Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We’re here to connect the dots as leaders in government, policy and industry wrap their arms around cyberthreats. What lies ahead for Congress, the administration and the latest company under siege? Whether you’re a consumer, a techie or a D.C. lifer, we’re here to give you …
THE BIG STORIES:
–SENATE’S GOT NEXT: The Senate will get its turn next week to press Office of Personnel Management (OPM) officials over the massive digital theft of federal workers’ data. The House got its shot this week, and OPM Director Katherine Archuleta’s responses did not earn her many supporters on Capitol Hill. But the upper chamber is withholding from calling for the director’s firing until it has a chance to grill her directly. “I want to be able to ask questions,” Senate Homeland Security Chairman Ron Johnson (R-Wis.) told reporters Thursday. Archuleta will testify before Johnson’s committee next Thursday. “I haven’t gotten a good briefing on it yet,” Johnson said. “So I’ll reserve my judgment, but obviously we need people in place in these positions that, first of all, take the threat of cybersecurity seriously, and I don’t think the [director] did.” To read our full piece, click here.
{mosads}–THE FINE PRINT: The government is distancing itself from legal culpability for the OPM breach in a letter being sent to the millions of people affected. When initially revealing the hack earlier this month, the OPM said it would offer 18 months of free identity theft monitoring services. But in its letter to federal workers whose data is considered at risk, the OPM cautions, “These services are offered as a convenience. … Nothing in this letter should be construed as OPM or the U.S. Government accepting liability for any of the matters covered by this letter or for any other purpose.” The government’s wording stands out, said Adam Levin, chairman of identity security firm IDT911. “I’ve never heard that one before.” To read our full piece, click here.
–CYBER BILL NEWS SOON?: Senate Intelligence Committee leaders will huddle soon to determine the path forward for a much-debated cybersecurity bill, Sen. Dianne Feinstein (D-Calif.), the panel’s ranking member, told The Hill Thursday. Feinstein is backing the bill, intended to boost the public-private exchange of data on hackers, with Senate Intelligence Committee Chairman Richard Burr (R-N.C.). The two recently split over how to move the measure, known as the Cybersecurity Information Sharing Act (CISA), through the upper chamber, making its path to passage unclear. Burr and Senate Republicans tried to speed the measure through the Senate by attaching it as an amendment to an annual defense authorization bill. But Feinstein and her fellow Democrats blocked the maneuver, upset that they wouldn’t be able to offer privacy-enhancing amendments. The partisan fight briefly fractured what had been bipartisan support for the measure. “I wanted to let a little bit of time go by,” Feinstein said. To read our full piece, click here.
UPDATE ON CYBER POLICY:
–BUDGETS GALORE.
1. The Senate passed an annual $612 billion defense policy bill Thursday, including extra war funding for the Pentagon that brought a veto threat from the White House. The bill also includes full funding for many of the military’s cyber efforts. Get the details here.
2. The Senate Appropriations Committee on Thursday advanced a $47.1 billion bill that would fund the Department of Homeland Security (DHS), the Coast Guard and other agencies in fiscal 2016, which starts Oct. 1. Sen. John Hoeven (R-N.D.), the chairman of the subcommittee that oversees the bill, said the measure prioritizes funding cybersecurity and the Secret Service, which aids cyber crime investigations. Get the details here.
A LIGHTER CLICK:
–BUMMED OUT BY ALL THIS CYBER NEWS? Check out this online gallery of bodacious NASA photos. H/t to Motherboard.
A REPORT IN FOCUS:
–SAME AS IT EVER WAS. Are we doomed to repeat history on encryption? That’s the worry of the New America Foundation in a new report on lessons learned during the “Crypto Wars” of the 1990s.
From the executive summary: “This debate between government actors seeking ways to preserve access to encrypted communications and a coalition of pro-encryption groups is reminiscent of an old battle that played out in the 1990s: a period that has come to be known as the ‘Crypto Wars.’ This paper tells the story of that debate and the lessons that are relevant to today.”
Read the full thing here.
IN CASE YOU MISSED IT:
Links from our blog, The Hill, and around the Web.
Two lawmakers on Thursday pressed the Securities and Exchange Commission (SEC) to beef up the requirements on companies to disclose more information about their cybersecurity practices. (The Hill)
Sen. Marco Rubio (R-Fla.) on Thursday called on the Obama administration to “immediately” release all information about the massive government hack that has laid bare millions of people’s data. (The Hill)
The OPM is being criticized again by its own independent watchdog over a plan to modernize its aging computer networks. (The Associated Press)
Security researchers have uncovered a flaw in the way thousands of popular mobile applications store data online, leaving 56 million items of data unprotected. (Reuters)
Op-ed: “Why the latest government hack is worse than the Snowden affair.” (The Washington Post)
A supposed OPM database for sale on the dark Web is actually from another .gov. (KrebsonSecurity)
In responding to China’s massive hack of federal personnel data, the government may have run afoul of its own rules. (The Washington Post)
Cybersecurity advice from a former White House chief information officer. (Dark Reading)
What does it mean to ‘win’ a cyber war? (Christian Science Monitor)
Countering the ISIS exploitation of the Internet. (Council on Foreign Relations)
WikiLeaks drops more Sony documents. (Re/code)
If you’d like to receive our newsletter in your inbox, please sign up here: http://goo.gl/KZ0b4A