Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We’re here to connect the dots as leaders in government, policy and industry try to counter the rise in cyber threats. What lies ahead for Congress, the administration and the latest company under siege? Whether you’re a consumer, a techie or a D.C. lifer, we’re here to give you …
THE BIG STORIES:
–FEINSTEIN POSTS FUSION GPS TESTIMONY: Sen. Dianne Feinstein (D-Calif.) on Tuesday posted the entire transcript of the closed-door testimony that Fusion GPS co-founder Glenn Simpson made to the Senate Judiciary Committee as part of its investigation into Russian election interference. Fusion GPS last week demanded that the full transcript be released, sparking a fight with Judiciary Chairman Chuck Grassley (R-Iowa) over who was standing in the way of the document being released. Simpson has emerged as a central figure in the probes into Russian election interference after his firm helped assemble a controversial dossier tying President Trump to Russia. Former British intelligence officer Christopher Steele compiled the document, which includes unverified allegations against Trump and his links to Moscow.
{mosads}
–GRASSLEY BLASTS RELEASE: A spokesman for Senate Judiciary Committee Chairman Chuck Grassley (R-Iowa) on Tuesday blasted Sen. Dianne Feinstein’s (D-Calif.) release of the transcribed interview with the co-founder of the firm behind a controversial dossier on the Trump campaign’s ties to Russia, calling the move “confounding.” In a statement, the spokesman, Taylor Foy, said that Feinstein’s decision to release the transcript without first consulting Grassley compromises the Judiciary Committee’s ability to conduct its investigation into Russian meddling in the 2016 presidential election. “Her action undermines the integrity of the committee’s oversight work and jeopardizes its ability to secure candid voluntary testimony relating to the independent recollections of future witnesses,” Foy said.
–AMONG THE REVELATIONS from the testimony is that Simpson told Senate investigators in August that the FBI had “other intelligence” backing up claims in the dossier and that law enforcement officials had already been investigating the president’s team before the dossier was completed. In more than 300 pages of testimony released Tuesday Simpson told investigators that the former spy who compiled the dossier told him that the FBI had an informant in the Trump campaign. But a source close to Fusion GPS told The Hill on Tuesday that Simpson misspoke, mischaracterizing a tip that an Australian diplomat gave the bureau related to Trump campaign aide George Papadopoulos. “Essentially what [former MI6 agent Christopher Steele] told me was they had other intelligence about this matter from an internal Trump campaign source and that — that they — my understanding was that they believed Chris at this point — that they believed Chris’s information might be credible because they had other intelligence that indicated the same thing and one of those pieces of intelligence was a human source from inside the Trump organization,” Simpson said.
To read the rest of our coverage, click here, here, and here. To read the entire testimony transcript, click here.
A LEGISLATIVE UPDATE:
HOUSE APPROVES BILL REQUIRING DHS TO REPORT ON VULNERABILITIES DISCLOSURE: House lawmakers on Tuesday approved legislation aimed at boosting oversight of the way that the U.S. government discloses cyber vulnerabilities to the private sector.
The legislation was introduced before the Trump administration issued a first-ever charter outlining the secretive method, known as the vulnerability equities process (VEP), by which the executive branch determines whether to disclose what are called “zero day” vulnerabilities to affected vendors.
The legislation passed Tuesday would specifically require the Department of Homeland Security, which is now known to have a seat at the table in VEP, to report to Congress on the policies and procedures by which previously unknown vulnerabilities are disclosed to the private sector.
Lawmakers passed the bill in a voice vote Tuesday afternoon.
The charter issued by the White House in November laid out the principles and aims of the process, and also identified the specific agencies involved in the decisionmaking, which turned out to be a much longer list than expected. The administration is also expected to issue an annual public report documenting the number of vulnerabilities discovered that were kept secret.
The move came in response to calls from lawmakers, public advocacy groups and private sector companies who have pushed for more transparency around the process, which was first acknowledged by the Obama administration in 2014. Critics have warned the government against “stockpiling” vulnerabilities for intelligence purposes, citing the risk that hackers may discover and leverage them.
The effort has been widely viewed as a step forward for transparency.
The legislation approved Tuesday was introduced by Rep. Sheila Jackson Lee (D-Texas) and would require Homeland Security to submit a report to Congress containing “a description of the policies and procedures developed for coordinating cyber vulnerability disclosures.”
It also says the report should “to the extent possible” include an annex with information on instances when these procedures were used to disclose vulnerabilities and the degree to which stakeholders acted on the information.
The bill cleared the House Homeland Security Committee last July, roughly three months before the White House issued the VEP charter.
To read the rest of our piece, click here.
A LIGHTER CLICK:
2018 is already spawning some super cool gadgets. (Wired)
A SURVEY IN FOCUS:
Half of women serving in science, technology, engineering, or math (STEM) jobs report experiencing gender discrimination in the workplace, according to a survey released by Pew Research Center on Tuesday.
This compares to a much smaller figure–19 percent–of men in STEM jobs who also report experiencing gender discrimination on the job.
One-fifth of women in these science and tech-related positions say that their gender has made it more difficult to succeed at work, compared with only 7 percent of men.
The survey comes as claims of sexual harassment and gender issues continue to receive attention in and outside of Washington.
WHAT’S IN THE SPOTLIGHT:
ENCRYPTION: FBI Director Christopher Wray stated Tuesday that the inability of law enforcement agencies to surpass the strong encryptions on electronic devices poses an “urgent public safety issue.”
Wray said that during the last fiscal year, the FBI failed to break through the powerful protective coding of 7,775 devices, even though they had advanced tools at their disposal and the legal right to access the contents, Reuters reported.
He said the inability to access cellphone data that is “going dark” would impact FBI investigations across the board including counterterrorism, counterintelligence, human trafficking and organized crime.
Wray made the remarks during a speech at the International Conference on Cyber Security in New York on Tuesday morning.
Wray, who took over as the head of the FBI in August, emphasized that the bureau’s inability to overcome the obstacle of encryption is a “public safety issue.”
To read the rest of our piece, click here.
IN CASE YOU MISSED IT:
Links from our blog, The Hill, and around the Web.
Twitter misses deadline to provide Senate info on Russia meddling. (The Hill)
House Dems accuse Republicans of stalling Russia probe to protect Trump. (The Hill)
OP-ED: 2018 will be the year of the ‘bots.’ (The Hill)
Senate bill to preserve net neutrality wins first GOP backer. (The Hill)
Microsoft suspends some AMD patches for Meltdown and Spectre. (The Hill)
The European Union is facing pressure to fight back against cyberattacks. (Euronews)
The contenders who could replace NSA Director Mike Rogers. (CyberScoop)