Overnight Cybersecurity: No cyber sanctions before Xi visit
Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We’re here to connect the dots as leaders in government, policy and industry try to counter the rise in cyber threats. What lies ahead for Congress, the administration and the latest company under siege? Whether you’re a consumer, a techie or a D.C. lifer, we’re here to give you …
THE BIG STORIES:
–STOP ASKING US THAT: Ending weeks of rampant speculation, a senior White House official told The Washington Post that the U.S. will not impose economic sanctions on Chinese companies and individuals before President Xi Jinping’s state visit next week. The decision comes after Chinese and American officials closed four days of cybersecurity discussions with “substantial agreement” on key issues. “They came up with enough of a framework that the visit will proceed and this issue should not disrupt the visit,” the official said. “That was clearly [the Chinese] goal.” The official White House response has been less straight-forward, with spokesman Josh Earnest saying the administration doesn’t want to tip off targets. “We don’t want to give the target the opportunity to plan a strategy to evade those sanctions before they are even implemented,” the press secretary told reporters Tuesday. To read more about the White House’s decision, click here. To read more about Earnest’s comments, click here.
{mosads}–DAMNED IF YOU DO, DAMNED IF YOU DON’T: Swift economic retaliation against American businesses is expected if the White House levies hacking sanctions against Chinese companies. But U.S. industry groups are still pressuring the government to stand up to China over what’s believed to be a massive campaign to pilfer corporate secrets from U.S. firms. The alternative, they say, could be even worse: unabated cyberattacks that drain the American private sector of its global competitive advantage. To read our full piece, click here.
–GOTCHA: A Russian man has pleaded guilty to his role in a worldwide cyber crime scheme to breach payment processors, retailers and financial institutions, resulting in over 160 million stolen credit card numbers. Vladimir Drinkman admitted partaking in the global plot nearly six months after being extradited to the U.S., and over three years after he was initially arrested in the Netherlands. According to the Justice Department, Drinkman’s hacking campaign is the largest such scheme ever prosecuted in the U.S., causing more than $300 million in losses to people and businesses. To read our full piece, click here.
LIGHTER CLICKS:
–U UP? Presidential candidate and cybersecurity guru John McAfee once butt-dialed a reporter. He congratulated himself on making her “giggle.” Read on here.
–IT HOLDS UP. Meanwhile, the director of the 1995 flick “Hackers” maintains that everything but the rollerblading stands the test of time. Read on here.
WHO’S IN THE SPOTLIGHT:
–FORMER ISRAELI SPIES. Israeli intelligence operatives turned data security professionals are buddying up to hackers to uncover cyberattacks before they happen, The Wall Street Journal reported Tuesday. In one case, the former agents used sensitive data loaned from a bank client to give the impression of a hack and infiltrate a group of cyber thieves that were targeting the bank. Spokespeople for two Israeli firms — Black Cube and Diskin Advanced Technologies Ltd. — say they are the only two companies offering this kind of service. Read on, here.
A REPORT IN FOCUS:
–WHO WILL PROTECT THE PROTECTOR? The government agency responsible for defending federal networks from hackers needs to better secure its own internal systems, a government watchdog report released Tuesday concluded.
The Department of Homeland Security (DHS) lags in coordinating and training its cybersecurity staff, potentially exposing networks at the Secret Service and Immigration and Customs Enforcement (ICE), which are agencies within the DHS.
Officials at these offices told the watchdog that limited staff resulting from short-term budget deals were partly to blame. Congress nearly shut down the DHS in February when lawmakers held up the agency’s funding over President Obama’s executive orders on immigration.
Read on, here.
A LOOK AHEAD:
WEDNESDAY
–The Senate Judiciary Committee will hold a hearing at 10:15 a.m. on the Electronic Communications Privacy Act (ECPA).
–The Senate Finance Committee will mark up a bill to reduce electronic tax fraud at 10 a.m.
–The Electronic Transactions Association (ETA) will host an event at 1 p.m. about payment security.
THURSDAY
–The House Judiciary Committee will mark up the Judicial Redress Act at 10:30 a.m.
IN CASE YOU MISSED IT:
Links from our blog, The Hill, and around the Web.
A U.S. judge on Tuesday certified a class action against Target brought by several banks over the retailer’s massive data breach in 2013. (Reuters)
Establishing international norms probably won’t constrain the cyber conflict, Brian M. Mazanec writes. (Council on Foreign Relations)
Some intelligence analysts act like military scouts on the dark Web. (The New York Times)
Content delivery network CloudFlare’s unusual deal with “China’s Google” could haunt U.S. tech companies, the chief security strategist at FireEye writes. (Motherboard)
China’s foreign ministry spokesman addressed U.S. allegations of cyber theft and espionage. Watch here
The Electronic Frontier Foundation released a free encryption certificate to beta testers. (Engadget)
DHS shut down a public library’s dark Web browser. (Tech Crunch)
Internet insecurity may cost the world trillions by 2030. (Fortune)
Boston-based cybersecurity firm Onapsis will use $17 million in investor funding to grow its staff by close to 40 percent. (Boston Business Journal)
Federal law enforcement officials say they don’t do a good job of collecting empirical data to back up their warnings against encryption. (The Intercept)
If you’d like to receive our newsletter in your inbox, please sign up here: http://goo.gl/KZ0b4A
Copyright 2024 Nexstar Media Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed..