Overnight Cybersecurity: Emerging cyber war rules spark debate

Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We’re here to connect the dots as leaders in government, policy and industry try to counter the rise in cyber threats. What lies ahead for Congress, the administration and the latest company under siege? Whether you’re a consumer, a techie or a D.C. lifer, we’re here to give you …

THE BIG STORIES:

–I’M KIND OF A BIG DEAL: Experts disagree wildly on the scope and utility of a possible agreement between the United States and China promising that neither country will be the first to launch cyberattacks on the other’s critical infrastructure. Although President Obama and President Xi Jinping are not expected to reveal any specifics of the accord during the latter’s state visit this week, they will likely announce a “generic embrace” of a code of conduct recently adopted by the United Nations that includes a tenet prohibiting states from engaging in cyber activity that intentionally damages critical infrastructure. Because the new accord likely will not address the more high-profile forms of hacking China is accused of carrying out in the U.S., like the theft of intellectual property, some experts have criticized it as too narrow in scope. Paul Stockton, the assistant secretary of Defense for homeland defense from 2009 to 2013, called the proposed agreement “constructive” but “very limited in terms of its intrinsic value.” Others suggest it has broader international implications. Atlantic Council senior fellow Jason Healey says embracing the UN guidelines could put pressure on other, more dangerous nations — like Russia — to sign the same agreement. “Next week, Xi Jinping is not going to take down electronic U.S. infrastructure,” Healey said. “I cannot say that next week Putin is not going to bring down Polish electronic infrastructure.” To read our full piece, click here.

{mosads}–HOLD ON, I’M COMIN’: Commerce Secretary Penny Pritzker will speak Wednesday at a Chinese-organized technology forum in Seattle. The event, part of a West Coast swing for Chinese President Xi Jinping before his first official state visit in Washington, is expected to draw top executives from Apple, Facebook, Google, Uber and other major Silicon Valley players. Deputy Commerce Secretary Bruce Andrews will also serve as a panelist that day at the U.S. China Internet Industry Forum, which Microsoft is co-hosting with the Internet Society of China, a semi-governmental organization that works with tech firms in China to regulate the Internet. The inclusion of two top-ranking U.S. officials at Xi’s West Coast stops may help defuse the administration’s frustration over the Seattle forum. To read our full piece, click here.

–EVERYONE JUST BE COOL: National Security Advisor Susan Rice set the tone for President Xi’s visit in a Monday speech at George Washington University, issuing a stern warning to China about its incursions and meddling in cyberspace, the South China Sea and global currency markets. “As my critics allege, I can be rather direct. I can assure you that President Obama will be just as direct when he meets with President Xi,” Rice said. “Everyone has to play by the same rules, regardless of size or power, because that’s the way everyone can compete or be treated equally.” The White House is faced with executing a delicate balancing act this week, in which President Obama will have to scold China for ongoing hacks on U.S. interests without doing serious damage to the increasingly interdependent relationship. (As The New Yorker’s Evan Osnos noted, trade between China and the U.S. has grown from $2 billion in 1979 to $592 billion last year.) Rice made a point to reject calls from former presidential candidate Wisconsin Gov. Scott Walker (R) to call off the visit. “If we sought to punish China by canceling on China or refusing to engage them, we would only be punishing ourselves,” she said. To read our full piece, click here.

 

UPDATE ON CYBER POLICY:

–ONE MILLION DOLLARS. The government is investing $3.7 million in projects meant to secure online transactions, ensure the privacy of electronic medical information and combat online tax fraud.

The pledge comes from the Commerce Department’s National Strategy for Trusted Identities in Cyberspace, or NSTIC, which launched in 2011 to fund various private sector pilot projects working on new technologies to secure online data.

It’s the same initiative that has been funding numerous projects aimed at developing new ways to identify people online without a password.

The funding round announced Monday — the department’s fourth — will go to several different types of secure online authentication projects.

Check them out in our full piece, here.

 

LIGHTER CLICK:

–I ONLY HAVE ONE PHOTO IN MY HAND… A new SyFy reality show, Bazillion Dollar Club, tracks six San Francisco startups over 16 weeks. Apparently, it’s not terrible (although it could turn into a bloodbath later, let’s be real). Read more, here.

 

A REPORT IN FOCUS:

–EVERY BREATH YOU TAKE… The IRS has improved its efforts at blocking fraudulent tax refunds before the returns are even accepted, according to new figures the agency provided to a federal watchdog.

The Treasury Department’s inspector general for tax administration said the IRS uncovered roughly 163,000 fraudulent returns seeking refunds this year, and stopped all but around $121 million of those refunds from being sent out.

Those figures only go through May 2, less than three weeks after the April 15 tax filing deadline. At this time last year, the IRS had said it had identified more than a quarter million fraudulent returns, and blocked around $160 million in refunds.

While the IRS’s latest numbers only cover four months for this year, the agency took credit in a statement for having “dramatically expanded the number of identity theft filters it uses to weed out” fraudulent returns before they can even enter the IRS’s processing system.

The new figures amount to progress for an agency that has had an uneven record at battling refund fraud and with cybersecurity issues in general in recent years.

Check out our full piece here.

 

A LOOK AHEAD:

TUESDAY

–The U.S. Chamber of Commerce will hold an all-day event on the “Internet of Everything.” Sen. Steve Daines (R-Mont.) and FTC Commissioner Maureen Ohlhausen will give remarks.

–The House Subcommittee on Information Technology will hold a field briefing on the state of the cloud at 1:00 PM at the University of Texas at San Antonio. Subcommittee Chairman Will Hurd (R-Texas) will lead the briefing.

–The LGBT Technology Partnership & Institute will hold its 3rd Annual Fall Policy Forum at 2 p.m.

–Chinese President Xi Jinping will address business leaders during a speech at a dinner co-hosted by the US-China Business Council and the National Committee on U.S.-China Relation.

THURSDAY

–The Senate Intelligence Committee will hold an open hearing at 2:30 p.m. with testimony from National Security Agency (NSA) Director Adm. Michael Rogers.

 

IN CASE YOU MISSED IT:

Links from our blog, The Hill, and around the Web.

The Apple app store has been hit by its first major cyberattack. (The Hill)

A controversial security firm that hunts for undiscovered software bugs is offering $1 million to the first hacker that breaks Apple’s mobile operating system. (The Hill)

Is the U.S. and China’s cyberwar reaching a detente or a flashpoint? (TechCrunch)

Google is reportedly in talks with Chinese authorities to return to China with a new Android app store — but some say it never really left. (The Guardian)

Will a recent partnership between a U.S. tech firm and “the Google of China” give the Chinese government more ammunition for distributed denial of service attacks? (Gigaom)

“I will be president,” computer security guru and presidential candidate John McAfee told reporters Monday. “You can laugh all you want. I’ll bet you a dollar.” (Re/Code)

A group of former investors from antivirus software maker AVG Technologies is raising a $125 million fund to tap into the booming cyber security sector. (Reuters)

A U.S.-EU commercial data-sharing deal faces a major test in court on Wednesday. (Reuters)

 

If you’d like to receive our newsletter in your inbox, please sign up here: http://goo.gl/KZ0b4A