Overnight Cybersecurity

Overnight Cybersecurity: Ryan urges lawmakers not to overplay intel memo | Spotlight on cyber threats to small businesses | The Hill sits down with DHS cyber chief | CIA expects more election interference

Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We’re here to connect the dots as leaders in government, policy and industry try to counter the rise in cyber threats. What lies ahead for Congress, the administration and the latest company under siege? Whether you’re a consumer, a techie or a D.C. lifer, we’re here to give you …

 

THE BIG STORIES:

–HOUSE PANEL VOTES TO MAKE INTELLIGENCE MEMO PUBLIC: The House Intelligence Committee on Monday evening voted to make public a GOP-crafted memo alleging what some Republicans say are “shocking” surveillance abuses at the Department of Justice (DOJ). At the same time, the committee voted against making public a Democrat-drafted countermemo. While the panel voted to release the GOP memo to the entire House, Republicans expressed concern that publicly releasing the minority memo would damage sensitive intelligence sources and methods, according to Rep. Adam Schiff (D-Calif.), the committee’s ranking member. Both votes — to release the GOP memo and withhold the Democratic one — were along party lines. The move ends weeks of speculation over whether the memo, which was drafted by staff for Intelligence Chairman Devin Nunes (R-Calif.), would be made public. But it intensifies the dispute over what Democrats say is an all-out assault by Republicans to undermine special counsel Robert Mueller’s probe into Russian interference in the 2016 presidential election. Now, the committee is preparing to release a transcript of its closed-door vote Monday evening.

To read more of our coverage, click here and here.

 

–RYAN CAUTIONS GOP NOT TO OVERPLAY MEMO: Speaker Paul Ryan (R-Wis.) on Tuesday implored Republicans not to use a GOP-crafted memo alleging “shocking” surveillance abuses at the Department of Justice (DOJ) to undermine special counsel Robert Mueller in remarks made less than 24 hours after the House Intelligence Committee voted to make the document public.

Ryan during a closed-door meeting on Tuesday urged Republicans not to overstate the facts in the memo and not to tie its conclusions to Mueller’s investigation, according to a person in the room.

“First, there are legitimate questions about whether an American’s civil liberties were violated by the [Foreign Intelligence Surveillance Act] process,” he told reporters after the meeting. “This is a completely separate matter from Bob Mueller’s investigation and his investigation should be allowed to take its course.”

To read the rest of our piece, click here.

 

–CIA CHIEF EXPECTS FUTURE INTERFERENCE: CIA Director Mike Pompeo said in a new interview that he has “every expectation” that Russia will attempt to influence this year’s midterm elections in the United States. “I have every expectation that they will continue to try and do that, but I’m confident that America will be able to have a free and fair election [and] that we will push back in a way that is sufficiently robust that the impact they have on our election won’t be great,” Pompeo told the BBC. The intelligence community concluded in a report released last year that Russia conducted a campaign aimed at helping President Trump win the 2016 presidential election. Pompeo said Monday he hasn’t seen a decrease in Russian activity, and he still sees the Kremlin as the primary U.S. adversary. He added that China also poses a threat and has the ability to gain access to American information. “We see it in our schools, in our hospitals and medical systems, we see it throughout corporate America. These [are] efforts we have to all be more focused on. We have to do better at pushing back against Chinese efforts to covertly influence the world,” Pompeo said.

To read the rest of our piece, click here.

 

–STATE SAYS IT WILL NOT IMPLEMENT NEW RUSSIA SANCTIONS: The Trump administration told Congress on Monday that bipartisan legislation passed last year authorizing new sanctions on Russia is already “serving as a deterrent,” and there’s no need to actually implement the penalties at this time. A spokesperson for the State Department said Monday evening the mere possibility of facing sanctions through the Countering America’s Adversaries Through Sanctions Act (CAATSA) has served as an effective countermeasure. “Given the long timeframes generally associated with major defense deals, the results of this effort are only beginning to become apparent. From that perspective, if the law is working, sanctions on specific entities or individuals will not need to be imposed because the legislation is, in fact, serving as a deterrent,” the spokesperson said. Separately, the Treasury Department released a list of Russian oligarchs and officials linked to Russian President Vladimir Putin ahead of a midnight deadline Monday under the law, noting that it did not amount to a sanctions list. Treasury Secretary Steven Mnuchin told lawmakers Tuesday that Treasury intends to impose new sanctions on the individuals in the future. “This should in no way be interpreted as we’re not putting sanctions on anyone in that report,” Mnuchin said.

To read the read of our coverage, click here and here.

 

A LEGISLATIVE UPDATE:

Lawmakers on the House Small Business Committee on Tuesday explored cyber threats to small businesses and focused on how the federal government shares information with the private sector to prevent and respond to cyber threats from foreign and other actors.

During the hearing, officials from the FBI and Department of Homeland Security agreed that small businesses are underprepared to counter threats like ransomware, phishing scams, and other attacks, underscoring the need for these organizations to be more willing to work with the federal government to reduce their risk.

“I would tell you that they are underprepared,” said Howard Marshall, deputy assistant director at the FBI’s cyber division. “Even in the biggest firms, cybersecurity is oftentimes considered a cost center and the general thought process is that it’s not necessarily the cost of doing business. Even in your bigger firms, cybersecurity is something that is often not being considered.”

Both Marshall and Richard Driggers, deputy assistant secretary at the Department of Homeland Security’s National Protection and Programs Directorate (NPPD), signaled support for legislation introduced by Chairman Steve Chabot (R-Ohio) aimed at providing enhanced cyber assistance to small businesses.

The legislation, which has bipartisan support, would establish a central small business cybersecurity assistance unit at the Small Business Administration and regional small business cyber units across the country.

Toward the end of the hearing, both officials offered frank responses to Rep. Rod Blum (R-Iowa) when asked to explain how “bad” the issue of cyber threats to small businesses is.

“It’s definitely getting worse,” Marshall said. “It’s bad and getting worse. The number of cases that are referred for investigation, the number of attacks that are thwarted that we know have been prevented, all of these numbers indicated a rise.”

“To look at something like business email compromise or ransomware, we’re talking about in the neighborhood of 40 or 50 percent growth year over year, I don’t have the exact numbers in front of me,” Marshall added.

Driggers emphasized the need for small businesses to implement basic cybersecurity protocols and best practices, such as mandating two-factor authentication and providing training to employees on cybersecurity.

“It does not take sophistication to exploit a vulnerability in a small business,” Driggers said. “I think all small businesses need to assume that they have some type of vulnerability that exists within their networks or the devices that they are using.”

 

A CRYPTO CLICK: 

Facebook is banning cryptocurrency ads. (Via our colleagues on The Hill’s tech team)

 

A REPORT IN FOCUS: 

Experts are warning that malicious software continues to infiltrate Google’s Chrome extensions, according to a new report.

The possibility of installing malware could even affect a user’s device if they download it from the official Chrome Web Store, Wired.com reported Tuesday.

Google reportedly says a majority of malware planted in the extensions is declining by roughly 70 percent over the last two and a half years, but new findings reveal that the problem persists.

“What we’re seeing is an increase in criminal use of extensions,” William Peteroy, CEO of the security firm Icebrg, told the news outlet.

“And when we start to see criminal pickup on things it absolutely meets our bar that this is something we need to pay attention to, and something users need to start paying a lot more attention to than they are right now.”

The firm found that with four compromised extensions resulted in nearly 500,000 downloads of malicious software combined. Some malicious extensions appeared to be labeled as useful phone functions like “Stickies” and “Lite Bookmarks,” according to the report.

“Since the creation of the extensions platform, we’ve worked hard to keep the extensions ecosystem free from malware and abuse,” James Wagner, a Chrome product manager at Google, told Wired.

“We’re using machine learning to detect malicious behavior in extensions, and…we’ve been particularly focused on cracking down on abusive distribution methods.”

 

WHO’S IN THE SPOTLIGHT: 

JEANETTE MANFRA: As the chief cybersecurity official for the Department of Homeland Security, Jeanette Manfra is laser-focused on preventing cyberattacks that could destabilize the U.S. financial system or open the federal government up to spying.

Manfra, a career federal official turned political appointee, was thrust into the spotlight last summer when she told the Senate Intelligence Committee during public testimony about evidence that Russia targeted election systems in 21 states before the 2016 elections. But working with states to protect critical election data systems is just one facet of her office’s broad and growing portfolio of responsibilities.

As an assistant secretary at the National Protection and Programs Directorate (NPPD), Manfra and her team guard federal government networks and collaborate with a wide swath of industries and foreign powers to prevent and respond to cyberattacks that could disrupt critical services.

“We depend upon a stable financial institution, we depend upon clean water and electricity and power,” Manfra said during a recent interview in her Washington-area office. “How could you disrupt those essential services and functions, whether that is through some sort of physical or cyber or coordinated means? That’s where NPPD kind of sits.”

“Once we figure out how those could be disrupted, how do we make sure that we do everything possible to prevent that?” Manfra continued. “It’s also looking to build the contingency plans in place, because you have to assume you can’t prevent everything.”

Manfra, a former Army intelligence officer and the daughter of a computer programmer, joined Homeland Security a decade ago just as it was setting up a cybersecurity unit at the NPPD. She served in various roles at the department, including as the cyber counselor for former Homeland Security Secretary Jeh Johnson, before President Trump appointed her to lead the cybersecurity office last year.

The government’s cybersecurity efforts have attracted growing attention in the wake of high-profile breaches — including those at the Office of Personnel Management and Sony Pictures — and Manfra has witnessed the department’s cyber force expand rapidly from fewer than 200 employees to more than 1,000.

“It’s been a really fascinating time for me,” Manfra said. “We went from something that you would hope maybe trade press might write about, to it’s national headlines on a regular basis.”

To read the rest of our piece, click here.

 

IN CASE YOU MISSED IT:

Links from our blog, The Hill, and around the Web.

House lawmakers clash over broadband infrastructure. (The Hill)

Top general: US would have ‘minutes‘ of warning time if North Korea launched missile. (The Hill)

Financial regulators subpoena major bitcoin exchange: report. (The Hill)

OP-ED: War room to boardroom: The new era of cybersecurity. (The Hill)

Russian State Media: Pompeo met with top Russian intel chief in US. (Daily Beast)

DHS is losing its chief information security officer. (Federal News Radio)

The Trump administration wants to play a bigger role in international data laws. (CyberScoop)

How to obtain a wiretap to surveil Americans. (The New York Times)