Archive for the ‘NSA’ Category

Hill Intel Committees Order DNI, NSA/CyberCom Review – Breaking Defense

Ever since the day of its creation, critics have slammed the Office of Director of National Intelligence as an expensive and unnecessary bureaucracy, a threat to the longtime primacy of the Director of Central Intelligence and a toothless tiger.

Much of that changed during the joint tenures of DNI Mike McConnell and SecDef Bob Gates (former DCI) when they agreed to give the DNI budgetary teeth in a March 21, 2008 memo. It gave the DNI acquisition authority over any program that received 51 percent of its funding from the intelligence communitys National Intelligence Program pool. Up til then, the Pentagon controlled an intelligence programif even one dollar of its money funded it.

But some Republicans have continued to press for a diminution or dissolution of the DNI. The 2017 Omnibus Spending Bill includes what would have been the 2017 Intelligence Authorization Act, which orders the new DNI review. It directs President Trump to create a five-person panel of expertswith significant intelligence and national security expertise to review ODNIs roles, missions and functions

Heres what the bill says the panel will do:

The panel should present its unclassified report within 180 days of the bills passage.

The intel committees come close to calling for the separation of the jobs of NSA Director and the head of Cyber Command.

They want a briefing from Defense Secretary Jim Mattis just three months after passage of the Omnibus Billconsidering theimpact of the dual-hatting relationship, including advantages and disadvantages.

It wants to know timelines for ensuring that no damage is done to national security should the arrangement change, any legal changes that might be neededand saya larger organizational review of NSA should be conducted with respect to the eventual termination of the dual-hatting relationship.

To that end, they also want a report from the DNI on options to better align the structure, budgetary procedures, and oversight of NSA with its national intelligence mission in the event of a termination of the dual-hatting relationship.

See the rest here:
Hill Intel Committees Order DNI, NSA/CyberCom Review - Breaking Defense

Overnight Cyber: FBI, NSA chiefs brief House Intel behind closed doors | DHS warns Congress on phone security – The Hill

Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We're here to connect the dots as leaders in government, policy and industry try to counter the rise in cyber threats. What lies ahead for Congress, the administration and the latest company under siege? Whether you're a consumer, a techie or a D.C. lifer, we're here to give you ...

THE BIG STORY:

--COMEY, ROGERS IN THE NEIGHBORHOOD: House Intelligence Committee members emerged tight-lipped from a closed-door briefing with FBI Director James Comey and National Security Agency head Adm. Michael Rogers on Thursday. Rep. Mike Conaway (R-Texas), who is leading the committee's investigation into Russian interference in the election, appeared briefly alongside the committee's ranking member, Rep. Adam SchiffAdam SchiffSchiff: Yates testimony could come within 'weeks' Overnight Cyber: FBI, NSA chiefs brief House Intel behind closed doors | DHS warns Congress on phone security Comey, NSA chief brief House panel amid Russia probe MORE (D-Calif.), at the close to characterize the meeting as valuable -- but said little else. Conaway took over the probe early last month following the recusal of committee Chairman Devin Nunes (R-Calif.), whose relationship with Schiff had deteriorated to the level of dueling press conferences over how Nunes was handling the investigation. In a joint statement issued after the hearing Thursday, Conaway and Schiff indicated that an open hearing with several high-ranking Obama officials including former acting Attorney General Sally Yates is still in the cards. "We are currently sending out invitations for witnesses to testify and requests for pertinent documents, and look forward to the next steps of this investigation, including witness interviews and an open hearing with Sally Yates, [former Director of National Intelligence] James Clapper, and [former CIA Director] John Brennan," the statement read.

To read the rest of our piece,click here.

Yates will testify before the Senate Judiciary Committee on Monday.

--...NOT TESTIFYING? SUSAN RICE: Susan Rice, however, will not testify before the Senate Judiciary panel. Sen. Lindsey GrahamLindsey GrahamOvernight Cyber: FBI, NSA chiefs brief House Intel behind closed doors | DHS warns Congress on phone security Overnight Healthcare: House passes ObamaCare repeal | Meet the 20 Republicans who voted no | Dems vow to avenge vote on Election Day | Senators plan their own bill White House considering Cindy McCain for State Dept. job: report MORE (R-S.C.) on Wednesday jabbed Rice, Obama's former national security adviser, for declining to testify before a Judiciary subcommittee. "At an appropriate time, I expect we will continue down this path," Graham, who chairs the subcommittee on crime and terrorism, said in a statement. "I hope Ms. Rice will come before the committee and not just the press." President Trump accused Rice last month of improperly unmasking the identities of members of his transition team who were caught up in surveillance by the intelligence community. Earlier Wednesday, she declined an invitation from Graham to testify before the subcommittee. In a letter to Graham and the subcommittee's ranking member, Sen. Sheldon WhitehouseSheldon WhitehouseOvernight Cyber: FBI, NSA chiefs brief House Intel behind closed doors | DHS warns Congress on phone security Dems tear into 'shameful' ObamaCare repeal vote GOP senators hit Rice for refusal to testify before Senate panel MORE (D-R.I.), Rice's lawyer, Kathryn Ruemmler, dismissed Graham's invitation as a "diversionary play" to distract from a broader congressional investigation into Russian election meddling and alleged ties between the Trump campaign and Moscow. Ruemmler also argued that Whitehouse had not agreed to invite Rice to the hearing and that Graham acted on his own. "Declining to attend because you didn't get an invite from a member of your party is a poor excuse and makes it appear as though she's hiding something," full committee Chairman Chuck GrassleyChuck GrassleyOvernight Cyber: FBI, NSA chiefs brief House Intel behind closed doors | DHS warns Congress on phone security No. 2 Senate Republican: 'No timeline' on ObamaCare replacement bill Five takeaways from Comey's testimony MORE (R-Iowa) said in a statement. "No investigation will be complete until her role is understood. Likewise, the committee's top Democrat, Sen. Dianne FeinsteinDianne FeinsteinOvernight Cyber: FBI, NSA chiefs brief House Intel behind closed doors | DHS warns Congress on phone security Five takeaways from Comey's testimony GOP senators hit Rice for refusal to testify before Senate panel MORE (Calif.), seemed unmoved by Rice's argument and urged her to reconsider her decision not to testify. "She has gone public. I saw her on Fareed's show Sunday. I saw her today," Feinstein said on MSNBC's "MTP Daily" shortly after the letter was made public. "I've never heard that it has to be a bipartisan letter -- this is sort of a new criteria."

To read the rest of our piececlick here.

--...IS GRAHAM LAUNCHING A DIVERSIONARY PLAY? Though a Republican, Graham has been a hawk against Russia through the investigation process, including criticizing fellow senators for not codifying new sanctions against Moscow last week.

--...THAT'S ONE OF THE LEAST POPULAR DISEASES: Sen. John Kennedy (R-La.) said early Thursday, well before the closed door testimony, that James Comey is "about as popular as cholera" with lawmakers in an interview one day after the FBI director testified before the Senate Judiciary Committee. "It's no secret Comey doesn't get invited to many parties on Capitol Hill," Kennedy, a member of the committee, told CNN's "New Day." "He's about as popular as cholera. But I respect that about him."

To read the rest of our piece,click here.

A REGULATORY UPDATE:

Federal Communications Commission (FCC) Chairman Ajit Pai says advocates of net neutrality are misrepresenting his plan to roll back the controversial Obama-era internet rules.

"For example, saying that you will lose your internet access. That's simply absurd," Pai told Recode's Decode podcast on Wednesday.

"Anyone who had internet access before these rules in 2015 knows that that's not the case. We weren't living in a dystopia before the FCC delivered these Depression-era rules to save us," he added.

In the interview, Pai defended his plan to end net neutrality, arguing it would help foster competition in the telecommunications industry by making it easier for smaller broadband providers to grow and gain market share.

The net neutrality rules make internet service providers treat all web traffic equally. The rules also classified broadband companies as "common carriers," subjecting them to tougher regulation by the FCC similar to public utilities.

His plan would scrap that "Title II" provision reclassifying the companies and hand over authority to the Federal Trade Commission (FTC). While Title II is best known in recent years for net neutrality, making ISPs common carriers was also at the core of privacy rules passed by the FCC that ultimately never went into effect and were rescinded by Republican lawmakers.

Companies would be asked to voluntarily enact net neutrality principles through terms of service with customers, under Pai's plan.

Pai said the Justice Department and FTC would be strong regulators.

To read the rest of our piece,click here.

A LIGHTER CLICK:

AMERICAN INGENUITY: Seattlephotocopies a cell phoneto answer a Freedom of Information Act request.

A REPORT IN FOCUS:

A WARNING FOR CONGRESS: The Department of Homeland Security has sent Congress a study warning of security threats to mobile devices used by the federal government.

The study on mobile device security, mandated by a 2015 law, offered a series of recommendations for the U.S. government to safeguard smartphones and tablet computers against threats from nation-states, criminal hackers, and others, DHS said on Thursday.

The study was produced by DHS's Science and Technology Directorate in coordination with the National Institute of Standards and Technology (NIST), a government body that produces optional standards on information technology and cybersecurity.

"The [study] has found that threats to the mobile device ecosystem are growing, but also that the security of mobile computing is improving," Dr. Robert Griffin, acting undersecretary for Science and Technology, said.

To read the rest of the piece, click here.

WHAT'S IN THE SPOTLIGHT:

ELECTION DATABASE HACKING: The hackers that breached the Illinois election database do not appear to have been looking for anything in particular, IT professionals told the state Senate subcommittee on cybersecurity during a hearing Thursday.

In August, federal intelligence agencies believe one of the same Russian hacking operations that struck the Democratic National Convention last summer breached an online voter database in Illinois. A similar attack struck Arizona as well, the only other state breach attributed to Russia in the 2016 election season.

While prior reports had pegged the number of breached files at 200,000, the IT officials that testified Thursday said that figure was incorrect. The actual number was 70,000.

At the hearing, state elections employees described the attack in detail, including reasons that they did not believe the attackers had data they were specifically targeting.

The hackers amassed records by searching local voter identification numbers, systematically searching nine-digit codes starting from "000000001" and incrementally adding one.

The identification codes in the database were issued locally and are not in a standardized statewide format. That limited the number of records that could successfully be returned. Though some cities use nine character codes, others use more or fewer. Any user with a code in a different format would not be searchable using that method.

That method of searching is good for taking large datasets but only guarantees that the attacker would steal the files with the lowest number codes -- an administrator could easily discover the attack and shut it down before it reached higher number codes.

"They were just on a fishing expedition to get whatever they could," said Kevin Turner, director of information technology at the Illinois State Board of Elections.

To read the rest of our piece,click here.

IN CASE YOU MISSED IT:

Links from our blog, The Hill, and around the Web.

Japansigned a treaty for threat information sharing with the U.S. (The Hill)

Qualcomm is seeking toblock iPhonesfrom being imported into the U.S. (The Hill)

Rural ISPsare celebrating the FCC's net neutrality rollback, but not on net neutrality grounds. (The Hill)

REQUIRED READING: Afake cybersecurity statistichas gotten so popular it's been written into legislation. (Nextgov)

Researchers discovered a largebotnet mining cryptocurrencyon servers. (GuardiCore)

Researchersalso discoveredrarely used malware targeting North Korea-related organizations. (Security Week)

Newly discovered ransomware charges you more or less depending onhow rich your nationis. (ZDNet)

Government portals for India's new functionally mandatorybiometric ID systemmay have leaked more than 100 million users data. (Naked Security)

There may not be a great way tokeep murder videos off social media.(Motherboard)

Did U.S. sanctions haveany effecton Russia's election hacking efforts? (Wired)

Republican Sens. Ted CruzTed CruzOvernight Cyber: FBI, NSA chiefs brief House Intel behind closed doors | DHS warns Congress on phone security In Senate, pessimism over ObamaCare repeal THE MEMO: Comey commands the stage MORE (Texas), Ron JohnsonRon JohnsonOvernight Cyber: FBI, NSA chiefs brief House Intel behind closed doors | DHS warns Congress on phone security Overnight Tech: Republicans offer bill to kill net neutrality | Surveillance, visa reforms top GOP chair's tech agenda | Panel pushes small biz cyber bill Senate Republicans introduce anti-net neutrality legislation MORE (Wisc.) and Mike LeeMike LeeOvernight Cyber: FBI, NSA chiefs brief House Intel behind closed doors | DHS warns Congress on phone security In Senate, pessimism over ObamaCare repeal Overnight Tech: Republicans offer bill to kill net neutrality | Surveillance, visa reforms top GOP chair's tech agenda | Panel pushes small biz cyber bill MORE (Utah) arguethe case against net neutrality.(Washington Post)

If you'd like to receive our newsletter in your inbox,please sign up here.

Follow this link:
Overnight Cyber: FBI, NSA chiefs brief House Intel behind closed doors | DHS warns Congress on phone security - The Hill

Reined-In N.S.A. Still Collected 151 Million Phone Records in ’16 … – New York Times


New York Times

View original post here:
Reined-In N.S.A. Still Collected 151 Million Phone Records in '16 ... - New York Times

NSA Plans To Cut Back On The Number Of Private Citizen Emails It Reads – CBS Baltimore / WJZ

May 2, 2017 4:43 PM By Alex DeMetrick

BALTIMORE (WJZ) The National Security Agency is promising to cut back on the number of private emails its been reading and collecting.

Alex DeMetrick reports, its ending a controversial surveillance technique thats focused on U.S. citizens.

For nearly 10 years, the NSA has been prying into the private emails of citizens. Congress OKd it when it amended how foreign intelligence can be collected.

It authorized NSA to look into strictly personal e-mails between U.S. citizens, says Dr. Michael Greenberger, of the University of Maryland Center for Health and Homeland Security. They got the right simply because a foreign operative of foreign operation was mentioned.

That practice came to light when former NSA contractor Edward Snowden publicly revealed it.

So just whose email got read?

Anyone who used a targeted phrase or word, according to Greenberger.

Like ISIS, which many people might mention in passing, he says.

The NSA says it has now stopped the practice, focusing instead only on communications that are sent directly to or from a foreign target.

This now means the NSA will not be reading those emails, and if they collect those emails, theyll destroy them, Greenberger says.

Violating Americans privacy has proven so controversial, the NSA may have ended the email practice in order to win congressional re-authoritization of its other surveillance techniques.

The authority for the NSA to conduct surveillance operations expires at the end of the year, unless congress re-authorizes it.

Follow @CBSBaltimore on Twitter and like WJZ-TV | CBS Baltimore on Facebook

Alex DeMetrick has been a general assignment reporter with WJZ Eyewitness News since September 1984. Alex began his journalism career in California. Alex has received many awards from United Press International and The Associated Press. He...

Track Weather On The Go With Our App!

Your Podcast Network Play.it

CBS All Access

About Us

Ad Choices

EEO Reports

CBS Television Public File

CBS Radio Public File

Excerpt from:
NSA Plans To Cut Back On The Number Of Private Citizen Emails It Reads - CBS Baltimore / WJZ

What Don’t You Want the NSA to Know About You? | Electronic … – EFF

For years, U.S. government surveillance of innocent Americans has been a topic of heated debate, especially for those in the tech community.

With Congress gearing up for a fight over the 2017 reauthorization of a surveillance authority that lets the NSA spy on innocent Americans without a warrantSection 702, enacted as part of the FISA Amendments Actthat debate is sure to rage on in the coming months.

So we sent a reporter to the RSA Conference in San Francisco, California in February to ask one simple question: What dont you want the NSA to know about you?

The answers spanned the spectrum, from emails, to phone calls, to web browsing records, to financial information, to information about individuals children, to nothing.

Some got philosophical. Everyone says, I have nothing to hide, and thats not the point, one attendee told us. The point is that I want to control what people know about me.

Others turned the question on its head, asking instead why the NSA is conducting surveillance on Americans. I dont think their charter is to spy on Americans, so why are they? one asked.

And some got blunt. One attendee said he already assumes the NSA knows a lot about him already. It scares me and offends me, he said.

If the warrantless spying on Americans scares and offends you, contact your representatives in Congress and tell them to pull the plug on Section 702 surveillance. And watch the video to see other RSA Conference attendees responses.

See the article here:
What Don't You Want the NSA to Know About You? | Electronic ... - EFF