Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We’re here to connect the dots as leaders in government, policy and industry try to counter the rise in cyber threats. What lies ahead for Congress, the administration and the latest company under siege? Whether you’re a consumer, a techie or a D.C. lifer, we’re here to give you …
THE BIG STORIES:
–VOTING INFRASTRUCTURE STILL ‘CRITICAL’: President Trump’s secretary of Homeland Security indicated Tuesday that he would keep in place the Obama administration’s designation of election infrastructure as “critical infrastructure.” “I believe we should help all of the states to make sure their systems are protected, so I would argue we should keep that in place,” DHS Secretary John Kelly said during testimony before the House Homeland Security Committee in response to questioning from Rep. Cedric Richmond (D-La.). The Obama administration designated the U.S. election infrastructure as “critical” in January, just two weeks before Trump’s inauguration. The move extended to storage facilities, polling places and centralized vote tabulation locations supporting the election process, as well as information and communications technology such as voter registration databases and voting machines.
To read the rest of our piece, click here.
{mosads}–WHAT HAPPENED AND WHAT DIDN’T HAPPEN: The House Administration panel voted 6-3 to mothball the Election Assistance Commission. The EAC, as its name suggests, offers voluntary help to states, including accrediting laboratories to test voting machines. After the vote, however, an overly embellished narrative appeared online. “House GOP just voted to eliminate only federal agency charged with making sure voting machines can’t be hacked,” read one tweet that was retweeted nearly 6,000 times. In fact, at the same moment that tweet hit the internet, Secretary of Homeland Security John Kelly reaffirmed that DHS would continue treating elections as critical infrastructure – ramping up the ways the agency can help states protect voting machines from being hacked. There are plenty of valid reasons to be upset the EAC is on the way out — beyond helping states chose laboratories to test voting machines, including for assisting voter registration and legal compliance — but this specific one is more scare than substance.
A POLICY UPDATE:
–NATIONAL GUARD, RESERVES MAY TRACK CYBER SKILLS: A bipartisan team of senators introduced new legislation Monday requiring the Department of Defense (DOD) to track cybersecurity skills in the National Guard and Reserve. The DOD Emergency Response Capabilities Database Enhancement Act of 2017 would add a cybersecurity category to an already existing database that tracks the capabilities of National Guard and Reserve forces. The bill was introduced by Sens. Joni Ernst (R-Iowa), Deb Fischer (R-Neb.) and Kirsten Gillibrand (D-N.Y.) — all of whom serve on the Senate Armed Services Committee — as well as Sen. Chris Coons (D-Del.).
To read the rest of our piece, click here.
A LIGHTER CLICK:
–*AHEM*:”Movies That Would More or Less Scan the Same But Arguably Make for More Interesting Replacements for the Titular Film Referenced in the Chorus of Deep Blue Something’s 1995 Hit Single ‘Breakfast at Tiffany’s’“
WHAT’S IN THE SPOTLIGHT:
–EMAIL PRIVACY REFORM. Via The Hill’s Harper Neidig, Iowa Sen. Chuck Grassley (R) is not bullish on the Senate passing a bill reforming the Electronic Communications Privacy Act [ECPA]. The measure passed the House on Monday.
“We’ll certainly take a look at the bill again at some point, but it’s a tough road in the Senate. Everyone agrees ECPA needs to be updated. But there was broad, bipartisan interest on our committee to modernize the law to also address law enforcement and national security equities in ways the House bill omits,” he said.
ECPA is a law written in 1986 that allows law enforcement to seize emails and other files stored on third-party servers older than 180 days. It predates the world wide web and widespread internet use, and, as Grassley says, there is wide agreement that it needs to change. But conservatives have worried about changes that would undercut law enforcement.
In statements, civil libertarians and industry were more bullish on the Email Privacy Act that passed the House last night, which would require a warrant for all files.
“House leadership and the sponsors of the Email Privacy Act have made a powerful statement by moving the legislation so quickly in the new Congress,” said Center for Democracy and Technology Vice President of Policy Chris Calabrese.
The Electronic Software Association, a video game trade group, agreed. “The video game industry thrives online, and the privacy rights of gamers are vital for continued growth. Requiring law enforcement to obtain a warrant before accessing the content of electronic communications is an appropriate way to protect those rights,” said Michael D. Gallagher, its president and CEO.
IN CASE YOU MISSED IT:
Links from our blog, The Hill, and around the Web.
A college student was sentenced to probation for designing Android malware (The Hill)
The Department of Justice is pleased with Friday’s ruling in their legal fight with Google over data on an overseas server. (DOJ)
The last of the Russian hacker group Shaltai Boltai (“Humpty Dumpty”) reveals the organization’s shadowy world. (FT)
The science of turning anyone into an internet troll. (Futurity)
Phishing attacks rose by 33 percent after the passage of Brexit. (The Register)
Canada may be one step closer to an E.U.-like right to be forgotten. (Canadian Privacy Law Blog)
Google might actually be able to do that thing in cop shows where techs unrealistically enlarge and enhance images.(YouTube, Ars Technica.)
The NSA file hoarder may have stolen as much as 75 percent of the agency’s vaunted cyberweaponry. He might be indicted this week. (Washington Post)
If you’d like to receive our newsletter in your inbox, please sign up here.