Cyber threats top agenda at White House meeting with Big Tech, finance executives

WASHINGTON (Reuters) – The White House will ask Big Tech, the finance industry and key infrastructure companies to do more to tackle the growing cybersecurity threat to the U.S. economy in a meeting with the President Joe Biden and members of his cabinet on Wednesday.

“Cybersecurity is a matter of national security. The public and private sectors must meet this moment together, and the American people are counting on us,” a senior administration official told reporters.

Cybersecurity has risen to the top of the agenda for the Biden administration after a series of high-profile attacks on network management company SolarWinds Corp, the Colonial Pipeline company, meat processing company JBS and software firm Kaseya. The attacks hurt the United States far beyond just the companies hacked, affecting fuel and food supplies.

The guest list includes Amazon.com Inc CEO Andy Jassy, Apple Inc CEO Tim Cook, Microsoft Corp CEO Satya Nadella, Google’s parent Alphabet Inc CEO Sundar Pichai and IBM Chief Executive Arvind Krishna, according to two people familiar with the event.

One official said private sector executives were expected to announce commitments across key areas, including technology and staffing.

The meeting comes as Congress weighs legislation concerning data breach notification laws and cybersecurity insurance industry regulation, historically viewed as two of the most consequential policy areas within the field.

Executives for energy utility firm Southern Co and financial giant JPMorgan Chase & Co are also expected to attend the event.

The event will feature top cybersecurity officials from the Biden administration, including recently confirmed National Cybersecurity Director Chris Inglis, as well as Secretary of Homeland Security Alejandro Mayorkas, to lead different conversations with industry representatives.

(Reporting by Andrea Shalal and Christopher Bing; Editing by Lisa Shumaker)

U.S. officials warn Congress on 2018 election hacking threats

U.S. Secretary of Homeland Security Kirstjen Nielsen speaks to reporters after she, FBI Director Christopher Wray and Director of National Intelligence Daniel Coats briefed members of the U.S. House of Representatives on election security at the U.S. Capitol in Washington, U.S., May 22, 2018. REUTERS/Leah Millis

By David Shepardson

WASHINGTON (Reuters) – Senior Trump administration officials warned Congress on Tuesday of ongoing efforts by Russia to interfere in the 2018 midterm congressional elections as the federal government prepares to hand out $380 million in election security funding to states.

At a briefing attended by about 40 or 50 members of the 435-member U.S. House of Representatives, the heads of FBI, Homeland Security Department and the director of National Intelligence said states and cities overseeing elections need to be prepared for threats.

DHS Secretary Kirstjen Nielsen told reporters she agreed Russia was trying to influence the 2018 elections.

“We see them continuing to conduct foreign influence campaigns,” Nielsen said, but added there is no evidence of Russia targeting specific races.

Nielsen said DHS is watching other countries that have the capability to influence U.S. elections, including China and Iran. “We need to be prepared,” she said.

Chris Krebs, a senior DHS cyber security official, told Reuters that the administration was sending states guidance on how to spend the $380 million approved by Congress in March to help safeguard U.S. voting systems from cyber attacks. The funds are expected to be distributed later this week.

DHS is assisting 48 states with election security. It handed out a chart at the briefing to members that said states need to have auditable systems, spend time on planning, training and drills and they should “consider investing in full system architecture reviews.”

Representative Michael McCaul, who chairs the House Homeland Security Committee, said after the briefing that members are concerned that “not only Russia but possibly other foreign adversaries are now going to start looking at how they can meddle in the midterm elections and we need to be prepared. We were caught off guard last time.”

U.S. intelligence agencies have concluded that Russian leadership at a very high level was involved in the attempt to interfere in the U.S. election in order to boost President Donald Trump’s candidacy.

Russia has denied interfering in U.S. elections.

Several Democrats after the briefing expressed concern that the federal government was not doing enough to safeguard elections.

“It is clear that our government must do more and whatever possible to secure our elections from foreign interference. The integrity of our democracy is at stake,” said Representative Bennie Thompson, the top Democrat on the Homeland Security Committee.

UNPRECEDENTED, COORDINATED

A May 8 U.S. Senate report said that in 2016 “cyber actors affiliated with the Russian Government conducted an unprecedented, coordinated cyber campaign against state election infrastructure.” Russian actors “scanned databases for vulnerabilities, attempted intrusions, and in a small number of cases successfully penetrated a voter registration database.”

The report said in a small number of states, “these cyber actors were in a position to, at a minimum, alter or delete voter registration data.”

Krebs said on Tuesday that DHS wanted states to “increase awareness” and have a “layered defense.”

If a voter’s information was missing, for example, they could request a provisional ballot. “If we do detect something, we can overcome it,” he said.

During the 2016 campaign, hackers stole emails from the personal account of Democratic candidate Hillary Clinton’s campaign chairman and from the Democratic National Committee, and they were used to embarrass Clinton.

Representative C.A. “Dutch” Ruppersberger, said members of Congress need to be aware of cyber risks. “We need to focus on it, make it a priority,” he said.

DHS said in March it is prioritizing election cyber security above all other critical infrastructure it protects.

The agency has said that 21 states had experienced initial probing of their systems from Russian hackers in 2016 and that a small number of networks were compromised, but that there remains no evidence any votes were actually altered.

Representative Adam Schiff, the top Democrat on the Intelligence Committee, told reporters the federal government should quickly alert states if they learn of election system hacking.

He also wants a “real-time communications channel” between the intelligence community and technology companies in order to assure that internet firms are notified if evidence emerges that Russia is creating fake Facebook Inc <FB.O> pages or taking other actions to influence the elections.

(Reporting by David Shepardson; additional reporting by Susan Cornwell; editing by Bill Berkrot)

Private not state hackers likely to have targeted UK parliament: sources

FILE PHOTO - The Union Flag flies near the Houses of Parliament in London, Britain, June 7, 2017. REUTERS/Clodagh Kilcoyne/File Photo

LONDON (Reuters) – A cyber attack on email accounts of British lawmakers last month is likely to have been by amateur or private hackers rather than state-sponsored, European government sources said.

The private email accounts of up to 90 of the 650 members of Britain’s House of Commons were targeted in late June, with some news reports suggesting that the attack was carried out by a foreign government, such as Russia.

However, cyber security experts had found that the hackers only managed to access accounts of lawmakers who used primitive and easily discovered passwords, the sources, who are familiar with the investigations into the attacks, said.

It remains unclear who did carry out the attack, they added.

Investigators hope the hack will convince politicians and other public figures to use more sophisticated passwords for their email and other online activities.

British authorities are not commenting publicly on the progress of investigations, but an official cautioned after the hack was discovered that “cyber threats to the UK come from criminals, terrorists, hacktivists as well as nation states.”

(Reporting by Mark Hosenball; Editing by Alexander Smith)