OVERNIGHT CYBERSECURITY: House to Senate: Finish NSA debate

Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We're here to connect the dots as leaders in government, policy and industry wrap their arms around cyberthreats. What lies ahead for Congress, the administration and the latest company under siege? Whether you're a consumer, a techie or a D.C. lifer, we're here to give you ...


--CLOCK TICKING ON SENATE: The GOP-led House on Wednesday passed the most sweeping reforms to the nation's intelligence laws in years, setting up a clash with Republicans in the Senate. In a 338-88 vote, the House overwhelmingly approved the USA Freedom Act, which would prevent the NSA from collecting "metadata" about the phone numbers people dial and when their calls are placed. The legislation faces an uncertain path forward. The politics surrounding the NSA's surveillance programs are scrambled, and the Senate has just two weeks before the existing law authorizing the NSA's metadata collection expires. To read our full piece, click here.

     --CYBER FROZEN: Senate leaders have said they will deal with the NSA reform debate before addressing the House-passed cyber legislation to increase the public-private exchange of hacking data. With time running out before a recess at the end of May, it's increasingly likely cyber will get punted, putting its legislative prospects in doubt.

--RUBIO TALKS CYBER: Republican presidential hopeful Sen. Marco RubioMarco Antonio RubioHere are the Senate Republicans who could vote to convict Trump TikTok's leader to meet with lawmakers next week GOP senators unveil bill to expand 'opportunity zone' reporting requirements MORE (R-Fla.) is vowing a strong defense of international cyberspace if he is elected in 2016. "As president, I will use American power to oppose any violations of international waters, airspace, cyberspace, or outer space," Rubio said Wednesday during an address to the Council on Foreign Relations. The Florida senator also called for the permanent extension of Section 215 of the Patriot Act, which the NSA has used to justify its bulk collection of phone records. "We cannot let politics cloud the importance of this issue," Rubio said, just as the House was expected to approve reforms to the program. To read our full piece, click here.

--STUDENT PRIVACY BILL IS BACK: Sens. Orrin HatchOrrin Grant HatchKey Republicans say Biden can break Washington gridlock Trump awards Medal of Freedom to racing industry icon Roger Penske Trump holds more Medal of Freedom ceremonies than predecessors but awards fewer medals MORE (R-Utah) and Ed MarkeyEdward (Ed) John MarkeyThere's a lot to like about the Senate privacy bill, if it's not watered down Trump administration drops plan to face scan all travelers leaving or entering US Advocates hopeful dueling privacy bills can bridge partisan divide MORE (D-Mass.) reintroduced a bill on Wednesday to restrict education companies from selling or using student data to target ads. The measure would also require private companies to meet certain data security requirements when handling student information. "This legislation establishes security safeguards to ensure greater transparency and access to stored information for students and parents," said Hatch, who chairs the Senate Finance Committee. The bill, first introduced last year, joins a similar bipartisan House measure from Reps. Jared Polis (D-Colo.) and Luke Messer (R-Ind.). Lawmakers are seeking to shore up the poor record of student data management at school systems nationwide. To read our full piece, click here.


The House is expected to eventually approve the National Defense Authorization Act, which funds the Defense Department. The bill would fully fund the Pentagon's cyber requests, an area that has bipartisan support.

During debte Wednesday night, cyber got a few shout outs on the House floor. Here are a few we caught:

"We also need stronger defenses against increasingly aggressive cyber terrorists and the lone wolf terrorists that are often American citizens."

--Rep. Dutch Ruppersberger (D-Md.)

The bill "includes provisions improving military readiness, strengthening our cyber warfare defenses."

--Rep. Virginia FoxxVirginia Ann FoxxDemocrats likely to gain seats under new North Carolina maps House passes bill tackling workplace violence in health care, social services sectors Overnight Health Care — Presented by Partnership for America's Health Care Future — Trump official declines to detail plans if ObamaCare struck down | DEA unveils rule for opioid manufacturers | Republican tells Zuckerberg to allow anti-vax content MORE (R-N.C.)

"For the Air Force, the bill provides additional training resources for high-demand areas such as pilots, for unmanned systems, joint terminal controllers, cyber operations, insider threats and open-source intelligence."

--Rep. Rob WittmanRobert (Rob) Joseph WittmanThe Suburban Caucus: Solutions for America's suburbs Overnight Defense: Top general briefs GOP senators on Syria plan | Senators 'encouraged' by briefing | Pence huddles with Republican allies on Syria | Trump nominee sidesteps questions on arms treaties Virginia Port: Gateway to the economic growth MORE (R-Va.)


Here's the government's cyber most-wanted list, as imagined by the writers at "CSI: Cyber":

  • W4RP4TH
  • 4N4L0G
  • dzd_cnf
  • P0W3R
  • N1GHTM4R3
  • xxLow01
  • VIPER75
  • 5W1TCH
  • S4LV4G3
  • D15TR1CT

Thanks to the folks at Vulture for taking the time to freeze-frame this from last night's episode.



--Microsoft will hold a panel discussion on cyber crime policies at 8:30 a.m. at its Innovation & Policy Center. Rep. John Ratcliffe (R-Texas) and James Trainor, acting assistant director of the FBI's Cyber Division, will speak.

--A Senate Foreign Relations subcommittee will hold a hearing on cybersecurity at 10 a.m.

--The House Financial Services Committee will hold a hearing on protecting consumers from data breaches at 10 a.m.

--The Columbia University School of International and Public Affairs will hold a two-day conference on cybersecurity. Notable guests will include Google Vice President Vint Cerf, former Homeland Security Secretary Michael Chertoff and FireEye Chief Operating Officer Kevin Mandia.


Links from our blog, The Hill, and around the Web.

A Russian hacking group was poised to launch major cyberattacks against U.S. banks. (The Hill)

Cloud providers are scrambling to patch a major vulnerability, now known as "Venom." (The Hill)

The Venom bug is an ideal exploitation target for state-sponsored spies and criminals alike. (ArsTechnica)

Meet Christopher Painter, one of the United States's lead cyber warriors. (Foreign Policy)

Google seems to be moving toward new authentication methods. (Tech Crunch)

Why it is important for kids to read privacy policies online. (Christian Science Monitor)

What's it like to operate a Tor exit node? (Motherboard)

Starbucks is denying reports its mobile app was hacked. (Fortune)

Go inside a day in the life of a corporate CISO. (CIO)

Hackers tried to hold a darknet market hostage for ransom in bitcoin. (Motherboard)

Oil and gas firms are being targeted by a cyberattack that doesn't need malware. (Dark Reading)


If you'd like to receive our newsletter in your inbox, please sign up here: http://goo.gl/KZ0b4A