Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We’re here to connect the dots as leaders in government, policy and industry try to counter the rise in cyber threats. What lies ahead for Congress, the administration and the latest company under siege? Whether you’re a consumer, a techie or a D.C. lifer, we’re here to give you…
THE BIG STORIES:
–MANAFORT, GATES REMAIN UNDER HOUSE ARREST: Former Trump campaign chairman Paul Manafort and his associate Richard Gates will remain under house arrest until they can provide adequate financial assurance to convince a federal judge they will not skip out on future court appearances. Manafort and Gates have been charged with money laundering and other crimes as part of special counsel Robert Mueller’s investigation into Russian meddling in the presidential election. They were released into home confinement with GPS monitoring on $10 million and $5 million unsecured bail bonds, respectively, last week and are now petitioning the court for more flexible conditions. U.S. District Judge Amy Berman Jackson said Monday that she is prepared to modify the conditions of Manafort and Gates’s release — but indicated she does not yet have the information she needs to approve a new bail package. In a hearing last week, she expressed concerns that both men presented a flight risk because of their substantial ties abroad. “We’re not talking about dangerousness here,” Jackson said Monday. “We’re talking about flight.”
To read the rest of our piece, click here.
{mosads}
–MUELLER REPORTEDLY CLOSING IN ON FLYNN: Special counsel Robert Mueller has obtained enough evidence to bring charges in the federal investigation into President Trump’s former national security adviser Michael Flynn and his son, according to NBC News. Flynn would be the first current or former Trump administration official to be charged by Mueller’s team, signaling the team is closing in on the White House. The special counsel’s office declined to comment on the report to The Hill. Mueller’s team is reportedly planning to speak with various witnesses in the next week to learn more about Flynn’s past lobbying work and whether he laundered money and lied to federal investigators. NBC also reported that the special counsel’s team is probing whether Flynn attempted to kick a rival to Turkish President Recep Tayyip Erdoğan out of the U.S. and back to Turkey in exchange for large financial sums.
To read the rest of our coverage, click here.
–RUSSIAN LAWYER CLAIMS TRUMP JR. HINTED ANTI-RUSSIA LAW COULD BE REVISITED: A Russian lawyer who met with members of President Trump’s inner circle said Donald Trump Jr. indicated that if his father won the 2016 election, his administration would revisit an anti-Russia law, Bloomberg reported Monday. Natalia Veselnitskaya said she went to New York City in June 2016 to inform Trump campaign officials that certain Democratic donors had evaded taxes and to lobby against the Magnitsky Act, a U.S. law sanctioning Russia in response to the death of a whistleblower in a Moscow prison. She recalled Trump Jr. saying, “if we come to power, we can return to this issue and think what to do about it. I understand our side may have messed up, but it’ll take a long time to get to the bottom of it,” Bloomberg reported. Trump Jr. agreed to meet with Veselnitskaya after a British publicist told him the attorney had dirt on Hillary Clinton, President Trump’s opponent during the election. Trump Jr. has previously downplayed the meeting and called it a “waste of time.” The meeting has become a major flashpoint of investigations into Russian interference and possible collusion between the Trump campaign and Moscow since it was revealed over the summer.
To read the rest of our coverage, click here.
–IN NON-RUSSIA NEWS: TRUMP, ABE AFFIRM CYBER ALLIANCE: President Trump and Japanese Prime Minister Shinzo Abe affirmed their commitment to continuing and enhancing cooperation in cyberspace during a meeting, according to a statement circulated by the White House early Monday. ” The two leaders committed to enhancing cyber cooperation to counter threats from increasingly harmful and disruptive activities in cyberspace,” the White House said. Trump is on a 13-day trip to Asia that will also include stops in South Korea, China, Vietnam, and the Philippines. The trip comes amid high tensions with North Korea over its nuclear program, an issue that is set to dominate his nearly two-weeks abroad.
A LEGISLATIVE UPDATE:
LAWMAKERS SIGN ON TO SUPPORT ‘HACK BACK’ BILL: Rep. Tom Graves (R-Ga.) announced a host of new, bipartisan co-sponsors to his Active Cyber Defense Certainty Act on Friday afternoon.
The bill would allow victims of hackers to hack back their assailants under a limited set of circumstances, in order to identify the attacker or retrieve or delete stolen data.
Graves has said this legislation will increase the ability of victims to properly attribute damage to hackers and prevent stolen documents from falling into the wrong hands.
The idea of hacking back is controversial within the cybersecurity community, with many worrying the bill might cause more harm than good. Hackers frequently route their attacks through the computers of other victims, creating a risk of collateral damage.
The bill requires anyone taking advantage of its provisions to first notify the FBI of their intent.
The original bill was released in mid-October and was co-sponsored by Rep. Kyrsten Sinema (D-Ariz.).
New sponsors come from both sides of the aisle: Reps. Buddy Carter (R-Ga.), Henry Cuellar (D-Texas), Walter Jones (R-N.C.), Barry Loudermilk (R-Ga.), Stephanie Murphy (D-Fla.), Austin Scott (R-Ga.), and notably Trey Gowdy (R-S.C.), who chairs the House Oversight and Government Reform Committee.
To read the rest of our piece, click here.
A LIGHTER CLICK:
Former FBI director James Comey changed his Twitter handle, dropping the pseudonym that kept him semi-secret.
A PROJECT IN FOCUS: The Council on Foreign Relations has launched a “Cyber Operations Tracker” that tracks state-sponsored cyber incidents that have happened since 2005. The new database draws on publicly available data and contains nearly two hundred incidents that have been attributed to state-backed hackers over the last twelve years.
To check out the database, click here.
WHAT’S IN THE SPOTLIGHT:
ELECTION SECURITY: Russia’s intervention in the 2016 presidential election yielded an unexpected result for officials at the Department of Homeland Security (DHS): it has put them in the driver’s seat for protecting future elections from cyberattacks.
Since January, officials at the agency have grappled with how to work with state and local election officials to share information on imminent threats and develop response plans for when things go awry.
The effort has spawned tensions with state officials, who are wary of a “federal takeover” of elections and have panned the slow pace at which the federal government offered up details on the Russia threat.
Homeland Security has pressed forward, putting up a special council in October to engage with election officials on potential threats and how to defend against and respond to them.
On the cusp of Tuesday’s gubernatorial elections in Virginia and New Jersey, Homeland Security says agents have been on the ground in both states to help shore up their systems in advance of the vote.
“We’ve helped them get prepared,” Bob Kolasky, the acting deputy undersecretary at the department’s cyber wing, the National Protection and Programs Directorate, said in an interview. “They have been very active and good partners with this. We will be in contact with them on Election Day and we will be ready to do anything to help.”
The department’s efforts were triggered by the U.S. intelligence community’s assessment in early January that Russia sought to influence the 2016 election by ordering hacks of Democratic officials’ email accounts and targeting state and local electoral systems not involved in vote tallying. Both Arizona and Illinois saw their voter registration databases breached.
The same day that the intelligence community released its unclassified report on Russia’s actions, the Obama administration designated election infrastructure as “critical” — opening up physical and digital election assets to federal protections, like cyber hygiene scanning, in states that request them. The designation has been maintained by the Trump administration.
The responsibility has proven tricky for Homeland Security, which has had to fend off criticism from state officials and members of Congress for the amount of time it took to notify states that were targeted by Russian actors. They’ve also been criticized for the slow process of issuing security clearances to state election officials.
To read the rest of our piece, click here.
IN CASE YOU MISSED IT:
‘Links from our blog, The Hill, and around the Web.
NATO pressing forward on cyber defense, official says. (The Hill)
Dem senator wants details on Manafort’s multiple passports. (The Hill)
Equifax says its executives didn’t insider trade. (The Hill)
Vietnam-backed hackers reportedly used Philippine president’s website for attacks. (The Hill)
Army and Navy ready their cyber forces way ahead of schedule. (Defense One)
A Russian billionaire’s investments in Twitter, Facebook were partially funded by the Kremlin. (The New York Times)
There’s a new threat targeting banking information on Android devices. (ZDNet)
At least nine people linked to Trump had Russian contacts during campaign, transition period. (The Washington Post)
Former NSA director Keith Alexander says companies should never ‘hack back.’ (Motherboard)
If you’d like to receive our newsletter in your inbox, please sign up here.