Overnight Cybersecurity: Ukraine, Russia thumped by Bad Rabbit ransomware| Twitter to label political ads | Microsoft drops lawsuit over gag orders

Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We’re here to connect the dots as leaders in government, policy and industry try to counter the rise in cyber threats. What lies ahead for Congress, the administration and the latest company under siege? Whether you’re a consumer, a techie or a D.C. lifer, we’re here to give you …

 

THE BIG STORY:

–RANSOMWARE OUTBREAK IN UKRAINE AND RUSSIA. AGAIN: A fast-spreading ransomware outbreak is hitting Ukraine, Russia and beyond, McAfee and ESET cybersecurity companies confirmed. The ransomware, dubbed Bad Rabbit and DiskCoder by different sources, reportedly hit the Kiev Metro, Odessa airport, Ukrainian ministries of infrastructure and finance, as well as targets in Russia and as far off as Turkey. The Russian newswire service Interfax, among the victims, suspended service. The only available story on its website as of 10:30 a.m. Tuesday was a note reading “Interfax news service not available due to hacker attack.” Group-IB, a Russian security provider, said two other Russian media outlets were hit by Bad Rabbit.

{mosads}

–…FEAR THE BAD RABBIT: Initial reports say that Bad Rabbit first infects networks via a fake Adobe Flash update… Earlier in the day, the Russian news wire service ESET claimed the ransomware is a variant of the NotPetya threat that targeted Ukraine this summer and ultimately spread to major international firms including the shipping firm Maersk. While it appears there is some overlap in the code, researchers at Kaspersky Lab determined that core aspects of programming came from other sources, including the legitimate encryption product DiskCryptor.

–…BAD RABBIT USING SOME OLD FRIENDS: After infecting the first computer on a network, Bad Rabbit infects other computers on the network in a variety of ways. One is using EternalBlue, a security flaw in Windows that was patched earlier in the year. Another is guessing passwords and usernames using a list of commonly used ones. EternalBlue is one of the alleged NSA hacking tools leaked by the ShadowBrokers – after it was patched by Microsoft – but was nonetheless used to devastating malware attacks NotPetya and WannaCry.

–…RESEARCHERS OFFER ‘VACCINE’: Though fully patched systems, reasonably hard to guess passwords and Flash updates downloaded only from the Adobe website could all foil a Bad Rabbit attack, a researcher at Cybereason unveiled some additional steps that could guarantee no infection. 

To read the rest of our piece, click here.

 

A COURT UPDATE:

MICROSOFT DROPS LAWSUIT OVER GAG RULE:

Microsoft has dropped a lawsuit against the U.S. government after the Department of Justice (DOJ) moved to limit the routine use of gag orders on technology companies in connection with ongoing investigations.

The software giant sued the Justice Department in April of last year, asking a federal judge in Seattle to strike down a statute in a major data privacy law that governs the use of these secrecy orders by the federal government when it comes to warrants on electronic data.

Microsoft argued in its April 2016 complaint that the Electronic Communications Privacy Act, which was signed into law more than three decades ago, allows courts to order companies to “keep its customers in the dark when the government seeks their email content or other private information.”

To read the rest of our piece, click here.

 

A LIGHTER CLICK: 

WIFI CABLE. WiFi cable?

 

A PLEA FROM STATES IN FOCUS:

STATE OFFICIALS ASK FOR FED HELP IN ELECTIONS: Officials from Rhode Island and Virginia told a Democratic task force focused on election cybersecurity to send more resources to states to bolster the security of their election IT infrastructure.

“States need additional funding and resources dedicated to the security of election systems,” Rhode Island Secretary of State Nellie Gorbea (D) told lawmakers at the public forum on Capitol Hill. “These funds are critically needed for the assessments, testing procedures and the strengthening of IT capacity. In many states, they also need funding for the hardware of voting systems themselves.”

Virginia was among the 21 states notified by the Department of Homeland Security that its elections had been targeted by Russian hackers in September, according to The Associated Press.

Gorbea urged Congress to play a “critical role” by both appropriating additional resources to states for election cybersecurity and exercising oversight of the federal government’s efforts to safeguard future elections. Many states have argued the opposite point: that the federal government needs to avoid any appearance of interference in elections, constitutionally the purview of the states.

To read the rest of our piece, click here.

 

WHAT’S IN THE SPOTLIGHT:

POLITICAL ADS. Twitter announced Tuesday that it would begin labeling political advertisements as part of a new effort to increase transparency on its platform.

The company said that in the coming weeks it will move to identify political electioneering ads, which the Federal Election Commission (FEC) defines as ads promoting a specific candidate or a party within 30 days of a primary election and 60 days of a general election.

Such labeling would include some kind of signifier, like a purple dot noting that the tweet is prompted by a political account, according to a potential mockup the company included in a post announcing the changes.

The company said it will also create an “Advertising Transparency Center” where users can see all ad campaigns currently being run on the social media platform, whether political in nature or not.

In the center, users will have access to the total amount being spent on ad campaigns by companies, information on advertisers, demographics for the ads’ targeted audience and historical data on advertisers’ past marketing campaigns.

Twitter’s new transparency provisions come ahead of testimony by the company’s acting general counsel, Sam Edgett, on Capitol Hill as part of the probe into Russia’s election meddling.

To read the rest of our piece, click here.

 

IN CASE YOU MISSED IT:

‘Links from our blog, The Hill, and around the Web.

The House passed a bill upping cybersecurity at ports. (The Hill)

Homeland security advisor Tom Bossert struck back at Sen. John McCain (R-Ariz.) over a “cheap stunt” at a hearing. (The Hill)

President Trump’s personal lawyer took his turn before the House Intel Committee. (The Hill)

Hackers are holding photos taken from a celeb plastic surgery outfit hostage. (The Register).

Connecticut law enforcement launched a cyber task force. (DOJ)

South Korean banks are suing the computer sales site Newegg. (Ars Technica)

Researchers probably hacked your favorite dating app, whatever it is. (Gizmodo)

Scientists question the accuracy of the movie Geostorm. Can’t wait to hear what they think of “Happy Death Day.” (Gizmodo)

If you’d like to receive our newsletter in your inbox, please sign up here.