OVERNIGHT CYBERSECURITY: House to Senate: Finish NSA debate

Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We're here to connect the dots as leaders in government, policy and industry wrap their arms around cyberthreats. What lies ahead for Congress, the administration and the latest company under siege? Whether you're a consumer, a techie or a D.C. lifer, we're here to give you ...


--CLOCK TICKING ON SENATE: The GOP-led House on Wednesday passed the most sweeping reforms to the nation's intelligence laws in years, setting up a clash with Republicans in the Senate. In a 338-88 vote, the House overwhelmingly approved the USA Freedom Act, which would prevent the NSA from collecting "metadata" about the phone numbers people dial and when their calls are placed. The legislation faces an uncertain path forward. The politics surrounding the NSA's surveillance programs are scrambled, and the Senate has just two weeks before the existing law authorizing the NSA's metadata collection expires. To read our full piece, click here.

     --CYBER FROZEN: Senate leaders have said they will deal with the NSA reform debate before addressing the House-passed cyber legislation to increase the public-private exchange of hacking data. With time running out before a recess at the end of May, it's increasingly likely cyber will get punted, putting its legislative prospects in doubt.

--RUBIO TALKS CYBER: Republican presidential hopeful Sen. Marco RubioMarco Antonio RubioRubio in Colombia to push for delivery of humanitarian aid to Venezuela On unilateral executive action, Mitch McConnell was right — in 2014 On The Money: Trump declares emergency at border | Braces for legal fight | Move divides GOP | Trump signs border deal to avoid shutdown | Winners, losers from spending fight | US, China trade talks to resume next week MORE (R-Fla.) is vowing a strong defense of international cyberspace if he is elected in 2016. "As president, I will use American power to oppose any violations of international waters, airspace, cyberspace, or outer space," Rubio said Wednesday during an address to the Council on Foreign Relations. The Florida senator also called for the permanent extension of Section 215 of the Patriot Act, which the NSA has used to justify its bulk collection of phone records. "We cannot let politics cloud the importance of this issue," Rubio said, just as the House was expected to approve reforms to the program. To read our full piece, click here.

--STUDENT PRIVACY BILL IS BACK: Sens. Orrin HatchOrrin Grant HatchOrrin Hatch Foundation seeking million in taxpayer money to fund new center in his honor Mitch McConnell has shown the nation his version of power grab Overnight Health Care — Presented by PCMA — Utah Senate votes to scale back Medicaid expansion | Virginia abortion bill reignites debate | Grassley invites drug execs to testify | Conservative groups push back on e-cig crackdown MORE (R-Utah) and Ed MarkeyEdward (Ed) John MarkeyDemocrats brush off GOP 'trolling' over Green New Deal The Green New Deal would benefit independent family farmers Juan Williams: America needs radical solutions MORE (D-Mass.) reintroduced a bill on Wednesday to restrict education companies from selling or using student data to target ads. The measure would also require private companies to meet certain data security requirements when handling student information. "This legislation establishes security safeguards to ensure greater transparency and access to stored information for students and parents," said Hatch, who chairs the Senate Finance Committee. The bill, first introduced last year, joins a similar bipartisan House measure from Reps. Jared Polis (D-Colo.) and Luke Messer (R-Ind.). Lawmakers are seeking to shore up the poor record of student data management at school systems nationwide. To read our full piece, click here.


The House is expected to eventually approve the National Defense Authorization Act, which funds the Defense Department. The bill would fully fund the Pentagon's cyber requests, an area that has bipartisan support.

During debte Wednesday night, cyber got a few shout outs on the House floor. Here are a few we caught:

"We also need stronger defenses against increasingly aggressive cyber terrorists and the lone wolf terrorists that are often American citizens."

--Rep. Dutch Ruppersberger (D-Md.)

The bill "includes provisions improving military readiness, strengthening our cyber warfare defenses."

--Rep. Virginia FoxxVirginia Ann FoxxBlack Caucus sees power grow with new Democratic majority A 2 billion challenge: Transforming US grant reporting Trump calls North Carolina redistricting ruling ‘unfair’ MORE (R-N.C.)

"For the Air Force, the bill provides additional training resources for high-demand areas such as pilots, for unmanned systems, joint terminal controllers, cyber operations, insider threats and open-source intelligence."

--Rep. Rob WittmanRobert (Rob) Joseph WittmanVirginia reps urge Trump to declare federal emergency ahead of Hurricane Florence Overnight Defense: House passes 5B defense spending bill | Pentagon moving forward on Trump military parade | Mattis vows 'ironclad' support for South Korea's defense House passes 5B Pentagon spending bill MORE (R-Va.)


Here's the government's cyber most-wanted list, as imagined by the writers at "CSI: Cyber":

  • W4RP4TH
  • 4N4L0G
  • dzd_cnf
  • P0W3R
  • N1GHTM4R3
  • xxLow01
  • VIPER75
  • 5W1TCH
  • S4LV4G3
  • D15TR1CT

Thanks to the folks at Vulture for taking the time to freeze-frame this from last night's episode.



--Microsoft will hold a panel discussion on cyber crime policies at 8:30 a.m. at its Innovation & Policy Center. Rep. John Ratcliffe (R-Texas) and James Trainor, acting assistant director of the FBI's Cyber Division, will speak.

--A Senate Foreign Relations subcommittee will hold a hearing on cybersecurity at 10 a.m.

--The House Financial Services Committee will hold a hearing on protecting consumers from data breaches at 10 a.m.

--The Columbia University School of International and Public Affairs will hold a two-day conference on cybersecurity. Notable guests will include Google Vice President Vint Cerf, former Homeland Security Secretary Michael Chertoff and FireEye Chief Operating Officer Kevin Mandia.


Links from our blog, The Hill, and around the Web.

A Russian hacking group was poised to launch major cyberattacks against U.S. banks. (The Hill)

Cloud providers are scrambling to patch a major vulnerability, now known as "Venom." (The Hill)

The Venom bug is an ideal exploitation target for state-sponsored spies and criminals alike. (ArsTechnica)

Meet Christopher Painter, one of the United States's lead cyber warriors. (Foreign Policy)

Google seems to be moving toward new authentication methods. (Tech Crunch)

Why it is important for kids to read privacy policies online. (Christian Science Monitor)

What's it like to operate a Tor exit node? (Motherboard)

Starbucks is denying reports its mobile app was hacked. (Fortune)

Go inside a day in the life of a corporate CISO. (CIO)

Hackers tried to hold a darknet market hostage for ransom in bitcoin. (Motherboard)

Oil and gas firms are being targeted by a cyberattack that doesn't need malware. (Dark Reading)


If you'd like to receive our newsletter in your inbox, please sign up here: http://goo.gl/KZ0b4A