| The Cyber and Tech Overnights are joining forces to give you Hillicon Valley, The Hill's new comprehensive newsletter detailing all you need to know about the tech and cyber news from Capitol Hill to Silicon Valley. Welcome! Follow the cyber team, Morgan Chalfant (@mchalfant16) and Olivia Beavers (@olivia_beavers), and the tech team, Ali Breland (@alibreland) and Harper Neidig (@hneidig), on Twitter. Send us your scoops, tips and compliments. SENATORS DEMAND BOLTON RETHINK ELIMINATING TOP CYBER POST: The Trump administration's decision to eliminate a top cybersecurity position at the White House is drawing more criticism from senators. A group of 19 senators, all of them Democrats, wrote to national security adviser John Bolton this week urging him to reconsider the move, calling it a "step in the wrong direction" and worrying that it would "lead to a lack of unified focus against cyber threats." The role of White House cybersecurity coordinator was established under the Obama administration to coordinate cybersecurity policymaking efforts across the federal government. In mid-May, National Security Council officials disclosed that they would eliminate the position in order to streamline operations across the two senior directors who work on cybersecurity. The decision immediately drew criticism in Washington, particularly from Democrats who argued that it would represent a step backward and undermine U.S. efforts to secure cyberspace. "Cyberattacks to our nation have increased in frequency and sophistication," the senators, led by Amy Klobuchar (D-Minn.), wrote in the letter to Bolton this week. "Our country's cybersecurity should be a top priority; therefore, it is critically important that the U.S. government present a unified front in defending against cyberattacks. "Eliminating the Cybersecurity Coordinator role keeps us from presenting that unified front and does nothing to deter our enemies from attacking us again. Instead, it would represent a step in the wrong direction," they wrote. "We urge you to send a strong signal to the rest of the world that cybersecurity is a top priority by reconsidering the elimination of the Cybersecurity Coordinator." The letter comes after a bipartisan letter from Sens. Susan Collins (R-Maine) and Martin Heinrich (D-N.M.) to President Trump expressing similar concerns. To read more, click here. JUDGE DISMISSES KASPERSKY'S LAWSUITS CHALLENGING GOVERNMENT BAN: A federal judge on Wednesday dismissed Kaspersky Lab's two lawsuits alleging that the federal government and Congress acted unlawfully to ban products developed by the Russian-based cybersecurity firm over security concerns. Judge Colleen Kollar-Kotelly dismissed the firm's lawsuit that sought to challenge the directive issued by Department of Homeland Security (DHS) last year, which removed and banned Kaspersky software over concerns about the firm's ties to the Russian government. Kaspersky, which has repeatedly maintained that it operates independently of the Kremlin, argued that it did not receive proper notice about DHS's binding operational directive (BOD) or have a chance to contest the underlying evidence used to reach the ban decision. They said this has caused "significant damage to Kaspersky Lab's reputation and the loss of sales," according to court documents filed in January. Kollar-Kotelly, however, disagreed with this argument, noting that none of their "alleged harms would be redressed" even if they received a favorable ruling in the case because Congress has already instituted its own government-wide ban on use of Kaspersky products, which President Trump signed in December. Congress passed the 2018 National Defense Authorization Act (NDAA) following the directive, after lawmakers because increasingly concerned that U.S. computer systems were using Kaspersky software. Strike two: Kaspersky's second lawsuit was directed against the NDAA, arguing that the legislation is unconstitutional because it violated the Constitution's bill of attainder clause, which forbids Congress "from enacting laws which impose individualized deprivations of life, liberty, and property and inflict punishment on individuals and corporations without a judicial trial." Kotelly, however, sided with the Department of Justice that challenged the lawsuit in a motion in March, arguing the case should be dismissed because the action taken by Congress was a legal move to protect U.S. national security. "It eliminates a perceived risk to the Nation's cybersecurity and, in so doing, has the secondary effect of foreclosing one small source of revenue for a large multinational corporation." To read more about the ruling, click here. FINALLY, WE HAVE A BOTNET REPORT: The Department of Commerce and Department of Homeland Security (DHS) on Wednesday released a joint report detailing how the federal government can combat botnets, or networks of infected internet-connected devices that can be leveraged by malicious hackers. The latest report largely resembles the draft report issued by the two federal agencies in January, which gave experts from the cybersecurity industry as well as other stakeholders the opportunity to weigh in on their findings before releasing the final report. What's in the report: The report listed principal themes for reducing distributed threats, including (1) working closely with international partners; (2) utilizing tools that are readily available but not being used effectively; (3) ensuring devices are secured through all stages of their "lifecycle;" (4) boosting education and awareness about botnets; and (5) changing market incentives to encourage security over speedy production output. Countering botnets, the report says, is both an industry-wide challenge and a global issue that will require stakeholders to work together to block such attacks. Commerce and DHS then provided "mutually supportive goals" to help decrease the risk of botnet attacks. These include (1) creating "an adaptable, sustainable, and secure technology marketplace;" (2) encouraging innovation that will morph how the government combats these attacks as the threats evolve; (3) building up coalitions across the "security, infrastructure, and operational technology communities" in the U.S. and abroad, and (4) boosting awareness and education about the threats. The report was initially expected to be made public on May 11, on the one-year anniversary of President Trump's cybersecurity executive order. To read more, click here. COMMERCE SECRETARY SAYS DATA RULES COULD HURT TRADE: Commerce Secretary Wilbur Ross wrote in an op-ed for The Financial Times today that the General Data Protection Regulation, new European Union data privacy rules, could hurt trade between the U.S. and Europe. "GDPR creates serious, unclear legal obligations for both private and public sector entities, including the US government," Ross wrote. "We do not have a clear understanding of what is required to comply. That could disrupt transatlantic co-operation on financial regulation, medical research, emergency management co-ordination, and important commerce." NTSB WON'T INVESTIGATE TESLA CRASH: The NTSB says that it won't investigate an incident where a Tesla crashed into a parked police car in California. The owner of the car says it was on autopilot during the incident. "There is no requirement for the NTSB to investigate all highway crashes, and, more specifically, there is no requirement for the NTSB to investigate all electric vehicle crashes, or, crashes where use of automation is reported," an agency spokesperson said. MCCARTHY TAKES A SWING AT TECH COMPANIES: On Tuesday night, House Majority Leader Kevin McCarthy (R-Calif.), a leading candidate to replace retiring Speaker Paul Ryan (R-Wis.), tweeted a video from a speech in which he lashes out at Amazon, Facebook and Twitter, accusing them of trying to censor conservatives. "Social media is being rigged to censor conservative voices. We will not be silenced," the No. 2 House Republican wrote in the tweet. TODAY IN THE PRESIDENT'S TWEETS: President Trump on Wednesday said he regrets his decision to pick Jeff Sessions as attorney general, the latest sign of his growing anger over the Russia investigation. LATEST IN HACKING THE PENTAGON: Bug bounty platform HackerOne announced Wednesday that its fifth Department of Defense bug bounty program, which focused on the Defense Travel System, turned up over 100 security vulnerabilities in the internet-facing system. The program netted security researchers $80,000 in rewards for discovering the security flaws. A LIGHTER CLICK: Microsoft's latest version. AN OP-ED TO CHEW ON: Streamlining regulation will pave the way for a 5G future. (The Hill) NOTABLE LINKS FROM AROUND THE WEB: What Facebook's new political ad system misses. (ProPublica) Hacker for hire with ties to Russia's security agency sentenced to 5 years in prison. (Wall Street Journal) Trump asked AG Sessions to reverse his decision to recuse himself from the Russia probe. (The New York Times) British officials will brief England's World Cup team on cyber threats to phones before departing for Russia. (The Independent) U.S. expected to impose caps on some Chinese visas like limiting Chinese grad students studying in some tech-related fields like robotics, aviation to one-year visas. (Associated Press) There's a rift inside Google over the company's Pentagon work. (The New York Times) Companies should let Cyber Command do the hacking back, former official argues. (Council on Foreign Relations) | 
沒有留言:
張貼留言