Joe Uchill

The omnibus funding bill includes the Clarifying Lawful Overseas Use of Data [CLOUD] Act, which provides a legal framework for law enforcement to request data from overseas servers. The CLOUD Act provides a framework for reciprocal treaties for nations to request data from computers located within each other's borders. It also provides a mechanism for a Microsoft to take a law enforcement demand to court if it would force them to violate another country's rules. But when neither apply, law enforcement will be able to demand files in accordance with US law.

President Donald Trump has signed an executive order on cybersecurity, an order long awaited by the cybersecurity community. Drafts of the executive order have leaked since the first days of the Trump administration. The cybersecurity executive order contains suggestions that are, by and large, considered good ideas by experts, including holding agency heads accountable for cybersecurity.

A common criticism in the Senate is that the US lacks of a guiding strategy for cyber defense, beyond making ad hoc decisions. It's a complaint that dogged the Obama administration and was beginning to catch up to the Trump administration as well. The executive order begins the process of developing one, and within 90 days a bevy of agencies will produce options for development. Agencies will now follow the National Institute for Standards and Technology framework. The guidelines were developed to be adaptable to any organization and are currently popular in the private sector.

Reps Erik Paulsen (R-MN) and Suzan DelBene (D-WA) launched the Digital Trade Caucus, which aims to protect cross-border digital trade from government protectionism. “Trade has gone digital and protectionist policies don’t work in an internet-age,” said Rep DelBene. “We need continued American leadership in the digital economy and for that to happen our laws need to be up to date with the way the world works."

Rep Ted Lieu (D-CA) and Sen Ron Wyden (D-OR) are calling on the Federal Communications Commission to take "swift action" on a known cellphone security flaw. “It is clear that industry self-regulation isn’t working when it comes to telecommunications cybersecurity,” Sen Wyden and Rep Lieu wrote in a letter they cosigned, on March 28.

At issue is Signaling System 7 (SS7), which allows cellphone networks to communicate with one another - among other purposes, letting cellphones roam from one network to another. In 2014, German security researcher Karsten Nohl determined that there was a bug in SS7 that could allow an attacker to record phone calls, place calls from other accounts, and create other mischief. The relatively obscure phone protocol, though, now has the attention of Congressional lawmakers.

The reported use of encrypted messaging apps by government workers is raising questions about whether the services evade scrutiny from their superiors and the public — or are even legal. Trump administration staffers are reportedly communicating via an encrypted messaging app called Confide, the main feature of which is self-destructing messages. Top GOP operatives and aides in the administration have been using the app to communicate out of fear that they might be hacked and have their correspondence made public.

Amid the fallout of national security adviser Michael Flynn’s resignation, White House staffers are using Confide out of fear that President Trump is planning to crack down on leaks to the media. Government accountability watchdog groups are raising concerns about the use of Confide in the White House, saying it violates the Presidential Records Act. The 39-year-old law requires the president, vice president and their immediate staff members to preserve all correspondence so that official records can be archived. “The reason we have to have an archived record is so there's accountability for the actions and decisions that get made and historically we can review the activities of an administration,” said Sean Moulton, who oversees the open government program at the Project on Government Oversight.

President Donald Trump is preparing an executive order calling for a large-scale review of national cybersecurity. “Free and secure use of cyberspace is essential to advancing US national interests. The Internet is a vital national resource. Cyberspace must be an environment that fosters efficiency, innovation communication, and economic prosperity without disruption, fraud, theft or invasion of privacy," the order reportedly reads. The White House could not confirm whether the report was authentic or whether it resembled draft or finalized executive orders currently pending. The Washington Post published a document it said was a draft of the order.

According to the document, President Trump will task a team headed by the secretary of Defense — and including the heads of the Department of Homeland Security and the Office of the Director of National Intelligence — with generating reports on the security of defense systems and critical infrastructure. They would have 60 days to complete it. The same group would assemble a report on the "principle cyber adversaries" on the same timeline, with National Intelligence taking the lead. The reported order also includes a review of operational capabilities and workforce readiness in the face of an anticipated cybersecurity skills shortage, as well as look at private sector incentive programs to encourage better security practices.

The hacker or hackers who stole National Security Agency-built cyber tools have dumped new files in what appears to be yet another change of plans in monetizing the heist. The new files provide some insight into the targets of the NSA affiliated hacking team called The Equation Group. Those targets include government servers in China and universities in Pakistan and Saudi Arabia. This is the second dump of files that came from the group The ShadowBrokers, who in August released sample files containing previously unknown hacking techniques used to circumvent popular security hardware.

The August files also contained a tracking code used by the NSA that matched previously unreleased Edward Snowden documents, appearing to confirm the breach’s provenance. In August, the group offered the complete cache of documents for auction. Not seeing the bidding totals they wanted, the group changed to a crowdfunding approach, saying it would release all files publicly if enough people donated money to a bitcoin address. The latest leaks contain yet another change in business model: a direct appeal to the United States to purchase the remaining files from the group. “How bad do you want it to get? When you are ready to make the bleeding stop, payus, so we can move onto the next game. The game where you try to catch us cashing out! Swag us out!” wrote the Brokers in their latest release. The newly released files are divided by NSA target in folders titled with domain names and internet addresses. If authentic, they would reveal hundreds of historic targets across the world — the files appear to be nearly a decade old — in nations ranging from Russia to Japan to Germany and Hungary.

Intelligence officials told Donald Trump they had “high confidence” that Russia was behind the hacks of several Democratic organizations, including the Democratic National Committee (DNC), before the Republican presidential nominee said during the first presidential debate of 2016 that no one knew Moscow was involved.

After Democratic nominee Hillary Clinton said during the debate that Russia perpetrated the attacks, Trump said he was not certain. “She’s saying, 'Russia, Russia, Russia,' but I don’t know. Maybe it was. It could be Russia, but it could also be China. It could also be lots of other people. It could also be someone sitting on their bed that weighs 400 pounds,” Trump said. It is widely believed in the intelligence community that Russia was behind the attacks. More than a year ago, officials briefed members of Congress that Russia was trying to attack Democratic groups. Later, officials warned the groups they were likely to be under attack, although they omitted crucial details to preserve active intelligence-gathering operations.

Until Sept 13 when the bills merged, Reps Will Hurd (R-TX) and Steny Hoyer (D-MD) had rival plans to modernize the government’s outdated communications systems. Two days later, the new Modernizing Government Technology Act has already left committee. “We did something today that was a big deal,” Rep Hurd said. The bill combines Rep Hoyer’s idea, a centralized loan program repaid through the cost savings agencies would achieve by using newer, more efficient technology, with a direct funding approach advocated by Rep Hurd. Agencies will reinvest the savings realized by using the direct funds to purchase more new technology. Federal Chief Information Officer Tony Scott has advocated both ideas, saying modernizing infrastructure is not only cheaper in the long run, but also more secure from hackers.

“Not once did [my constituents] see a campaign ad about IT procurement. IT procurement is not a sexy topic. No one has ever thrown a rally for IT procurement,” Rep Hurd said. “But when the Federal government is spending $80 billion on IT procurement and 80 percent of that is on old and outdated systems, people are automatically outraged." Rep Hurd said the bill would be on the floor the week of Sept 19 and pass under suspension of the rules. “Despite being 60 days from an election, we had a significant piece of bipartisan legislation that will change how the government does business and create incentives for our CIOs within the federal government to save money and to modernize,” he said. "It’s a big deal. It’s a really big deal.”

The Illinois State Board of Elections online voter registration has been hacked. Earlier, McLean County Clerk Kathy Michael posted a letter to Facebook she claimed was sent to election authorities from Kyle Thomas, the director of voting and registration systems for the board of elections While the letter says the attackers retrieved voter records, it makes clear attackers were limited in what they accessed. “We have found no evidence that they added, changed, or deleted any information in the database. Their efforts to obtain voter signature images and voter history were unsuccessful,” the letter said. The letter also explains the attacks — or the clean up — had caused outages in online voting for the past week.

The investigation into the breach is ongoing. “We’re in the process of analyzing the tracks left by the attack,” Ken Menzel, general counsel, told the The Southern Illinoisan. The attackers took advantage of a programming flaw in the website’s database. The attack, known as a “SQL injection,” occurs in databases using the SQL programming language. Unless a programmer specifically prevents it, SQL databases can be tricked into running commands entered by any website visitor. It is a very common attack. “We are in the process of determining the exact number of voter records and specific names of all individuals affected,” the letter says.