| Welcome to The Cybersecurity 202! It'd be swell to have a decent local NBA team here in D.C., and unloading Bradley Beal's contract is a start. Now let's draft someone with some upside this week! Was this forwarded to you? Sign up here. Below: E.U. officials will consider whether journalists can be spied on, and U.S. intelligence reportedly identifies Huawei and ZTE workers at Chinese spy facilities in Cuba. First: | Justice Department debuts a cyber-only section, aimed at boosting disruption and prosecution |  Matthew G. Olsen, who leads the Justice Department's National Security Division, says the section would like at least two dozen prosecutors within two or three years. (Jacquelyn Martin/AP) | | | The federal government just got a new cyber player: a section of the Justice Department wholly devoted to disrupting and prosecuting cyberthreats to national security. The announcement Tuesday of the formation of the National Security Cyber Section indicates the department's intention to elevate the work of a team of prosecutors and staffers focused on the topic, Matthew Olsen, DOJ's assistant attorney general for national security, told me. "We had a small cadre of dedicated prosecutors, but we hadn't really taken the step of investing in that group organizationally by having a full-blown section — on par with, for example, the Counterterrorism Section — dedicated to nation-state cyber," he said. | - "And we weren't really protecting their time … to say these prosecutors and these professional staffers are going to just focus their energies on nation-state cyber activity," Olsen said. "So let's organizationally put our money where our mouth is — set up a section that's on par with our other components and dedicate their time and make sure we're matching the efforts of our partners" at the FBI, or the Cybersecurity and Infrastructure Security Agency, or the National Security Agency, he said.
| | Olsen announced the National Security Division-housed National Security Cyber Section — NatSec Cyber for short — at the Hoover Institution think tank on Tuesday, and shared some additional details with me in an interview. | | "This new section will allow NSD to increase the scale and speed of disruption campaigns as well as prosecutions of nation-state threat actors, state-sponsored cybercriminals, the money launderers who are often associated with them and other cyber-enabled threats to national security," Olsen said at the Hoover Institution in Washington. The person who is taking the job of acting head of the section is Sean Newell, who has been serving in the office of Deputy Attorney General Lisa Monaco. Monaco is one of the Justice Department officials who has been emphasizing disruptive operations against malicious hackers, such as botnet takedowns and recovery of ransom payments, that was also a point of emphasis in the Biden administration national cybersecurity strategy. NatSec Cyber has a handful of prosecutors now, but would like to get to 25 or 30 over the next two to three years, Olsen said. The department has gotten approval to set up the section from Congress within its current budget, but will be asking for $30 million in additional funding over three years. Cyber talent is in high demand, with more open jobs than people capable of filling them, but Olsen said he expects to have plenty of willing applicants. "There's no shortage of up-and-coming law students at top law schools that would like nothing more than to be in the National Security Division's NatSec Cyber Section," he said. There's always going to be a shortage on the technical side, "but here we're talking first and foremost, legal and prosecutorial expertise. And then you put that in the context of something that's an emerging threat … [and] a significant threat. I think we'll have the opportunity to recruit some top folks." Besides collaborating with other agencies, NatSec Cyber will collaborate within the Justice Department. That means, for example, working with colleagues in the Criminal Division's Computer Crimes and Intellectual Property Section. Together they'll work to decide when a case is a criminal case or a national security case — sometimes a fine distinction in situations like with a ransomware gang that has a split purpose of making money off victims while sometimes working on behalf of a foreign government, Olsen said. The section will also work with U.S. attorney's offices to provide expertise. But as a "fully litigating section," the section also will "bring these cases ourselves," Olsen said. Sometimes it will serve as an incubator, and "take care of these cases for a while" before handing them to a U.S. attorney's office. | | A prominent privacy concern that emerged at that hearing is the FBI warrantlessly accessing the Section 702 database of collected communications with searches using Americans' identifiers, such as their names or email addresses. "I will only support the reauthorization of Section 702 if there are significant, significant reforms," said Senate Judiciary Chairman Richard J. Durbin (D-Ill.). "And that means first and foremost, addressing the warrantless surveillance of Americans in violation of the Fourth Amendment." The Biden administration says that a warrant requirement would "put the country at significant risk," as Olsen reiterated to me. One of many arguments that the administration makes is that it would slow down attempts to respond to emergencies to go to court every time the database is accessed. So how do you split the difference between "warrant requirement" and "no warrant requirement?" "This is the most significant challenge in this reauthorization cycle," Olsen told me. "I do think that there are other paths forward to address the legitimate concerns that people have about how the FBI has implemented the program the past few years. We've taken a number of steps already to address that. I think there are additional steps we could take, and that we're happy to engage with Congress on what those are." Even after the administration declassified additional details about cases where they said Section 702 was essential, especially in cyber cases, there was some senatorial skepticism about the administration's pitch last week. But Olsen said he thought the examples were "compelling" to lawmakers. "I think the debate has shifted significantly from in the first few months, where even some of the less supportive members begin by saying there's no doubt that 702 has significant value," Olsen said. | | |  | The keys | | E.U. council to consider whether member nations can spy on journalists |  The original law was intended to prevent governments from detaining, sanctioning and surveilling journalists for information about their sources. (Andreea Alexandru/AP) | | | E.U. officials on Wednesday will vote to add a carve-out in a social media law that would allow bloc nations to spy on news reporters in the name of national security concerns, Politico's Mathieu Pollet reports. "This first-of-a-kind rulebook for media, proposed by the European Commission in September, touches upon a broad range of areas, including surveillance, media concentration, public broadcasters and online platforms," Pollet writes. | - The original law was intended to prevent governments from detaining, sanctioning and surveilling journalists for information about their sources, but France subsequently called for narrower immunity, the report says.
- In a proposal document, France emphasized that it has an "attachment" to journalists' confidentiality and references a 2021 incident in which Pegasus spyware was found on French reporters' phones.
- It is "essential to strike a fair balance between the need to protect the confidentiality of journalists' sources and the need to protect citizens and the state against serious threats," France said in the document.
| | Journalists and privacy advocates are pushing back against the decision. "National security is a classic exception. It opens the door to all kinds of abuse," Julie Majerczak, head of the Brussels bureau of Reporters Without Borders, told Politico. The group on Monday wrote a letter to E.U. deputy ambassadors asking them to reconsider, Pollet's report adds. Still, "Nothing is set in stone," Politico notes. "Once the Council has agreed on its mandate, it will have to negotiate with the Parliament — which has yet to reach its position — and the Commission before the new rules can enter into force." | Agencies face challenges in defining shared cybercrime metrics, government report finds |  There is a difficulty in measuring the extent or impact of a given cyber incident, the report says. (Sarah Silbiger for The Washington Post) | | | Federal agencies' use of metrics for collecting and reporting cybercrime data can limit information sharing and affect how law enforcement tracks cybercrime events, according to a government report released Tuesday. The Government Accountability Office surveyed agencies on how they manage and track cybersecurity incidents and concluded that cybercrime is probably underreported — and is "not consistently tracked or identified." | - There is "difficulty in measuring the extent or impact" of a given cyber incident, the report says.
- The Justice Department's Computer Crime and Intellectual Property Section cited credit card fraud as an example. According to GAO, they said it "may inconvenience someone, but generally, credit card companies may restore the victim's financial loss. However, cyberstalking or phishing can have a much larger impact, such as people losing their life savings," according to the GAO.
| | The report was sent to Senate Judiciary Chair Richard J. Durbin (D-Ill.) and House Judiciary Chair Jim Jordan (R-Ohio) and emphasized that the Justice Department "effectively developing a cybercrime taxonomy and category in its national crime reporting system should help address these challenges." A 2022 law directs the Justice Department to improve cyberattack-linked data collection practices, including establishing a national incident-based system for collecting cybercrime reports. | Officials tracked Huawei and ZTE workers at suspected Chinese spy site in Cuba |  U.S. officials have long accused Huawei and ZTE of being national security threats. They deny the accusations. (Alain Jocard/AFP via Getty Images) | | | Officials during the Trump administration reviewed intelligence that found that Huawei and ZTE workers went into and left suspected Chinese spying facilities in Cuba, the Wall Street Journal's Kate O'Keeffe reports. U.S. officials have long argued that the companies pose a national security threat, which they deny. | - The White House previously said that China has had an eavesdropping post in Cuba since at least 2019. U.S. officials say that China and Cuba "already jointly run four eavesdropping stations on the island," O'Keeffe writes.
| | "While neither Huawei nor ZTE is known to make the sophisticated tools governments would use for eavesdropping, both specialize in the technology needed to facilitate such an operation, such as servers and network equipment that could be used to transmit data to China," O'Keeffe writes, citing people familiar with the matter. | - Huawei denied "such groundless accusations" in a statement to the Wall Street Journal that said it is "committed to full compliance with the applicable laws and regulations where we operate." ZTE didn't respond to the outlet's request for comment.
| | |  | Government scan | | | |  | Hill happenings | | | |  | Industry report | | | |  | National security watch | | | |  | Global cyberspace | | | |  | Cyber insecurity | | | |  | Privacy patch | | | |  | Daybook | | | |  | On the move | | - DHS Deputy Secretary John Tien is leaving the agency, according to a Tuesday tweet.
| | |  | Secure log off | | | Thanks for reading. See you tomorrow. | | |
No comments:
Post a Comment