Overnight Cybersecurity: State Dept. can’t verify alleged Clinton hacker’s claims

Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We’re here to connect the dots as leaders in government, policy and industry try to counter the rise in cyber threats. What lies ahead for Congress, the administration and the latest company under siege? Whether you’re a consumer, a techie or a D.C. lifer, we’re here to give you …

THE BIG STORIES:

–HOW MANY TIMES DO WE HAVE TO TELL YOU?: The State Department on Thursday said it could not verify claims by a Romanian hacker who said he broke into former Secretary of State Hillary Clinton‘s private server. “We don’t have any reason to believe that it might be true,” spokesman Mark Toner told reporters, declining to comment further on the hacker’s claims. “I’m going to refrain from comment specifically on an issue that is being looked at and investigated by other entities.” On Wednesday, the hacker “Guccifer” told Fox News and NBC he had easily accessed Clinton’s personal server at her New York home after breaking into the email of her longtime ally Sidney Blumenthal. “For me, it was easy,” he bragged to Fox from a Virginia jail where he is being held on other charges. The hacker, whose real name is Marcel Lehel Lazar, was extradited to the U.S. from Romania earlier this year. The Democratic front-runner’s presidential campaign swiftly denied his claims Wednesday, saying there was “absolutely no basis to believe” them. “It is unfathomable that he would have gained access to her emails and not leaked them the way he did to his other victims,” it added. To read our full piece, click here.

{mosads}–IN THE CROSSHAIRS?: Digital rights activists are urging the tech industry to help defeat Sen. Richard Burr (R-N.C.), who is running for reelection. “[Donald] Trump’s win endangers GOP Senators. America’s tech community should rally to defeat Richard Burr, for his idiotic war on Internet security,” tweeted Andrew McLaughlin, a former White House technology official and current head of the content platform Medium. “It’s time for an all-out frontal assault on Sen. Burr’s campaign from the tech community,” tweeted Amie Stepanovich, policy manager for the digital rights group Access Now. But what, exactly, that effort might entail is still up in the air, Stepanovich told The Hill. “The idea that this is a race that tech can get involved in is very new. I think people are just feeling out the extent to which it’s feasible to be active and the resources that are available,” Stepanovich said, noting that she is “talking to people” about the possibility of a campaign. She was careful not to overstate their efforts. “[This idea] is only about 40 hours old,” she said. Access Now — which is a nonprofit — will not be participating, she also stressed. Burr, chairman of the Intelligence Committee, has been under fierce fire from the technology community for a controversial encryption proposal he has been circulating with Sen. Dianne Feinstein (D-Calif.), the panel’s ranking member. The draft legislation would force companies to provide “technical assistance” to government investigators seeking locked data. “There is a lot of anger at Sen. Burr over his draft bill with Sen. Feinstein and the risk that it poses to the tech community, both from an economic perspective as well as from a human rights, user-safety perspective,” Stepanovich said. To read our full piece, click here.

A LIGHTER CLICK:

–LET US TEACH YOU HOW TO BET. Don’t play the heavy favorite, a $2 exacta box is a user-friendly wager and don’t be surprised if you cry when they play My Old Kentucky Home.

Here’s some other good advice for Saturday.

A REPORT IN FOCUS:

–HARDER, BETTER, FASTER, STRONGER. Hackers are getting faster and better at targeting their attacks, according to a threat intelligence report from Microsoft released Thursday.

“If I could use a second word to describe how they have changed I would use ‘accelerated,'” Microsoft Chief Security Officer Tim Rains writes. “The focus and pace that some attackers have been demonstrating recently have certainly increased over time.”

But while hackers have added to their arsenal of “dirty tricks,” Rains says, they still focus on a relatively small number of ways to compromise computers — good news for organizations across the globe trying to defend themselves against a barrage of intrusions.

“We look at north of 10 million attacks on identities every day,” Microsoft manager Alex Weinert told Reuters — although he noted that attacks are not always successful in infecting computers.

To read our full piece, click here.

WHO’S IN THE SPOTLIGHT:

–DAVID LEVIN. The political consultant and security firm owner has been booked on three felony charges for hacking the Florida Division of Elections website and a county election office.

“He took usernames and passwords from the Lee County website and gained further access to areas that were password-protected,” Florida Department of Law Enforcement Special Agent Larry Long told the Herald/Times. “The state statute is pretty clear. You need to have authorization before you can do that.”

But Levin says he was simply exposing security holes in the system.

In fact, he walked through his exploit in a YouTube video, seated next to the man challenging the incumbent supervisor of elections — whose credentials, coincidentally, Levin used to access the systems.

Read on, in the Charlotte Observer, here.

IN CASE YOU MISSED IT:

Links from our blog, The Hill, and around the Web.

Creative cybercriminals have found a new way to try to convince victims to fork up their money faster: telling victims to think of the children. (Motherboard)

Cybersecurity firm FireEye Inc said on Thursday that Chief Executive David DeWalt would step down from that role on June 15 and be succeeded by President Kevin Mandia. (Reuters)

Edelson PC is moving to lift the veil on a privacy class action it filed against a Chicago-based law firm that it accuses of failing to maintain robust data security practices. (Law360)

The government is paying to hack into the iPhones of crime victims, not just suspects.

DHS is sweetening its cyber workforce recruiting with new bonuses. (Federal News Radio)

If you’d like to receive our newsletter in your inbox, please sign up here.