cyber-security

As election security risks grow, Congress must get off the sidelines
Some Republican senators argue new legislation is unnecessary. They’re wrong

The work to address threats posed to our voting infrastructure is far from over, Waller writes. (Bill Clark/CQ Roll Call file photo)

OPINION — Texas got some terrible news last month. Twenty-two municipalities in the Lone Star State were the targets of massive ransomware attacks — a kind of cyber kidnapping. According to the mayor of Keene, “Just about everything we do at city hall was impacted.” The Borger city government wasn’t able to process utility payments — putting residents at risk of losing access to running water or electricity.

If just a few attacks could debilitate almost two dozen cities in Texas, imagine the chaos if several hundred were carried out on our country’s voting infrastructure right before Election Day. To prevent this, Congress must pass legislation that deters future foreign interference in our electoral system.

At ground zero, Homeland chiefs say cyber is top future threat
Former DHS chiefs urge proritizing cybersecurity risks

Former Homeland Security secretaries testify before Senate Homeland and Governmental Affairs Committee at the 9/11 museum in New York on Monday. (Getty Images)

NEW YORK — Nearly 18 years after the Sept. 11 terrorist attacks, three former secretaries of Homeland Security gathered at ground zero on Monday and pressed the government to prioritize cybersecurity risks as one of the top threats to the United States.

Janet Napolitano, who led the Department of Homeland Security under former President Barack Obama, urged officials to apply greater creativity to cybersecurity in an effort to avoid the failure of “imagination” that the 9/11 Commission said might have prevented the 2001 airliner attacks.

California sees push on data privacy
Companies and others want exceptions to strict new state law

The California measure is seen as stricter than a similar European privacy law. Above, the state Capitol in Sacramento. (Education Images/Universal Images Group via Getty Images)

Companies across the country are waging one last battle in Sacramento to carve out a few exemptions before California’s tough data privacy law is approved by the state’s lawmakers, who will adjourn for the year by the end of this week.

Retailers, online advertisers, small businesses and groups representing employers are all seeking either exemptions or amendments to the California Consumer Privacy Act, or CCPA, which has set the stage for a national debate on how companies should safeguard users’ personal information online.

Google agrees to record fine for violating children’s privacy
Regulators say Google-owned YouTube violated the Children’s Online Privacy Protection Act by gathering data on users under the age of 13

Democratic Sen. Edward J. Markey, a frequent critic of Google and YouTube, called fines against the tech giants announced Wednesday “let Google off the hook with a drop-in-tbe bucket fine.” (Caroline Brehman/CQ Roll Call file photo)

Google agreed to pay a $170 million fine and overhaul privacy policies on YouTube after regulators said the company illegally gathered data on underage users and allowed advertisers to use the information to target children with advertisements, regulators announced Wednesday.

The settlement, reached with New York State Attorney General Letitia James and the Federal Trade Commission, is the largest ever resulting from a violation of the Children’s Online Privacy Protection Act, known as COPPA. New York will receive $34 million of the settlement, and the remainder will go to the federal government.

Progressive group spending $100,000 to pressure McConnell, vulnerable GOP senators on election security
Facebook ads, billboard in majority leader’s hometown and call-in campaign among tactics

Progressive activists are pressuring Senate Majority Leader Mitch McConnell, R-Ky., to pass $600 million in election security funding with a billboard in downtown Louisville, Ky., from Sept. 1 through Sept. 9. (Courtesy Stand Up America)

A national progressive group is spending over $100,000 on a campaign to pressure Senate Majority Leader Mitch McConnell and other Republican senators to pass a bill to provide $600 million in election security funding.

The group, Stand Up America, has rented a billboard alongside the Kennedy Bridge near McConnell’s office in downtown Louisville, Ky., from Sept. 1 through Sept. 9 that includes an image of McConnell’s face and the message, “Tell Mitch McConnell: Stop blocking election security funding.”

Pentagon assembles team of intellectual property experts
Questions linger about how to properly compensate defense industry for data

The Pentagon's intellectual property team can include personnel from the Office of the Secretary of Defense, the Joint Staff, military departments and combatant commands. (Bill Clark/CQ Roll Call file photo)

The Defense Department is on the verge of standing up a new cadre of intellectual property experts to help the Pentagon negotiate rights to valuable data and other IP from defense contractors, the department’s top weapons buyer said Monday.

“We need to go on the offense to protect our technology, versus merely acting defensively,” Ellen Lord, the undersecretary of Defense for acquisition and sustainment, said during a briefing with reporters.

Energy, Health departments at risk for cyberattacks, OMB says
EPA, FCC, FTC also ranked as being ‘at risk,’ with email threats most prevalent

EPA has “significant gaps in cybersecurity capabilities” according to an Office of Management and Budget report. (Caroline Brehman/CQ Roll Call)

Several large federal agencies continue to be at risk for cyberattacks even as the number of cyber incidents reported during fiscal 2018 fell compared with the previous year, the Office of Management and Budget said in a report sent to Congress on Friday.

The number of cyber incidents reported by federal agencies fell 12 percent to 31,107 during fiscal 2018 but “drawing conclusions based on this data point, particularly as agencies have adjusted to several new sets of reporting guidelines over the last few years, would be concerning,” the report said.

US military bases lack digital security oversight, audit finds
GAO report says most service branches not monitoring digital access to facilities

The Government Accountability Office found that the Army, Navy and Marine Corps do not monitor digital access systems for their facilities. (Douglas Graham/CQ Roll Call file photo)

Most military service branches are not monitoring whether or how more than 100 of their installations are using digital security systems to control access to facilities, according to an audit made public Thursday.

The Government Accountability Office’s finding comes nearly 18 years after the Sept. 11 attacks, almost a decade after an armed assailant killed or wounded 45 people at Fort Hood in Texas and nearly six years after a gunman killed or wounded 16 people at the Washington Navy Yard.

Disinformation moves from fringe sites to Facebook, YouTube
Report: Extremists promoting conspiracies are using same tactics as foreign actors

People gather Wednesday at a makeshift memorial honoring victims outside the scene of the mass shooting in El Paso. Police believe the shooter posted an anti-immigrant manifesto on the fringe site 8chan before he went on his rampage. (Mario Tama/Getty Images)

Lawmakers and regulators focusing their attention on Facebook, Twitter and YouTube for the platforms’ role in propagating disinformation may be missing a big chunk of other online sites and portals that drive conspiracies and outright falsehoods, according to a nonprofit group that is studying how disinformation works.

Sites and discussion portals such as 4chan, 8chan, Reddit and Gab, as well as smaller social media sites such as Pinterest and even payment sites such as PayPal and GoFundMe, and online retailers such as Amazon and others are all part of a large online ecosystem that helps domestic and foreign agents shape disinformation and launch adversarial campaigns, the Global Disinformation Index said in a report released last week.

‘The Great Hack,’ Cambridge Analytica and our blurred reality
Political Theater, Episode 84

Christopher Wylie, a former employee of Cambridge Analytica, is one of the fascinating characters telling the story of the Cambrige Analytica scandal in the documentary “The Great Hack.” (Tom Williams/CQ Roll Call file photo)

How do you make a story about data privacy interesting? That was the challenge of the documentary “The Great Hack.”

Filmmakers Karim Amer and Jehane Noujaim set out to chronicle the Cambridge Analytica scandal, in which millions of Facebook users had their personal data compromised to influence the 2016 election.