Overnight Cybersecurity: Cyber bill likely delayed again
Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We’re here to connect the dots as leaders in government, policy and industry wrap their arms around cyberthreats. What lies ahead for Congress, the administration and the latest company under siege? Whether you’re a consumer, a techie or a D.C. lifer, we’re here to give you …
THE BIG STORIES:
–WE’LL GET BACK TO THAT: Senate Majority Whip John Cornyn (R-Texas) on Tuesday said the upper chamber is unlikely to move on a stalled cybersecurity bill before the August recess. Senate Republican leaders, including Cornyn, had been angling to get the bill — known as the Cybersecurity Information Sharing Act (CISA) — to the floor this month. “I’m sad to say I don’t think that’s going to happen,” he said. “The timing of this is unfortunate.” The move would delay yet again what’s expected to be a bruising floor fight about government surveillance and digital privacy rights. Despite industry support, broad bipartisan backing, and potentially even White House support, CISA has been mired in the Senate for months over privacy concerns. “[CISA] needs a lot of work,” Sen. Patrick Leahy (D-Vt.), who currently opposes the bill, told The Hill on Tuesday. “And when it comes up, there’s going to have to be a lot of amendments, otherwise it won’t pass.” To read our full piece, click here.
{mosads}–THEORY OF RELATIVITY: A bill introduced by two Senate leaders aims to strengthen the government’s cyber defenses in the wake of hacks that have rattled Washington. Sens. Ron Johnson (R-Wis.) and Tom Carper (D-Del.), the top two lawmakers on the Senate Homeland Security & Governmental Affairs Committee, are backing the Federal Cybersecurity Enhancement Act. The measure would require all agencies to adopt certain cybersecurity best practices, while accelerating the rollout of the government’s anti-hacking shield — called “Einstein” — that detects and repels known cyber threats. Einstein is the government’s first, and most important, line of defense against potential hackers. The software is designed to discover and stop known malicious actors. But Einstein cannot catch skilled digital intruders the government has not previously identified, leading to criticisms that the program is outdated before it’s even fully implemented. To read our full piece, click here.
–EMBIGGENED: Director of National Intelligence James Clapper said that if the U.S. doesn’t respond to the recent cyberattacks on the federal government, it will cause digital adversaries to “get bolder and bolder.” To this point, Obama administration officials have said privately they believe China is behind the attack but are holding back from making any public accusations over concerns about exposing classified intelligence. During a Tuesday interview on “Andrea Mitchell Reports,” Clapper seemed to separate himself slightly from the White House stance. “I think that’s right,” he replied when asked if not responding to the OPM hack would invite digital adversaries to continue targeting government networks. Without established deterrents, such as public shaming, foreign governments and cyber crime rings will grow “bolder and bolder” with their attacks on the U.S., he said. “I think we’ll see a progression and expansion of that envelope until such times as we create both the substance and the psychology of deterrents,” Clapper added. To read our full piece, click here.
UPDATE ON CYBER POLICY:
–CYBER TERRORISM. The House Homeland Security Committee on Tuesday held a hearing to determine whether it’s worth adding cybersecurity provisions to a 13-year-old anti-terrorism bill.
The Support Anti-Terrorism by Fostering Effective Technologies (SAFETY) Act, originally passed in 2002, is meant to guarantee that legal liability concerns do not hinder companies from developing technologies that would counter potential terrorist attacks.
Check out lawmakers’ and witnesses’ opening statements and portions of the questioning here.
LIGHTER CLICK:
–MISSION IMPOSSIBLE. Gmail now has a SnapChat-esque feature that lets you send emails that will self destruct in 5, 4, 3, 2, 1…
Per The Washington Post: “A new Google Chrome Web app called Dmail allows users to encrypt e-mails sent from Google’s G-mail server and revoke access to messages they have sent. Or not. I tried this software by blasting out a bunch of messages to colleagues this morning (see below), but the software didn’t exactly work as planned. Here’s how it’s supposed to work…”
Read on here.
WHO’S IN THE SPOTLIGHT:
–JOHN MCAFEE, the at-times unhinged but always insightful security guru, is back at it with another discursive column.
“If you consider the evolution of the world’s hacking problems, we have reached a point where anything is possible — an absolute free-for-all,” he writes in the International Business Times.
Check it out here.
A LOOK AHEAD:
WEDNESDAY
–AEI will hold an event on the DOTCOM Act, starting at 9 a.m. Rep. John Shimkus (R-Ill.) will give remarks.
–The House Judiciary Committee will hold a hearing at 10 a.m. on the Internet of Things.
THURSDAY
–The House Intelligence Committee has cancelled its hearing at 9 a.m. on global cyber threats.
FRIDAY
–The Brookings Institute will hold an event at 10 a.m. on the future of defense technology.
IN CASE YOU MISSED IT:
Links from our blog, The Hill, and around the Web.
Sen. Ron Wyden (D-Ore.) has blocked the upper chamber’s plan to plow ahead with the annual intelligence policy bill, over what he said is a troublingly vague provision requiring tech companies such as Facebook and Twitter to report incidents of “terrorist activity” to federal officials. (The Hill)
Way more victims of the OPM hack have signed up for credit monitoring services than anticipated. (GovExec)
China is looking to rewrite the rules of the global Internet. (The Wall Street Journal)
Hackers plan to demonstrate at an upcoming conference how to break into a Brink’s safe in under a minute. (E-Week)
Google now lets developers bring their own security keys. (TechCrunch)
German regulators ordered Facebook to allow pseudonyms. (Reuters)
The group that hacked Anthem shared its zero-day exploit with rival hackers. (ArsTechnica)
A new phishing campaign is imitating Web pages hosted on Google Drive to fool people. (Dark Reading)
Yahoo has given out over $1 million this year as part of its bug bounty program. (Yahoo! Tumblr)
The last podcast from Passcode and the New America Foundation covers bug bounty programs and stunt hacks. (Passcode)
If you’d like to receive our newsletter in your inbox, please sign up here: http://goo.gl/KZ0b4A
Copyright 2024 Nexstar Media Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed..