Overnight Cybersecurity: House Intel chief regrets briefing Trump before panel | WikiLeaks drops new CIA docs | Pentagon worried about Chinese investments

Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We’re here to connect the dots as leaders in government, policy and industry try to counter the rise in cyber threats. What lies ahead for Congress, the administration and the latest company under siege? Whether you’re a consumer, a techie or a D.C. lifer, we’re here to give you …

 

THE BIG STORY:

–INTEL CHIEF REGRETS BRIEFING TRUMP BEFORE PANEL: House Intelligence Committee Chairman Devin Nunes (R-Calif.) on Thursday morning apologized to committee Democrats for going public with information about government surveillance on the Trump campaign before speaking to them, according to a committee aide. The apology was hailed by Republicans, but Democrats made it clear it wasn’t enough. It drew swift praise from Senate Intelligence Committee member James Lankford (R-Okla.). That panel is also investigating Russian interference in the election, but has been far less public about its progress or findings. “I applaud Chairman Nunes’ apology. Intel Cmte investigation into #Russia is nonpartisan & thorough,” Lankford tweeted. “We follow the evidence wherever it leads.” Rep. Jackie Speier (D-Calif.), a member of the House panel, was more restrained, telling CNN that Nunes apologized “in a generic way.”

To read the rest out our piece, click here.

–…BUT NANCY PELOSI IS STILL CROSS: Democrats were upset not only because Nunes kept them out of the loop, but because he notified President Trump that he is a potential target of the committee’s investigations. House Minority Leader Nancy Pelosi (D-Calif.) hammered the Republican chairman of the Intelligence Committee on Thursday, saying Rep. Devin Nunes (R-Calif.) is simply a “stooge” for Trump who can’t be trusted to lead an unbiased investigation into ties between Russia and the White House. Pelosi said Nunes “acted outside the circle of respect” for his responsibility as Intelligence chairman when he went Wednesday to the press and the president with new information surrounding the panel’s probe into Russian hacking of the 2016 election and possible surveillance of Trump’s team — without telling the other members of the committee. “By being a stooge of the president of the United States,” Pelosi charged, “he has demonstrated very clearly that there is no way there can be an impartial investigation under his leadership on that committee.”

To read the rest of our piece, click here.

–…THE WHITE HOUSE DENIES NUNES WAS TIPPED OFF BY THE WHITE HOUSE: The White House on Thursday said the notion that it leaked information on surveillance involving Trump transition officials to House Intelligence Committee Chairman Devin Nunes (R-Calif.) “doesn’t pass the smell test.” “I don’t know why he would come in to brief the president on something that we gave him,” White House press secretary Sean Spicer said during the daily briefing. “It doesn’t really seem to make a ton of sense.”

To read the rest of our piece, click here.

— THE CONTROVERSY ISN’T DYING DOWN: Nunes, who hails from the Golden State’s breadbasket, where there are “more cows than people,” in his words, has rarely shied away from partisan controversy.

But on Wednesday, some say he may have gone too far. His actions threatened to explode the committee’s formerly bipartisan investigation and gave ammunition to Republican critics who have called for an independent commission into President Trump’s ties to Russia. The Hill’s Katie Bo Williams has more on the fallout for the House Intel chair here.

A WIKILEAKS UPDATE:

WIKILEAKS POSTS SECOND HAUL OF CIA LEAKS: WikiLeaks on Thursday released new documents from its CIA leak outlining how the agency hacked Apple products.

“Dark Matter” is the second batch of leaks from a CIA archive WikiLeaks has nicknamed “Vault 7” that describes hacking techniques the agency used.

So far, all of the techniques have been for targeted surveillance instead of bulk surveillance, which the NSA would conduct. Many of the techniques require the CIA to have physical access to devices to attack them.

The documents also range in age and may no longer describe current threats. Apple announced after the first release of documents that many of the security flaws mentioned in that archive had long since been patched.

One user manual released in Dark Matter describes a “Sonic Screwdriver” — a technique taking its name from Doctor Who’s utility tool — as a way to use a modified Thunderbolt-to-Ethernet network adapter or, potentially, other modified hardware to load malware while a Mac is booting. That document is dated 2012.

Another document describes “DarkSeaSkies,” a hacking technique that lurks in the firmware of MacBook Airs version 1.1 controlling hardware that is not run by an operating system. The DarkSeaSkies documents describe similar implants for iPhones, but they are dated 2009, and may not still be a working attack for either.

To read the rest of our piece, click here.

 

A LIGHTER CLICK: 

INBOX ZERO IS FOR CHUMPS. Chumps without advanced degrees.

 

A REPORT IN FOCUS:

PENTAGON WORRIED ABOUT CHINESE INVESTMENT: The Pentagon worries about new American technology firms turning to Chinese companies for investment on potential military applications in a new report, The New York Times reports.  

Chinese firms are sending money to U.S. startups, include rocket engine manufacturers, companies that design sensors for autonomous naval ships and printers that make flexible screens that could be used in fighter jets. Many of the Chinese firms making the investments are owned by state-owned companies or have connections to Chinese officials, according to the Times.

Department of Defense (DOD) officials worry about the investments because they have found that China is encouraging companies with close government ties to invest in U.S. startups specializing in technology that could advance China’s military and its economy, according to a new DOD special report.

The Pentagon sent the report — commissioned before President Trump took office — to senior administration officials this week.

Details on the size of the deals are not available, as startups and their investors are not required to disclose them.

So far, no startup company or Chinese investors have been accused of any crime.

To read the rest of our piece, click here.

 

WHAT’S IN THE SPOTLIGHT:

IS THE SWIFT BANK HEIST NEARING A NOT SO SWIFT CONCLUSION? Federal prosecutors are reportedly mounting a case that could implicate North Korea in the massive bank heist last year in which hackers stole $81 million from Bangladesh Bank’s account at the Federal Reserve Bank of New York.

The Wall Street Journal reported that prosecutors are looking to charge alleged Chinese middlemen, who are believed to have helped Pyongyang carry out the crime, in the case.

While prosecutors may not unveil charges against individuals in North Korea in the case, it is likely to implicate North Korea in the theft, the report said.

The theft occurred in February 2016, when hackers breached systems of Bangladesh’s central bank and used a network designed to request interbank transfers to steal $81 million.

To read the rest of our piece, click here.

 

IN CASE YOU MISSED IT:

Links from our blog, The Hill, and around the Web

The U.S. Chamber of Commerce is making several recommendations for the Trump administration on cybersecurity.

The Senate voted to allow internet service providers to track customers for ads without their permission, reversing an Obama-era FCC ruling. (The Hill)

The FCC launched a crackdown on robocalls. (The Hill)

Trump still isn’t thrilled with the media’s coverage of him in regards to Russia. (The Hill)

Rep. Adam Schiff says there is evidence of Trump team members colluding with Russia that is not circumstantial. What could that mean? (Just Security)

The Feds announced they will hack into the phones seized during inauguration protest arrests to mine them for evidence. (Ars Technica)

 

If you’d like to receive our newsletter in your inbox, please sign up here.