FEATURED:

Overnight Cybersecurity: Intel chiefs expect Russia to meddle in 2018 midterms | Wyden presses FBI chief on encryption | Trump to tap Army cyber chief as NSA director

Overnight Cybersecurity: Intel chiefs expect Russia to meddle in 2018 midterms | Wyden presses FBI chief on encryption | Trump to tap Army cyber chief as NSA director
© Greg Nash

Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We're here to connect the dots as leaders in government, policy and industry try to counter the rise in cyber threats. What lies ahead for Congress, the administration and the latest company under siege? Whether you're a consumer, a techie or a D.C. lifer, we're here to give you ...

 

THE BIG STORIES:

On Tuesday, top U.S. intelligence officials testified before the Senate Intelligence Committee in a regularly scheduled hearing on worldwide threats to U.S. national security. The hearing covered a wide swath of cyber-related topics, including Russian interference in the election, encryption, potential threats from Chinese telecoms firms, and the lack of a whole-of-government strategy on cybersecurity. The major takeaways:

 

--INTEL CHIEFS EXPECT RUSSIA TO MEDDLE IN MIDTERMS: President TrumpDonald John TrumpFive takeaways from Cruz, O'Rourke's debate showdown Arpaio files libel suit against New York Times IMF's Christine Lagarde delays trip to Middle East MORE's top intelligence chief said Tuesday that there is "no doubt" that Russia views its efforts to influence the 2016 election as successful and will look to target the upcoming midterms. "There should be no doubt that Russia perceived its past efforts as successful and views the 2018 midterm elections as a potential target for Russian influence operations," Director of National Intelligence Dan CoatsDaniel (Dan) Ray CoatsOvernight Defense — Presented by The Embassy of the United Arab Emirates — Senators seek US intel on journalist's disappearance | Army discharged over 500 immigrant recruits in one year | Watchdog knocks admiral over handling of sexual harassment case Lawmakers seeking intel on alleged Saudi plot against journalist It’s not just foreign state-owned telecom posing a threat  MORE said during his opening remarks. Coats and the rest of the officials testifying -- including FBI Director Christopher Wray, CIA Director Mike PompeoMichael (Mike) Richard PompeoIMF's Christine Lagarde delays trip to Middle East Saudi mystery drives wedge between Trump, GOP Overnight Defense: Trump worries Saudi Arabia treated as 'guilty until proven innocent' | McConnell opens door to sanctions | Joint Chiefs chair to meet Saudi counterpart | Mattis says Trump backs him '100 percent' MORE and National Security Agency Director Adm. Mike RogersMichael (Mike) Dennis RogersTrump's praise for North Korea complicates cyber deterrence Overnight Defense: Trump approves new counterterrorism strategy | Mattis calls Russian arms treaty violations 'untenable' | Trump may fire Air Force chief over Space Force, report says Trump considering firing Air Force secretary over 'Space Force' position: report MORE -- all reaffirmed their confidence the intelligence community's assessment on Russian interference in the 2016 election. They also signaled their agreement that they expect Russia will look to interfere in the 2018 elections.

 

--POMPEO CALLS NYT REPORT 'ATROCIOUS': Sen. Susan CollinsSusan Margaret CollinsGraham: I hope Dems 'get their ass kicked' for conduct around Kavanaugh St. Lawrence alumni, faculty want honorary degree for Collins revoked 'Suspicious letter' mailed to Maine home of Susan Collins MORE (R-Maine) asked Pompeo whether reports that U.S. intelligence officials engaged in a top-secret effort over the past year to secure the return of stolen NSA hacking tools from Russian operatives were accurate. The New York Times and The Intercept published reports on the alleged operation late last week. According to the Times, U.S. officials turned over $100,000 to intermediaries in the botched operation. Pompeo called the reports "atrocious" and wholly inaccurate. "Reporting on this matter has been atrocious, it's been ridiculous, totally inaccurate. In our view, the suggestion the CIA was swindled is false. The people who were swindled were James Risen and Matt Rosenberg," Pompeo said, referring to the writers of the reports. "Indeed it's our view that the same two people who were proffering phony information to the United States government proffered that phony information to those same two reporters," Pompeo continued. "The Central Intelligence Agency did not provide any resources -- no money -- to these two individuals who proffered U.S. government information, directly or indirectly, at any time."

 

--WYDEN PRESSES FBI CHIEF ON ENCRYPTION: As expected, Sen. Ron WydenRonald (Ron) Lee WydenUS to open trade talks with Japan, EU, UK Poll: Dem incumbent holds 5-point lead in Oregon governor's race Trump, Feinstein feud intensifies over appeals court nominees MORE (D-Ore.) pressed FBI Director Christopher Wray on recent comments he made in which he suggested that encrypted devices could be designed to both provide data security and enable law enforcement access with a court order. Wray outlined the idea during a speech in New York last month when discussing the issue of "going dark," or the inability of law enforcement to gain access to encrypted communications for investigations. Wyden accused Wray of advocating for "weak encryption" that would undermine security. "You have essentially indicated that companies should be making their products with backdoors in order for you all to do your job," Wyden said, repeating his request for Wray to disclose the experts he has consulted on the issue. Wray pushed back on the assertion that he was advocating for weak security practices. "My position is not that we should weaken encryption. My position is that we should be working together, the government and the private sector, that balances both concerns," Wray said. Wyden's line of questioning also yielded what was arguably the most newsworthy tidbit from the hearing – new details from Wray on the timeline surrounding Rob Porter's security clearance background investigation.

To read more from our coverage, click herehere and here.

 

A LEGISLATIVE UPDATE: 

During the Senate hearing, lawmakers from both parties also underscored the need to address election security as the midterm elections draw closer.

In closing remarks, Sen. Mark WarnerMark Robert WarnerDems can use subpoena power to reclaim the mantle of populism Is there difference between good and bad online election targeting? Collusion judgment looms for key Senate panel MORE (D-Va.), the panel's top Democrat, said that he hopes the committee will "very quickly" release a report on the findings of its investigation specifically addressing U.S. election security.

Warner signaled he expects the report to include a set of recommendations for officials to implement to improve the security of their voting systems in advance of the 2018 primaries.

"It's our hope that on election security, we can come forward with a set of recommendations very quickly because we have primaries coming up as early as March," Warner said.

"My hope is that there will be bipartisan legislation to try to start addressing this issue," he added.

Separately, Sen. Susan Collins (R-Maine) expressed frustration that Congress has not passed legislation to address election security in the states. There are bipartisan bills currently being offered that aim to deter future foreign interference efforts and provide states with more resources to replace outdated voting technology and shore up the security of their systems.  

"This is an election year in our country, and it's frankly frustrating to me that we haven't passed legislation to help states strengthen the security of their voting systems," Collins said.

Sen. Roy BluntRoy Dean BluntGOP loads up lame-duck agenda as House control teeters Congress moves to ensure the greater availability of explosives detecting dogs in the US McConnell sets key Kavanaugh vote for Friday MORE (R-Mo.) also spoke of the urgency of the issue during the hearing.

"Voting begins in March. That's next month," Blunt said. "If we're going to have any impact on securing that voting system itself, it would seem to me that we need to be acting quickly."

Chairman Richard BurrRichard Mauze BurrDems can use subpoena power to reclaim the mantle of populism Collusion judgment looms for key Senate panel The National Trails System is celebrating 50 years today — but what about the next 50 years? MORE (R-N.C.) signaled during closing remarks that the committee aims to hold a public hearing on election security later in the year.

 

A LIGHTER CLICK: 

Watch out Kim Kardashian, drones can now easily avoid obstacles and chase targets like the paparazzi. (Technology Review)

 

A REPORT IN FOCUS:

Financial institutions worldwide say they are concerned about possible cyber threats, but Chief Information Security Officers (CISOs) for such organizations listed a range of different priorities for addressing potential attacks, according to a new report.

In an attempt to boost their defense against cyberattacks, 35 percent of CISOs said employee training is a top priority while 25 percent said upgrading infrastructure and network defense is key, according to the 2018 CISO Cybersecurity Trends report Financial Services Information Sharing and Analysis Center (FS-ISAC) found in their 2018 CISO Cybersecurity Trends report.

"Employee training should include awareness about downloading and executing unknown applications on company assets, and in accordance with corporate policies and relevant regulations, and training employees on how to report suspicious emails and attachments," the report says.

Slightly fewer, or 17 percent, said breach prevention is their top priority.

"In the era of increasing security threats and vulnerabilities, CISOs know that keeping top leadership and boards updated regularly on these security risks and effective defenses is a top priority," the report says.

The weight of concern about an outside attack is getting heavier as the issue leaps from the server room to the board room. Most CISOs, or 66 percent, tend to report such matters to their chief information officers instead of the chief executive officers, the report found.

"Free and direct flow of critical information to the CEO and to the board of directors will help increase transparency and facilitate faster decision making," the report recommends.

 

WHAT'S IN THE SPOTLIGHT: 

GEN. PAUL NAKASONE: President Trump will nominate Lt. Gen. Paul Nakasone to serve as the next leader of the National Security Agency (NSA), an administration official said Tuesday.

"Congratulations to Lt. Gen. Paul Nakasone, nominated as Director NSA & Commander, U.S. Cyber Command, a [position] that will earn him his 4th star!" Rob Joyce, a former NSA official who is serving as White House cyber coordinator, wrote on Twitter.

"An exceptional leader for two exceptional [organizations], he brings great experience and strong cyber background," Joyce wrote.

Nakasone, who currently leads the Army Cyber Command, will replace outgoing NSA Director Adm. Mike Rogers, who is expected to soon retire from his post. Nakasone will also helm U.S. Cyber Command in the dual-hat role.

The White House has not yet sent out an official advisory on his nomination. A spokesperson did not immediately respond to a request for confirmation.

Nakasone has widely been rumored as a top choice for the role since news first broke that Rogers was expected to leave his post earlier this year. Politico reported last month that Trump was expected to choose Nakasone for the position.

Nakasone will assume the role at a key moment for both the NSA and Cyber Command, the U.S. military's offensive cyber unit. The clandestine spy agency has faced turmoil in recent years as a result of intelligence leaks and the loss of top-secret hacking tools.

Meanwhile, Cyber Command will see its authorities grow in the coming year, after Trump moved to elevate it into a full combatant command last year.

The Pentagon is currently mulling whether and how to split NSA and Cyber Command, which will result in each having a different leader. The split is widely viewed as inevitable, though former officials and some lawmakers have warned it could have potentially negative consequences if done too swiftly.

Rogers has been at the helm of the NSA since 2014, and has presided over reorganization at an agency that has been unpopular among some officials. He delivered what could be his last public congressional testimony on Tuesday, appearing before the Senate Intelligence Committee for an annual hearing on worldwide threats.

To read the rest of our piece, click here.

 

IN CASE YOU MISSED IT:

Links from our blog, The Hill, and around the Web.

FBI chief contradicts White House account on Porter background check. (The Hill)

FCC to review rules on children's programming. (The Hill)

Senators offer bill to close rural-urban internet divide. (The Hill)

House Dems press FCC for answers on net neutrality comments. (The Hill)

OP-ED: Social media has become a powerful political tool. (The Hill)

DHS releases an update alert on malicious cyber activity from North Korea. (DHS)

Kaspersky has filed another suit in its legal battle with the U.S. government. (CyberScoop)