Overnight Cybersecurity: Feds bust elite hacking forum

Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We’re here to connect the dots as leaders in government, policy and industry wrap their arms around cyberthreats. What lies ahead for Congress, the administration and the latest company under siege? Whether you’re a consumer, a techie or a D.C. lifer, we’re here to give you …

THE BIG STORIES:

–IT’S GOING DOWN: The Justice Department said Wednesday it had taken down a hacking forum known as Darkode. The government has filed criminal charges against 12 people allegedly affiliated with the forum, a dark Web repository for hacking tools of all kinds. The sting is part of a global law enforcement effort. Twenty other countries — from Australia to Cyprus to the United Kingdom — have also charged or arrested 70 alleged Darkode members. “We have dismantled a cyber hornets’ nest of criminal hackers which was believed by many, including the hackers themselves, to be impenetrable,” said David Hickton, the U.S attorney for the Western District of Pennsylvania. U.S. officials are claiming it as a major victory in their fight against the massive cyber crime rings that have rapidly proliferated over the last few years. To read our full piece, click here.

{mosads}–OFF THE GRID: Republicans are short-changing the U.S. electrical grid of millions of dollars needed to protect it from cyberattacks, two Democratic senators warned on Wednesday. “It makes no sense,” said Sen. Debbie Stabenow (D-Mich.) during a Wednesday conference call with reporters. “This is time to get serious.” The two parties are currently battling over an Energy and Water Development funding bill. Stabenow and Sen. Martin Heinrich (D-N.M.) are trying to raise alarms about the dangers of using sequestration-level funding for energy grid reliability. It’s a prospect, they say, that would leave the U.S. lagging behind other countries in defending its grid from potential cyberattacks. “The reality is that this is a system that is not as well protected as it should be,” Heinrich said. “This is a grid that evolved over 100 years and much of it is based on fairly simple technology.” To read our full piece, click here.

–CRUSHING IT: The agency that housed the hacked database of federal workers’ personnel files has patched thousands of vulnerabilities identified by a yet-to-be-released inspector general report. “Vulnerabilities, though, it’s a process,” said Sylvia Burns, chief information officer for the Department of the Interior (DOI), during a House hearing on Wednesday. “It’s not something that’s a one-time hit.” The DOI hosted the databank that was compromised in the first of two major breaches at the Office Personnel Management (OPM). In early June, OPM said an intrusion had allowed hackers to make off with 4.2 million federal employees’ personnel records. Officials said digital intruders used a contractor’s credentials to get into the OPM system, then hop over the DOI network where they cracked the personnel database. On Wednesday, the House Subcommittee on Information Technology held a hearing to discuss how the suspected Chinese hackers were able to jump from OPM to DOI. To read our full piece, click here.

UPDATE ON CYBER POLICY:

–YOU’RE ON THE LIST. Rep. Mo Brooks (R-Ala.) this week introduced the “Protect US Act,” which would give the president and Congress the power to add foreign powers accused of harboring or conducting hacking to a “State Sponsors of Cyberattacks” list. The bill would then give the president power to impose a wide range of trade sanctions on those countries.

The measure comes on the heels of allegations that China orchestrated a massive digital hit on the U.S. government, stealing over 22 million people’s personal data.

“The best means to deter countries that actively support or fail to stop or prosecute such attacks is with a swift and punitive response,” Brooks said. “In the absence of adequate punishment, there is no adequate deterrence. In the absence of adequate deterrence, the attacks will continue and likely become more aggressive and worse.”

Read on, here.

LIGHTER CLICK:

–NINE YEARS IN THE MAKING. These first close-up photos of Pluto have some great details — ice mountains as tall as the Rockies, a dark spot known as “Mordor.” Still not a planet, Neil deGrasse Tyson tells Stephen Colbert. Check out the pictures here. And watch Colbert here.

WHO’S IN THE SPOTLIGHT:

–MICRON TECH, a U.S.-based chip maker that Tsinghua Unigroup, a state-owned Chinese chip maker, is trying to purchase for $23 billion. The bid is quickly becoming another irritant in the already tense U.S.-China cybersecurity relationship.

From our story, earlier this week: “Beijing wants to buy Micron to boost the quality of its own domestic information technology. Memory chips are crucial in developing better smartphones and defense technology. Chinese officials have been transparent about their desire to reduce reliance on foreign information technology, partly in order to exercise greater control over data within the country.”

The issue reached Capitol Hill on Wednesday, with Senate Armed Services Committee Chairman John McCain (R-Ariz.) expressing his concerns.

His quote, per Reuters: “I am concerned by the potential national security implications of a planned bid by a Chinese state-owned enterprise for Micron Technology, the last major American manufacturer of memory chips,” McCain said. “It is critical that any proposed takeover receive careful and thorough review by the Congress, the Department of Defense and other U.S. government agencies.” Read on, here.

Reuters also thinks an ultimate deal is a longshot. Check it out, here.

A LOOK AHEAD:

THURSDAY

–DefenseOne will hold an event starting at 8:30 a.m. on “Anticipating the Next DOD Insider Threat.” DOD officials will speak.

IN CASE YOU MISSED IT:

Links from our blog, The Hill, and around the Web.

NSA Director Adm. Mike Rogers said the OPM hack won’t be a “one-off.” (The Hill)

Rapid7, a leading cybersecurity services provider based in Boston, is planning an initial public offering on Friday just below the $1 billion value threshold. (Yahoo Finance)

A feature read: “The world’s first hack: the telegraph and the invention of privacy.” (The Guardian)

Google Map Maker will reopen in August after the urinating-robot controversy. (The Guardian)

What is Adobe Flash, and how can you get rid of it? (Yahoo Tech)

The NSA’s new open source project is a cybersecurity tool. (InfoWorld)

Venture-capital firm Andreessen Horowitz is backing OKCupid founders’ encryption firm. (The Wall Street Journal)

If you’d like to receive our newsletter in your inbox, please sign up here: http://goo.gl/KZ0b4A