Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We’re here to connect the dots as leaders in government, policy and industry try to counter the rise in cyber threats. What lies ahead for Congress, the administration and the latest company under siege? Whether you’re a consumer, a techie or a D.C. lifer, we’re here to give you …
THE BIG STORIES:
–SEC HACKED: The Securities and Exchange Commission (SEC) revealed Wednesday that hackers breached its system for public-company filings and may have profited from stolen insider information. SEC Chairman Jay Clayton said in a statement that hackers exploited a software vulnerability in the regulator’s EDGAR filing system. That breach was discovered in 2016, he said, but the SEC did not learn about the possibility of unlawful trading until 2017.”Cybersecurity is critical to the operations of our markets and the risks are significant and, in many cases, systemic,” said Clayton in the statement. “We must be vigilant. We also must recognize–in both the public and private sectors, including the SEC–that there will be intrusions, and that a key component of cyber risk management is resilience and recovery.”
To read the rest of our piece, click here.
{mosads}
–…TO THE SHOCK OF LAWMAKERS: Sen. Mark Warner (D-Va.), a member of the Senate Banking Committee, said the SEC breach “shows that government and businesses need to step up their efforts to protect our most sensitive personal and commercial information.” Warner said he’d press SEC Chairman Jay Clayton on the agency’s rules dictating when companies must report data breaches when he appears before the Banking panel next week. “Information has become one of our country’s most valuable resources, and control of that information comes with significant responsibility,” Warner said. “The SEC should not retreat from its important market oversight role in order to limit its exposure to sensitive information.”
To read the rest of our piece, click here.
–FORMER NSA/CIA HEAD: IF FEDS CAN’T SECURE HACKING TOOLS, THEY SHOULDN’T HAVE THEM: Michael Hayden, a former head of both the National Security Agency and CIA, said on Thursday that the U.S. should not deploy cyber espionage tools if it can’t keep them secure. “I cannot defend American espionage using incredibly powerful tools if we cannot keep them secret,” Hayden said during the Anomali DETECT conference in National Harbor, Md. Hayden, currently a principal at the Chertoff Group, was referring to two incidents that have occurred since May, in which tools leaked by TheShadowBrokers hacking group were used in incredibly virulent outbreaks of malware. TheShadowBrokers claimed the tools were stolen from an elite cyber intrusion unit at the NSA, and previously unreleased documents leaked by former NSA contractor Edward Snowden contained tracking codes matching the source code found in files belonging to TheShadowBrokers.
To read the rest of our piece, click here.
AN ADVISOR UPDATE:
THE MAN WHO WASN’T THERE: When President Trump signed the executive order addressing cybersecurity earlier this year, homeland security advisor Tom Bossert thanked former New York City Mayor Rudy Giuliani for his help. Giuliani leads Trump’s “cyber working group,” announced during the campaign.
But despite the thanks, former U.S. officials told CyberScoop Thursday that Giuliani had little role in the executive order or any other aspect of policy. In fact, sources told the publication, it appears his working group was little more than a “business development opportunity” for Giuliani Partners, claiming the former mayor’s cybersecurity consultancy leveraged Giuliani’s White House post into business meetings.
“From what I saw, [the working group] didn’t exist,” one former senior U.S. official told CyberScoop.
The Hill spoke to a cybersecurity industry representative who claims to have spoken to Giuliani in the run up to the executive order about a draft that was circulating. It is unclear if any of that discussion made it to the White House. In fact, major technology companies and industry groups were not contacted by Giuliani and resorted to calling the White House for information, according to the CyberScoop report.
THE MOSCOW MILE:
–FACEBOOK TO TURN OVER RUSSIAN ADS TO INVESTIGATORS: Facebook has made a deal with Congressional investigators to turn over roughly 3000 advertisements purchased by Kremlin-linked groups during the 2016 presidential campaign. The company confirmed Thursday afternoon that it would release details associated with advertisements. “We believe it is vitally important that government authorities have the information they need to deliver to the public a full assessment of what happened in the 2016 election,” wrote Facebook’s General Counsel Colin Stretch. “That is an assessment that can be made only by investigators with access to classified intelligence and information from all relevant companies and industries — and we want to do our part.” Stretch noted that the decision had come after “an extensive legal and policy review,” with consideration for “federal law” which Facebook says “places strict limitations on the disclosure of account information.”
To read the rest of our piece, click here.
–…AND TWITTER REPRESENTATIVES WILL TESTIFY: Representatives from Twitter will meet with staff from the Senate Intelligence Committee next week in connection with the panel’s investigation of Russian interference in the 2016 presidential election. The social media company says that it will address fake bot accounts as well as the dissemination of hoax stories and false news on its platform with committee staffers. “We are cooperating with the Senate Select Committee on Intelligence in its inquiry into the 2016 election and will meet with committee staff next week,” a Twitter spokesperson told The Hill on Thursday. “Twitter deeply respects the integrity of the election process, a cornerstone of all democracies, and will continue to strengthen our platform against bots and other forms of manipulation that violate our Terms of Service.”
To read the rest of our piece, click here.
–DEM ‘GUARANTEES’ TRUMP COLLUDED: Rep. Maxine Waters (D-Calif.), one of President Trump’s most vocal critics, said Thursday she can “guarantee” that he is colluding with the Russians to undermine American democracy. Waters, who has repeatedly called for Trump’s impeachment, made the statements at a Congressional Black Caucus town hall meeting on civil rights in Washington, D.C. “Here you have a president who I can tell you and guarantee you is in collusion with the Russians to undermine our democracy. Here you have a president that has obstructed justice. And here you have a president that lies every day,” Waters said, as reported by the Washington Examiner.
To read the rest of our piece, click here.
–MANAFORT USED TRUMP EMAIL TO CONTACT UKRAINIAN AGENT: Former President Trump campaign chairman Paul Manafort used his official Trump campaign email to contact a Ukrainian political operative, Politico reported Wednesday. Manafort emailed the operative, Konstantin Kilimnik, about payments for work he had done in the past and to discuss potential new opportunities in Ukraine even as he led Trump’s campaign. Kilimnik is suspected of being tied to the Russian government, but he has denied such reports. A source familiar with the emails told Politico that Manafort made his influence in the campaign clear to Kilimnik in the messages. A lawyer representing the Trump campaign did not return Politico’s request for comment. This report comes as it was revealed that Manafort offered to set up daily “private briefings” on the campaign to Russian billionaire Oleg Deripaska, who has ties to the Kremlin. There is no evidence in the emails, which have been turned over to special counsel Robert Mueller and congressional investigators, that Deripaska received the offer or that any briefings took place.
To read the rest of our piece, click here.
A LIGHTER CLICK:
FINALLY, an app that will eliminate the need to do Sudoku. Why have leisure?
A REPORT IN FOCUS:
STATE SPONSORED CAMPAIGN USES INTERNET PROVIDERS: The cybersecurity firm ESET sees “strong indicators of major internet service provider (ISP) involvement” in a new round of attacks from a state-sponsored spyware campaign, according to a report released Thursday.
The report concerns attacks using the FinFisher brand of spyware, a commercially available product made by a private contractor and sold to nations and law enforcement agencies.
ESET claims it has discovered attempts to infect systems with the latest version of FinFisher in seven countries. In two of those countries, the attacker appears to have used the ISP to deliver the malware. The remaining five countries were struck using more conventional modes of distributing malware.
In the newest FinFisher attacks, users trying to download WhatsApp, Skype, Avast, WinRAR, VLC Player and other software from legitimate sites were rerouted to malware-laced versions of the same software.
Leaked FinFisher documents show that the company offers a FinISP service to infect victims using an ISP, and victims within the same countries shared ISPs, leading ESET to determine the ISPs were possibly involved.
This would be the first known public sighting of a FinISP attack.
It is unclear if the internet provider is helping the attacker willingly or if their systems were compromised.
To read the rest of our piece, click here.
WHO’S IN THE SPOTLIGHT:
EUGENE KASPERSKY: A House committee has delayed planned testimony from the CEO of Moscow-based cybersecurity firm Kaspersky Lab.
Eugene Kaspersky last week accepted an invitation from the House Science Committee to testify at a public hearing on Sept. 27.
The invite was extended one day after the Trump administration barred federal agencies from using Kaspersky products over security concerns. Kaspersky planned to address allegations about his company at the hearing.
Kaspersky said last week that he would need an expedited visa to attend the hearing. When contacted about the delay, Kaspersky told The Hill in a statement, “I look forward to participating in the hearing once it’s rescheduled and having the opportunity to address the committee’s concerns directly.”
However, a committee aide said Thursday that the hearing would be postponed to a later, undisclosed date, citing scheduling conflicts.
When asked for more information, the aide said that a conference member event had been scheduled for the same morning.
To read the rest of our piece, click here.
MEANWHILE, AT LEAST ONE CYBER FIRM HAS TURNED THE KASPERSKY BAN INTO AN AD:
McAfee, a Kaspersky Lab competitor, is now advertising on its rival’s controversy.
“FBI Advises Removal of Kaspersky for suspected ties to Russian Spies,” reads a banner plastered over an American Flag in a new McAfee promotion.
A side-by-side comparison of McAfee (“Headquartered in USA”) and Kaspersky (“Headquarters in Russia”) also notes Kaspersky Lab’s wares cost more despite similar functions.
IN CASE YOU MISSED IT:
Links from our blog, The Hill, and around the Web.
The European Union would like to raise taxes on tech firms and would appreciate it if the U.S. did as well. (The Hill)
Lawmakers fear that hackers could cause prescription drug shortages. (The Hill)
Canada has tough new breach notification standards. (Bank Info Security)
Researchers developed a program to quantitatively determine what protest photos seem the most violent. (ARXIV, via The Register)
An alleged cryptocurrency hacker returned $3 million he stole, but no one knows why. (Motherboard)
If you’d like to receive our newsletter in your inbox, please sign up here.