The FBI’s all-in on 702
— FBI Director Christopher Wray sent a letter to House Speaker
HAPPY MONDAY, and welcome to Morning Cybersecurity! My mom’s been staying at my place for the last week and we’ve been eating home-cooked meals three times a day — contributing to a happier, healthier cyber reporter. But now it seems she’s been wielding her powers in a skillful PsyOp campaign, sneaking me full course meals at unsuspecting moments. Is this the premature end to my summer bod?
Have any tips or secrets to share with MC? Or thoughts on what we should be covering? Email me at [email protected]. You can also follow @POLITICOPro and @MorningCybersec on Twitter. Full team contact info is below. Let’s dive in.
Want to receive this newsletter every weekday? Subscribe to POLITICO Pro. You’ll also receive daily policy news and other intelligence you need to act on the day’s biggest stories.
WRAY’S APPEALS — As the light starts to flicker on the controversial Section 702, a burst of agency support has been emerging across Washington over the last week — only to be topped off by FBI director Christopher Wray following his testy House Judiciary hearing.
The doubt over its renewal seems to have sent alarm bells ringing for the head of America’s premier investigative office, who blasted off a pair of letters to both Senate and House leadership Friday evening revealing some insight and urging lawmakers to renew the “invaluable” surveillance tool by year’s end. Here’s what we now know about how the FBI claims to be using 702.
— That’s a lot: If the FBI was grading 702, we at MC think the agency would give it an A+. At least from Wray, who wrote to congressional leadership that a whopping 97 percent of all raw technical reporting on malicious cyber actors in the first half of this year is from intelligence received through the tool. He adds that 92 percent of reporting on emerging tech, like AI, came through 702 over the same period.
The agency’s recent ultra-usage may not exactly be the win Wray thinks it should be, with lawmakers on both sides of the aisle making it very clear they are eyeing substantial reforms on the soon-to-expire spy power, including adding significant new privacy safeguards since American citizen data have been swept up through the program.
— Under attack: According to Wray’s letter, the FBI used Section 702 to crush a Chinese hack targeting the computer networks of an unnamed “major U.S. transportation hub.” The FBI director believes because his agency has a mandate from the intelligence community to respond to information from the tool, they’ve been able to save the industry from “millions (possibly billions) of dollars” of damages. And with Taiwan’s presidential election less than six months away, the threat of Chinese hackers upping their cyberattacks are omnipresent – with Wray claiming a weakened 702 would impede American ability to assist the country.
— Are we forgetting something? While the spy authority allows the government to snoop on electronic communications of foreigners, it has also been infamously misused by the FBI for domestic surveillance. A declassified report from earlier this year revealed that the agency used the tool in 2020 to investigate if protesters involved in the Black Lives Matter movement had ties to terrorists.
The Biden administration, however, is quick to note that the FBI has since implemented a series of compliance fixes to deal with it in 2021, and is considering codifying those changes into law. But speaking of those reforms …
SENATOR TARGETED — An unnamed U.S. senator, a state senator and a judge were all improperly searched by agency analysts through 702’s database, according to a declassified court ruling that also just so happened to be released on Friday.
The Office of the Director of National Intelligence declassified the April court order, which revealed that the FBI analyst — while seeking the data of the two lawmakers –- acted based on information suggesting that they were being pursued by an unidentified foreign intelligence service. It’s unclear why the judge was looked up by the FBI, but it was all flagged as improper.
— Let’s keep trying the charm offensive: Despite the missteps and skepticism from lawmakers, current and possible agency leaders – including Wray and President Joe Biden’s nominee to run the National Security Agency and U.S. Cyber Command, Lt. Gen. Timothy Haugh – repeatedly championed the benefits of the powerful surveillance tool.
THE NDAA COMETH — There’s nothing quite like those hot summer nights in D.C., when you can stay up late, kick back with your group of people and talk … national defense priorities. We’re right about to come up on Congress’ August recess, but before that, lawmakers are expected to vote through the defense authorization behemoth – and there are some pieces we’re watching.
— A timely teamup: China’s ambitions for Taiwan are top of mind for American lawmakers, especially since the self-governing island is holding its presidential election in January. One amendment in this year’s National Defense Authorization Act tees up military cyber cooperation between the Defense Secretary and Taiwanese counterparts within 180 days of its passing to defend military networks, use commercial and military cyber tech, and conduct joint cyber training activities.
— Reserve pilot project: The U.S. Cyber Command may be getting some civilian support, with a pilot project looking to recruit and appoint everyday citizens for temporary positions of 180 days or less to support cyber operations, Department of Defense systems, and assist in addressing cyber workforce challenges. The Secretary of the Army will be running the project, and people with cyber expertise and who have not served in the Reserve within the previous 60 days may be considered. There would be a vetting process too – and some civilians will be getting security clearances when necessary.
TAKE THAT, AI — In the wee hours of Friday while you were dreaming of out-hacking your peers at Def Con, the White House and choice industry groups got together to announce a landmark rulebook on how to govern AI – and what do you know, it has some cyber protections built in as well.
In their new commitment, the head honchos at Amazon, Anthropic, Google Inflection, Meta, Microsoft and OpenAI say cybersecurity investments and insider threat safeguards to protect proprietary and unreleased model weights must go hand-in-hand with AI development. They add that the model weights would only be released “when intended” and when security risks are considered.
— What’s next: One head of the septet, Anthropic’s CEO Dario Amodei, is getting ready to face the Senate Judiciary Committee Tuesday to discuss AI regulation. And one thing Amodei may discuss at the hearing is his anxiety about constantly finding new system jailbreaks on his AI model, Claude, and other AI – and being more proactive in curbing those attacks.
“I’m actually deeply concerned that in two or three years, we’ll get to the point where models can, I don’t know, do very dangerous things with science, engineering, biology and then a jailbreak could be life or death,” Amodei said in an interview with The New York Times posted on Friday. “And so we’re making progress but the stakes are getting higher.”
— And he’s not the only one: Reps from tech giants including Adobe, Box, Workday and Microsoft will be on the Hill this afternoon to talk about how companies are managing the risks of artificial intelligence and examine regulatory frameworks, including the National Institute of Standards and Technology’s AI Risk Management Framework.
Don’t think we haven’t noticed!
A CL0P-OLUTION — The ransomware gang CL0P is now copying a tactic from another ransomware gang, ALPHV, by crafting individual Internet-accessible websites for targeted victims. It’s streamlining the process of leaking stolen data and intensifying the pressure on victims to comply with their ransom demands, writes Lawrence Abrams for Bleeping Computer.
THAT’S A LOT OF MONEY — Researchers found that more than 20 million people have been impacted by the MOVEit breach orchestrated by the CL0P ransomware gang, reports The Record’s Jonathan Greig.
JOHNS HOPKINS SUED — There is now a class action lawsuit going around Maryland after Johns Hopkins health system was breached — exposing personally identifiable data including Social Security numbers, Ivy Lyons reports for WTOP News.
Also happening today
Gregg Judge with the Army’s Enterprise Cloud Management Office is joining a virtual discussion on the future of defense cloud software as a service hosted by the Government Executive Media Group. 2 p.m.
Chat soon.
Stay in touch with the whole team: Joseph Gedeon ([email protected]); John Sakellariadis ([email protected]); Maggie Miller ([email protected]); and Heidi Vogt ([email protected]).
Source: https://www.politico.com/