Overnight Cybersecurity

Overnight Cybersecurity: DHS cyber nominee vows to make election security ‘top priority’ | CIA to allow lawmakers to review classified info on Haspel | Dems raise security concerns about Trump’s phone use


Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We’re here to connect the dots as leaders in government, policy and industry try to counter the rise in cyber threats. What lies ahead for Congress, the administration and the latest company under siege? Whether you’re a consumer, a techie or a D.C. lifer, we’re here to give you …



–TRUMP DHS PICK GETS CONFIRMATION HEARING: The president’s choice to serve in a top role at the Department of Homeland Security faced questions about election security on Wednesday, earning praise from Republicans and Democrats on a key Senate panel considering his nomination. President Trump has tapped Christopher Krebs to serve at the helm of the Homeland Security office responsible for guarding federal networks and critical infrastructure from cyber and physical threats. The office, known as the National Protection and Programs Directorate (NPPD), has spearheaded efforts to help states guard against foreign efforts to penetrate their election systems in the wake of Russian interference in the 2016 vote. Krebs pledged to make election security his “top priority” if confirmed to lead NPPD. “Election security is a national security issue,” he told members of the Senate Homeland Security Committee Wednesday. While acknowledging his qualifications for the role, Democrats peppered Krebs with questions about Homeland Security’s engagement with state election officials, pressing him to move more quickly to conduct cyber tests in states that request them and add more personnel to the mission.  “It’s the end of April, and the election is quickly approaching,” Sen. Claire McCaskill (D-Mo.), the ranking member, said. Trump tapped Krebs to serve as an assistant secretary at NPPD last year, and he has been performing the role of undersecretary in an acting capacity while the administration searched for a permanent occupant. Trump formally nominated Krebs to the post in February. Before that, Krebs worked on Microsoft’s government affairs team and, earlier in his career, served in a homeland security role during the George W. Bush administration.



–IN ADVANCE OF THE HEARING WEDNESDAY, a bipartisan group former officials wrote to the senators expressing support for Krebs’ nomination. The letter was signed by 48 former officials, including President George W. Bush’s former homeland security secretary Michael Chertoff, President Obama’s former cybersecurity coordinator Michael Daniel, and Suzanne Spaulding, who helmed NPPD under Obama. “Mr. Krebs’ cybersecurity expertise is particularly needed in the Under Secretary role given the increasing number of severe cyber attacks on our Nation,” the former officials wrote in the letter, a copy of which was shared with The Hill.

To read more of our coverage, click here and here.


–CIA WILL ALLOW SENATORS TO REVIEW CLASSIFIED INFO ON HASPEL: The CIA will allow senators weighing the nomination of Gina Haspel to review some classified information related to her controversial undercover background following pressure from Democrats on Capitol Hill. The agency informed lawmakers of the decision on Tuesday. The agency is also “actively working towards sharing additional information with the public to the greatest extent possible,” it said in a letter obtained by The Hill. The letter provides no details about what episodes related to Haspel the agency will illuminate. Haspel’s record has sparked a tense standoff with Senate Democrats, thanks to her role in a particularly controversial episode in CIA history: a pair of brutal interrogations that took place at a black site prison known as “Cat’s Eye,” which she briefly ran. Because so much of Haspel’s record is still classified — 32 of her 33 years at the agency were spent undercover — much of the fight in Congress has revolved around what information, if any, the CIA will make public about her past.

A trio of Democrats — Sens. Dianne Feinstein (Calif.), Ron Wyden (Ore.) and Martin Heinrich (N.M.) — have been demanding that the agency declassify more information about Haspel to allow the public and lawmakers who aren’t on the Senate Intelligence Committee to review her nomination.


–DEMS WANT MORE: The Democratic senators quickly blasted the CIA’s response as “wholly inadequate.” “Concealing her background when no sources and methods are at stake shows nothing but contempt for the Senate and the public,” they said in a joint statement. “We believe senators and the American public have the need to know whether or not the nominee before us was a senior manager for a program that has been shown to be deeply flawed, as well as a number of other disturbing facts about her record.” Meanwhile, Sen. Mark Warner (D-Va.), the top Democrat on the Senate Intelligence Committee, is now requesting a copy of a 2010 Justice Department report on the investigation into the destruction of videotapes documenting the pair of CIA interrogations at the “black site” prison in Thailand.

Keep in mind: Haspel is slated to appear before the Senate Intelligence Committee for her confirmation hearing, which will be public, on May 9.

To read more of our coverage, click here and here.



FEINSTEIN OFFERS NEW DHS CYBER BILL: Sen. Dianne Feinstein (D-Calif.) on Tuesday introduced a bill that aims to boost the Department of Homeland Security’s (DHS) ability to protect federal computer networks from foreign attacks.

Feinstein’s Federal Network Protection Act clarifies that the head of the DHS has the authority to issue orders, known as binding operational directives, to remove compromised software from federal systems before notifying the “affected software company” about such changes.

The Democratic senator said the move would help block a company from taking defensive actions in response to the removal because such actions could stall the DHS’s removal of the software.

“By clarifying what actions the Secretary of Homeland Security can take, we allow the department to act quickly in response to cyber threats,” Feinstein said in a statement.

Feinstein’s measure builds on two previous bills that passed in 2002 and 2014. Those bills similarly gave DHS the ability to modernize federal systems as well as remove compromised or outdated software.

Why Feinstein’s bill is coming now: The legislation comes after the federal government last year banned software from their computer systems that was developed by the Russian-based cybersecurity firm Kaspersky Lab amid fears its products could pose security risks. Sen. Claire McCaskill (D-Mo.) criticized the DHS at the time for giving other federal agencies a 90-day time frame to remove Kaspersky Labs products from federal computer systems.

To read more from our piece, click here.



NEW NORTH KOREAN CYBER ACTIVITY: A suspected North Korean hacking campaign has expanded to targets in 17 different countries, including the U.S., pilfering information on critical infrastructure, telecommunications and entertainment organizations, researchers say.

Cybersecurity firm McAfee released new research on the hacking campaign this week, calling it Operation GhostSecret and describing the attackers as having “significant capabilities” to develop and use multiple cyber tools and rapidly expand operations across the globe.

The findings demonstrate the growing sophistication of North Korea’s army of hackers, which has been blamed for high-profile hacking operations such as the WannaCry malware outbreak last year.

McAfee identified the same hackers in early March targeting Turkish financial organizations but now says that was only a portion of a spy operation that has expanded to multiple nations and a number of industries.

“The campaign is extremely complicated, leveraging a number of implants to steal information from infected systems and is intricately designed to evade detection and deceive forensic investigators,” McAfee wrote in a report issued Tuesday.

Since researchers first publicly identified the campaign last month, McAfee wrote, “the threat actors not only continued but also increased the scope of the attack, both in types of targets and in the tools they used.”

The group uses hacking tools that are associated with the cyber espionage group Hidden Cobra — the name that the U.S. government uses to describe North Korea’s state-sponsored hackers.

To read more from our piece, click here.



You know it’s 2018 when parents can now set Alexa to only respond to polite commands for their children. Please and thank you. (Technology Review)



PRESIDENT TRUMP’S CELL PHONE: Democrats are demanding answers from the Trump administration on steps being taken to prevent the president from falling victim to foreign hackers, suggesting his personal cell phone use poses a national security threat.

A pair of Democratic congressman sent a letter to high-level officials on Wednesday pressing them on reports that Trump frequently relies on his personal cell phone for conversations with those outside the White House.

“While cybersecurity is a universal concern, the President of the United States stands alone as the single-most valuable intelligence target on the planet,” Reps. Ted Lieu (D-Calif.) and Ruben Gallego (D-Ariz.) wrote.

“Our national security should not depend on whether the President clicks on a malicious link on Twitter or his text application, or the fortuity of foreign agencies not knowing his personal cell number,” they wrote.

Why they’re writing: CNN reported earlier this week that Trump has begun to more frequently use his personal mobile device to contact those advising him outside the White House.

The letter was sent Wednesday to Director of National Intelligence Dan Coats and the heads of the Secret Service and the White House Communications Agency. The Democrats asked the officials to explain any steps they are taking to ensure the president’s device is secure and cannot be exploited by hackers.

They asked whether Trump’s device has been “properly vetted” to account for spearfishing threat, and whether officials ensure that Trump’s phone is not connected to unsecured networks when he travels outside of the White House.

They also want to know how the White House Communications Agency is addressing the threat of surveillance devices known as “Stingrays,” which the Department of Homeland Security recently acknowledged are being used in the nation’s capital.

To read more from our piece, click here.



Links from our blog, The Hill, and around the Web.

Apple CEO Tim Cook visits White House for Trump meeting. (The Hill)

Facebook shakes up Washington lobbying team amid scandal. (The Hill)

“Cracking the crypto war.” (Wired)

British and Dutch police lead effort to take down cybercrime website behind millions of attacks. (AFP)

Ukraine’s energy ministry falls victim to ransomware. (Reuters)

Russian spies expelled by the U.S. were suspected of tracking Russian defectors. (CNN)

BSA The Software Alliance releases its International Cybersecurity Policy Framework. (BSA)

Researchers say Alexa could be tricked into spying. (ZDNet)

Amazon’s traffic was mysteriously hijacked. (Ars Technica)

If you’d like to receive our newsletter in your inbox, please sign up here.

Tags Claire McCaskill Dan Coats Dianne Feinstein Donald Trump Mark Warner Martin Heinrich Ron Wyden Ruben Gallego

The Hill has removed its comment section, as there are many other forums for readers to participate in the conversation. We invite you to join the discussion on Facebook and Twitter.

Most Popular

Load more


See all Video