Overnight Cybersecurity: Intel chiefs expect Russia to meddle in 2018 midterms | Wyden presses FBI chief on encryption | Trump to tap Army cyber chief as NSA director

Overnight Cybersecurity: Intel chiefs expect Russia to meddle in 2018 midterms | Wyden presses FBI chief on encryption | Trump to tap Army cyber chief as NSA director
© Greg Nash

Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We're here to connect the dots as leaders in government, policy and industry try to counter the rise in cyber threats. What lies ahead for Congress, the administration and the latest company under siege? Whether you're a consumer, a techie or a D.C. lifer, we're here to give you ...




On Tuesday, top U.S. intelligence officials testified before the Senate Intelligence Committee in a regularly scheduled hearing on worldwide threats to U.S. national security. The hearing covered a wide swath of cyber-related topics, including Russian interference in the election, encryption, potential threats from Chinese telecoms firms, and the lack of a whole-of-government strategy on cybersecurity. The major takeaways:


--INTEL CHIEFS EXPECT RUSSIA TO MEDDLE IN MIDTERMS: President TrumpDonald TrumpRomney: 'Pretty sure' Trump would win 2024 GOP nomination if he ran for president Pence huddles with senior members of Republican Study Committee Trump says 'no doubt' Tiger Woods will be back after accident MORE's top intelligence chief said Tuesday that there is "no doubt" that Russia views its efforts to influence the 2016 election as successful and will look to target the upcoming midterms. "There should be no doubt that Russia perceived its past efforts as successful and views the 2018 midterm elections as a potential target for Russian influence operations," Director of National Intelligence Dan CoatsDaniel (Dan) Ray CoatsHow President Biden can hit a home run Former Trump intel chief Coats introduces Biden nominee Haines at hearing Senate Intelligence Committee leaders warn of Chinese threats to national security MORE said during his opening remarks. Coats and the rest of the officials testifying -- including FBI Director Christopher Wray, CIA Director Mike PompeoMike PompeoTrump to attend private RNC donor retreat On China, is Biden channeling Trump or Trump's administration? They're not the same House Republican calls on Biden to boycott Beijing Olympics MORE and National Security Agency Director Adm. Mike RogersMichael (Mike) Dennis RogersOvernight Defense: One-third of service members decline coronavirus vaccine | Biden to take executive action in response to Solar Winds hack | US, Japan reach cost sharing agreement DOD says nearly one third of service members are declining COVID-19 vaccine Overnight Defense: Pentagon, Congress appoint panel members to rename Confederate bases | Military approves 20 more coronavirus vaccination teams MORE -- all reaffirmed their confidence the intelligence community's assessment on Russian interference in the 2016 election. They also signaled their agreement that they expect Russia will look to interfere in the 2018 elections.


--POMPEO CALLS NYT REPORT 'ATROCIOUS': Sen. Susan CollinsSusan Margaret CollinsMicrosoft, FireEye push for breach reporting rules after SolarWinds hack On The Money: Schumer urges Democrats to stick together on .9T bill | Collins rules out GOP support for Biden relief plan | Powell fights inflation fears Schumer urges Democrats to stick together on .9T bill MORE (R-Maine) asked Pompeo whether reports that U.S. intelligence officials engaged in a top-secret effort over the past year to secure the return of stolen NSA hacking tools from Russian operatives were accurate. The New York Times and The Intercept published reports on the alleged operation late last week. According to the Times, U.S. officials turned over $100,000 to intermediaries in the botched operation. Pompeo called the reports "atrocious" and wholly inaccurate. "Reporting on this matter has been atrocious, it's been ridiculous, totally inaccurate. In our view, the suggestion the CIA was swindled is false. The people who were swindled were James Risen and Matt Rosenberg," Pompeo said, referring to the writers of the reports. "Indeed it's our view that the same two people who were proffering phony information to the United States government proffered that phony information to those same two reporters," Pompeo continued. "The Central Intelligence Agency did not provide any resources -- no money -- to these two individuals who proffered U.S. government information, directly or indirectly, at any time."


--WYDEN PRESSES FBI CHIEF ON ENCRYPTION: As expected, Sen. Ron WydenRonald (Ron) Lee WydenYellen deputy Adeyemo on track for quick confirmation Hillicon Valley: Google lifting ban on political ads | DHS taking steps on cybersecurity | Controversy over TV 'misinformation rumor mills' 11 GOP senators slam Biden pick for health secretary: 'No meaningful experience' MORE (D-Ore.) pressed FBI Director Christopher Wray on recent comments he made in which he suggested that encrypted devices could be designed to both provide data security and enable law enforcement access with a court order. Wray outlined the idea during a speech in New York last month when discussing the issue of "going dark," or the inability of law enforcement to gain access to encrypted communications for investigations. Wyden accused Wray of advocating for "weak encryption" that would undermine security. "You have essentially indicated that companies should be making their products with backdoors in order for you all to do your job," Wyden said, repeating his request for Wray to disclose the experts he has consulted on the issue. Wray pushed back on the assertion that he was advocating for weak security practices. "My position is not that we should weaken encryption. My position is that we should be working together, the government and the private sector, that balances both concerns," Wray said. Wyden's line of questioning also yielded what was arguably the most newsworthy tidbit from the hearing – new details from Wray on the timeline surrounding Rob Porter's security clearance background investigation.


To read more from our coverage, click herehere and here.



During the Senate hearing, lawmakers from both parties also underscored the need to address election security as the midterm elections draw closer.

In closing remarks, Sen. Mark WarnerMark Robert WarnerMicrosoft, FireEye push for breach reporting rules after SolarWinds hack Hearings examine consequences of massive SolarWinds breach Senate Intelligence panel to hold hearing on SolarWinds breach next week MORE (D-Va.), the panel's top Democrat, said that he hopes the committee will "very quickly" release a report on the findings of its investigation specifically addressing U.S. election security.

Warner signaled he expects the report to include a set of recommendations for officials to implement to improve the security of their voting systems in advance of the 2018 primaries.

"It's our hope that on election security, we can come forward with a set of recommendations very quickly because we have primaries coming up as early as March," Warner said.

"My hope is that there will be bipartisan legislation to try to start addressing this issue," he added.

Separately, Sen. Susan Collins (R-Maine) expressed frustration that Congress has not passed legislation to address election security in the states. There are bipartisan bills currently being offered that aim to deter future foreign interference efforts and provide states with more resources to replace outdated voting technology and shore up the security of their systems.  

"This is an election year in our country, and it's frankly frustrating to me that we haven't passed legislation to help states strengthen the security of their voting systems," Collins said.

Sen. Roy BluntRoy Dean BluntMicrosoft, FireEye push for breach reporting rules after SolarWinds hack Biden's unity effort falters On The Trail: Trump threatens a Tea Party redux MORE (R-Mo.) also spoke of the urgency of the issue during the hearing.

"Voting begins in March. That's next month," Blunt said. "If we're going to have any impact on securing that voting system itself, it would seem to me that we need to be acting quickly."

Chairman Richard BurrRichard Mauze BurrOvernight Health Care: COVID-19 vaccine makers pledge massive supply increase | Biden health nominee faces first Senate test | White House defends reopening of facility for migrant kids Romney presses Becerra on vote against ban on late-term abortions Biden health nominee faces first Senate test MORE (R-N.C.) signaled during closing remarks that the committee aims to hold a public hearing on election security later in the year.




Watch out Kim Kardashian, drones can now easily avoid obstacles and chase targets like the paparazzi. (Technology Review)



Financial institutions worldwide say they are concerned about possible cyber threats, but Chief Information Security Officers (CISOs) for such organizations listed a range of different priorities for addressing potential attacks, according to a new report.

In an attempt to boost their defense against cyberattacks, 35 percent of CISOs said employee training is a top priority while 25 percent said upgrading infrastructure and network defense is key, according to the 2018 CISO Cybersecurity Trends report Financial Services Information Sharing and Analysis Center (FS-ISAC) found in their 2018 CISO Cybersecurity Trends report.

"Employee training should include awareness about downloading and executing unknown applications on company assets, and in accordance with corporate policies and relevant regulations, and training employees on how to report suspicious emails and attachments," the report says.


Slightly fewer, or 17 percent, said breach prevention is their top priority.

"In the era of increasing security threats and vulnerabilities, CISOs know that keeping top leadership and boards updated regularly on these security risks and effective defenses is a top priority," the report says.

The weight of concern about an outside attack is getting heavier as the issue leaps from the server room to the board room. Most CISOs, or 66 percent, tend to report such matters to their chief information officers instead of the chief executive officers, the report found.

"Free and direct flow of critical information to the CEO and to the board of directors will help increase transparency and facilitate faster decision making," the report recommends.



GEN. PAUL NAKASONE: President Trump will nominate Lt. Gen. Paul Nakasone to serve as the next leader of the National Security Agency (NSA), an administration official said Tuesday.


"Congratulations to Lt. Gen. Paul Nakasone, nominated as Director NSA & Commander, U.S. Cyber Command, a [position] that will earn him his 4th star!" Rob Joyce, a former NSA official who is serving as White House cyber coordinator, wrote on Twitter.

"An exceptional leader for two exceptional [organizations], he brings great experience and strong cyber background," Joyce wrote.

Nakasone, who currently leads the Army Cyber Command, will replace outgoing NSA Director Adm. Mike Rogers, who is expected to soon retire from his post. Nakasone will also helm U.S. Cyber Command in the dual-hat role.

The White House has not yet sent out an official advisory on his nomination. A spokesperson did not immediately respond to a request for confirmation.

Nakasone has widely been rumored as a top choice for the role since news first broke that Rogers was expected to leave his post earlier this year. Politico reported last month that Trump was expected to choose Nakasone for the position.

Nakasone will assume the role at a key moment for both the NSA and Cyber Command, the U.S. military's offensive cyber unit. The clandestine spy agency has faced turmoil in recent years as a result of intelligence leaks and the loss of top-secret hacking tools.

Meanwhile, Cyber Command will see its authorities grow in the coming year, after Trump moved to elevate it into a full combatant command last year.

The Pentagon is currently mulling whether and how to split NSA and Cyber Command, which will result in each having a different leader. The split is widely viewed as inevitable, though former officials and some lawmakers have warned it could have potentially negative consequences if done too swiftly.

Rogers has been at the helm of the NSA since 2014, and has presided over reorganization at an agency that has been unpopular among some officials. He delivered what could be his last public congressional testimony on Tuesday, appearing before the Senate Intelligence Committee for an annual hearing on worldwide threats.

To read the rest of our piece, click here.



Links from our blog, The Hill, and around the Web.

FBI chief contradicts White House account on Porter background check. (The Hill)

FCC to review rules on children's programming. (The Hill)

Senators offer bill to close rural-urban internet divide. (The Hill)

House Dems press FCC for answers on net neutrality comments. (The Hill)

OP-ED: Social media has become a powerful political tool. (The Hill)

DHS releases an update alert on malicious cyber activity from North Korea. (DHS)

Kaspersky has filed another suit in its legal battle with the U.S. government. (CyberScoop)