of Trump's handling of the Russia investigation. (The Hill)

Eric Schmidt, the executive chairman of Google parent company Alphabet, will step down. (The Hill)

Lithuania follows America's lead and bars Kaspersky Lab from sensitive computers. (Reuters)

The Russian bank Globex was hacked over the SWIFT network, to the tune of $940,000. (Reuters)

How the newly negotiated Wassenaar Arrangement fixes the old version's flaws - including the part where it inadvertently banned the international sale of critical cybersecurity products. (Cyberscoop)

 

If you'd like to receive our newsletter in your inbox, please sign up here.