OVERNIGHT CYBERSECURITY: House to Senate: Finish NSA debate

Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We're here to connect the dots as leaders in government, policy and industry wrap their arms around cyberthreats. What lies ahead for Congress, the administration and the latest company under siege? Whether you're a consumer, a techie or a D.C. lifer, we're here to give you ...


--CLOCK TICKING ON SENATE: The GOP-led House on Wednesday passed the most sweeping reforms to the nation's intelligence laws in years, setting up a clash with Republicans in the Senate. In a 338-88 vote, the House overwhelmingly approved the USA Freedom Act, which would prevent the NSA from collecting "metadata" about the phone numbers people dial and when their calls are placed. The legislation faces an uncertain path forward. The politics surrounding the NSA's surveillance programs are scrambled, and the Senate has just two weeks before the existing law authorizing the NSA's metadata collection expires. To read our full piece, click here.

     --CYBER FROZEN: Senate leaders have said they will deal with the NSA reform debate before addressing the House-passed cyber legislation to increase the public-private exchange of hacking data. With time running out before a recess at the end of May, it's increasingly likely cyber will get punted, putting its legislative prospects in doubt.

--RUBIO TALKS CYBER: Republican presidential hopeful Sen. Marco RubioMarco Antonio RubioSenate Republicans tested on Trump support after Mueller Cuban negotiator says Trump's efforts to destabilize Cuba's government will fail Freedom to Compete Act would benefit many American workers MORE (R-Fla.) is vowing a strong defense of international cyberspace if he is elected in 2016. "As president, I will use American power to oppose any violations of international waters, airspace, cyberspace, or outer space," Rubio said Wednesday during an address to the Council on Foreign Relations. The Florida senator also called for the permanent extension of Section 215 of the Patriot Act, which the NSA has used to justify its bulk collection of phone records. "We cannot let politics cloud the importance of this issue," Rubio said, just as the House was expected to approve reforms to the program. To read our full piece, click here.

--STUDENT PRIVACY BILL IS BACK: Sens. Orrin HatchOrrin Grant HatchHatch warns 'dangerous' idea of court packing could hurt religious liberty Former Democratic aide pleads guilty to doxing GOP senators attending Kavanaugh hearing How do we prevent viral live streaming of New Zealand-style violence? MORE (R-Utah) and Ed MarkeyEdward (Ed) John MarkeyAmazon hiring alcohol lobbyist Tlaib rallies in support of Green New Deal at Detroit town hall Ben & Jerry's backs Green New Deal: 'We have to act now' MORE (D-Mass.) reintroduced a bill on Wednesday to restrict education companies from selling or using student data to target ads. The measure would also require private companies to meet certain data security requirements when handling student information. "This legislation establishes security safeguards to ensure greater transparency and access to stored information for students and parents," said Hatch, who chairs the Senate Finance Committee. The bill, first introduced last year, joins a similar bipartisan House measure from Reps. Jared Polis (D-Colo.) and Luke Messer (R-Ind.). Lawmakers are seeking to shore up the poor record of student data management at school systems nationwide. To read our full piece, click here.


The House is expected to eventually approve the National Defense Authorization Act, which funds the Defense Department. The bill would fully fund the Pentagon's cyber requests, an area that has bipartisan support.

During debte Wednesday night, cyber got a few shout outs on the House floor. Here are a few we caught:

"We also need stronger defenses against increasingly aggressive cyber terrorists and the lone wolf terrorists that are often American citizens."

--Rep. Dutch Ruppersberger (D-Md.)

The bill "includes provisions improving military readiness, strengthening our cyber warfare defenses."

--Rep. Virginia FoxxVirginia Ann FoxxGOP on defensive over Dem votes on policies geared toward women House passes Paycheck Fairness Act Democrats want state majorities, here's how they're going to get them MORE (R-N.C.)

"For the Air Force, the bill provides additional training resources for high-demand areas such as pilots, for unmanned systems, joint terminal controllers, cyber operations, insider threats and open-source intelligence."

--Rep. Rob WittmanRobert (Rob) Joseph WittmanWhy block citizenship to immigrants who defend America? Virginia reps urge Trump to declare federal emergency ahead of Hurricane Florence Overnight Defense: House passes 5B defense spending bill | Pentagon moving forward on Trump military parade | Mattis vows 'ironclad' support for South Korea's defense MORE (R-Va.)


Here's the government's cyber most-wanted list, as imagined by the writers at "CSI: Cyber":

  • W4RP4TH
  • 4N4L0G
  • dzd_cnf
  • P0W3R
  • N1GHTM4R3
  • xxLow01
  • VIPER75
  • 5W1TCH
  • S4LV4G3
  • D15TR1CT

Thanks to the folks at Vulture for taking the time to freeze-frame this from last night's episode.



--Microsoft will hold a panel discussion on cyber crime policies at 8:30 a.m. at its Innovation & Policy Center. Rep. John Ratcliffe (R-Texas) and James Trainor, acting assistant director of the FBI's Cyber Division, will speak.

--A Senate Foreign Relations subcommittee will hold a hearing on cybersecurity at 10 a.m.

--The House Financial Services Committee will hold a hearing on protecting consumers from data breaches at 10 a.m.

--The Columbia University School of International and Public Affairs will hold a two-day conference on cybersecurity. Notable guests will include Google Vice President Vint Cerf, former Homeland Security Secretary Michael Chertoff and FireEye Chief Operating Officer Kevin Mandia.


Links from our blog, The Hill, and around the Web.

A Russian hacking group was poised to launch major cyberattacks against U.S. banks. (The Hill)

Cloud providers are scrambling to patch a major vulnerability, now known as "Venom." (The Hill)

The Venom bug is an ideal exploitation target for state-sponsored spies and criminals alike. (ArsTechnica)

Meet Christopher Painter, one of the United States's lead cyber warriors. (Foreign Policy)

Google seems to be moving toward new authentication methods. (Tech Crunch)

Why it is important for kids to read privacy policies online. (Christian Science Monitor)

What's it like to operate a Tor exit node? (Motherboard)

Starbucks is denying reports its mobile app was hacked. (Fortune)

Go inside a day in the life of a corporate CISO. (CIO)

Hackers tried to hold a darknet market hostage for ransom in bitcoin. (Motherboard)

Oil and gas firms are being targeted by a cyberattack that doesn't need malware. (Dark Reading)


If you'd like to receive our newsletter in your inbox, please sign up here: http://goo.gl/KZ0b4A