Overnight Cybersecurity: Intel chiefs expect Russia to meddle in 2018 midterms | Wyden presses FBI chief on encryption | Trump to tap Army cyber chief as NSA director

Overnight Cybersecurity: Intel chiefs expect Russia to meddle in 2018 midterms | Wyden presses FBI chief on encryption | Trump to tap Army cyber chief as NSA director
© Greg Nash

Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We're here to connect the dots as leaders in government, policy and industry try to counter the rise in cyber threats. What lies ahead for Congress, the administration and the latest company under siege? Whether you're a consumer, a techie or a D.C. lifer, we're here to give you ...

 

THE BIG STORIES:

On Tuesday, top U.S. intelligence officials testified before the Senate Intelligence Committee in a regularly scheduled hearing on worldwide threats to U.S. national security. The hearing covered a wide swath of cyber-related topics, including Russian interference in the election, encryption, potential threats from Chinese telecoms firms, and the lack of a whole-of-government strategy on cybersecurity. The major takeaways:

 

--INTEL CHIEFS EXPECT RUSSIA TO MEDDLE IN MIDTERMS: President TrumpDonald John TrumpWSJ: Trump ignored advice to confront Putin over indictments Trump hotel charging Sean Spicer ,000 as book party venue Bernie Sanders: Trump 'so tough' on child separations but not on Putin MORE's top intelligence chief said Tuesday that there is "no doubt" that Russia views its efforts to influence the 2016 election as successful and will look to target the upcoming midterms. "There should be no doubt that Russia perceived its past efforts as successful and views the 2018 midterm elections as a potential target for Russian influence operations," Director of National Intelligence Dan CoatsDaniel (Dan) Ray CoatsHillicon Valley: Trump's Russia moves demoralize his team | Congress drops effort to block ZTE deal | Rosenstein warns of foreign influence threat | AT&T's latest 5G plans Questions mount over Trump-Putin discussions Overnight Defense: White House 'not considering' Ukraine referendum | Pompeo hopeful on plans for Putin visit | Measure to block ZTE deal dropped from defense bill MORE said during his opening remarks. Coats and the rest of the officials testifying -- including FBI Director Christopher Wray, CIA Director Mike PompeoMichael (Mike) Richard PompeoHillicon Valley: Trump's Russia moves demoralize his team | Congress drops effort to block ZTE deal | Rosenstein warns of foreign influence threat | AT&T's latest 5G plans Dem lawmaker calls on Pompeo to keep export restrictions on 3D gun-printing software Questions mount over Trump-Putin discussions MORE and National Security Agency Director Adm. Mike RogersMichael (Mike) Dennis RogersHillicon Valley: EU hits Google with record B fine | Trump tries to clarify Russia remarks | Sinclair changing deal to win over FCC | Election security bill gets traction | Robocall firm exposed voter data Former Intel panel chairman says Trump betrayed US intelligence community Trump and Putin should be talking about cyber weapons and social media instead of nuclear weapons MORE -- all reaffirmed their confidence the intelligence community's assessment on Russian interference in the 2016 election. They also signaled their agreement that they expect Russia will look to interfere in the 2018 elections.

 

--POMPEO CALLS NYT REPORT 'ATROCIOUS': Sen. Susan CollinsSusan Margaret CollinsThe Hill's Morning Report — Russia furor grips Washington Overnight Health Care: Novartis pulls back on drug price hikes | House Dems launch Medicare for All caucus | Trump officials pushing ahead on Medicaid work requirements Senate panel to vote next week on banning 'gag clauses' in pharmacy contracts MORE (R-Maine) asked Pompeo whether reports that U.S. intelligence officials engaged in a top-secret effort over the past year to secure the return of stolen NSA hacking tools from Russian operatives were accurate. The New York Times and The Intercept published reports on the alleged operation late last week. According to the Times, U.S. officials turned over $100,000 to intermediaries in the botched operation. Pompeo called the reports "atrocious" and wholly inaccurate. "Reporting on this matter has been atrocious, it's been ridiculous, totally inaccurate. In our view, the suggestion the CIA was swindled is false. The people who were swindled were James Risen and Matt Rosenberg," Pompeo said, referring to the writers of the reports. "Indeed it's our view that the same two people who were proffering phony information to the United States government proffered that phony information to those same two reporters," Pompeo continued. "The Central Intelligence Agency did not provide any resources -- no money -- to these two individuals who proffered U.S. government information, directly or indirectly, at any time."

 

--WYDEN PRESSES FBI CHIEF ON ENCRYPTION: As expected, Sen. Ron WydenRonald (Ron) Lee WydenSunk judicial pick spills over into Supreme Court fight House passes measure blocking IRS from revoking churches' tax-exempt status over political activity Senators introduce bipartisan bill to improve IRS MORE (D-Ore.) pressed FBI Director Christopher Wray on recent comments he made in which he suggested that encrypted devices could be designed to both provide data security and enable law enforcement access with a court order. Wray outlined the idea during a speech in New York last month when discussing the issue of "going dark," or the inability of law enforcement to gain access to encrypted communications for investigations. Wyden accused Wray of advocating for "weak encryption" that would undermine security. "You have essentially indicated that companies should be making their products with backdoors in order for you all to do your job," Wyden said, repeating his request for Wray to disclose the experts he has consulted on the issue. Wray pushed back on the assertion that he was advocating for weak security practices. "My position is not that we should weaken encryption. My position is that we should be working together, the government and the private sector, that balances both concerns," Wray said. Wyden's line of questioning also yielded what was arguably the most newsworthy tidbit from the hearing – new details from Wray on the timeline surrounding Rob Porter's security clearance background investigation.

To read more from our coverage, click herehere and here.

 

A LEGISLATIVE UPDATE: 

During the Senate hearing, lawmakers from both parties also underscored the need to address election security as the midterm elections draw closer.

In closing remarks, Sen. Mark WarnerMark Robert WarnerSenate panel advances Trump IRS nominee Bipartisan bill would bring needed funds to deteriorating National Park Service infrastructure Senate Dems press for info on any deals from Trump-Putin meeting MORE (D-Va.), the panel's top Democrat, said that he hopes the committee will "very quickly" release a report on the findings of its investigation specifically addressing U.S. election security.

Warner signaled he expects the report to include a set of recommendations for officials to implement to improve the security of their voting systems in advance of the 2018 primaries.

"It's our hope that on election security, we can come forward with a set of recommendations very quickly because we have primaries coming up as early as March," Warner said.

"My hope is that there will be bipartisan legislation to try to start addressing this issue," he added.

Separately, Sen. Susan Collins (R-Maine) expressed frustration that Congress has not passed legislation to address election security in the states. There are bipartisan bills currently being offered that aim to deter future foreign interference efforts and provide states with more resources to replace outdated voting technology and shore up the security of their systems.  

"This is an election year in our country, and it's frankly frustrating to me that we haven't passed legislation to help states strengthen the security of their voting systems," Collins said.

Sen. Roy BluntRoy Dean BluntSenate GOP attempts to wave Trump off second Putin summit Election security bill picks up new support in Senate Overnight Defense: Fallout from tense NATO summit | Senators push to block ZTE deal in defense bill | Blackwater founder makes new pitch for mercenaries to run Afghan war MORE (R-Mo.) also spoke of the urgency of the issue during the hearing.

"Voting begins in March. That's next month," Blunt said. "If we're going to have any impact on securing that voting system itself, it would seem to me that we need to be acting quickly."

Chairman Richard BurrRichard Mauze BurrCongress should build upon the ABLE Act, giving more Americans with disabilities access to financial tools Christine Todd Whitman: Trump should step down over Putin press conference GOP lambasts Trump over performance in Helsinki MORE (R-N.C.) signaled during closing remarks that the committee aims to hold a public hearing on election security later in the year.

 

A LIGHTER CLICK: 

Watch out Kim Kardashian, drones can now easily avoid obstacles and chase targets like the paparazzi. (Technology Review)

 

A REPORT IN FOCUS:

Financial institutions worldwide say they are concerned about possible cyber threats, but Chief Information Security Officers (CISOs) for such organizations listed a range of different priorities for addressing potential attacks, according to a new report.

In an attempt to boost their defense against cyberattacks, 35 percent of CISOs said employee training is a top priority while 25 percent said upgrading infrastructure and network defense is key, according to the 2018 CISO Cybersecurity Trends report Financial Services Information Sharing and Analysis Center (FS-ISAC) found in their 2018 CISO Cybersecurity Trends report.

"Employee training should include awareness about downloading and executing unknown applications on company assets, and in accordance with corporate policies and relevant regulations, and training employees on how to report suspicious emails and attachments," the report says.

Slightly fewer, or 17 percent, said breach prevention is their top priority.

"In the era of increasing security threats and vulnerabilities, CISOs know that keeping top leadership and boards updated regularly on these security risks and effective defenses is a top priority," the report says.

The weight of concern about an outside attack is getting heavier as the issue leaps from the server room to the board room. Most CISOs, or 66 percent, tend to report such matters to their chief information officers instead of the chief executive officers, the report found.

"Free and direct flow of critical information to the CEO and to the board of directors will help increase transparency and facilitate faster decision making," the report recommends.

 

WHAT'S IN THE SPOTLIGHT: 

GEN. PAUL NAKASONE: President Trump will nominate Lt. Gen. Paul Nakasone to serve as the next leader of the National Security Agency (NSA), an administration official said Tuesday.

"Congratulations to Lt. Gen. Paul Nakasone, nominated as Director NSA & Commander, U.S. Cyber Command, a [position] that will earn him his 4th star!" Rob Joyce, a former NSA official who is serving as White House cyber coordinator, wrote on Twitter.

"An exceptional leader for two exceptional [organizations], he brings great experience and strong cyber background," Joyce wrote.

Nakasone, who currently leads the Army Cyber Command, will replace outgoing NSA Director Adm. Mike Rogers, who is expected to soon retire from his post. Nakasone will also helm U.S. Cyber Command in the dual-hat role.

The White House has not yet sent out an official advisory on his nomination. A spokesperson did not immediately respond to a request for confirmation.

Nakasone has widely been rumored as a top choice for the role since news first broke that Rogers was expected to leave his post earlier this year. Politico reported last month that Trump was expected to choose Nakasone for the position.

Nakasone will assume the role at a key moment for both the NSA and Cyber Command, the U.S. military's offensive cyber unit. The clandestine spy agency has faced turmoil in recent years as a result of intelligence leaks and the loss of top-secret hacking tools.

Meanwhile, Cyber Command will see its authorities grow in the coming year, after Trump moved to elevate it into a full combatant command last year.

The Pentagon is currently mulling whether and how to split NSA and Cyber Command, which will result in each having a different leader. The split is widely viewed as inevitable, though former officials and some lawmakers have warned it could have potentially negative consequences if done too swiftly.

Rogers has been at the helm of the NSA since 2014, and has presided over reorganization at an agency that has been unpopular among some officials. He delivered what could be his last public congressional testimony on Tuesday, appearing before the Senate Intelligence Committee for an annual hearing on worldwide threats.

To read the rest of our piece, click here.

 

IN CASE YOU MISSED IT:

Links from our blog, The Hill, and around the Web.

FBI chief contradicts White House account on Porter background check. (The Hill)

FCC to review rules on children's programming. (The Hill)

Senators offer bill to close rural-urban internet divide. (The Hill)

House Dems press FCC for answers on net neutrality comments. (The Hill)

OP-ED: Social media has become a powerful political tool. (The Hill)

DHS releases an update alert on malicious cyber activity from North Korea. (DHS)

Kaspersky has filed another suit in its legal battle with the U.S. government. (CyberScoop)