FEATURED:

Overnight Cybersecurity: Lawmakers press FBI chief on encryption | Cyber world flocks to RSA conference | Defense contractors face mounting cyber threats

Overnight Cybersecurity: Lawmakers press FBI chief on encryption | Cyber world flocks to RSA conference | Defense contractors face mounting cyber threats
© Greg Nash

Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We're here to connect the dots as leaders in government, policy and industry try to counter the rise in cyber threats. What lies ahead for Congress, the administration and the latest company under siege? Whether you're a consumer, a techie or a D.C. lifer, we're here to give you ...

 

THE BIG STORIES:

--LAWMAKERS PRESS FBI CHIEF ON ENCRYPTION: A bipartisan group of lawmakers is pressing FBI Director Christopher Wray on the bureau's efforts to unlock encrypted devices, in the wake of a critical watchdog report. In a letter sent Friday, the lawmakers called into question recent statements made by Wray and others that the bureau is unable to access scores of devices for ongoing criminal investigations because of encryption -- often referred to as the "going dark" problem.  According to a report released last month, the Justice Department inspector general found that the FBI did not exhaust all avenues to unlock the iPhone of one of the suspects in the 2015 San Bernardino attack before seeking a court order to force Apple to unlock the device. One FBI official also voiced concerns that agents weren't exhausting all technical avenues to unlock the device because they wanted the suit against Apple to go forward. In the Friday letter, several House lawmakers labeled the inspector general report "troubling," arguing that it undermines statements made by FBI officials that only device makers could provide a solution to unlock encrypted devices. The lawmakers also cited news reports that private companies like Cellebrite and Greyshift have developed capabilities to unlock encrypted phones.  Taken together, they argued, the revelations cast doubt on Wray's recent assertion that the FBI was unable to access 7,800 devices last fiscal year despite having relevant court orders.

 

ADVERTISEMENT

Key quote: "According to your testimony and public statements, the FBI encountered 7,800 devices last year that it could not access due to encryption," the lawmakers wrote. "However, in light of the availability of unlocking tools developed by third-parties and the OIG report's findings that the Bureau was uninterested in seeking available third-party options, these statistics appear highly questionable."  

 

The lawmakers are asking Wray to respond to several questions, including whether he has consulted with third-party vendors to understand tools that could be used to break encryption, and whether the bureau has attempted to use tools developed by third parties to access the 7,800 devices.

To read more from our piece, click here.

 

--POMPEO FACES TIGHT VOTE: CIA Director Mike PompeoMichael (Mike) Richard PompeoOvernight Defense: Trump says 'rogue killers' could be behind missing journalist | Sends Pompeo to meet Saudi king | Saudis may claim Khashoggi killed by accident | Ex-VA chief talks White House 'chaos' | Most F-35s cleared for flight GOP strategist says Trump is taking 'appropriate stance' with Saudi Arabia Saudi Embassy in DC cancels National Day celebration amid uproar over missing journalist MORE on Thursday faced a grilling from Democrats on the Senate Foreign Relations Committee, suggesting he faces uncertain prospects to win a panel vote to become the nation's top diplomat. Pompeo declined to answer repeated questions from Democrats related to the ongoing Russia investigations and was challenged at several points to break with President TrumpDonald John TrumpKey takeaways from the Arizona Senate debate Major Hollywood talent firm considering rejecting Saudi investment money: report Mattis says he thought 'nothing at all' about Trump saying he may leave administration MORE, as lawmakers voiced concerns that he would be too deferential as secretary of State. Pompeo's performance seemed widely to please Republicans on the panel, but with the defection of Sen. Rand PaulRandal (Rand) Howard PaulNoisy democracy, or rude people behaving like children? Lawmakers, Wall Street shrug off Trump's escalating Fed attacks Five things to watch for in deteriorating US-Saudi relations MORE (R-Ky.) and with Sen. John McCainJohn Sidney McCainLive coverage: McSally clashes with Sinema in Arizona Senate debate Is there difference between good and bad online election targeting? Murkowski not worried about a Palin challenge MORE (R-Ariz.) home receiving treatment for cancer, he will need support from Democrats to win confirmation. Getting a majority vote from the panel -- the first hurdle for the former Kansas congressman -- could prove difficult. Paul, who vowed to oppose Pompeo's nomination over his support for the Iraq War and his past position on torture, sits on the committee.

 

Can Pompeo get any Dems? If the committee's 10 Democrats join him in voting against Pompeo, it would be an 11-10 vote against his confirmation. No Democrats on the panel have so far offered their support. Sen. Tom UdallThomas (Tom) Stewart UdallHillicon Valley: Officials warn of Chinese influence efforts | Dow drops over 800 points | Tech stocks hit hard | Google appeals B EU fine | James Murdoch may be heading for Tesla | Most Americans worried about election security For everyone’s safety, border agents must use body-worn cameras Senate Democrats increase pressure for FBI investigation of Kavanaugh MORE (D-N.M.) has already announced that he will oppose the nomination and at least two other Democratic committee members who supported his confirmation as CIA director -- Sens. Jeanne ShaheenCynthia (Jeanne) Jeanne ShaheenBrunson release spotlights the rot in Turkish politics and judiciary Overnight Defense — Presented by The Embassy of the United Arab Emirates — Missing journalist strains US-Saudi ties | Senators push Trump to open investigation | Trump speaks with Saudi officials | New questions over support for Saudi coalition in Yemen Senators demand answers on Trump administration backing of Saudi coalition in Yemen MORE (N.H.) and Tim KaineTimothy (Tim) Michael KaineOvernight Defense: Trump says 'rogue killers' could be behind missing journalist | Sends Pompeo to meet Saudi king | Saudis may claim Khashoggi killed by accident | Ex-VA chief talks White House 'chaos' | Most F-35s cleared for flight Democrats torch Trump for floating 'rogue killers' to blame for missing journalist Election Countdown: O'Rourke brings in massive M haul | Deal on judges lets senators return to the trail | Hurricane puts Florida candidates in the spotlight | Adelson spending big to save GOP in midterms MORE (Va.) -- have expressed concerns.

To read more from our piece, click here.

 

AN EVENT IN FOCUS: 

Next week, cybersecurity professionals will descend on San Francisco for the annual RSA Conference. Among the speakers will be Homeland Security Secretary Kirstjen NielsenKirstjen Michele NielsenTop Judiciary Dems call for unredacted 'zero tolerance' memo The Hill's Morning Report — Presented by PhRMA — Dem path to a Senate majority narrows Hillicon Valley: Officials warn of Chinese influence efforts | Dow drops over 800 points | Tech stocks hit hard | Google appeals B EU fine | James Murdoch may be heading for Tesla | Most Americans worried about election security MORE, who is expected to discuss the department's cybersecurity priorities as well as current threats facing the United States in a keynote address Tuesday afternoon. The highly anticipated information security conference takes place April 16 to 20.

 

A LIGHTER CLICK: 

What does pet-cloning mean for human-cloning? And no, this isn't about Barbra Streisand. (Technology Review)

 

WHO'S IN THE SPOTLIGHT: 

DEFENSE CONTRACTORS: Cybersecurity experts say defense contractors are facing more aggressive attacks as nation states and other hacking groups increasingly use malicious software to block information or manipulate data.

The companies that provide U.S. military and intelligence agencies with products and services have long faced espionage-motivated attacks.

They are now, however, also confronting outside attacks that aim to thwart, or even sabotage, their operations.

"To put it bluntly, these are attacks that don't try to steal secrets -- but either try to block information or change information," Peter Singer, a fellow at New America, told The Hill in an interview.

The rise of ransomware attacks against defense contractors coincides with a rise in the use of ransomware in general. Attacks can spread even after the original target has been hit, hurting unintended victims.

"It is the fastest growing area of cyber crime," Singer said.

One recent victim is Boeing, which was hit by the WannaCry virus late last month. The U.S. and U.K. have blamed North Korea for the attack, which only took a week to rapidly infect hundreds of thousands of Windows devices in 150 countries last spring.

Varun Badhwar, the head of cybersecurity firm RedLock, said hackers actively search for doors that are already cracked open as they seek to infiltrate such systems.

"[P]eople are looking for low-hanging fruit in terms of misconfigured systems as was in Boeing's case," Badhwar told The Hill, adding that the incident could've been easily avoided.

"The Microsoft patch was available for close to a year now," he said.

Linda Mills, the vice president of Boeing's commercial airlines communications, said in a statement that the attack was quickly mitigated after their "cybersecurity operations center detected a limited intrusion of malware that affected a small number of systems."

To read the rest of our piece, click here.

 

LOOKING BACK ON THE WEEK:

All eyes were on Facebook CEO Mark ZuckerbergMark Elliot ZuckerbergFacebook executive hosted Kavanaugh confirmation celebration Hillicon Valley: Facebook rift over exec's support for Kavanaugh | Dem worried about Russian trolls jumping into Kavanaugh debate | China pushes back on Pence House Democrat questions big tech on possible foreign influence in Kavanaugh debate MORE, who weathered tough questions about data privacy and his company's policies during 10 hours of congressional testimony over Tuesday and Wednesday.

Facebook wasn't the only company on the hot seat. Uber agreed to extend a 2016 privacy agreement with the Federal Trade Commission in light of their massive data breach.

 

IN CASE YOU MISSED IT:

The White House calls former FBI director Comey a 'disgraced partisan hack' ahead of book release. (The Hill)

Backpage.com pleads guilty to human trafficking. (The Hill)

Inspector general releases long-awaited report on former FBI deputy Andrew McCabe. (The Hill)

Democratic lawmakers are accusing the ex-CEO of Cambridge Analytica of giving deceiving testimony before Congress. (BuzzFeed)

A cyber expert at the Center for Strategic and International Studies argues that a 'monopoly' is not the issue with Facebook. (CSIS)

The former HHS cybersecurity chief nabs a job at a voting technology company. (FedScoop)

Homeland Security releases a recap of its 'Cyber Storm' exercise. (DHS)

Police across the U.S. have purchased tools to unlock encrypted devices. (Motherboard)

Pennsylvania's secretary of state is mandating voting machines that leave a paper trail. (PennLive)