Overnight Cybersecurity: Feinstein shocks by releasing Fusion GPS testimony | House passes bill to boost oversight of cyber vulnerabilities | FBI director calls encryption 'public safety issue'

Overnight Cybersecurity: Feinstein shocks by releasing Fusion GPS testimony | House passes bill to boost oversight of cyber vulnerabilities | FBI director calls encryption 'public safety issue'
© Camille Fine

Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We're here to connect the dots as leaders in government, policy and industry try to counter the rise in cyber threats. What lies ahead for Congress, the administration and the latest company under siege? Whether you're a consumer, a techie or a D.C. lifer, we're here to give you ...



--FEINSTEIN POSTS FUSION GPS TESTIMONY: Sen. Dianne FeinsteinDianne Emiel FeinsteinFeinstein would 'absolutely' reopen Kavanaugh investigation if Dems win Senate Feinstein’s Dem challenger: 'It’s time that we stop biding our time and biting our tongue' The Hill's Morning Report — Presented by the Coalition for Affordable Prescription Drugs — Health care a top policy message in fall campaigns MORE (D-Calif.) on Tuesday posted the entire transcript of the closed-door testimony that Fusion GPS co-founder Glenn Simpson made to the Senate Judiciary Committee as part of its investigation into Russian election interference. Fusion GPS last week demanded that the full transcript be released, sparking a fight with Judiciary Chairman Chuck GrassleyCharles (Chuck) Ernest GrassleyTrump officials ratchet up drug pricing fight Dems angered by GOP plan to hold judicial hearings in October American Bar Association dropping Kavanaugh review MORE (R-Iowa) over who was standing in the way of the document being released. Simpson has emerged as a central figure in the probes into Russian election interference after his firm helped assemble a controversial dossier tying President TrumpDonald John TrumpThe Guardian slams Trump over comments about assault on reporter Five takeaways from the first North Dakota Senate debate Watchdog org: Tillerson used million in taxpayer funds to fly throughout US MORE to Russia. Former British intelligence officer Christopher Steele compiled the document, which includes unverified allegations against Trump and his links to Moscow.


--GRASSLEY BLASTS RELEASE: A spokesman for Senate Judiciary Committee Chairman Chuck Grassley (R-Iowa) on Tuesday blasted Sen. Dianne Feinstein's (D-Calif.) release of the transcribed interview with the co-founder of the firm behind a controversial dossier on the Trump campaign's ties to Russia, calling the move "confounding." In a statement, the spokesman, Taylor Foy, said that Feinstein's decision to release the transcript without first consulting Grassley compromises the Judiciary Committee's ability to conduct its investigation into Russian meddling in the 2016 presidential election. "Her action undermines the integrity of the committee's oversight work and jeopardizes its ability to secure candid voluntary testimony relating to the independent recollections of future witnesses," Foy said.

--AMONG THE REVELATIONS from the testimony is that Simpson told Senate investigators in August that the FBI had "other intelligence" backing up claims in the dossier and that law enforcement officials had already been investigating the president's team before the dossier was completed. In more than 300 pages of testimony released Tuesday Simpson told investigators that the former spy who compiled the dossier told him that the FBI had an informant in the Trump campaign. But a source close to Fusion GPS told The Hill on Tuesday that Simpson misspoke, mischaracterizing a tip that an Australian diplomat gave the bureau related to Trump campaign aide George PapadopoulosGeorge Demetrios PapadopoulosMueller assembles team of cooperators in Russian probe Calif. man ensnared in Mueller probe sentenced to 6 months in prison The Mueller investigation: Where it stands at the midterms MORE. "Essentially what [former MI6 agent Christopher Steele] told me was they had other intelligence about this matter from an internal Trump campaign source and that -- that they -- my understanding was that they believed Chris at this point -- that they believed Chris's information might be credible because they had other intelligence that indicated the same thing and one of those pieces of intelligence was a human source from inside the Trump organization," Simpson said.

To read the rest of our coverage, click herehere, and here. To read the entire testimony transcript, click here.



HOUSE APPROVES BILL REQUIRING DHS TO REPORT ON VULNERABILITIES DISCLOSURE: House lawmakers on Tuesday approved legislation aimed at boosting oversight of the way that the U.S. government discloses cyber vulnerabilities to the private sector.

The legislation was introduced before the Trump administration issued a first-ever charter outlining the secretive method, known as the vulnerability equities process (VEP), by which the executive branch determines whether to disclose what are called "zero day" vulnerabilities to affected vendors.

The legislation passed Tuesday would specifically require the Department of Homeland Security, which is now known to have a seat at the table in VEP, to report to Congress on the policies and procedures by which previously unknown vulnerabilities are disclosed to the private sector.

Lawmakers passed the bill in a voice vote Tuesday afternoon.   

The charter issued by the White House in November laid out the principles and aims of the process, and also identified the specific agencies involved in the decisionmaking, which turned out to be a much longer list than expected. The administration is also expected to issue an annual public report documenting the number of vulnerabilities discovered that were kept secret.

The move came in response to calls from lawmakers, public advocacy groups and private sector companies who have pushed for more transparency around the process, which was first acknowledged by the Obama administration in 2014. Critics have warned the government against "stockpiling" vulnerabilities for intelligence purposes, citing the risk that hackers may discover and leverage them.

The effort has been widely viewed as a step forward for transparency.

The legislation approved Tuesday was introduced by Rep. Sheila Jackson LeeSheila Jackson LeeGOP senator says wife received video of beheading after Kavanaugh vote Former Dem aide makes first court appearance on charges of posting GOP senators' info online Ex-House intern charged with 'doxing' GOP senators during Kavanaugh hearing MORE (D-Texas) and would require Homeland Security to submit a report to Congress containing "a description of the policies and procedures developed for coordinating cyber vulnerability disclosures."

It also says the report should "to the extent possible" include an annex with information on instances when these procedures were used to disclose vulnerabilities and the degree to which stakeholders acted on the information.

The bill cleared the House Homeland Security Committee last July, roughly three months before the White House issued the VEP charter.

To read the rest of our piece, click here.



2018 is already spawning some super cool gadgets. (Wired)



Half of women serving in science, technology, engineering, or math (STEM) jobs report experiencing gender discrimination in the workplace, according to a survey released by Pew Research Center on Tuesday.

This compares to a much smaller figure--19 percent--of men in STEM jobs who also report experiencing gender discrimination on the job.

One-fifth of women in these science and tech-related positions say that their gender has made it more difficult to succeed at work, compared with only 7 percent of men.

The survey comes as claims of sexual harassment and gender issues continue to receive attention in and outside of Washington.



ENCRYPTION: FBI Director Christopher Wray stated Tuesday that the inability of law enforcement agencies to surpass the strong encryptions on electronic devices poses an "urgent public safety issue."

Wray said that during the last fiscal year, the FBI failed to break through the powerful protective coding of 7,775 devices, even though they had advanced tools at their disposal and the legal right to access the contents, Reuters reported.

He said the inability to access cellphone data that is "going dark" would impact FBI investigations across the board including counterterrorism, counterintelligence, human trafficking and organized crime.

Wray made the remarks during a speech at the International Conference on Cyber Security in New York on Tuesday morning.

Wray, who took over as the head of the FBI in August, emphasized that the bureau's inability to overcome the obstacle of encryption is a "public safety issue."

To read the rest of our piece, click here.



Links from our blog, The Hill, and around the Web.

Twitter misses deadline to provide Senate info on Russia meddling. (The Hill)

House Dems accuse Republicans of stalling Russia probe to protect Trump. (The Hill)

OP-ED: 2018 will be the year of the 'bots.' (The Hill)

Senate bill to preserve net neutrality wins first GOP backer. (The Hill)

Microsoft suspends some AMD patches for Meltdown and Spectre. (The Hill)

The European Union is facing pressure to fight back against cyberattacks. (Euronews)

The contenders who could replace NSA Director Mike Rogers. (CyberScoop)