Overnight Cybersecurity: National Archives breached?

National Archives breached? February 25, 2015 By Cory Bennett and Elise Viebeck Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We're here to connect the dots as leaders in government, policy and industry wrap their arms around cyberthreats. What lies ahead for Congress, the administration and the latest company under siege? Whether you're a consumer, a techie or a D.C. lifer, we're here to give you ... THE BIG STORIES: --NATIONAL ARCHIVES BREACHED?: Cue the "National Treasure" jokes. Law enforcement is investigating a possible data breach at the National Archives after a hacker group released a video purporting to show a break-in at the agency's website. The video was posted on YouTube in early February by a group known for malicious activity online. Shared privately with The Hill, it shows a Web user scrolling through a database of agency files, accompanied by threats and ominous music. Private security experts who reviewed the video said it appears the hackers may have gained access to the back-end of the National Archives website, where content is updated. To read our full story, click here. --COULD DHS FALL BEHIND ON CYBER?: If the government shuts down it will, argued a top official during a House hearing on Wednesday. Even a brief lapse in funding could leave government networks and websites exposed, delay the deployment of new security measures and hurt private-sector relationships, said Suzanne Spaulding, under secretary for the National Protection and Programs Directorate at the DHS. "We are running on a daily basis full speed ahead to try and keep ahead of those efforts of those adversaries," she told lawmakers. To read our full story, click here. --THE NEW CYBER AGENCY IS HERE: The Obama administration's attempt to consolidate the intelligence community's cyber threat data is here. The Cyber Threat intelligence Integration Center (CTIIC) was officially authorized Wednesday, two weeks after it was initially announced. Details are still scarce, but the White House did say the new division will be small, roughly 50 employees pulled from various intelligence agencies. Some have questioned the government's ability to staff the CTIIC, given the ongoing shortages of federal cyber employees. The agency's location and final structure are still in the works, the White House said. To read our full story, click here. UPDATE ON CYBER POLICY: --A BIPARTISAN CHORUS of House Homeland Security Committee members lauded the DHS for its cyber efforts in recent years during a Wednesday hearing. The DHS "is really the ideal place" to serve as the government interface on cybersecurity information sharing with the private sector, said Chairman Michael McCaul (R-Texas). The White House and several lawmakers are pushing bills that would place the DHS at the center of the public-private cyber data exchange. "In the last five years, I've seen capabilities at Homeland Security go way up," McCaul added. McCaul even interjected later to reiterate his praise when DHS Secretary Jeh Johnson made a surprise appearance during the proceedings. LIGHTER CLICK: --THE PRESCIENT "OCEAN'S ELEVEN": Feeling lost on cyber? Just rewatch the bank heist classic "Ocean's Eleven" to see where people go wrong when constructing cyber defenses, writes Melanie Teplinsky, an information privacy law professor and former NSA analyst. A LOOK AHEAD: --THURSDAY: House Democrats are already unhappy with an upcoming White House plan to protect online privacy that could drop as early as Thursday. Although lawmakers haven't yet seen drafts, Democrats said Wednesday they're afraid it could strip the Federal Communications Commission of critical oversight authority of Internet service providers. To read The Hill's story, click here. --THURSDAY: Get a demonstration of a next-generation cyber threat visualizer from Frank Pound, head of the mysterious "Plan X" project at the government's clandestine research agency, DARPA. Pound will also sit for a Q&A during the Christian Science Monitor event. --FRIDAY: DHS funding expires at the end of the month and Congress still seems far away from a deal. Although the agency's major cybersecurity functions are deemed "essential" and would continue under a shutdown, DHS officials warned on Wednesday that the budget uncertainty is hampering the agency's cyber efforts. IN CASE YOU MISSED IT: Links from our blog, The Hill, and around the Web. The leading cellphone chip maker confirmed the NSA hacked its systems, but denied it made off with the encryption keys necessary to spy on cellphone users. (The Hill) China has been slowly removing Western tech companies like Apple from its list of companies approved for state purchases. (The Hill) Is Hillary Clinton looking to take a stance on encryption that isn't technically possible? (The Washington Post) Maybe think twice about emailing the Canadian government. Apparently those emails are being "vacuumed up" by our northern neighbor's surveillance agency (The Intercept/CBC News) Cameron Kerry, formerly seen as one of the Obama administration's biggest digital privacy advocates, argues that cybersecurity bills are "essential enablers of trust." (Brookings) Hackers claiming to be former staffers for Israel's intelligence agency Mossad threatened South Africa with a serious cyberattack in 2012. (GigaOm) Wall Street may soon be required to use stronger password measures. (The Wall Street Journal) We'll be working to stay on top of these and other stories throughout the week, so check The Hill's cybersecurity page early and often for the latest. And send any comments, complaints or cyber news tips our way, viacbennett@thehill.com or eviebeck@thehill.com. And follow us at@cory_bennett and @eliseviebeck. If you'd like to receive our newsletter in your inbox, please sign up here:http://goo.gl/KZ0b4A