Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We’re here to connect the dots as leaders in government, policy and industry try to counter the rise in cyber threats. What lies ahead for Congress, the administration and the latest company under siege? Whether you’re a consumer, a techie or a D.C. lifer, we’re here to give you …
THE BIG STORY:
–TICK TOCK: House Intelligence Committee Chairman Devin Nunes (R-Calif.) and ranking member Adam SchiffAdam SchiffOvernight Cybersecurity: Trump DOJ wants more time to provide evidence of wiretapping Trump administration wants more time to give Intel committee wiretapping proof Schiff: ‘I don’t expect we’re going to see any evidence’ of Trump’s wiretap claims MORE (D-Calif.) had asked the Department of Justice to provide any evidence showing Trump Tower was wiretapped by this Monday afternoon. The Justice Department, though, is asking for more time. “This afternoon, the Department of Justice placed calls to representatives of the Chairman and Ranking Member of the United States House Permanent Select Committee on Intelligence to ask for additional time to review the request in compliance with the governing legal authorities and to determine what if any responsive documents may exist,” said DOJ spokeswoman Sarah Isgur Flores, in a statement on Monday. The Monday evening request came hours before the committee-set midnight deadline. Nunes confirmed the request in a statement, and said the delay could force the committee to “resort to a compulsory process if our questions continue to go unanswered.” He asked for the information before a committee hearing on March 20th. Read more here.
–‘THE PRESIDENT USED THE WORD WIRETAP IN QUOTES’: White House press secretary Sean Spicer softened President Trump’s earlier claims that “Obama had my ‘wires tapped’ in Trump Tower just before the victory.” During his press briefing on Monday, Spicer rolled back the claims to “Obama administration.” “He doesn’t really believe that President Obama tapped his phone personally, but I think there’s no question that the Obama administration, that there were actions about surveillance and other activities that occurred in the 2016 election,” Spicer said. “That is a widely reported activity that occurred back then. The president used the word ‘wiretap’ in quotes to mean broad surveillance and other activities during that.” The accusation, which the White House has still not provided any evidence for, would still be a big deal. The Justice Department and intelligence agencies, while part of the administration, would have had authority to seek warrants to tap Trump’s phone lines – even without Obama’s direct command.
Trump appeared to suggest a Watergate-like scandal in his tweets. “How low has President Obama gone to tapp my phones during the very sacred election process. This is Nixon/Watergate,” he tweeted last week. Spicer, though, appeared to suggest Monday that someone either applied for a FISA warrant, in which case, an appointee of Justice Roberts would have signed off on there being cause to tap the Trump’s phones, or that Trump was incidentally caught on a phone call with a foreign agent whose phone was tapped. Neither would be at Obama’s direction but both could raise even more questions for Trump.
–TRUMP WAS ALMOST CERTAINLY NOT TAPPED USING A MICROWAVE: In an interview on Sunday, Trump aide Kellyanne Conway argued that there were lots of ways the president could have been spied on, including “microwaves that turn into cameras.” While internet-connected devices are susceptible to hackers, there is little way to turn something that isn’t a camera into a camera. “I’m not Inspector Gadget,” Conway explained Monday on CNN. “I don’t believe people are using the microwave to spy on the Trump campaign.”
A POLICY UPDATE:
BORDER PATROL SEARCHING PHONES OF AMERICAN CITIZENS: Customs and Border Protection (CBP) agents have demanded cellphone passwords to search devices of American citizens entering the United States, an investigation by NBC News found.
The review found 25 instances in which U.S. citizens reported border officers demanding their phones and the passwords to unlock them at airports and border crossings.
The majority of the cases reviewed — 23 out of 25 — involved Muslims.
Travelers subjected to cell phone searches included a Buffalo, N.Y., couple who were returning back to the United States from a trip to Canada at the start of the year. They were allegedly detained for two hours and forced to give their passwords to Customs and Border Protection officials so they could search their phones.
According to Department of Homeland Security data reviewed by NBC, the count of cellphone searches by border officers grew from less than 5,000 in 2015 to almost 25,000 in 2016. Agents searched 5,000 devices in February alone, the department reported.
The revelations are sure to anger privacy and civil liberties advocates who have pushed for increased protections for American citizens.
Sen. Ron WydenRon WydenOvernight Cybersecurity: Trump DOJ wants more time to provide evidence of wiretapping Border agents demanded searches of US citizens’ phones: report Trump camp could have fallen into ‘backdoor’ surveillance MORE (D-Ore.) has already signaled plans to introduce a bill that would require Border Patrol agents to obtain warrants before searching electronic devices at the U.S. border, following reports that American travelers had been asked to hand over their smartphone PIN to access their phones.
To read the rest of our piece, click here.
A LIGHTER CLICK: IT’S MARCH MADNESS. A change from February, which seemed very normal.
A REPORT IN FOCUS:
Researchers reportedly discovered “gigabytes” of sensitive Air Force documents left unsecured online, visible to anyone who knew where to look for them without a password.
The security firm MacKeeper discovered what it claims was a lieutenant’s misconfigured backup hard drive. They notified the Air Force and the drive has since been taken down. There is no information whether the drive had been discovered by any unauthorized party besides MacKeeper.
MacKeeper worked with the technology news site ZDNet to investigate the severity of the security mishap, which they believe to be substantial, even though the documents largely do not appear to have been classified.
The documents on the drive, reports ZDNet, include the names, addresses and Social Security numbers of 4,000 service members; contact information of spouses; and Social Security numbers, passport numbers and the contact information of celebrities — including actor Channing Tatum — who had visited military installations.
Other documents included a lieutenant colonel’s password and user name for the Joint Personnel Adjudication System, used to check military clearances, as well as security clearance renewal applications for two four-star generals.
To read the rest of our piece, click here.
WHO’S IN THE SPOTLIGHT:
FACEBOOK. Under pressure from civil liberties advocates, Facebook has updated its policies to explicitly prohibit the use of company data for surveillance purposes.
Facebook announced the move on Monday after the American Civil Liberties Union (ACLU) published records showing that Facebook and other social media platforms provided user data access to a company that marketed its products to law enforcement for surveillance purposes.
“Today we are adding language to our Facebook and Instagram platform policies to more clearly explain that developers cannot ‘use data obtained from us to provide tools that are used for surveillance.’ Our goal is to make our policy explicit,” wrote Rob Sherman, Facebook’s deputy chief privacy officer, in a post on the company’s privacy page Monday.
The company said that it has been taking “enforcement action” against developers who create and market tools to be used for surveillance for several months.
“We want to be sure everyone understands the underlying policy and how to comply,” Sherman clarified.
The company said that the update was the result of months of work with advocacy organizations including the ACLU of California, Color of Change and the Center for Media Justice.
Facebook and other social media platforms give developers access to users’ public feeds to track trends and other public happenings.
The ACLU released records last October showing that Twitter, Facebook and Instagram gave user data access to Geofeedia, a developer of social media monitoring products marketed to law enforcement to monitor activists and protesters, including those in Ferguson, Mo. Facebook and Twitter cut off access to Geofeedia following the revelations.
The ACLU and other advocacy organizations signaled support for Facebook’s move on Monday, though some indicated that more needs to be done.
“We depend on social networks to connect and communicate about the most important issues in our lives and the core political and social issues in our country,” Nicole Ozer, technology and civil liberties director at the ACLU of California, said in a statement. “Now more than ever, we expect companies to slam shut any surveillance side doors and make sure nobody can use their platforms to target people of color and activists.”
To read the rest of our piece, click here.
IN CASE YOU MISSED IT:
Links from our blog, The Hill, and around the Web
Julian Assange declines “fashion advice” from Sen. Ben Sasse (R-Neb.), who said Assange should spend “the rest of his life wearing an orange jumpsuit.” (The Hill)
Over the weekend, Sasse claimed Wikileaks supporters repeatedly attempted to hack him after he made those comments. (The Hill)
Did Wikileaks just ask college students to apply for CIA internships to leak documents? (The Hill)
The inventor of the web explains how to fix it. (Web Foundation)
British intelligence held an ’emergency summit’ with political parties to warn of Russian hacking. (Sunday Times)
Kaspersky Lab invented a perfume as a PR campaign. (Fox News)
Dozens of Android phones came loaded with pre-installed malware. (ThreatPost)
If you’d like to receive our newsletter in your inbox, please sign up here.