Overnight Cybersecurity: OPM restarts security clearance work
Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We’re here to connect the dots as leaders in government, policy and industry wrap their arms around cyberthreats. What lies ahead for Congress, the administration and the latest company under siege? Whether you’re a consumer, a techie or a D.C. lifer, we’re here to give you …
THE BIG STORIES:
–BACK IN BUSINESS: The government is electronically accepting security clearance forms for background checks again. The Office of Personnel Management (OPM), which handles the security clearance process for federal agencies, said Thursday it was starting to bring its submission system, called e-QIP, back online. The agency pulled the platform down in the wake of devastating hacks at the agency that exposed more than 22 million people’s sensitive information, including 21.5 million people’s background investigation forms for security clearance. The data breaches spurred the agency to initiate a security review that ultimately revealed potentially crippling flaws in the e-QIP online submission platform that people use during the background check process. To read our full piece, click here.
{mosads}–MORE PROTECTIONS: A Senate committee has agreed to extend identity fraud protections for the victims of the recent hacks that have rattled the government. The provision came as part of a larger funding bill that would also boost funding and oversight for the OPM. The Senate Appropriations Committee on Thursday advanced a bill that would allot $264.5 million for the OPM. That funding level is $24 million, or 10 percent, above the agency’s current levels, but still $8 million short of the OPM’s 2016 request. But the committee said it approved all requests for IT security improvements at the agency. To read our full piece, click here.
–E=MC2: Two senators want to move quickly on a new bill that aims to keep the government’s main system used to thwart hackers up to date. Sens. Ron Johnson (R-Wis.) and Tom Carper (D-Del.), the top two lawmakers on the Senate Committee on Homeland Security and Governmental Affairs, will soon introduce and mark up the Einstein Act, according to Carper’s office. The bill is named after the Department of Homeland Security (DHS) program designed to detect and repel known digital threats. The Einstein software has come under heavy scrutiny in the wake of the damaging hacks at the OPM. Many have criticized Einstein as an outdated program that is ineffective against skilled digital intruders since it can only catch previously identified threats. Einstein has also been knocked for its repeated delays and bloated budget. To read our full piece, click here.
LIGHTER CLICK:
–A GEEK’S TAKE. Corey Nachreiner, chief technology officer at cybersecurity firm WatchGuard Technologies, reviews the TV show “Mr. Robot,” about what it gets right and wrong about the hacking world. Check it out here.
WHO’S IN THE SPOTLIGHT:
–DAIMLER, VOLKSWAGEN, BMW AND AUDI. Concerns about the risk of hacking attacks on its vehicles is one of the factors driving a consortium of German automakers to make a billion-dollar bid for mapping software.
“You can see from reading the papers that we are trying to acquire a platform together with our German competitors, to gain control over the platform which enables autonomous driving, for exactly these reasons,” said Daimler CEO Dieter Zetsche. “We have the goal of designing security into the software.”
Daimler, which owns Mercedes-Benz, along with Volkswagen, BMW and Audi are bidding together for Nokia’s HERE system, which features high-definition maps that could be useful in building connected or self-driving cars. The group is close to finishing a deal, according to a Reuters report, with a bid between $2.74 billion and $3.29 billion.
To read our full piece, click here.
A REPORT IN FOCUS:
–COULD BE BETTER. A Treasury Department network used by U.S. spies to swap confidential information on foreign countries and militant groups could be vulnerable to cyberattacks, according to a government audit prepared in late 2014.
Investigators found that up to 29 percent of devices connected to the Treasury Foreign Intelligence Network did not adhere to federal cybersecurity guidelines.
Reuters obtained the document through a Freedom of Information Act request.
“Devices may not be protected with the most secure recommended configurations, increasing the risk of being compromised,” the inspector general said.
There was no evidence, however, that hackers had exploited the vulnerabilities, according to the report.
To read our full piece, click here.
A LOOK AHEAD:
FRIDAY
–New America will host an event at 9:30 a.m. on the “New Half-Life of Secrets” about intelligence and national security secrets within the government.
–The Congressional Internet Caucus Advisory Committee will hold an event at noon titled, “Data Across Borders: Treaties, Law Enforcement, and Digital Privacy in the Aftermath of Snowden.”
IN CASE YOU MISSED IT:
Links from our blog, The Hill, and around the Web.
The Justice Department’s internal watchdog said Thursday that his independence has been undermined by the department’s refusal to let him see information derived from wiretaps. (The Intercept)
DHS Secretary Jeh Johnson on Thursday acknowledged that the government’s expanded surveillance capabilities are considerable. (The Intercept)
Google has patched 43 security problems, many of them deemed critical, in the latest update to the Chrome browser. (CNET)
What the tech bubble means outside Silicon Valley. (TechCrunch)
Pakistan tried to tap international Web traffic via underwater cables. (The Guardian)
Is your car vulnerable to hackers? (USA Today)
If you’d like to receive our newsletter in your inbox, please sign up here: http://goo.gl/KZ0b4A
Copyright 2024 Nexstar Media Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed..