Trump’s defense veto would torpedo cyber overhaul amid unfolding hack

President Donald Trump’s promised veto of an annual defense policy bill would also sink one of the most consequential pieces of cybersecurity legislation in years, just as the U.S. is grappling with a massive digital intrusion that appears to be Russia’s handiwork.

The revelation that hackers have compromised myriad federal agencies adds a new dimension to the monthslong battle of wills between Trump and lawmakers of both parties about the defense bill’s fate. It also comes as the commander in chief is attracting bipartisan criticism for failing to offer any public response to the still-unfolding cyberattack, an intrusion that the Department of Homeland Security’s cyber agency has labeled a “grave risk” to range of governments and private organizations.

Top Republicans have seized on the hack while pleading with Trump to sign the National Defense Authorization Act, H.R. 6395 (116), which passed with blowout votes in the House and Senate last week. But many are still wary of crossing Trump, and will be tested by a vote to override his threatened veto.

“There is no doubt that our adversaries will take advantage of any opportunity to attack vulnerabilities in our cyber infrastructure,” a half-dozen GOP House members said in a statement Friday, led by outgoing House Armed Services ranking Republican Mac Thornberry of Texas. “The measures in this year’s bill will provide critical safeguards to protect the information and capabilities most foundational to our nation’s security.”

Also joining that statement were incoming ranking member Mike Rogers of Alabama and Reps. Liz Cheney of Wyoming, Mike Turner of Ohio, Elise Stefanik of New York and Mike Gallagher of Wisconsin.

For the first time ever, the massive defense spending road map contains a section devoted entirely to cybersecurity, with dozens of provisions intended to augment online defenses. Chief among them is the creation of a national cyber director to coordinate the government’s response to digital assaults.

Senate Armed Services Chair Jim Inhofe (R-Okla.), a top Trump ally who has attempted to steer the president away from a veto, highlighted the bill’s cyber upgrades in a joint statement Thursday with the committee’s top Democrat, Jack Reed of Rhode Island. Inhofe argued that signing the defense bill is one of “the immediate steps the Administration can take to improve our cyber posture.”

“The NDAA is always ‘must-pass’ legislation — but this cyber incident makes it even more urgent that the bill become law without further delay,” the pair added.

The president has cited very different reasons for opposing the bill — asserting that Chinese leaders “love” the legislation, and demanding that lawmakers add an unrelated provision stripping legal protections from social media companies that fact-checked him during his reelection campaign.

“I will Veto the Defense Bill, which will make China very unhappy,” Trump tweeted Thursday morning, four days after news of the hack became public.

Unlike President-elect Joe Biden, Trump has not condemned the cyberattack or offered any hints at how he thinks the U.S. should respond.

Alarm about the breach has spread across the Capitol, meanwhile, amid revelations that the hackers had wormed their way into targets such as the Commerce, Treasury and State departments, along with DHS, the National Institutes of Health and various arms of the Energy Department, including the agency that manages the U.S. nuclear stockpile. The victims could also include an array of state and local governments as well as private entities, DHS’s Cybersecurity and Infrastructure Security Agency said Thursday.

U.S. officials have said the hackers obtained access to the agencies’ networks after infecting software updates from a Texas company called SolarWinds, whose customers include much of the federal government and the Fortune 500. Early assessments have blamed the monthslong attacks on Russia’s elite foreign espionage agency.

Maine Republican Sen. Susan Collins, a senior member of the Intelligence Committee and the Defense Appropriations panel, cited the defense bill’s cyber provisions Friday while calling for Trump to sign it.

“The President should immediately sign the NDAA not only to keep our military strong but also because it contains significant cyber security provisions that would help thwart future attacks,” Collins wrote on Twitter.

Rep. John Katko of New York, who is set to be the top Republican on the House Homeland Security Committee, also believes Trump should sign the bill, a spokesperson said Friday.

Tom Bossert, Trump’s former homeland security adviser, piled on in a New York Times op-ed this week. The former senior White House aide contended that the hack makes the defense bill with its extensive cybersecurity provisions “a must-sign piece of legislation.”

The proposal to create a national cyber director is one of the bill’s most-noticed proposals. The administration has opposed creating such a position, but lawmakers have expressed a bipartisan desire to put someone in charge of coordinating the digital missions at the various federal agencies.

Trump’s former national security adviser John Bolton eliminated a similar White House cybersecurity coordinator position in May 2018. Unlike the proposed role, that post didn’t require Senate confirmation.

In all, the bipartisan measure contains more than two dozen recommendations taken from or inspired by the Cyberspace Solarium Commission, a congressionally chartered panel created in a previous defense policy bill.

Many of the provisions are meant to strengthen CISA, which has come under pressure from Trump for refusing to back his election conspiracy theories. The agency has been without a permanent leader since the president fired Director Chris Krebs last month.

The NDAA would also grant CISA the authority to hunt for foreign hackers trying to break into government networks and the power to issue administrative subpoenas to internet service providers when the agency detects vulnerabilities in critical infrastructure.

Mark Montgomery, the Solarium Commission’s executive director, said in a statement that the measure needs Trump’s signature “now.”

“If the president is not careful his cyber legacy will be the SolarWinds disaster,” said Montgomery, who previously served as policy director for Senate Armed Services under the late Sen. John McCain. But he added, “if he signs the NDAA with 70-plus cyber provisions, many that address the SolarWinds challenge, he can take ownership of the long-term solution.

“That would make him the ‘big winner’ not China,” Montgomery added, referring to Trump’s recent, unexplained critique that Beijing supports the bill.

In addition to his last-minute demand that the NDAA repeal a 1996 online liability law called Section 230, Trump vowed over the summer to veto any bill that would force the military to rename bases that honor Confederate leaders. Congress included such a provision in the final bill.

He’s also objected to provisions that limit U.S. troop withdrawals from Afghanistan and Europe.

Trump has until Wednesday to sign or veto the measure or allow it to become law without his signature.

Congressional leaders in both parties are confident they’ll be able to muster enough support to override when a vote happens in late December or early January, shortly before the new Congress is sworn in.

Republicans could sink the bill if enough of them side with Trump on an override vote — though dozens in the House and Senate would have to change their votes to do so.

In the meantime, Trump is coming under criticism from a growing, bipartisan chorus of lawmakers who want him to speak out forcefully about the breach.

On Thursday, Sen. Mitt Romney (R-Utah), a member of the Foreign Relations Committee and a longtime critic of the president, tweeted an abbreviated version of a radio interview he gave where he described “inexcusable silence and inaction from the White House.”

Sen. Mark Warner of Virginia, the top Democrat on the Senate Intelligence Committee, said that as “we learn about the wider impact of this malign effort — with the potential for wider compromise of critical global technology vendors and their products — it is essential that we see an organized and concerted federal response.”

It is “extremely troubling that the President does not appear to be acknowledging, much less acting upon, the gravity of this situation,” Warner said.

Source: https://www.politico.com/news/2020/12/18/trump-veto-ndaa-hack-448492
Droolin’ Dog sniffed out this story and shared it with you.
The Article Was Written/Published By: Connor O’Brien and Martin Matishak

! #Headlines, #Cybersecurity, #CyberWarfare, #Government, #Hackers, #Newsfeed, #Political, #Politico, #Politics, #Trending, #Trump, biden trump, new york nyc NY nypd nyfd, #Health, #News, #WorldNews

“A grave risk”: As Trump remains silent, massive cyberhack increasingly looks like act of war

A Trump administration official tells Axios that the cyberattack on the U.S. government and corporate America, apparently by Russia, is looking worse by the day — and secrets may still be being stolen in ways not yet discovered.

The big picture: “We still don’t know the bottom of the well,” the official said. Stunningly, the breach goes back to at least March, and continued all through the election. The U.S. government didn’t sound the alarm until this Sunday. Damage assessment could take months.

---

Microsoft President Brad Smith told the N.Y. Times that at least 40 companies, government agencies and think tanks had been infiltrated.

• The hack is known to have breached the departments of Defense, State, Homeland Security, Treasury, Commerce, and Energy and its National Nuclear Security Administration — plus the National Institutes of Health.
• 8 countries: Microsoft, which has helped respond to the breach, said in a statement that 80% of its 40 customers known to have been targeted are in the U.S., plus others in U.K., Israel, UAE, Canada, Mexico, Belgium and Spain.

In unusually vivid language for a bureaucracy, the U.S. Cybersecurity and Infrastructure Security Agency, part of Homeland Security, said yesterday that the intruder “demonstrated sophistication and complex tradecraft.”

• The agency said the breach “poses a grave risk to the Federal Government and state, local, tribal, and territorial governments as well as critical infrastructure entities and other private sector organizations.”

If this had been a physical attack on America’s secrets, we could be at war.

• Imagine if during the Cold War, the Soviet Union had broken into a building in Washington and walked out with correspondence, budgets and more.
• Sen. Chris Coons (D-Del.) told Andrea Mitchell on MSNBC: “It’s pretty hard to distinguish this from an act of aggression that rises to the level of an attack that qualifies as war. … [T]his is as destructive and broad scale an engagement with our military systems, our intelligence systems as has happened in my lifetime.”

The gravity wasn’t immediately apparent because this wasn’t the “cyber Pearl Harbor” that experts have warned about: No one took out a power grid, or stole a bunch of money or destabilized the markets.

• Instead, it’s more like someone has been walking in and out of your house for months, and you don’t really know what they took.
• And they may have built a secret door. “For someone to have access that long, who’s this sophisticated, it’s pretty likely they built other ways to get in that are hard to find,” one official told me.

What’s next: President Trump has stayed silent on the hack, meaning that President-elect Biden’s overflowing in-box now includes Russian reprisal, damage mitigation and future deterrence.

• Promising to impose “substantial costs” on the perpetrator, Biden said in a statement that his administration “will make cybersecurity a top priority”: “I will not stand idly by in the face of cyber assaults on our nation.”

Source: https://www.axios.com/solarflares-russia-hack-agencies-0a21d7e4-9fcf-4f6d-b86c-f903d155dd9d.html
Droolin’ Dog sniffed out this story and shared it with you.
The Article Was Written/Published By: Mike Allen

! #Headlines, #Axios, #Cybersecurity, #CyberWarfare, #Hackers, #Hacks, #Newsfeed, #Politics, #Russia, #Trump, #TrumpLiesMatter, biden trump, #Health, #News, #WorldNews

Romney: ‘Stunning’ for White House not to respond on Russian cyberattack

Sen. Mitt Romney (R-Utah) on Thursday said it was “stunning” for the White House to not issue a response regarding multiple alleged U.S. government cyber attacks stemming from Russia.

Source: https://thehill.com/homenews/senate/530738-romney-stunning-for-white-house-not-to-respond-on-russian-cyberattack
Droolin’ Dog sniffed out this story and shared it with you.
The Article Was Written/Published By: Kaelan Deese

! #Headlines, #Congress, #Cybersecurity, #CyberWarfare, #Government, #Newsfeed, #Political, #Politics, #Republicans, #Russia, #Trump, #TrumpLiesMatter, #WorldNews, #News

FBI, other agencies warn of ‘imminent cybercrime threat’ to U.S. hospitals

Federal authorities are urging healthcare providers to take precautions to protect their systems.

Source: https://www.nbcnews.com/news/us-news/fbi-other-agencies-warn-imminent-cybercrime-threat-u-s-hospitals-n1245212
Droolin’ Dog sniffed out this story and shared it with you.
The Article Was Written/Published By: Ken Dilanian and Andrew Blankstein and Phil Helsel

! #Headlines, #Cybersecurity, #CyberWarfare, #FBI, #Hackers, #Healthcare, #Newsfeed, #Health, #News

Russian cyberattackers pose ‘urgent threat’ to British security, report finds

“Russian influence in the U.K. is the new normal,” according to the report by Parliament’s intelligence and security committee.

Source: https://www.nbcnews.com/news/world/russia-launched-cyberattacks-disinformation-campaigns-u-k-according-study-n1234436
Droolin’ Dog sniffed out this story and shared it with you.
The Article Was Written/Published By: Patrick Smith

! #Headlines, #Cybersecurity, #CyberWarfare, #Hackers, #Newsfeed, #Russia, #TechnologyNews, #UK, #WorldNews, #News

High court gives Trump power to fire consumer bureau chief

The Supreme Court on Monday handed President Donald Trump greater authority over the Consumer Financial Protection Bureau, ruling that a legal provision restricting the president’s ability to fire the director is unconstitutional.

While the decision will make the CFPB less independent, it preserved the agency by severing the removal clause from the rest of the 2010 law that created the bureau.

“The structure of the CFPB violates the separation of powers,” Chief Justice John Roberts wrote in the decision. “The agency may … continue to operate, but its Director, in light of our decision, must be removable by the President at will.”

The court said that a key 1935 decision “permitted Congress to give for-cause removal protection to a multimember body of experts who were balanced along partisan lines” but did not extend that authority to a single director vested with executive power.

The decision could have significant implications for the future of the similarly structured Federal Housing Finance Agency, the overseer of mortgage giants Fannie Mae and Freddie Mac. Like the head of the CFPB, the FHFA director is appointed to a five-year term and can only be removed for cause.

From the day it opened its doors nine years ago, the CFPB — the brainchild of Sen. Elizabeth Warren (D-Mass.), then a law professor at Harvard — was polarizing, with Democrats casting it as a long-overdue cop on the beat for consumers after the 2008 financial crisis and Republicans slamming the agency as an example of regulatory overreach.

Congress established the bureau as part of the landmark 2010 Dodd-Frank financial overhaul, mandating that it be led by a single director appointed to a five-year term who could only be fired for “inefficiency, neglect of duty or malfeasance in office” in a bid to insulate the agency from political interference. In a similar move, the authors of Dodd-Frank also chose to fund the CFPB through the Federal Reserve, rather than the congressional appropriations process.

Yet where Democrats see independence, Republicans see a lack of accountability. Republicans have long sought to overhaul the agency’s single-director structure and replace it with a bipartisan commission akin to the leadership of other financial regulators. GOP attacks have abated since Trump put his own people in charge of the bureau, but the leadership issue has never been resolved.

The political ramifications of the fight over whether the for-cause removal of the CFPB director violates the Constitution’s separation of powers were clear as the Supreme Court considered the case brought by Seila Law, a California debt relief firm that refused to cooperate with a CFPB investigation.

The Trump administration, including CFPB Director Kathy Kraninger, in September reversed its position and said it agreed that the bureau is unconstitutionally structured, leading the court to tap former solicitor general and conservative legal star Paul Clement to defend the agency.

Solicitor General Noel Francisco joined Seila Law in saying that the CFPB effectively answers to no one, during oral arguments in March.

“The president stands for election; the director of the CFPB does not,” Francisco told the court. “So if the director is insulated from presidential oversight, then her exercises of executive power are insulated from democratic control. And that’s not the structure that our Constitution creates and requires.”

House Democrats, meanwhile, sent their general counsel to back Clement’s argument that the for-cause removal is only a modest restraint on the president’s power to remove someone and helps preserve the agency’s independence.

Clement referred to the coronavirus pandemic in his arguments, saying Congress would be perfectly within its rights to pass a law that the director of the Centers for Disease Control and Prevention can only be removed for cause: “That is the kind of sensible decision that Congress has been making for over 100 years,” he said.

Source: https://www.politico.com/news/2020/06/29/supreme-court-consumer-financial-protection-bureau-decision-344324
Droolin’ Dog sniffed out this story and shared it with you.
The Article Was Written/Published By: Katy O’Donnell

! #Headlines, #CyberWarfare, #Government, #Political, #Politico, #Politics, #SCOTUS, #Trending, #Trump, #Coronavirus, #Health, #News, #Newsfeed

Venezuela blames nationwide blackout on ‘electromagnetic attack’

Massive blackouts across Venezuela were likely caused by an “electromagnetic attack,” the government of President Nicholas Maduro said, stressing that authorities are working to bring back power as soon as possible.
Read Full Article at RT.com

Source: https://www.rt.com/news/464803-venezuela-new-power-outage/?utm_source=rss&utm_medium=rss&utm_campaign=RSS
Droolin’ Dog sniffed out this story and shared it with you.
The Article Was Written/Published By: RT

! #Headlines, #CyberWarfare, #RT, #SouthAmerica, #Trending, #Venezuela, #WorldNews, #Newsfeed, #syndicated, news

US cyberattack reportedly knocked out Iran missile control systems

The US may have withheld a physical military response to Iran shooting down a drone, but it might not have shown similar restraint with a digital campaign. Washington Post sources say the President greenlit a long-in-the-making cyberattack that took…

Source: https://www.engadget.com/2019/06/22/us-cyberattack-reportedly-knocked-out-iran-missile-control-syste/
Droolin’ Dog sniffed out this story and shared it with you.
The Article Was Written/Published By:

! #Headlines, #CyberWarfare, #Engadget, #Iran, #Military, #TechNews, #Newsfeed, #syndicated, news