Overnight Cybersecurity: Staff changes upend White House cyber team | Trump sends cyber war strategy to Congress | CIA pick to get hearing in May | Malware hits Facebook accounts

Overnight Cybersecurity: Staff changes upend White House cyber team | Trump sends cyber war strategy to Congress | CIA pick to get hearing in May | Malware hits Facebook accounts
© Getty

Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We're here to connect the dots as leaders in government, policy and industry try to counter the rise in cyber threats. What lies ahead for Congress, the administration and the latest company under siege? Whether you're a consumer, a techie or a D.C. lifer, we're here to give you ...

 

THE BIG STORIES: 

STAFF CHANGES UPEND WHITE HOUSE CYBER TEAM: The White House cybersecurity team is undergoing a major shuffle that former officials say could jeopardize the administration's efforts to develop cyber policy and punish hackers for disruptive attacks. President TrumpDonald John TrumpWSJ: Trump ignored advice to confront Putin over indictments Trump hotel charging Sean Spicer ,000 as book party venue Bernie Sanders: Trump 'so tough' on child separations but not on Putin MORE's cybersecurity coordinator, Rob Joyce, revealed this week that he would vacate his post and return to the National Security Agency (NSA), ending a 14-month stint at the White House. News of his planned departure came less than a week after the resignation of homeland security adviser Tom Bossert.

The two men had become the face of the White House's cybersecurity efforts, providing a line of communication between lawmakers and private industry to the West Wing. The shakeup has created a new challenge for the Trump administration at a time when cyber threats abound.

"Certainly, there's no question that between Bossert's departure and Rob's departure that it's going to slow down policy development work and cause disruption," said Michael Daniel, who served as cybersecurity coordinator under the Obama administration. The changes give new national security adviser John Bolton the opportunity to remake the National Security Council (NSC) to his liking, raising questions about who he will choose to fill the positions and whether he will restructure the roles.

 

OVER THE COURSE of a year, both officials fostered relationships with private sector cyber companies. They also worked with foreign governments to publicly attribute cyberattacks. Bossert, for instance, stepped out onto the White House podium last December to blame North Korea for the global WannaCry malware attack.

 

The main takeaways: The shakeup has many in industry worried.

"Both Tom and Rob leaving is a significant problem for private sector engagement on cybersecurity issues," said one lobbyist who works in the cybersecurity space. "As companies worry about cyberattacks right now, people are asking, 'Who should I call?' " the source said. "Since this administration started, the first call has often been to one of those two."

There is also broad agreement among former officials that it will be difficult to find suitable replacements, especially for Joyce, given his wealth of experience at NSA.

To read more, click here.

 

WHITE HOUSE SENDS CYBER WAR STRATEGY TO CONGRESS: President Trump has sent Congress a long-awaited report on U.S. policy for deterring and responding to attacks in cyberspace.

The policy was sent to the House and Senate committees with oversight of the Departments of State, Homeland Security, Defense, and Justice, according to a letter released Thursday by the White House.

An annual defense policy law approved last year mandates that Trump develop a national policy for cyberspace and cyberwarfare. The president strongly objected to the provision at the time because it made funding for the White House Communications Agency (WHCA) contingent on him producing the strategy.

The text of the letter sent Thursday contains no clues about the actual contents of the report. An aide to the Senate Armed Services Committee told The Hill that the document is classified.

 

Why it's a big deal: Lawmakers have raised concerns for successive administrations about the lack of a comprehensive policy on deterring and responding to aggression in cyberspace.

In March, a bipartisan group of senators wrote to Trump that he should issue the strategy as soon as possible, arguing that the lack of clearly spelled out consequences for cyberattacks "has served as an open invitation to foreign adversaries and malicious cyber actors to continue attacking the United States."

To read more, click here.

 

A CONFIRMATION UPDATE: Senate Intelligence Committee Chairman Richard BurrRichard Mauze BurrCongress should build upon the ABLE Act, giving more Americans with disabilities access to financial tools Christine Todd Whitman: Trump should step down over Putin press conference GOP lambasts Trump over performance in Helsinki MORE (R-N.C.) announced Thursday that the committee will hold a hearing on the confirmation of Gina Haspel to be President Trump's CIA director.

The hearing, which will be conducted in an open setting, will take place on May 9, Burr said. The announcement comes as Haspel continues to undergo scrutiny for her role in the intelligence agency's torture program.

"Unless the CIA declassifies and makes public specific information about Gina Haspel's background, proceeding with this hearing will make a mockery of the Senate's constitutional responsibilities with regard to nominations," Sen. Ron WydenRonald (Ron) Lee WydenSunk judicial pick spills over into Supreme Court fight House passes measure blocking IRS from revoking churches' tax-exempt status over political activity Senators introduce bipartisan bill to improve IRS MORE (D-Ore.), a member of the Intelligence Committee said in a statement.

"There is critical information about Ms. Haspel's background that the American people need to see, and that can be declassified without compromising sources and methods. Agreeing to the CIA's cover-up and pushing ahead with this nomination represents a true abdication of the Senate's oversight role," Wyden said.

Haspel would replace current CIA chief Mike PompeoMichael (Mike) Richard PompeoHillicon Valley: Trump's Russia moves demoralize his team | Congress drops effort to block ZTE deal | Rosenstein warns of foreign influence threat | AT&T's latest 5G plans Dem lawmaker calls on Pompeo to keep export restrictions on 3D gun-printing software Questions mount over Trump-Putin discussions MORE, whom Trump has tapped to serve as secretary of State. 

 

... AND AN UPDATE FROM THE COURTS: 

MUELLER'S AUTHORITY. A federal judge on Thursday questioned whether the Department of Justice (DOJ) gave special counsel Robert MuellerRobert Swan MuellerSasse: US should applaud choice of Mueller to lead Russia probe MORE more authority to conduct his federal probe Russian interference in the 2016 election than the agency's rules allow.

U.S. District Judge Amy Berman Jackson questioned whether Deputy Attorney General Rod RosensteinRod Jay RosensteinHillicon Valley: Trump's Russia moves demoralize his team | Congress drops effort to block ZTE deal | Rosenstein warns of foreign influence threat | AT&T's latest 5G plans The Hill's Morning Report — Trump and Congress at odds over Russia Rosenstein warns of growing cyber threat from Russia, other foreign actors MORE's order to appoint Mueller granted him more authority than DOJ regulations appear to permit, after Manafort's counsel pointed out how Rosenstein's order in May said the special counsel can look into anything of consequence that "arose or may arise" in his investigation.

Trump's former campaign manager sued the DOJ and the special counsel's office in January in an effort to block Mueller's team from carrying out future prosecutions against him, arguing that Mueller has gone beyond the scope of his investigation. Manafort's lead defense attorney, Kevin Downing, argued that Rosenstein -- who appointed Mueller -- did not clearly specify what could or could not be examined, giving the special counsel free rein to investigate a broad swath of issues. This, he said, has led the special counsel to begin looking into old allegations that extend beyond his investigation's jurisdiction and authority.

Downing said that contradicts Justice's regulations, which maintain that the directive given to a special counsel must include specific factual matter about their investigation.

While the argument appeared to get some traction with the judge, it is unclear whether it will sway her ruling in the civil case. Jackson is also presiding over Manafort's criminal case.

To read more from our piece, click here.

 

MALWARE IN FOCUS: 

THOUSANDS OF FACEBOOK ACCOUNTS INFECTED: Hackers have successfully infiltrated tens of thousands of Facebook accounts by targeting users with malware disguised as a painting application, security researchers say.

According to data security firm Radware, hackers are using the malware to harvest user credentials, payment methods and other information stored on Facebook accounts across the world.

The malware masquerades as a painting application called Relieve Stress Paint and had infected more than 40,000 Facebook user accounts in a matter of days, the firm said Wednesday.

The revelation could create a new headache for Facebook, which has been under scrutiny for its data privacy practices following news that Cambridge Analytica improperly harvested data on some 87 million of its users. CEO Mark ZuckerbergMark Elliot ZuckerbergZuckerberg’s sister: Banning Holocaust deniers won’t ‘make them go away' Hillicon Valley: Officials pressed on Russian interference at security forum | FCC accuses Sinclair of deception | Microsoft reveals Russia tried to hack three 2018 candidates | Trump backs Google in fight with EU | Comcast gives up on Fox bid Facebook's Zuckerberg congratulated Trump after 2016 election: report MORE testified before Congress on the issue last week.

Facebook said it is currently investigating the malware issue.

"We are investigating these malware findings and we are taking steps to help protect and notify those who are impacted," Facebook communications manager Pete Voss told The Hill.

According to Radware, hackers are targeting Facebook users through phishing emails or directly through their Facebook accounts, then directing them to a fraudulent website where they are prompted to download the malicious application.

Once downloaded, the application runs a malware called Stresspaint in the background, allowing hackers to steal user credentials and use those to collect additional data on the accounts, such as the number of friends a user has or any payment method that may be stored on the account.

 

Why it's notable: The researchers, who discovered the malicious activity last week, say that the high infection rate of the malware indicates that it was developed professionally.

To read more from our piece, click here.

 

A LIGHTER (TWITTER) CLICK: 

Now that's just gross.

 

WHAT'S IN THE SPOTLIGHT (WELL, WHEN ISN'T IT?): 

ELECTION SECURITY: Identity security company Centrify conducted an onsite poll of 100 information technology professionals at the RSA conference in San Francisco this week, finding that the majority are concerned about the security of private data that is held by state Election Boards ahead of the 2018 midterm elections.

Specifically, Centrify found that 67 percent of those polled expressed concern about the security of this data. Twenty-one percent also replied that they consider the integrity of voting places and machines to be the gravest threat to U.S. democracy ahead of the 2018 vote.

Election security has become a popular topic in and out of Washington following Russian interference in the 2016 presidential election, which involved targeting of state and local voting systems. While none of the systems targeted or breached were involved in vote tallying, the revelations have nevertheless stirred fears that future hacks could undermine confidence in the vote, or tamper with it directly.  

In non-election security related revelations, roughly three in 10 respondents said that they stopped using the services of companies like Uber, Yahoo, and Equifax after they revealed security breaches.

 

IN CASE YOU MISSED IT:

Links from our blog, The Hill, and around the Web.

Heitkamp becomes first Dem to back Pompeo for secretary of State. (The Hill)

Facebook investigated over alleged housing discrimination. (The Hill)

AT&T CEO defends Time Warner merger in court. (The Hill)

Justice to provide access to Comey memos to GOP lawmakers. (The Hill)

OP-ED: Open data and protecting privacy -- We can do both. (The Hill)

Justice Dept inspector asks US attorney to consider criminal charges for McCabe: reports. (The Hill)

Files belonging to the Atlanta Police Department were wiped by hackers. (CBS 46)

There's a fight brewing over cyber jobs at the National Security Council. (CyberScoop)

Homeland Security wants to rid government mobile apps of malware. (NextGov)

Meet the hacker who stole info on 168 million people in a years-long spam operation. (Daily Beast)