OVERNIGHT CYBERSECURITY: Senators left wanting on hack details

Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We’re here to connect the dots as leaders in government, policy and industry wrap their arms around cyberthreats. What lies ahead for Congress, the administration and the latest company under siege? Whether you’re a consumer, a techie or a D.C. lifer, we’re here to give you …

THE BIG STORIES:

–THE WAITING GAME: Senators gleaned little from a classified briefing the administration held for the upper chamber Tuesday night on the recent Office of Personnel Management (OPM) data breach that has exposed millions of people’s information. “There’s no more concrete answers to the questions about, when did you know and what did you do?” said Sen. Jerry Moran (R-Kan.), exiting the briefing. “And that still, in my view, needs to be answered.” Moran sits on a Senate subcommittee that heard testimony from OPM Director Katherine Archuleta Tuesday morning. Archuleta has been on the hot seat since a poorly-received performance at a House hearing last week. “Those questions that arose in this morning’s hearings were not answered in this afternoon’s classified briefing,” Moran said. Other senators echoed Moran’s sentiments leaving the briefing. To read our full piece, click here.

{mosads}–ABOUT THAT HEARING: Tuesday’s Senate hearing was considerably less acrimonious than last week’s first Capitol Hill hearing on the OPM breach. However, senators on the Financial Services and General Government Subcommittee did grill OPM Director Katherine Archuleta over reports that the credit monitoring firm CSID has offered substandard service to the millions of victims of the recent federal data breach. “I’m as angry as you are” about these reports, Archuleta said forcefully. “I have instructed my [chief information officer] and her team to work with my contractor to improve daily the services they’re giving to our employees,” she added later. Archuleta also pushed back against a recent government “flash audit” that admonished the agency’s much-touted network modernization plan as poorly budgeted and managed. “These projects are ongoing, on schedule and on budget,” Archuleta told the subcommittee.

–FREEDOM SPYING?: Documents released by anti-secrecy group WikiLeaks on Tuesday assert that the U.S. routinely spied on the communications of multiple French leaders over the course of a decade, including current President Francois Hollande. The trove of classified documents contains apparent summaries that the National Security Agency compiled by monitoring conversations between top French government officials, dating back at least to the administration of Jacques Chirac. Those talks covered high profile and sensitive issues such as the global financial crisis, the Greek debt crisis and even French opposition to U.S. spying. The disclosure is reminiscent of the public revelations in late 2013 that the NSA spied on the personal cellphone of German Chancellor Angela Merkel. That news sparked major diplomatic friction between the U.S. and Germany that has only recently taken a back seat to other bilateral issues. To read our full piece, click here.

AN UPDATE ON CYBER POLICY:

–TABOO TALKS. A multitude of U.S. officials — from Vice President Joe Biden to Secretary of State John Kerry — alternately pledged either “frank” or “direct” cybersecurity talks with Chinese officials while they’re in town for a three-day summit in Washington this week.

Federal investigators have privately accused China of breaking into computer systems at the OPM, exposing the information of up to 18 million people to hackers. Officials have promised the incident will come up this week, although outsiders are wary that officials will threaten to levy sanctions over the incident, as some have called for.

Biden did have some sharp words in opening remarks Tuesday: “Nations that use cyber technology as an economic weapon or profits from the theft of intellectual property are sacrificing tomorrow’s gains for short-term gains today.”

To read more on Biden’s comments, click here.

To get a preview of how cybersecurity will play into the entire summit, click here.

A LIGHTER CLICK:

–EMAIL SAVIOR: Gmail has formally added an “undo send” option for emails that is unfortunately too late to bring back all those angry messages you accidentally sent to your boss. It’s one step toward reinstating our favorite lost Gmail feature: Google goggles.

–IS IT LIGHTER, THOUGH? From The Guardian: “Lurkmore, a Russian site described as the “satirical Wikipedia”, is suspending its operations because of increasing censorship, founder Dmitry Khomak has announced.”

A REPORT IN FOCUS:

–YOU SUCK. From Re/code: “A new report out today from the software security firm Veracode found that civilian federal agencies — those largely unconnected to the military or intelligence communities — rank dead last in fixing security problems in the software they build and buy.” Read on here.

A LOOK AHEAD:

WEDNESDAY

—National Journal will hold an event at 8 a.m. on cybersecurity policy with House Homeland Security Committee Chairman Michael McCaul (R-Texas).

–The House Oversight Committee will hold its second hearing on the OPM hack at 10 a.m. OPM Director Archuleta is expected to testify.

–The House Homeland Security subcommittee on cybersecurity will hold a hearing at 2 p.m. on the Department of Homeland Security’s efforts to secure .gov websites.

THURSDAY

–The Hill will hold an event on women in cybersecurity at 8 a.m. Sen. Deb Fischer (R-Neb.), Rep. Marsha Blackburn (R-Tenn.) and Rep. Kyrsten Sinema (D-Ariz.) will all speak.

–The Senate Homeland Security Committee will hold a hearing at 9:30 a.m. on the OPM hack. OPM Director Katherine Archuleta is slated to testify.

IN CASE YOU MISSED IT:

Links from our blog, The Hill, and around the Web.

U.S. securities regulators are investigating a group of hackers suspected of breaking into corporate email accounts to steal information to trade on, such as confidential details about mergers, according to people familiar with the matter. (Reuters)

A Google eavesdropping tool is installed on computers without permission. (The Guardian)

Carl Force, a DEA agent accused of stealing hundreds of thousands of dollars from the Silk Road drug-trafficking website while he investigated it, will plead guilty, according to court papers filed Monday. (Ars Technica)

Security guru Bruce Schneier on “Why We Encrypt.” (Schneier on Security)

GOP White House hopeful Jeb Bush doubled down on his criticism of the Obama administration over the OPM hack. (National Journal)

If you’d like to receive our newsletter in your inbox, please sign up here: http://goo.gl/KZ0b4A