Overnight Cybersecurity: House plan for long-term surveillance law bill ‘dead for now’ | North Korea expands money-making hacks | Five arrested in ransomware bust
Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We’re here to connect the dots as leaders in government, policy and industry try to counter the rise in cyber threats. What lies ahead for Congress, the administration and the latest company under siege? Whether you’re a consumer, a techie or a D.C. lifer, we’re here to give you …
THE BIG STORY:
–HOUSE FACING TIGHT DEADLINE AFTER DELAYING 702 RENEWAL VOTE:
House Republicans’ plans to vote on a stand-alone bill to renew a controversial surveillance authority are dead “for now,” House Intelligence Committee Chairman Devin Nunes (R-Calif.) told reporters less than 24 hours after lawmakers scheduled a Rules Committee vote on the measure. They are butting up against a tight deadline: The current law, which the intelligence community says is critical to identify and disrupting terror plots, is set to expire at the end of the year. FISA Section 702 allows for warrantless surveillance of non-citizens outside the country. Occasionally, note opponents, the systems to protect Americans fail and the surveillance sweeps up domestic or a citizen’s chatter. GOP lawmakers will attempt to hash out stark divisions in a conference meeting later on Wednesday, but after a closed-door meeting with key lawmakers in Majority Leader Kevin McCarthy’s (R-Calif.) office, no decisions had yet been made. “We’re still working away on it,” McCarthy said, but offered few other details.
–…POSSIBLE SHORT TERM RENEWAL? Among the slate of options and unanswered questions: Will lawmakers try to attach a short-term renewal of the program to a stopgap spending measure at the end of the week, or try to push through a more long-term solution? “There’s a very little chance that a long-term FISA reauthorization has support of the overall conference,” said House Freedom Caucus leader Rep. Mark Meadows (R-N.C.), whose caucus is calling for stronger privacy protections to fix what it sees as systemic Fourth Amendment violations under the current program. The Rules Committee vote, scheduled for 4 p.m. Wednesday, has since been postponed. In the upper chamber, Majority Whip Sen. John Cornyn (R-Texas) has suggested lawmakers will try to insert a short-term renewal into its continuing resolution, effectively punting the issue at least into the new year. But it’s unclear what leaders mean by “short-term.” Sens. Rand Paul (R-Ky.) and Ron Wyden (D-Ore.) on Wednesday threatened to mount a filibuster of any long-term extension of the law.
To read the rest of our piece, click here.
A REGULATORY UPDATE:
NEW YORK MAY SIDESTEP FCC ON SOME NET NEUTRALITY: New York State Assemblymember Patricia Fahy (D) is pushing a bill in an effort to protect the principles of net neutrality in her state in the wake of the Federal Communications Commission’s (FCC) vote to repeal the popular Obama-era regulations.
According to Fast Company, Fahy has introduced a short piece of legislation that would prohibit state, county and city authorities from doing business with internet service providers that engage in business practices that were prohibited by the net neutrality rules, like blocking or throttling web content or making websites buy into internet “fast lanes.”
“If you are going to be a contractor and want to work with New York, then you must meet the principles,” Fahy told the magazine.
To read the rest of our piece click here.
A LIGHTER CLICK:
LIGHTNING WISHES YOU A MERRY CHRISTMAS.
A REPORT IN FOCUS:
LAZARUS RAISING MONEY… AGAIN: North Korea may be doubling down on its efforts to make money by hacking, according to new research by cybersecurity firm Proofpoint.
The Lazarus Group, an industry name for the believed-to-be North Korean hackers that breached Sony Pictures and launched the disastrous WannaCry malware, has already been linked to several different attempts to generate revenue by hacking. The group was tied to a string of bank robberies using the SWIFT interbank transfer request system totaling hundreds of millions of dollars, as well as recent attempts to phish cryptocurrency exchanges.
Proofpoint explains in a new report that Lazarus has started infecting South Korean credit card terminals, called point of sale (POS) systems, to steal credit card information.
The firm believes this would make North Korea the first known nation to steal credit cards this way.
Lazarus is also now no longer just phishing cryptocurrency exchanges, but also individuals who appear to own bitcoin and other digital currencies.
On Tuesday, the Trump administration blamed North Korea for the WannaCry malware that infected hundreds of thousands of systems in May. Such attributions from the executive branch have been extremely rare.
The report outlines two new pieces of malware being used by the group. Both are updates to the group’s old malware, known as Ratankba.
To read the rest of our piece, click here.
WHAT’S IN THE SPOTLIGHT:
ROMANIAN RANSOMWARE: Romanian authorities have arrested five suspects allegedly spreading the CTB-Locker ransomware throughout Europe and the U.S.
The arrests were the summation of work in concert with Dutch, United Kingdom and U.S. authorities, with help coming from Europol and the cybersecurity firm McAfee.
The five suspects are not believed to have designed the ransomware. Instead, they ran what amounted to a CTB-Locker franchise, paying the designers 30 percent of all of their proceeds
To read the rest of our piece, click here.
IN CASE YOU MISSED IT:
Links from our blog, The Hill, and around the Web.
The Coinbase cryptocurrency exchange is investigating insider trading. (The Hill)
OP-ED: WannaCry demonstrates the defensive power of working together. (CNN)
OP-ED: You might already be qualified for a cyber job. (The Hill)
OP-ED: Don’t regulate AI. (The Hill)
A cybersecurity firm is suing a cybersecurity reporter over a story about security flaws in their product. (ZD NET)
A British teen will avoid jail time despite running a DDoS service. (BankInfoSec)
Chinese attackers are targeting think tanks. (FireEye)
Copyright 2023 Nexstar Media Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.