Overnight Cybersecurity: Staff changes upend White House cyber team | Trump sends cyber war strategy to Congress | CIA pick to get hearing in May | Malware hits Facebook accounts

Overnight Cybersecurity: Staff changes upend White House cyber team | Trump sends cyber war strategy to Congress | CIA pick to get hearing in May | Malware hits Facebook accounts
© Getty

Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We're here to connect the dots as leaders in government, policy and industry try to counter the rise in cyber threats. What lies ahead for Congress, the administration and the latest company under siege? Whether you're a consumer, a techie or a D.C. lifer, we're here to give you ...



STAFF CHANGES UPEND WHITE HOUSE CYBER TEAM: The White House cybersecurity team is undergoing a major shuffle that former officials say could jeopardize the administration's efforts to develop cyber policy and punish hackers for disruptive attacks. President TrumpDonald John TrumpGrassley: Dems 'withheld information' on new Kavanaugh allegation Health advocates decry funding transfer over migrant children Groups plan mass walkout in support of Kavanaugh accuser MORE's cybersecurity coordinator, Rob Joyce, revealed this week that he would vacate his post and return to the National Security Agency (NSA), ending a 14-month stint at the White House. News of his planned departure came less than a week after the resignation of homeland security adviser Tom Bossert.

The two men had become the face of the White House's cybersecurity efforts, providing a line of communication between lawmakers and private industry to the West Wing. The shakeup has created a new challenge for the Trump administration at a time when cyber threats abound.

"Certainly, there's no question that between Bossert's departure and Rob's departure that it's going to slow down policy development work and cause disruption," said Michael Daniel, who served as cybersecurity coordinator under the Obama administration. The changes give new national security adviser John Bolton the opportunity to remake the National Security Council (NSC) to his liking, raising questions about who he will choose to fill the positions and whether he will restructure the roles.


OVER THE COURSE of a year, both officials fostered relationships with private sector cyber companies. They also worked with foreign governments to publicly attribute cyberattacks. Bossert, for instance, stepped out onto the White House podium last December to blame North Korea for the global WannaCry malware attack.


The main takeaways: The shakeup has many in industry worried.

"Both Tom and Rob leaving is a significant problem for private sector engagement on cybersecurity issues," said one lobbyist who works in the cybersecurity space. "As companies worry about cyberattacks right now, people are asking, 'Who should I call?' " the source said. "Since this administration started, the first call has often been to one of those two."

There is also broad agreement among former officials that it will be difficult to find suitable replacements, especially for Joyce, given his wealth of experience at NSA.

To read more, click here.


WHITE HOUSE SENDS CYBER WAR STRATEGY TO CONGRESS: President Trump has sent Congress a long-awaited report on U.S. policy for deterring and responding to attacks in cyberspace.

The policy was sent to the House and Senate committees with oversight of the Departments of State, Homeland Security, Defense, and Justice, according to a letter released Thursday by the White House.

An annual defense policy law approved last year mandates that Trump develop a national policy for cyberspace and cyberwarfare. The president strongly objected to the provision at the time because it made funding for the White House Communications Agency (WHCA) contingent on him producing the strategy.

The text of the letter sent Thursday contains no clues about the actual contents of the report. An aide to the Senate Armed Services Committee told The Hill that the document is classified.


Why it's a big deal: Lawmakers have raised concerns for successive administrations about the lack of a comprehensive policy on deterring and responding to aggression in cyberspace.

In March, a bipartisan group of senators wrote to Trump that he should issue the strategy as soon as possible, arguing that the lack of clearly spelled out consequences for cyberattacks "has served as an open invitation to foreign adversaries and malicious cyber actors to continue attacking the United States."

To read more, click here.


A CONFIRMATION UPDATE: Senate Intelligence Committee Chairman Richard BurrRichard Mauze BurrKey House Dem's objections stall intel bill as deadline looms Trump assures storm victims in Carolinas: 'We will be there 100 percent' Overnight Energy: Trump rolls back methane pollution rule | EPA watchdog to step down | China puts tariffs on US gas MORE (R-N.C.) announced Thursday that the committee will hold a hearing on the confirmation of Gina Haspel to be President Trump's CIA director.

The hearing, which will be conducted in an open setting, will take place on May 9, Burr said. The announcement comes as Haspel continues to undergo scrutiny for her role in the intelligence agency's torture program.

"Unless the CIA declassifies and makes public specific information about Gina Haspel's background, proceeding with this hearing will make a mockery of the Senate's constitutional responsibilities with regard to nominations," Sen. Ron WydenRonald (Ron) Lee WydenHillicon Valley: NYT says Rosenstein wanted to wear wire on Trump | Twitter bug shared some private messages | Vendor put remote-access software on voting machines | Paypal cuts ties with Infowars | Google warned senators about foreign hacks Overnight Health Care: Opioids package nears finish line | Measure to help drug companies draws ire | Maryland ObamaCare rates to drop Google says senators' Gmail accounts targeted by foreign hackers MORE (D-Ore.), a member of the Intelligence Committee said in a statement.

"There is critical information about Ms. Haspel's background that the American people need to see, and that can be declassified without compromising sources and methods. Agreeing to the CIA's cover-up and pushing ahead with this nomination represents a true abdication of the Senate's oversight role," Wyden said.

Haspel would replace current CIA chief Mike PompeoMichael (Mike) Richard PompeoRosenstein report gives GOP new ammo against DOJ Pompeo rejects ‘good cop, bad cop’ characterization of Russia strategy Pompeo: 'Enormous mistake' for Iran to blame US, allies for attack on military parade MORE, whom Trump has tapped to serve as secretary of State. 



MUELLER'S AUTHORITY. A federal judge on Thursday questioned whether the Department of Justice (DOJ) gave special counsel Robert MuellerRobert Swan MuellerSasse: US should applaud choice of Mueller to lead Russia probe MORE more authority to conduct his federal probe Russian interference in the 2016 election than the agency's rules allow.

U.S. District Judge Amy Berman Jackson questioned whether Deputy Attorney General Rod RosensteinRod Jay RosensteinTrump distances himself from Rosenstein by saying Sessions hired him AP: Trump polled staff on board Air Force One over whether to fire Rosenstein House Judiciary chair threatens subpoena if DOJ doesn’t supply McCabe memos by Tuesday MORE's order to appoint Mueller granted him more authority than DOJ regulations appear to permit, after Manafort's counsel pointed out how Rosenstein's order in May said the special counsel can look into anything of consequence that "arose or may arise" in his investigation.

Trump's former campaign manager sued the DOJ and the special counsel's office in January in an effort to block Mueller's team from carrying out future prosecutions against him, arguing that Mueller has gone beyond the scope of his investigation. Manafort's lead defense attorney, Kevin Downing, argued that Rosenstein -- who appointed Mueller -- did not clearly specify what could or could not be examined, giving the special counsel free rein to investigate a broad swath of issues. This, he said, has led the special counsel to begin looking into old allegations that extend beyond his investigation's jurisdiction and authority.

Downing said that contradicts Justice's regulations, which maintain that the directive given to a special counsel must include specific factual matter about their investigation.

While the argument appeared to get some traction with the judge, it is unclear whether it will sway her ruling in the civil case. Jackson is also presiding over Manafort's criminal case.

To read more from our piece, click here.



THOUSANDS OF FACEBOOK ACCOUNTS INFECTED: Hackers have successfully infiltrated tens of thousands of Facebook accounts by targeting users with malware disguised as a painting application, security researchers say.

According to data security firm Radware, hackers are using the malware to harvest user credentials, payment methods and other information stored on Facebook accounts across the world.

The malware masquerades as a painting application called Relieve Stress Paint and had infected more than 40,000 Facebook user accounts in a matter of days, the firm said Wednesday.

The revelation could create a new headache for Facebook, which has been under scrutiny for its data privacy practices following news that Cambridge Analytica improperly harvested data on some 87 million of its users. CEO Mark ZuckerbergMark Elliot ZuckerbergFight looms over national privacy law Facebook teaming with nonprofits to fight fake election news China may be copying Facebook to build an intelligence weapon MORE testified before Congress on the issue last week.

Facebook said it is currently investigating the malware issue.

"We are investigating these malware findings and we are taking steps to help protect and notify those who are impacted," Facebook communications manager Pete Voss told The Hill.

According to Radware, hackers are targeting Facebook users through phishing emails or directly through their Facebook accounts, then directing them to a fraudulent website where they are prompted to download the malicious application.

Once downloaded, the application runs a malware called Stresspaint in the background, allowing hackers to steal user credentials and use those to collect additional data on the accounts, such as the number of friends a user has or any payment method that may be stored on the account.


Why it's notable: The researchers, who discovered the malicious activity last week, say that the high infection rate of the malware indicates that it was developed professionally.

To read more from our piece, click here.



Now that's just gross.



ELECTION SECURITY: Identity security company Centrify conducted an onsite poll of 100 information technology professionals at the RSA conference in San Francisco this week, finding that the majority are concerned about the security of private data that is held by state Election Boards ahead of the 2018 midterm elections.

Specifically, Centrify found that 67 percent of those polled expressed concern about the security of this data. Twenty-one percent also replied that they consider the integrity of voting places and machines to be the gravest threat to U.S. democracy ahead of the 2018 vote.

Election security has become a popular topic in and out of Washington following Russian interference in the 2016 presidential election, which involved targeting of state and local voting systems. While none of the systems targeted or breached were involved in vote tallying, the revelations have nevertheless stirred fears that future hacks could undermine confidence in the vote, or tamper with it directly.  

In non-election security related revelations, roughly three in 10 respondents said that they stopped using the services of companies like Uber, Yahoo, and Equifax after they revealed security breaches.



Links from our blog, The Hill, and around the Web.

Heitkamp becomes first Dem to back Pompeo for secretary of State. (The Hill)

Facebook investigated over alleged housing discrimination. (The Hill)

AT&T CEO defends Time Warner merger in court. (The Hill)

Justice to provide access to Comey memos to GOP lawmakers. (The Hill)

OP-ED: Open data and protecting privacy -- We can do both. (The Hill)

Justice Dept inspector asks US attorney to consider criminal charges for McCabe: reports. (The Hill)

Files belonging to the Atlanta Police Department were wiped by hackers. (CBS 46)

There's a fight brewing over cyber jobs at the National Security Council. (CyberScoop)

Homeland Security wants to rid government mobile apps of malware. (NextGov)

Meet the hacker who stole info on 168 million people in a years-long spam operation. (Daily Beast)