Overnight Cybersecurity: Trump-linked data firm Cambridge Analytica attracts scrutiny | House passes cyber response team bill | What to know about Russian cyberattacks on energy grid

Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We’re here to connect the dots as leaders in government, policy and industry try to counter the rise in cyber threats. What lies ahead for Congress, the administration and the latest company under siege? Whether you’re a consumer, a techie or a D.C. lifer, we’re here to give you …

 

THE BIG STORIES:

–TRUMP-LINKED DATA FIRM INVITES SCRUTINY: Cambridge Analytica is attracting massive scrutiny following reports from the New York Times and The Observer of London that the data mining firm obtained private data on 50 million Facebook users to fuel its operation. The firm, which has links to President Trump’s former chief strategist Steve Bannon and GOP megadonor Robert Mercer, was paid $5.9 million by the Trump campaign for data management services ahead of the 2016 presidential election. The firm is facing allegations that it obtained the data improperly, and the developments have prompted a new round of debate over data privacy. House intelligence Committee ranking member Adam Schiff (D-Calif.) on Sunday said that Cambridge Analytica needs to testify before Congress on the developments, and the lawmaker has also sent a letter to the whistleblower who exposed the issue inviting him to testify. Cambridge Analytica vehemently pushed back on Monday. “This Facebook data was not used by Cambridge Analytica as part of the services it provided to the Donald Trump presidential campaign; personality targeted advertising was not carried out for this client either. The company has made this clear since 2016,” it said in a statement. Facebook announced that it was suspending Cambridge Analytica from the platform late Friday, citing policy violations.

 

–NEW CRISIS FOR FACEBOOK: The developments have created a new headache for Facebook, with CEO Mark Zuckerberg now facing calls to testify before Congress as renewed focus falls on the tech giant’s privacy practices. Sens. Amy Klobuchar (D-Minn.) and John Kennedy (R-La.) on Monday requested that the Senate Judiciary Committee call major tech CEOs to testify about how internet platforms oversee the use of consumer data for political advertising. While the request included several tech firms, it was clearly triggered by the report about Facebook data being used by Cambridge Analytica. “The lack of oversight on how data is stored and how political advertisements are sold raises concerns about the integrity of American elections as well as privacy rights,” the senators wrote in a letter to Judiciary Chairman Chuck Grassley (R-Iowa). The data was reportedly given to Cambridge Analytica by a researcher who had developed an app that relied on Facebook’s login feature. While only about 270,000 people handed over information through the app, Facebook at the time allowed developers to tap into the entire friend networks of users. That feature, according to the report, allowed the researcher to collect the data of more than 50 million people.

To read more from our coverage, click here, here and here.

Click here for five things to watch as the Cambridge Analytica story unfolds.

 

— FACEBOOK SECURITY CHIEF LEAVING: Facebook’s chief information security officer is stepping down after battling with other company officials on how to handle the spread of disinformation on the platform, The New York Times reported Monday.

Alex Stamos said that he would leave Facebook in December after his daily duties were assigned to other company staffers, but agreed to stay with the network until August to help with the transition.

He had advocated for Facebook to be transparent about the activity of Russians and other trolls on the platform, clashing with other executives, including chief operating officer Sheryl Sandberg, according to The Times.

Lawmakers have criticized Facebook and other tech giants for allegedly not doing enough to fight Russian influence on the 2016 election.

To read more, click here.

 

— SESSIONS FIRES MCCABE FROM FBI: Attorney General Jeff Sessions on Friday fired Andrew McCabe, the No. 2 official at the FBI and a longtime target of President Trump. McCabe’s ouster comes just days before he was scheduled to retire on Sunday, after more than 20 years at the bureau. McCabe had already stepped down under pressure in January and has been on a leave of absence since. In a statement Friday evening, Sessions said that the FBI’s Office of Professional Responsibility and Office of Inspector General (OIG) had found McCabe made an unauthorized disclosure to the news media and “lacked candor — including under oath — on multiple occasions.” “Pursuant to Department Order 1202, and based on the report of the Inspector General, the findings of the FBI Office of Professional Responsibility, and the recommendation of the Department’s senior career official, I have terminated the employment of Andrew McCabe effective immediately,” Sessions said. McCabe quickly declared that his termination and Trump’s needling against him were an effort to undermine special counsel Robert Mueller’s investigation, in which he could be a potential witness. “The idea that I was dishonest is just wrong,” McCabe told The New York Times. “This is part of an effort to discredit me as a witness.” McCabe’s dismissal came at the recommendation of an internal FBI office that handles disciplinary matters. According to the Times, the recommendation was based on a finding from the Justice Department inspector general that McCabe was not forthcoming during the review, which includes an investigation into a decision he made in 2016 to allow FBI officials to speak with reporters about an investigation into the Clinton Foundation.  It is unclear why the inspector general, Michael Horowitz, chose to act on his findings regarding McCabe before closing the overall investigation into decisions made during the 2016 election. Horowitz has said publicly that he expects to issue his final report this spring. While the exact details of the allegations against McCabe remain unclear, the high-profile dismissal ignited a political firestorm in Washington, with an outpouring response from Democratic lawmakers and former top intelligence community leaders like former FBI Director James Comey and former CIA chief James Brennan in the days that followed.

To read the rest of our coverage, click here and here.

 

— SENATE INTEL TO HOLD ELECTION SECURITY BRIEFING: The Senate Intelligence Committee has scheduled an open hearing on threats to U.S. election security on Wednesday morning, which comes as the 2018 midterm elections draws near. The committee announced Monday that the hearing will feature three separate panels to address the issue of election security with representatives from a range of agencies like the Department of Homeland Security (DHS), Election Assistance Commission, and National Association of Secretaries of State. DHS Secretary Kirstjen Nielsen is scheduled to appear for the first panel alongside her Obama administration predecessor, former DHS Secretary Jeh Johnson. The hearing will explore how DHS is engaging states to prepare for the midterms, what the panel has learned about Russian interference in the 2016 presidential election, and how prepared states say they are to combat cyber threats, according to an advisory for the hearing. Election interference has increasingly gained attention as lawmakers and security experts raise concern over whether election systems across the country are properly secure to combat further meddling attempts. The Senate committee has been investigating Russian meddling in the presidential election for more than a year. One day before the hearing takes place, the committee is expected to release a public report on election security. The top Democrat on the committee, Sen. Mark Warner (D-Va.), has warned that Russians still seek to sow discord in U.S. affairs, pointing recently to their efforts to intensify divisions in the gun control debate following the Parkland school shooting in Florida. Chairman Richard Burr (R-N.C.) and Warner have worked together in nearly perfect lockstep as they sought to examine the core consequences of Russian activity.

 

— TRUMP BANS TRADE IN VENEZUELAN GOVERNMENT CRYPTOCURRENCY: President Trump on Monday imposed new sanctions against the Venezuelan government, banning U.S. citizens from dealing in the South American country’s new cryptocurrency. An executive order bans “all transactions related to, provision of financing for, and other dealings in” any digital currency issued by or for the Venezuelan government. The sanctions targeting the petro — the digital currency announced by Venezuelan President Nicolás Maduro in December — have been in the works for weeks. Trump has consistently ratcheted up sanctions against Venezuela since his inauguration, and is reportedly considering directly targeting the country’s oil industry.  Most of his sanctions have drawn bipartisan praise — a reflection of Maduro’s dim public image internationally — but critics have warned that full economic sanctions could further hurt the Venezuelan people. Maduro in December explicitly touted the petro as a way to “overcome the financial blockade,” making clear that his administration views the cryptocurrency as a way around the sanctions on many of its top leaders.

To read the rest of our piece, click here.

 

A FEW LEGISLATIVE UPDATES:

–HOUSE APPROPRIATORS PRESSED TO FUND DHS CYBER PROGRAM: Three lawmakers are pressing House appropriators to fully fund a key cybersecurity program at the Department of Homeland Security in funding legislation for the next fiscal year.

The program, called the Continuous Diagnostics and Mitigation (CDM) program, is part of the department’s broader effort to keep federal networks secure from cyberattacks.

Reps. John Ratcliffe (R-Texas), Will Hurd (R-Texas) and Jim Langevin (D-R.I.) wrote to the leaders of the House Appropriations Committee on Thursday asking that $237 million be allotted for the CDM program in fiscal 2019 appropriations legislation.

The request is on par with the $237.6 million proposed by the Trump administration in its 2019 budget blueprint for Homeland Security.

“The CDM program is of paramount importance because of its ability to provide the federal enterprise with the ability to monitor and assess the vulnerabilities and threats to its networks and systems in an ever-changing cyber threat landscape,” the lawmakers, who are on the House Homeland Security Committee, wrote.

The Homeland Security Department launched the CDM program back in 2012 in order to better guard federal .gov networks against cyber threats. The department broke down the program into four different phases, the first of which focused on managing what software is on federal networks and identifying vulnerabilities.

To read the rest of our piece, click here.

 

–HOUSE PASSES BILL AUTHORIZING CYBER RESPONSE TEAMS: House lawmakers on Monday passed legislation that would codify into law the Department of Homeland Security’s cyber incident response teams that help protect federal networks and critical infrastructure from cyberattacks.

Lawmakers passed the bill, sponsored by House Homeland Security Committee Chairman Michael McCaul (R-Texas), in a voice vote Monday afternoon.

The legislation would authorize the “cyber hunt and incident response teams” at Homeland Security to help owners and operators of critical infrastructure respond to cyberattacks as well as provide strategies for mitigating cybersecurity risks.

The bill would also allow Secretary of Homeland Security Kirstjen Nielsen to add cybersecurity specialists from the private sector to the response teams.

It would require that Homeland Security’s National Cybersecurity and Communications Integration Center — the office in which the response teams are housed — continually evaluate the response teams and report to Congress on their efforts at the end of each fiscal year for four years after the bill becomes law.

The House Homeland Security Committee approved the bill earlier this month.

“My legislation before us today, codifies and enhances the cyber incident response teams at DHS,” McCaul said in remarks on Monday.

“By fostering new collaboration between the government and private sector, we can harness our talent and maximize our efforts to stay one step ahead of our enemies,” McCaul said. “This innovative approach serves as a force multiplier to enhance our cybersecurity workforce. Being able to utilize a greater number of experts will strengthen efforts to protect our cyber networks.”

To read more from our piece, click here.

 

A REPORT IN FOCUS:

Chinese hackers have been targeting the U.S. maritime industry in spy operations since last summer, cybersecurity firm FireEye said Friday.

The hackers have stepped up their activity over the past two months, a development that’s linked to a Chinese cyber espionage group dubbed “TEMP.Periscope” by FireEye that is also known as “Leviathan.” While the group has been active since at least 2013, researchers said its activity dropped off for several years and only reemerged last summer.

The group has largely targeted maritime and engineering focused-entities in the United States, including research institutes, academic organizations and private companies. FireEye has also seen evidence of the group targeting organizations in Europe and Hong Kong.

The group’s targets include those with links to the South China Sea, where tensions have run high as a result of territorial disputes. China has built artificial islands in the region in an attempt to extend its position in the area, despite multiple countries laying claim to territory in the South China Sea.

“We’ve really seen a big upswing in their activity in the last two months,” said Ben Read, senior manager of cyber espionage analysis at FireEye. “They’ve been heavily targeting U.S. entities.”

In 2015, the U.S. and China inked an agreement to deepen cooperation on confronting cyberattacks and stop supporting cyber-enabled intellectual property theft against firms within each others’ borders.

While FireEye has not established a definitive connection to the Chinese government, Read observed that the hackers’ targets suggest they may be working on behalf of the government in some capacity.

To read the rest of our coverage, click here.

 

A LIGHTER CLICK:

Email service calls White House staffer a ‘password idiot‘ for leaving encrypted email account details at a D.C. bus stop. (The Hill)

 

WHAT’S IN THE SPOTLIGHT: 

RUSSIAN ENERGY GRID ATTACKS: Trump administration officials on Thursday accused the Russian government of staging a multi-year cyberattack campaign against the energy grid and other elements of critical infrastructure in the United States.

The alert from the Department of Homeland Security and the FBI coincided with the administration’s decision to unveil new sanctions on Russia for 2016 election meddling and other cyber activities — developments that are sure to ramp up tensions between the U.S. and Moscow.  

Here are five things to know about Russian cyberattacks against U.S. infrastructure.

 

IN CASE YOU MISSED IT:

Links from our blog, The Hill, and around the Web.

GOP chairman threatens subpoena for FBI records on Clinton probe. (The Hill)

Woman dies after being hit by self-driving Uber. (The Hill)

White House: No discussions about firing Mueller. (The Hill)

Kelly names Kushner ally deputy chief of staff. (The Hill)

Republicans warn against firing Mueller, yet little show of appetite to pass law protecting him. (CNN)

New DHS-backed center created to address election security. (CyberScoop)

Trump once planned to tap Gary Cohn to head the CIA. (Politico)

Russian outlets say Moscow’s election commission came under cyberattack. (RT)

Why the Cambridge Analytica issue is not a data breach. (Motherboard)