Overnight Cybersecurity: US, UK blame Russia for global cyberattacks on internet devices | Top cyber official leaving White House | Zuckerberg to meet EU digital chief

View in your browser       Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We're here to connect the dots as leaders in government, policy and industry try to counter the rise in cyber threats. What lies ahead for Congress, the administration and the latest company under siege? Whether you're a consumer, a techie or a D.C. lifer, we're here to give you ...   THE BIG STORIES: --U.S., BRITISH OFFICIALS BLAME RUSSIA FOR GLOBAL CYBERATTACKS ON INTERNET DEVICES: Senior U.S. and British officials on Monday blamed the Russian government for coordinated cyberattacks against internet infrastructure worldwide in what they said was an effort to conduct espionage and intellectual property theft.  Officials said that Russian hackers have been conducting a months-long cyber campaign against network devices used by government organizations, private industry, critical infrastructure operators and internet service providers. The hackers have tried to breach routers, switches and firewalls in an effort to hack organizations across the globe, officials said. White House cybersecurity coordinator Rob Joyce said that the hackers were likely conducting the attacks for spying purposes or intellectual property theft, but said the access could also be used to facilitate future offensive activity. "When we see malicious cyber activity, whether it be from the Kremlin or other nation-state actors, we are going to push back," Joyce told reporters Monday.   --OFFICIALS AT THE DEPARTMENT OF HOMELAND SECURITY, FBI and Britain's National Cyber Security Centre conducted a joint investigation into the activity. Officials said that the attacks spanned several months, though noted that they do not have a full picture of the scope of the activity. U.S. and British officials released an unprecedented joint technical alert on the malicious Russian activity Monday. It is unclear to what extent the attacks were successful, though officials noted they have confirmed some successful breaches. "These devices actually make ideal targets," said Jeanette Manfra, the top Homeland Security cybersecurity official. "When a malicious actor has access to this, they can monitor, modify, or deny traffic to an organization or from an organization externally." According to the technical alert, the hackers looked for security weaknesses in network devices that they could exploit in order to gain access. The methods allowed the hackers to intermittently and persistently access "U.S. critical infrastructure that supports the health and safety of the U.S. population," the alert says.   The big picture...   --MONDAY'S MOVE is part of a broader push by the Trump administration to call out Russia and other nation states for sponsoring malicious cyber activity. Earlier this year, the administration publicly blamed Moscow for the global notPetya malware attack, labeling it the most costly and destructive in history. The administration has also sanctioned Russia for alleged cyber activity, including interference in the 2016 presidential election, after coming under pressure from lawmakers who accused President Trump of going soft on Moscow. Homeland Security officials also revealed in March that Russian hackers staged a multiyear cyber campaign to infiltrate the U.S. energy grid and other critical infrastructure.   -WHAT'S NEXT?: Joyce sad Monday that the Trump administration is prepared to use all elements of national power, including "offensive" capabilities, to push back on Russian attacks. To read more from our piece, click here.   And for more on Rob Joyce, the White House's top cyber official, keep reading...   -WHITE HOUSE WALKS BACK SANCTIONS PLEDGE: The Trump administration appears to be walking back U.S. Ambassador to the United Nations Nikki Haley's announcement that the U.S. Treasury plans to issue additional sanctions on Russia following the suspected chemical weapons attack in Syria last week. On Sunday morning, Haley stated that sanctions against Moscow will "be coming down" on Monday. But roughly 24 hours later, the administration signaled they have not decided on a definite course of action. "We are considering additional sanctions on Russia and a decision will be made in the near future," said White House press secretary Sarah Huckabee Sanders. Haley said in an appearance Sunday on CBS News's "Face the Nation" that the sanctions are intended to punish Russia for its support for the Assad government after last week's apparent chemical attack. To read more of our piece, click here.        A LEGISLATIVE UPDATE:  SENATORS, STATE OFFICIALS MEET ON ELECTION SECURITY: Two senators sponsoring legislation to secure digital election systems from cyberattack are meeting Monday will state officials on the details of their proposal. Sens. James Lankford (R-Okla.) and Amy Klobuchar (D-Minn.) are scheduled to meet with secretaries of state to discuss the Secure Elections Act, a spokesman for Lankford confirmed. The bipartisan bill, originally introduced last December, is designed to help and incentivize state officials to make cybersecurity upgrades to their election infrastructure following Russian interference in the 2016 presidential election. The senators rolled out a revised version of the proposal in March, after some state officials, who are responsible for administering federal elections, expressed concerns with the effort. At least four secretaries of state are attending Monday evening's meeting with Lankford and Klobuchar, according to a spokeswoman for the National Association of Secretaries of State (NASS). These officials include NASS president and Indiana Secretary of State Connie Lawson (R), Louisiana Secretary of State Tom Schedler (R), Minnesota Secretary of State Steve Simon (D), and Missouri Secretary of State Jay Ashcroft (R). Politico first reported the meeting. "During the meeting a variety of bill specifics will be discussed including information sharing protocols, formalizing communication channels and potential funding mechanisms in the future," the NASS spokeswoman said. The bill would set up a grant program for states to make election cybersecurity upgrades, including replacing paperless voting machines with those that produce a paper backup. It also aims to strengthen information sharing between federal and state officials on cyber threats to elections. Several states have complained that the Department of Homeland Security (DHS) was slow to share information on the 2016 threat before the election. The latest version of the bill, which contains minor modifications that appear designed to address states' concerns, has picked up support from Senate Intelligence Committee Chairman Richard Burr (R-N.C.) and ranking member Mark Warner (D-Va.). NASS has not taken an official position on the bill. To read more from our piece, click here.   A DEPARTURE IN FOCUS:  SPEAKING OF ROB JOYCE... A top White House cybersecurity official is leaving the National Security Council and returning to the National Security Agency, the latest in a string of departures from the White House national security team. President Trump's cybersecurity coordinator Rob Joyce was detailed from the NSA and is returning to the agency rather than continuing in his post at the White House, according to a source familiar with the situation. White House press secretary Sarah Sanders later confirmed the development, adding that Joyce has agreed to remain on "as needed to provide continuity and facilitate the transition with his replacement." "Rob Joyce, a career federal employee detailed to the National Security Council, has conveyed his intent to return to his home agency, the National Security Agency," Sanders said in a statement. "We are all grateful for Rob's continued service to the nation." Reuters was first to report Monday that Joyce would leave the White House. Why now? New national security adviser John Bolton is seeking to reshape his team. Joyce's boss, Tom Bossert, resigned last week as White House homeland security adviser amid the reshuffle. Joyce was tapped to fill Bossert's position in an acting capacity.  It was Bossert who, 13 months ago, announced that Joyce would join the NSC as cybersecurity coordinator. Joyce previously led an elite NSA hacking group called the Tailored Access Operations (TAO) unit. Takeaway: Joyce's departure will leave a void in one of the top cybersecurity roles in the administration. To read more from our piece, click here.   A LIGHTER (TWITTER) CLICK: They aren't Fancy Bears. They're falling bears. (Tweet)   WHO'S (STILL) IN THE SPOTLIGHT:  MARK ZUCKERBERG: The European Union's digital chief is set to meet with Facebook CEO Mark Zuckerberg on Tuesday amid the fallout of the Cambridge Analytica scandal. Andrus Ansip, European Commission vice president in charge of digital issues, will also meet with Google CEO Sundar Pichai and top officials from Netflix and Twitter in San Francisco according to Ansip's public calendar. The conversations come as Facebook, and Silicon Valley as a whole, deal with backlash over data collection and privacy practices across the industry. Last week, Zuckerberg testified before lawmakers on Capitol Hill to address questions about how a British research firm used by the Trump campaign, Cambridge Analytica, improperly harvested data from as many as 87 million of the platform's users. Key takeaway: The scrutiny on Facebook is a trans-Atlantic affair. Zuckerberg has also been asked to speak before British politicians but has not yet committed to making a trip to the U.K. to give public testimony on the matter. Facebook Chief Operating Officer Sheryl Sandberg has previously met with European Commission officials. To read more from our piece, click here. And in case you missed it, here are our five takeaways from Zuckerberg's blockbuster Capitol Hill testimony last week.     IN CASE YOU MISSED IT: Commerce bars U.S. companies from selling to ZTE. (The Hill) Comey: 'Possible' Trump compromised by Russia. (The Hill) White House lashes out at Comey after explosive interview. (The Hill) GOP rep: Comey memos may bolster Trump defense against collusion charges. (The Hill) Incoming Pence adviser withdraws nomination following reports Trump opposed candidacy. (The Hill) Russia starts blocking Telegram. (Bloomberg) U.S. government-funded website 'Polygraph' fights disinformation. (NBC News) Germany says Russia likely behind cyberattack on Foreign Ministry. (Reuters) The FBI sought a search warrant for former CIA chief's email account. (The Daily Beast) If you'd like to receive our newsletter in your inbox, please sign up here.           Did a friend forward you this email? Sign up for Cybersecurity Newsletters     Forward Cybersecurity Newsletters       Privacy Policy  |  Manage Subscriptions  |  Unsubscribe  |  Email to a friend  |  Sign Up for Other Newsletters   The Hill 1625 K Street, NW 9th Floor, Washington DC 20006 ©2016 Capitol Hill Publishing Corp., a subsidiary of News Communications, Inc.