Overnight Cybersecurity

Overnight Cybersecurity: Trump NSA pick says US response to cyberattacks falls short | Equifax finds new breach victims | House panel says Russia used social media to disrupt energy markets

Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We’re here to connect the dots as leaders in government, policy and industry try to counter the rise in cyber threats. What lies ahead for Congress, the administration and the latest company under siege? Whether you’re a consumer, a techie or a D.C. lifer, we’re here to give you …

 

THE BIG STORIES:

–TRUMP NSA PICK SAYS RESPONSE TO CYBERATTACKS FALLS SHORT: President Trump’s choice to lead the National Security Agency (NSA) said Thursday that the United States’ response to Russian election interference has not been sufficient enough to change Moscow’s behavior. Lt. Gen. Paul Nakasone, nominated to lead both NSA and U.S. Cyber Command, was asked at his confirmation hearing whether he agreed with outgoing NSA Director and Cyber Command head Adm. Michael Rogers’s statement that the response to Russian meddling in the 2016 election has not been strong enough. “It has not changed their behavior,” Nakasone told Sen. Ben Sasse (R-Neb.), who asked the question. Nakasone appeared before the Senate Armed Services Committee two days after Rogers, who faced tough questions over the Trump administration’s response to Russia’s interference in the 2016 presidential election during a hearing on the 2019 budget request for U.S. Cyber Command. On Thursday, lawmakers from both parties expressed frustrations that the government — including both the Trump and Obama administrations — has not sufficiently penalized foreign adversaries for cyberattacks. “We’re 31 years into cyber war, but we’re four years into regular attacks against the United States to which we publicly say we don’t respond,” said Sasse, citing the Office of Personnel Management breach disclosed in 2015 that was linked to China. Nakasone said broadly that the U.S. government has failed to sufficiently deter foreign actors in cyberspace with public penalties. “I think that our adversaries have not seen our response in sufficient detail to change [their] behavior,” Nakasone said. Lawmakers also criticized successive administrations for failing to develop a whole-of-government strategy to deter and respond to cyber threats. “We are either at the war now or on the brink of war, and that war is in cyber,” said Sen. Angus King (I-Maine). “We’re under attack and our adversaries feel no consequences.”

–NAKASONE received a warm welcome from committee members on Thursday. If confirmed, he will be the first commander to lead U.S. Cyber Command as a unified combatant command, after Trump moved to elevate it last year into its own warfighting unit. Cyber Command, which was born out of NSA headquarters in 2009, has seen its responsibilities grow rapidly over the last several years. The Pentagon is currently reviewing whether to ultimately separate NSA and Cyber Command, which are currently led by the same official. On Thursday, Nakasone did not explicitly endorse separating NSA from Cyber Command, saying that the decision needs to be made based on what is “best for the nation.” Nakasone said he would provide an assessment on a possible split within 90 days of being confirmed. Many view the split as inevitable, but some lawmakers and former officials have expressed concerns about the potential implications of a premature split. Congress pumped the breaks on splitting the two organizations, inserting language into 2017 defense policy legislation that instructed the Pentagon to report on its potential implications before making a decision. To read the rest of our piece, click here.

{mosads}

–EQUIFAX: 2.4 MILLION MORE BREACHED: Equifax has identified 2.4 million victims of its massive 2017 data breach that were not previously counted in the number of people affected by the hack, the credit bureau announced Thursday. The company says that hackers stole partial driver’s license information from the newly identified group. Equifax said that in the vast majority of these cases, the breach did not expose home addresses, the states in which the licenses were issued or expiration and issuance dates. The company said that these victims had not been identified previously because the forensic investigation had focused on stolen Social Security numbers. “This is not about newly discovered stolen data,” Paulino do Rego Barros, Jr., Equifax’s interim CEO, said in a statement. “It’s about sifting through the previously identified stolen data, analyzing other information in our databases that was not taken by the attackers, and making connections that enabled us to identify additional individuals.” Equifax said it will notify those in the new group and offer them free credit monitoring and identity theft services. The new victims bring the total number affected by last year’s breach to 147.9 million people, or roughly 45 percent of the U.S. population. The announcement has already rankled members of Congress who have been investigating the breach for months and grilled its former CEO in a marathon of hearings last year.

To read the rest of our piece, click here.

 

A LEGISLATIVE UPDATE: 

A pair of lawmakers is looking to attach an amendment to a bill reauthorizing the Department of Homeland Security (DHS) that would help states bolster the cybersecurity of their election infrastructure.

At a recent meeting of the Senate Homeland Security and Governmental Affairs Committee, Sen. Kamala Harris (D-Calif.) said she hopes to introduce additional amendments to the bill that address cyber-related issues at the department, including one that implements “bipartisan election security measures to modernize election cybersecurity across America and protect against foreign interference on future elections.”

Harris said she is working with Sen. James Lankford (R-Okla.) on such an amendment to the DHS reauthorization bill, which passed the House last year and is now moving through the upper chamber.

“If we have been attacked once, we should assume that is the first of many and we should have our guard up,” Lankford said at the Senate panel meeting Wednesday.

Harris also said she hopes to introduce an amendment that provides “new solutions that get top private sector talent to help the federal government address cybersecurity challenges.”

The House-passed Homeland Security reauthorization bill includes a number of operational reforms, including some that are related to the department’s cybersecurity efforts. Among its vast responsibilities, Homeland Security is taking the lead on protecting federal networks and critical infrastructure from cyber threats.  

The bill would authorize Homeland Security for the first time since it was established following the 9/11 terrorist attacks.

 

A REPORT IN FOCUS: 

RUSSIA LOOKED TO SOCIAL MEDIA TO DISRUPT US ENERGY MARKETS: Russia used several American social media accounts in an attempt to disrupt U.S. energy markets, according to a House committee report released Thursday.

The report from the House Committee on Science, Space and Technology concluded that Russia exploited social media platforms Twitter, Facebook and Instagram to influence the United States’ domestic energy policies, sometimes taking conservative positions to stir up tensions.

Looking at information provided to them by U.S. social media companies, the committee found that between 2015 and 2017 there were about 9,097 Russian posts or tweets about U.S. energy policy and events on Facebook, Instagram and Twitter.

During the same time period, the report found an estimated 4,334 accounts linked to the Internet Research Agency (IRA), a company established by the Russian government that engages in online influence operations for the Russian government and businesses.

The Internet Research Agency posts and tweets specifically targeted pipelines, fossil fuels and climate change, the report found.

The committee surmised that the disinformation campaign on social media is connected to Russian fears that a strong U.S. energy economy could negatively impact Russia’s oil and natural gas economy.

Eastern and central European countries currently get about 75 percent of their natural gas from Russia, with southeastern European countries receiving nearly all of their natural gas from Moscow. However, those numbers are slowly changing. For example, Poland recently signed a five-year deal with the U.S. to import liquefied natural gas to decrease dependency on Russian energy supplies, according to the report.

“Russia benefits from stirring up controversy about U.S. energy production. U.S. energy exports to European countries are increasing, which means they will have less reason to rely upon Russia for their energy needs. This, in turn, will reduce Russia’s influence on Europe to Russia’s detriment and Europe’s benefit,” the committee’s chairman, Rep. Lamar Smith (R-Texas), said in a statement.

“That’s why Russian agents attempted to manipulate Americans’ opinions about pipelines, fossil fuels, fracking and climate change. The American people deserve to know if what they see on social media is the creation of a foreign power seeking to undermine our domestic energy policy.”

To read the rest of our piece, click here.

 

A LIGHTER CLICK: 

Sen. Mark Warner (D-Va.) talks ‘Russia’ and ‘memos’ with Stephen Colbert on upcoming ‘Late Show.’

 

WHAT’S IN THE SPOTLIGHT: 

ENERGY SECTOR CYBER THREATS: Senate Energy and Natural Resources Committee lawmakers on Thursday hosted a hearing with experts and officials to address cyber issues facing the energy sector, including threats and possible future solutions.

Senators largely sought to learn more about the Department of Energy’s new cybersecurity office, Energy Security, and Emergency Response (CESER), which Energy Secretary Rick Perry launched last month.

The committee questioned DOE’s Assistant Secretary Bruce Walker about the plans for the office. Walker said it would address industry sector threats and help evolve the critical grid infrastructure.

Walker emphasized the department’s plan to work “diligently to mitigate” threats facing the energy sector and increase alignment of cybersecurity preparedness across local, state, and federal levels.

“I would like to highlight that the risk of physical and cyber threats is continuously being exacerbated by a set of circumstances that are increasing the interdependence of the various energy systems throughout the nation,” Walker told the committee in his opening remarks.

“The creation of the CESER office will build on all that we do today and elevate the department’s focus on energy infrastructure protection and will enable more coordinated preparedness and response to cyber and physical threats and natural disasters,” he continued.

Robert M. Lee, the CEO of industrial cybersecurity firm Dragos, advised that the CESER office should work on “de-duplicating overlap with the private sector” and recognize that the best intelligence is in the “communities and companies being targeted.”

Lee also expressed concern that the government appears better equipped to handle a major attack than it is to recover from smaller scale attack.

 

IN CASE YOU MISSED IT:

Links from our blog, The Hill, and around the Web.

Dems press Trump on response to Russian cyber threat. (The Hill)

Grassley intensifies probe into Russian oligarch. (The Hill)

Frustrated Dems demand contempt action against Bannon. (The Hill)

IBM urges lawmakers to crack down on internet platforms. (The Hill)

A data breach at Marine Corps Forces Reserve impacted over 20,000 people. (Marine Corps Times)

Senate Intelligence Committee members concluded that House Republicans leaked Warner’s texts. (The New York Times)

A trio of new reports from cyber firm Dragos examine threats to and vulnerabilities of industrial control systems. (Dragos)

The European Union tells tech companies to remove terrorist content within one hour. (Bloomberg)

GDPR is going to impact how companies work with third-party cloud providers. (CyberScoop)

The latest on the cyberattack that hit German government computer systems. (The Telegraph)