OVERNIGHT CYBERSECURITY: House to Senate: Finish NSA debate

Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We're here to connect the dots as leaders in government, policy and industry wrap their arms around cyberthreats. What lies ahead for Congress, the administration and the latest company under siege? Whether you're a consumer, a techie or a D.C. lifer, we're here to give you ...


--CLOCK TICKING ON SENATE: The GOP-led House on Wednesday passed the most sweeping reforms to the nation's intelligence laws in years, setting up a clash with Republicans in the Senate. In a 338-88 vote, the House overwhelmingly approved the USA Freedom Act, which would prevent the NSA from collecting "metadata" about the phone numbers people dial and when their calls are placed. The legislation faces an uncertain path forward. The politics surrounding the NSA's surveillance programs are scrambled, and the Senate has just two weeks before the existing law authorizing the NSA's metadata collection expires. To read our full piece, click here.

     --CYBER FROZEN: Senate leaders have said they will deal with the NSA reform debate before addressing the House-passed cyber legislation to increase the public-private exchange of hacking data. With time running out before a recess at the end of May, it's increasingly likely cyber will get punted, putting its legislative prospects in doubt.

--RUBIO TALKS CYBER: Republican presidential hopeful Sen. Marco RubioMarco Antonio RubioTrump moves forward with F-16 sale to Taiwan opposed by China The Hill's Morning Report — Trump and the new Israel-'squad' controversy Trump crosses new line with Omar, Tlaib, Israel move MORE (R-Fla.) is vowing a strong defense of international cyberspace if he is elected in 2016. "As president, I will use American power to oppose any violations of international waters, airspace, cyberspace, or outer space," Rubio said Wednesday during an address to the Council on Foreign Relations. The Florida senator also called for the permanent extension of Section 215 of the Patriot Act, which the NSA has used to justify its bulk collection of phone records. "We cannot let politics cloud the importance of this issue," Rubio said, just as the House was expected to approve reforms to the program. To read our full piece, click here.

--STUDENT PRIVACY BILL IS BACK: Sens. Orrin HatchOrrin Grant HatchTrump to award racing legend Roger Penske with Presidential Medal of Freedom Trump awards Presidential Medal of Freedom to economist, former Reagan adviser Arthur Laffer Second ex-Senate staffer charged in aiding doxxing of GOP senators MORE (R-Utah) and Ed MarkeyEdward (Ed) John MarkeyOvernight Energy: Trump sparks new fight over endangered species protections | States sue over repeal of Obama power plant rules | Interior changes rules for ethics watchdogs To cash in on innovation, remove market barriers for advanced energy technologies Democrats, environmentalists blast Trump rollback of endangered species protections MORE (D-Mass.) reintroduced a bill on Wednesday to restrict education companies from selling or using student data to target ads. The measure would also require private companies to meet certain data security requirements when handling student information. "This legislation establishes security safeguards to ensure greater transparency and access to stored information for students and parents," said Hatch, who chairs the Senate Finance Committee. The bill, first introduced last year, joins a similar bipartisan House measure from Reps. Jared Polis (D-Colo.) and Luke Messer (R-Ind.). Lawmakers are seeking to shore up the poor record of student data management at school systems nationwide. To read our full piece, click here.


The House is expected to eventually approve the National Defense Authorization Act, which funds the Defense Department. The bill would fully fund the Pentagon's cyber requests, an area that has bipartisan support.

During debte Wednesday night, cyber got a few shout outs on the House floor. Here are a few we caught:

"We also need stronger defenses against increasingly aggressive cyber terrorists and the lone wolf terrorists that are often American citizens."

--Rep. Dutch Ruppersberger (D-Md.)

The bill "includes provisions improving military readiness, strengthening our cyber warfare defenses."

--Rep. Virginia FoxxVirginia Ann Foxx58 GOP lawmakers vote against disaster aid bill The GOP's commitment to electing talented women can help party retake the House When disaster relief hurts MORE (R-N.C.)

"For the Air Force, the bill provides additional training resources for high-demand areas such as pilots, for unmanned systems, joint terminal controllers, cyber operations, insider threats and open-source intelligence."

--Rep. Rob WittmanRobert (Rob) Joseph WittmanVirginia Port: Gateway to the economic growth Republican lawmakers ask Trump not to delay Pentagon cloud-computing contract Overnight Defense: Latest on House defense bill markup | Air Force One, low-yield nukes spark debate | House Dems introduce resolutions blocking Saudi arms sales | Trump to send 1,000 troops to Poland MORE (R-Va.)


Here's the government's cyber most-wanted list, as imagined by the writers at "CSI: Cyber":

  • W4RP4TH
  • 4N4L0G
  • dzd_cnf
  • P0W3R
  • N1GHTM4R3
  • xxLow01
  • VIPER75
  • 5W1TCH
  • S4LV4G3
  • D15TR1CT

Thanks to the folks at Vulture for taking the time to freeze-frame this from last night's episode.



--Microsoft will hold a panel discussion on cyber crime policies at 8:30 a.m. at its Innovation & Policy Center. Rep. John Ratcliffe (R-Texas) and James Trainor, acting assistant director of the FBI's Cyber Division, will speak.

--A Senate Foreign Relations subcommittee will hold a hearing on cybersecurity at 10 a.m.

--The House Financial Services Committee will hold a hearing on protecting consumers from data breaches at 10 a.m.

--The Columbia University School of International and Public Affairs will hold a two-day conference on cybersecurity. Notable guests will include Google Vice President Vint Cerf, former Homeland Security Secretary Michael Chertoff and FireEye Chief Operating Officer Kevin Mandia.


Links from our blog, The Hill, and around the Web.

A Russian hacking group was poised to launch major cyberattacks against U.S. banks. (The Hill)

Cloud providers are scrambling to patch a major vulnerability, now known as "Venom." (The Hill)

The Venom bug is an ideal exploitation target for state-sponsored spies and criminals alike. (ArsTechnica)

Meet Christopher Painter, one of the United States's lead cyber warriors. (Foreign Policy)

Google seems to be moving toward new authentication methods. (Tech Crunch)

Why it is important for kids to read privacy policies online. (Christian Science Monitor)

What's it like to operate a Tor exit node? (Motherboard)

Starbucks is denying reports its mobile app was hacked. (Fortune)

Go inside a day in the life of a corporate CISO. (CIO)

Hackers tried to hold a darknet market hostage for ransom in bitcoin. (Motherboard)

Oil and gas firms are being targeted by a cyberattack that doesn't need malware. (Dark Reading)


If you'd like to receive our newsletter in your inbox, please sign up here: http://goo.gl/KZ0b4A