Overnight Cybersecurity: House Intel votes to release Russia report | House lawmakers demand Zuckerberg testify | Senators unveil updated election cyber bill

Overnight Cybersecurity: House Intel votes to release Russia report | House lawmakers demand Zuckerberg testify | Senators unveil updated election cyber bill
© Getty Images

Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We're here to connect the dots as leaders in government, policy and industry try to counter the rise in cyber threats. What lies ahead for Congress, the administration and the latest company under siege? Whether you're a consumer, a techie or a D.C. lifer, we're here to give you ...




--HOUSE INTEL VOTES TO RELEASE RUSSIA REPORT: The House Intelligence Committee on Thursday voted along party lines to release its controversial, Republican-authored report on Russian interference in the 2016 presidential election, bookending a year of contentious committee infighting. The report will not immediately be made public. It must first be sent to the intelligence community for a declassification review. Democrats are outraged by the end of the investigation, which they say was premature and done to protect the White House from scrutiny. The minority is in the process of preparing its own views to be appended to the Republican report, according to Democratic Rep. Jim HimesJames (Jim) Andres HimesPelosi faces tough choices on impeachment managers This week: Impeachment inquiry moves to Judiciary Committee Juan Williams: Trump has nothing left but smears MORE (Conn.). That document, which the minority has until Monday night to complete under committee rules, will also have to go through the declassification process. The Republican report and the dissenting minority views will be submitted together. The top Republican leading the investigation, Rep. Mike ConawayKenneth (Mike) Michael ConawayLive coverage: Democrats, Republicans seek to win PR battle in final House impeachment hearing Laughter erupts at hearing after Democrat fires back: Trump 'has 5 Pinocchios on a daily basis' Live coverage: Schiff closes with speech highlighting claims of Trump's corruption MORE (Texas), said they expect that review to be completed in two weeks, so the report can be made public after Congress's two-week Easter recess. The report is now pushing 250 pages, he said, up from a 150-page draft. According to a summary of the report released on Thursday, Republicans will assert that they found no evidence of collusion between the Trump campaign and Moscow. The report will also claim that the tradecraft behind an official U.S. intelligence community assessment that Russian President Vladimir Putin showed a "preference" for Donald Trump during the race was not "proper." In fact, the summary claims, "possible Russian efforts to set up a 'back channel' with Trump's associates after the election suggest the absence of collusion during the campaign, since the communication associated with collusion would have rendered such a 'back channel' unnecessary."

To read more from our piece, click here.


--THE LATEST: HOUSE PANEL DEMANDS ZUCKERBERG TESTIMONY: Top lawmakers on the House Energy and Commerce Committee are calling for Facebook chief executive Mark ZuckerbergMark Elliot ZuckerbergOverwhelming majority say social media companies have too much influence: poll The Hill's Morning Report - Sponsored by AdvaMed - House panel expected to approve impeachment articles Thursday Facebook tells Trump administration it will not create messaging 'backdoor' for law enforcement MORE to testify before the panel over the Cambridge Analytica controversy. Committee Chairman Greg WaldenGregory (Greg) Paul WaldenOvernight Health Care — Presented by That's Medicaid — Turf war derails push on surprise medical bills | Bill would tax e-cigarettes to pay for anti-vaping campaign | .5M ad blitz backs vulnerable Dems on drug prices Turf war derails bipartisan push on surprise medical bills Conservative group hits White House with billboard ads: 'What is Trump hiding?' MORE (R-Ore.) and Rep. Frank Pallone Jr.Frank Joseph PalloneOvernight Health Care — Presented by That's Medicaid — Deal on surprise medical bills faces obstacles | House GOP unveils rival drug pricing measure ahead of Pelosi vote | Justices to hear case over billions in ObamaCare payments Obstacles remain for deal on surprise medical bills This week: House impeachment inquiry hits crucial stretch MORE (D-N.J.), the panel's ranking member, said in a statement Thursday that they want Zuckerberg to appear before the committee. They join a growing chorus of lawmakers who are pushing for the Facebook CEO to testify on Capitol Hill following new revelations regarding the social media platform's handling of sensitive user data. Along with Republicans like Sens. Jerry MoranGerald (Jerry) MoranThe Hill's Morning Report — Sponsored by AdvaMed — House panel delays impeachment vote until Friday McConnell, Grassley at odds over Trump-backed drug bill Senators inch forward on federal privacy bill MORE (Kan.) and John KennedyJohn Neely KennedyMORE (La.) and Democrats like Sens. Amy KlobucharAmy Jean KlobucharSenate gears up for battle over witnesses in impeachment trial Booker says he will not make December debate stage Yang: 2020 rivals in Senate should be able to campaign amid impeachment MORE (Minn.) and Ed MarkeyEdward (Ed) John MarkeyUS must act as journalists continue to be jailed in record numbers Warren proposes 'Blue New Deal' to protect oceans There's a lot to like about the Senate privacy bill, if it's not watered down MORE (Mass.), the pair wants Zuckerberg to explain how Cambridge Analytica, a firm used by the Trump campaign during the 2016 presidential race, improperly obtained data from 50 million Facebook users. "After committee staff received a briefing yesterday from Facebook officials, we felt that many questions were left unanswered," Walden and Pallone said in a joint statement. "Mr. Zuckerberg has stated that he would be willing to testify if he is the right person. We believe, as CEO of Facebook, he is the right witness to provide answers to the American people," they said. They said in the statement that a formal letter will be sent to Zuckerberg "in the coming days." Zuckerberg said during a media blitz on Wednesday night that he is open to testifying before Congress, but only if he is the correct person at Facebook to do so.

To read more from our piece, click here.




--SENATORS UNVEIL REVISED ELECTION SECURITY BILL: A bipartisan group of senators on Thursday unveiled revised legislation to secure U.S. voting systems from cyberattack.

The bill, originally introduced in December, retains its original tenets, including authorizing grants for states to replace outdated voting systems with more secure technology. However, it contains several revisions that appear designed to address individual states' concerns with the bill.

The new bill, like its predecessor, aims to address future threats to voter registration databases and other systems following Russian interference in the 2016 presidential vote.

The Department of Homeland Security has said that Russian hackers tried to break into election systems in 21 states before the election, as part of a broader interference plot. In one case, hackers successfully breached a voter registration database in Illinois.

Sen. James LankfordJames Paul LankfordThe Hill's Morning Report - Sponsored by AdvaMed - House panel expected to approve impeachment articles Thursday Lankford to be named next Senate Ethics chairman Trump to sign order penalizing colleges over perceived anti-Semitism on campus: report MORE (R-Okla.), a lead cosponsor of the "Secure Elections Act" bill, said Thursday that the revised version "adequately helps the states prepare our election infrastructure for the possibility of interference from not just Russia, but possibly another adversary like Iran or North Korea or a hacktivist group."

With the revisions, the bill now has the support of Senate Intelligence Committee leaders Richard BurrRichard Mauze BurrGOP senators request interview with former DNC contractor to probe possible Ukraine ties North Carolina congressman says he won't seek reelection after redistricting Senate passes bipartisan bill to permanently fund historically black colleges MORE (R-N.C.) and Mark WarnerMark Robert WarnerTikTok chief cancels Capitol Hill meetings, inflaming tensions Watchdog report finds FBI not motivated by political bias in Trump probe Ex-Rep. Scott Taylor to seek old Virginia seat MORE (D-Va.).

Specifically, the bill aims to streamline information sharing between federal and state election officials, revise the delivery of security clearances to state officials to view sensitive cyber threat information related to elections and provide aid to states to bolster the security around digital election infrastructure.

However, the new bill modifies the reporting requirements for state election officials to share information about suspected cybersecurity incidents with the federal government. It says that states should provide the notification "in the most expedient time possible" but drops the original mandate that states share the information within three calendar days.

The revised bill also says that local jurisdictions are eligible for federal grants to boost security around digital voting infrastructure.

States, which are responsible for administering elections, have voiced concerns about some efforts by the federal government to bolster election security, fearing it would mean a federal takeover.

The lawmakers reintroduced the bill one day after the Senate Intelligence Committee held an open hearing on election security, during which several senators voiced the need for federal officials to tackle the issue with more urgency ahead of the 2018 midterm elections.

To read more from our piece, click here.


--HOUSE PASSES OMNIBUS: The House easily passed a $1.3 trillion spending package on Thursday, sending legislation to the Senate that would prevent a shutdown and deliver the largest federal spending increase in years.

Lawmakers approved the bill in a 256-167 vote on Thursday, with majorities in each caucus backing the measure. Ninety Republicans and 77 Democrats voted against the bill. A large number of conservative Republicans were among those voting no over the measure's massive price tag and lack of transparency in the bill-writing process.

Among the cyber-related provisions, the bill includes a provision to allow law enforcement to search and seize data stored overseas, potentially canceling a case now before the Supreme Court.

The bipartisan Clarifying Lawful Overseas Use of Data, or CLOUD, Act, led by Rep. Doug CollinsDouglas (Doug) Allen CollinsImpeachment obliterates tinges of comity in House Overnight Defense: Mattis downplays Afghanistan papers | 'We probably weren't that good at' nation building | Judiciary panel approves two impeachment articles | Stage set for House vote next week Trump invites Judiciary Republicans to gathering after they missed White House party during impeachment markup MORE (R-Ga.) in the House and Sen. Orrin HatchOrrin Grant HatchKey Republicans say Biden can break Washington gridlock Trump awards Medal of Freedom to racing industry icon Roger Penske Trump holds more Medal of Freedom ceremonies than predecessors but awards fewer medals MORE (R-Utah) in the Senate, allows investigators to obtain electronic data stored anywhere in the world by technology firms.

The omnibus appropriations bill also includes $380 million that the U.S. Election Commission can dole out in cybersecurity grants for states to secure digital voting infrastructure.

Ahead of the House vote Thursday, state officials urged lawmakers to pass the bill, expressing support for the election security funds.

"There is no higher priority than protecting our election systems," said Indiana Secretary of State Connie Lawson (R), the current president of the National Association of Secretaries of State (NASS). Lawson, like many other secretaries of state, serves as the chief election official for her state.

Lawson said she looks forward to investing the funds "in system upgrades, voting protections, and voter education."


Vermont Secretary of State Jim Condos (D), president-elect of NASS, told The Hill that his state would look to use the funds to implement a range of security measures, such as additional penetration testing of state systems and enabling two-factor authentication for town clerks who access part of the state voter registration database. He noted that Vermont has already taken a number of steps to secure its systems. 

"We will look at how we can ramp up even more security," Condos said. 

The funding measure is now in the Senate's hands. 

To read more from our coverage, click herehere and here.



CRYPTO MINING, RANSOMWARE AMONG 2017 CYBER THREAT TRENDS: Cybersecurity firm Symantec released its annual threat report on Thursday, highlighting a number of emerging trends in cyberspace.


For one, the report explores the "explosion" of malicious cryptocurrency coin mining, in which hackers mine cryptocurrencies like Monero using victims' computer processing power to generate a profit.

The report notes that cyber criminals seem to primarily be targeting computers to mine cryptocurrencies but are also turning to the Internet of Things (IoT) to fuel their operations. Symantec observed a whopping 600 percent surge in cyberattacks in these internet-connected devices in 2017 over the previous year.

The cyber firm also observed a decline in average ransom demands in attacks; the average demand in 2017 was $522, roughly half the average for the previous year. At the same time, the number of ransomware variants increased by nearly 50 percent last year.

Symantec also says in the report that cyber activity related to "targeted attack groups" increased by 10 percent last year and was largely tied to intelligence gathering operations.

To check out the full report, click here.



Digital …. athletes? (Technology Review)



TRUMP'S CHINA TARIFFS: President TrumpDonald John TrumpDemocrats ask if they have reason to worry about UK result Trump scramble to rack up accomplishments gives conservatives heartburn Seven years after Sandy Hook, the politics of guns has changed MORE on Thursday announced he plans to slap tens of billions of dollars in tariffs and penalties on imports from China to try to curb what he described as its efforts to steal intellectual property from U.S. companies.

The president signed a memorandum directing the Office of the U.S. Trade Representative (USTR) and the Treasury Department to launch a broad range of actions against China.

During an event at the White House, Trump said that imposing tariffs on China is "going to make us a much stronger, much richer nation."

The president called China a "friend" but demanded the world's second-largest economy adopt more favorable trade practices with the U.S.

"We want reciprocal, mirror," he said. "If they charge us, we charge them the same thing. That's the way it's gotta be."

Trump said the tariffs "could be about $60 billion," hours after his own advisers said the number would be closer to $50 billion.

The memorandum is a result of a Section 301 investigation launched in August that found that China's theft of U.S. intellectual property is costing the U.S. economy billions of dollars.

"This is the first of many," Trump said as he signed the memorandum.

Trump will ask U.S. Trade Representative Robert LighthizerRobert (Bob) Emmet LighthizerGOP senator warns quick vote on new NAFTA would be 'huge mistake' Pelosi casts doubt on USMCA deal in 2019 Pelosi sounds hopeful on new NAFTA deal despite tensions with White House MORE to consider whether the actions by China should result in increased tariffs on their imports. Within 15 days, the USTR is expected to publish a proposed list of products and recommended tariff increases for public comment.

The memo issued by Trump on Thursday specifically calls out China for conducting and supporting "unauthorized intrusions into, and theft from, the computer networks of U.S. companies," despite an Obama-era agreement in which the U.S. and China agreed to not support cyber-enabled intellectual property theft against businesses in each others' borders.

"These actions provide the Chinese government with unauthorized access to intellectual property, trade secrets, or confidential business information, including technical data, negotiating positions, and sensitive and proprietary internal business communications, and they also support China's strategic development goals, including its science and technology advancement, military modernization, and economic development," the memo says.

To read more from our piece, click here.



Links from our blog, The Hill, and around the Web.

Five takeaways from Mark Zuckerberg's media blitz. (The Hill)

Mozilla stops Facebook ads amid data privacy concerns. (The Hill)

OP-ED: Facebook is complicit, not a victim, in the abuse and misuse of personal data. (The Hill)

Former Pentagon cyber official argues that cyber defense isn't enough. (Foreign Affairs)

Computer systems belonging to the City of Atlanta are grappling with a cyberattack. (CBS 46)

A guide to Facebook's privacy settings. (Wired)