Overnight Cybersecurity

Overnight Cybersecurity: Mueller interviews cyber expert who claimed Russian ties | IRS downplays Equifax hack’s effect on tax season | Microsoft bug database was breached

Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We’re here to connect the dots as leaders in government, policy and industry try to counter the rise in cyber threats. What lies ahead for Congress, the administration and the latest company under siege? Whether you’re a consumer, a techie or a D.C. lifer, we’re here to give you …

 

THE BIG STORIES:

MUELLER INTERVIEWS CYBERSECURITY EXPERT WHO CLAIMS HE WAS “RECRUITED TO COLLUDE WITH THE RUSSIANS”: A cybersecurity expert who claimed he was “recruited to collude with the Russians” to meddle in the 2016 election has been interviewed by Justice Department special counsel Robert Mueller, Business Insider reported. Matt Tait, a former information security specialist for Britain’s Government Communications Headquarters was interviewed weeks ago by Mueller, according to a source familiar with the investigation. Tait claimed that he was recruited by a longtime GOP operative tied to the Trump campaign, Peter W. Smith, to obtain emails deleted from the Hillary Clinton private email server believed hacked by the Russian government. Smith told several people during his investigation that he was affiliated with President Trump’s former national security adviser Michael Flynn.

To read the rest of our piece, click here.

{mosads}

THE HIERARCHY OF DANGER: On Monday, three different sets of researchers revealed three different security vulnerabilities. But security experts contend that the one most people heard about is not the one ready to cause the most danger. By far, a security bug within the Wi-Fi protocol received the most attention. While it affects all devices and it is easy to immediately understand the danger, the threat may have been overblown. The devices facing substantial danger are Android and Linux systems and the attacker can only successfully attack devices within range. While that is bad, the situations where an Android or Linux device is connected to Wi-Fi physically available to the public are limited. The other two vulnerabilities that surfaced Monday may have a wider impact. A major manufacturer of security chips used easy-to-crack cryptography, which could have impacts on everything from software authentication to smart identity cards. And a new vulnerability in Adobe Flash has the potential to cause damage because consumers historically have been lax about keeping Flash up to date, leaving systems at risk to malicious websites and documents.

 

AN AGENCY UPDATE:

THE IRS DOESN’T EXPECT EQUIFAX HACK TO IMPACT TAX SEASON: The IRS does not expect the Equifax data breach to have a major effect on the upcoming tax filing season, Commissioner John Koskinen said Tuesday, adding that the agency believes a “significant” number of the victims already had their information stolen by cyber criminals.

“We actually think that it won’t make any significantly or noticeable difference,” Koskinen told reporters during a briefing on the agency’s data security efforts. “Our estimate is a significant percent of those taxpayers already had their information in the hands of criminals.”

The IRS estimates that more than 100 million Americans have had their personally identifiable information stolen by criminal hackers, he said.

The Equifax breach disclosed in early September is estimated to have affected more than 145 million U.S. consumers.

“It’s an important reminder to the public that everyone can take any actions that they can … to make sure we can do everything we can to protect personal information,” Koskinen said of the breach on Tuesday, in response to a reporter’s question.

The IRS commissioner advised Americans to “assume” their data already is in the hands of criminals and “act accordingly.”

To read the rest of our piece, click here.

 

A LIGHTER CLICK: ELECTION HACKING (Japan edition).

 

A REPORT IN FOCUS:

BOTNET LEARNS A NEW TRICK:

Researchers are warning that the group behind Necurs, one of the most venerable malware spamming operations, has added functions to its toolkit to gain new insight into its victims.

Necurs is a botnet, a vast network of hacked computers used in this case to email malware to new victims. The malware includes TrickBot, which is designed to steal banking credentials, and Locky, a form of ransomware.

Researchers at Symantec announced Tuesday that in addition to its recent updates to Locky and TrickBot, the Necurs group added some updates to the program used to download Locky and TrickBot onto new systems.

Downloaders usually try to fly under the radar and operate as quickly and covertly as possible. The new updates add a screenshot function and error reporting to the mix.

To read the rest of our piece, click here.

 

WHAT’S IN THE SPOTLIGHT:

GHOSTS OF MICROSOFT’S PAST:

A secret, internal database that Microsoft uses to track bugs in its software was compromised by a hacking group more than four years ago, according to five former employees who spoke with Reuters.

Microsoft did not publicly disclose the extent of the breach when it discovered the hack in 2013.

The stolen database reportedly included descriptions of important vulnerabilities that had not yet been fixed.

The former employees said that Microsoft likely fixed the vulnerabilities in the months following the hack; however, they also note that hackers could have used such information to break into government and corporate computer networks.

Information on vulnerabilities can be valuable for hackers who can use the databases for guidance on what potential vulnerabilities they can exploit in the future.

To read the rest of our piece, click here.

 

IN CASE YOU MISSED IT:

Links from our blog, The Hill, and around the Web.

Google is upping security protections for politicos and journalists. (The Hill)

Senators slammed the credit bureau industry over data protection. Again. (The Hill)

The Senate subpoenaed Carter Page, and Michael Flynn Jr. has not responded to committee requests for files. (The Hill)

China sees parallels between its “Great Firewall” and U.S. companies trying to fight fake news. (The New York Times).

An old Chinese trojan has resurfaced. (Cylance)

Radio killed radio exploration of the stars. (Motherboard)

If you’d like to receive our newsletter in your inbox, please sign up here.