Latest reported NSA cyber tool theft raises contractor, Kaspersky concerns

The NSA is back in the hot seat after reports Thursday that Russian hackers stole some of its highly classified files about America’s offensive and defensive cyber tools. According to The Wall Street Journal — and later The Washington Post — Kremlin spies stole the files from the personal laptop of an NSA contractor who brought them home from work.

The laptop ran software made by Moscow-based cyber firm Kaspersky Lab, which has faced scrutiny from lawmakers and intelligence officials over its close ties to the Kremlin. Experts believe that the software detected the NSA files as malware and flagged them for company researchers back in Moscow, though it’s unclear how the Russian government learned about them. The Post reported that the employee — who was dismissed — had worked for the NSA’s elite hacking unit, Tailored Access Operations, and did not remove the materials for malicious purposes.

The Russian theft of America’s cyber secrets refocused attention on the intelligence community’s use of contractors, the source of several recent high-profile breaches. “The NSA needs to get its head out of the sand and solve its contractor problem,” said Sen. Ben Sasse. “Russia is a clear adversary in cyberspace and we can’t afford these self-inflicted injuries.” Michael Daniel, former President Barack Obama’s cybersecurity coordinator, said the government needs to rethink how it handles contractors. “The federal government supervisor sitting in the same space as a given contractor can’t really do personnel oversight, because they are a contractor,” he told POLITICO. “On the other hand, the contractor’s home company never sees them, because they are always off on contract sites.”

The fact that the contractor’s computer ran Kaspersky software adds weight to the Trump administration’s decision last month to ban the software from government networks. The Department of Homeland Security ordered that process to begin last month, but senior administration officials have repeatedly refused to provide evidence of the threat they say Kaspersky poses. “There’s no reason we should be compelled to show the intelligence,” Rob Joyce, President Donald Trump’s cyber coordinator, said on Tuesday. After the Journal story broke, Sen. Jeanne Shaheen — who is backing legislation that would codify the Kaspersky ban — said it “should serve as a stark warning” about the “serious dangers of using Kaspersky software.” Shaheen late Thursday sent a letter to Senate Armed Services Committee leaders calling for a hearing on the topic with NSA Director Adm. Mike Rogers.

The NSA’s struggle to protect its secrets comes as the Trump administration prepares to release more information about how it chooses whether to alert companies about digital flaws it discovers. Civil liberties groups have long said that the NSA, with its history of breaches, cannot be trusted to keep those vulnerabilities secret. “The government should be doing everything it can to disclose previously unknown security vulnerabilities as soon as possible,” said Robyn Greene, policy counsel at New America’s Open Technology Institute, a digital rights advocacy group. “Otherwise, we’ll all just be waiting for the other shoe to drop — for when we find out that our software can be or has been hacked by foreign actors or criminals.” You can read more about the reported Russian theft of NSA secrets in Eric and Cory’s story here.

HAPPY FRIDAY and welcome to Morning Cybersecurity! Your MC host plans to hit up the Renaissance Festival this weekend. I WILL be throwing a giant battle ax and I WILL be eating a giant turkey leg. Send your thoughts, feedback and especially tips to and be sure to follow @timstarks, @POLITICOPro and @MorningCybersec. Full team info below.

REVIEWS FILTER IN ON 702 BILL — Senior House lawmakers have begun to weigh in on the House Judiciary Committee’s proposed legislation to revise and extend the digital spying programs allowed under Section 702 of the Foreign Intelligence Surveillance Act. Just hours after the leaders of the panel stumped for the bill — dubbed the USA Liberty Act — Rep. Adam Schiff, the top Democrat on the House Intelligence Committee, called the measure “a thoughtful first effort” — but stopped short of endorsing it. Both Judiciary and Intelligence have jurisdiction over the renewal process, meaning support from both is critical to moving a 702 bill.

Judiciary Chairman Bob Goodlatte later brushed off the mild critique, noting his panel worked with the Intelligence Committee on the legislation. “We think this is an appropriate bill that reauthorizes a vitally important national security program that gathers intelligence information about non-U.S. citizens outside the United States,” he told Martin in a phone interview. The Virginia Republican wouldn’t speculate on what it would mean if the Intelligence panel drafted its own renewal bill. “We’re working closely with everybody involved to get everybody headed in the same direction. I think we’re making substantial progress in that regard,” Goodlatte said. “We’re continuing to take on lots of support.”

But Schiff isn’t the only senior lawmaker to withhold full support for the measure, which should be formally introduced today. Rep. Ted Poe, a leading civil liberties-minded revisionist, said he was “encouraged” by the bill “in regards to our privacy and constitutional rights.” However, “there is still more that needs to be done to protect Americans’ Fourth Amendment rights,” he added in a statement. Poe said he would speak with “like-minded members” of the Judiciary Committee in the coming days. “Americans should not be forced to sacrifice individual liberty and constitutional rights for false security.”

Continue reading…