Overnight Cybersecurity: Hacker posts alleged Clinton documents

Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We’re here to connect the dots as leaders in government, policy and industry try to counter the rise in cyber threats. What lies ahead for Congress, the administration and the latest company under siege? Whether you’re a consumer, a techie or a D.C. lifer, we’re here to give you …

 

THE BIG STORIES:

–HACKS ON HACKS ON HACKS: The Russian hackers believed to be behind the breach of the Democratic National Committee (DNC) also infiltrated the Clinton Foundation, Bloomberg reported Tuesday. The breach was discovered by government investigators as recently as last week, the report said. A spokesperson for the foundation told Bloomberg it has not seen any sign its network had been compromised. The Hill was not able to immediately verify the breach. The report comes as presumptive Democratic presidential nominee Hillary Clinton continues to combat allegations that her use of a private email server as secretary of State threatened to expose sensitive information to hackers. Prior to the DNC’s disclosure of the breach last week, U.S. officials informed both political parties as well as the presidential campaigns of Hillary Clinton, Donald Trump and Bernie Sanders that hackers were targeting their networks, a person familiar with the government investigation told Bloomberg. The attacks were part of broad campaign targeting over 4,000 individuals associated with U.S. politics, from lobbyists to advisers and party aides, another person said. The U.S. Secret Service, FBI and National Security Agency are all reportedly involved in the investigation of a spree of data thefts from both parties and individuals over the last few months.

{mosads}Meanwhile, a hacker on Tuesday published a trove of Hillary Clinton-related documents claimed to be stolen in the DNC breach. Guccifer 2.0 — who claims to be the hacker behind the breach — posted a file purporting to be a database of Clinton Foundation donors who had made large contributions and a dossier of ways to defend her against political attacks. The Hill could not immediately verify the authenticity of the documents. The self-proclaimed hacker appeared online the day after the breach was first exposed publicly, claiming that he had stolen thousands of documents from the DNC. But according to CrowdStrike, the security firm investigating the breach for the committee, two separate Russian government hacking groups that did not appear to be working together infiltrated the DNC’s systems. “These claims do nothing to lessen our findings relating to the Russian government’s involvement,” the firm said last week. To read about the alleged Clinton Foundation hack, click here. To read about Guccifer 2.0, click here.

–MAKING STRIDES?: Chinese hacking of U.S. government and corporate networks has sharply declined since 2014, according to a new report from a prominent cybersecurity firm released Tuesday. FireEye observed only a handful of network intrusions attributed to Chinese groups in April of this year, down from more than 60 in February of 2013. The shift is likely the result of a confluence of factors, including actions taken by the U.S. government — but it is not solely the result of a September anti-hacking pledge struck by President Obama and Chinese President Xi Jinping, FireEye said. When China’s expansive hacking operations began to come into the public eye, according to the report, the U.S. was able to muster the political support to confront China directly on its cyber espionage tactics — indicting five Chinese military officers in 2014 and striking the anti-hacking pledge. Lawmakers and others have repeatedly pressed the Obama administration on whether the September deal — which prohibits hacking commercial firms for economic gain — has led to a drop in intrusions. “Although many in the U.S. initially doubted that these actions would have any effect, they may have prompted Beijing to reconsider the execution of its network operations,” the report said. But the decline in hacking attempts started prior to the September deal, and FireEye stops short of suggesting that the anti-hacking pledge is solely responsible for the decrease. “The problem with the question, ‘is it working?’ is that it’s a yes-or-no answer, and there’s really no yes-or-no answer. You’ve got a really complex system behind China’s cyber activity,” Jordan Berry, FireEye’s principal threat intelligence analyst, told The Hill. “It’s more a confluence of events that caused this decline.” To read our full piece, click here.

 

A POLICY UPDATE:

–HARD PASS. Google and PayPal have joined a group of tech and privacy advocates to urge Congress to block a pending expansion of federal hacking powers.

“The rule changes attempt to sidestep the legislative process by using a process designed for procedural rules to expand investigatory powers,” the groups wrote in a Tuesday letter to House and Senate leadership.

“Congress has never authorized government hacking as an investigative tool in this manner and has not established clear rules for when and how such dangerous techniques should be used.”

At issue is a proposed alteration to the little-known criminal procedure rules — so-called Rule 41 — that would allow judges to grant warrants for electronic searches in multiple locations and in instances where investigators don’t know the physical location of a device.

The Supreme Court approved the change in April and passed the request along to Congress for final approval. If lawmakers give the thumbs-up or do nothing, the change will go into effect on Dec. 1.

The 50 signees of Tuesday’s letter urged lawmakers to support a provision from Sen. Ron Wyden (D-Ore.) that would block the changes.

To read our full piece, click here.

–LATER TONIGHT… The House will vote on a measure from Rep. John Ratcliffe (R-Texas) that would encourage the Department of Homeland Security to engage with small tech businesses and startups to “address homeland security needs.”

Read on, at The Baltimore Sun, here.

 

A LIGHTER CLICK:

–BELATEDLY, FOR FATHER’S DAY. These dads are trying to see how many Cheerios they can stack on their sleeping offsprings’ faces, because the world is whimsical and wonderful sometimes.

 

A REPORT IN FOCUS:

–.GOV, SERIOUSLY? Four federal agencies have failed to implement key security precautions for their networks, “with almost all of the systems having weaknesses in all, or most, of the control areas,” according to an audit by the Government Accountability Office (GAO).

The agencies faulted by the GAO were the Nuclear Regulatory Commission, NASA, the Department of Veterans Affairs and the Office of Personnel Management, which suffered a massive data breach last year

The report was a response to a Senate Homeland Security request for the GAO to review the security of “high impact” government systems — one where a breach could cause “a severe or catastrophic adverse effect on organizational operations.”

All four of the agencies fared poorly in the GAO’s testing.

The tests looked at five key concepts in securing system access: authenticating users, limiting users access to the minimum required to do their jobs, regularly auditing and monitoring the systems, encrypting sensitive data, and setting up a digital perimeter around the network to prevent unauthorized data getting in or out.

The GAO tested two systems from each agency. Every system had security flaws in implementing at least three of the five concepts the GAO emphasized.

To read our full piece, click here.

 

A LOOK AHEAD:

WEDNESDAY

–The House Armed Services Committee will hold a hearing on military cyber operations, at 10 a.m.

THURSDAY

–The House Homeland Security Committee will meet about insider intelligence threats at 9:30 a.m.

 

WHO’S IN THE SPOTLIGHT:

–JANET YELLEN. The Federal Reserve chairwoman told lawmakers on Tuesday that cybercrime is a focus of the Fed’s oversight of the banking sector, amidst ongoing scrutiny of the $81-million cyberheist from the Bangladesh central bank’s account with the New York Fed.

“We do have standards that we expect financial institutions to meet and what’s expected depends on the complexity and importance of the firm,” she told the Senate Banking Committee during a hearing on monetary policy.

Read on, at The Wall Street Journal, here.

 

IN CASE YOU MISSED IT:

Links from our blog, The Hill, and around the Web.

Civil liberties groups are mobilizing to get senators to oppose an amendment offered by Senate Majority Leader Mitch McConnell (R-Ky.) that would give the FBI more power to get a customer’s email records during terror investigations. (The Hill)

A network of hijacked computers that was believed to be offline has resumed spamming its victims with ransomware. (The Hill)

Hackers have hit the Indonesian and South Korean central banks’ public websites, after a recent pledge by the hacking group Anonymous to target the global banking industry, senior officials in both countries said.

A look inside the Pentagon prepping for “cyber 9/11.” (Military Times)

“Someone tells me that your Romanian is full of mistakes.” (Motherboard)

Car hackers hacking hacker cars will seem like hacks. (MIT Tech Review)

The U.K. might give its security services license to hack into every computer in a “major town.” (The Guardian)

 

If you’d like to receive our newsletter in your inbox, please sign up here.