Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We’re here to connect the dots as leaders in government, policy and industry try to counter the rise in cyber threats. What lies ahead for Congress, the administration and the latest company under siege? Whether you’re a consumer, a techie or a D.C. lifer, we’re here to give you …
THE BIG STORY:
–“GAME CHANGER” IF TRUE: Reports that President Trump’s campaign aides had regular contact with Russian intelligence officials would be a “game changer” if true and would warrant a select committee to investigate, according to Sen. Lindsay Graham (R-S.C.). The GOP senator in an interview early Wednesday called for a “preliminary investigation” to see if further scrutiny is warranted after The New York Times and CNN reported that Trump campaign aides and allies spoke regularly with members of Russian intelligence. “We are not going to make a decision based on what a newspaper says, but now is time for Congress to up its game,” the Senate Armed Services Committee member told ABC’s “Good Morning America.”
To read the rest of our piece, click here.
–…TRUMP STILL HAS FLYNN’S BACK: President Trump on Wednesday came to the defense of ousted national security adviser Michael Flynn, saying the former aide was subjected to “criminal” leaks in the “fake media.” “I think he’s been treated very, very unfairly by the media — as I call it, the fake media, in many cases,” Trump said at a press conference Wednesday with Israeli Prime Minister Benjamin Netanyahu. “I think it’s really a sad thing he was treated so badly.” Trump’s first in-person reaction to Flynn’s exit appeared to contradict the account of his top spokesman, who said Tuesday that the president demanded the aide’s resignation because of an “eroding level of trust” over his conversations with Russia.
To read the rest of our piece, click here.
{mosads}–…REPORT – FLYNN HAS LOST SECURITY CLEARANCE: Flynn had his security clearance suspended, according to CNN. A Defense Intelligence Agency (DIA) spokesman told CNN the suspension is a normal administrative move for clearances under “pending review.” “[It’s when] questions arise regarding an individual’s compliance with clearance standards,” they said, adding Flynn’s clearance could be reinstated if no wrongdoing is found.
To read the rest of our piece, click here.
–…STEVE KING CALLS IT A “POLITICAL ASSASSINATION:
“Rep. Steve King (R-Iowa) says former national security adviser Michael Flynn fell victim to “a political assassination” that ultimately led to his resignation earlier this week “And General Flynn has been subject to a political assassination here, regardless of what he did or didn’t say to President Trump or Vice President Pence,” King told CNN’s “New Day.”
To read the rest of our piece, click here.
–…KING ON THE CONCEPT OF LEAKS: In a separate interview, this time on MSNBC, Rep. Steve King (R-Iowa) addressed whether or not it was hypocritical for President Trump to be for leaks on the campaign trail and against them now. He said that the campaign rhetoric, which included lines like “I love Wikileaks,” was Trump “playing to the crowd.” He then questioned whether or not Russia was behind the election season hacks (“I went to the classified briefing, it was not a fact”.) and argued certain members of the intelligence community might be less than truthful, saying “I’ve heard too much dishonesty coming out of some of the intelligence community to accept this at face value unless I hear some facts.”
To read the rest of our piece, click here.
…AND THOSE WERE JUST THE REPUBLICANS: House Democrats think it’s “crazy” to trust the GOP to run the investigation and are pressing the White House counsel for more information. And Chuck Schumer warns there might be a cover-up.
A POLICY UPDATE:
–EPA PRESSED TO CRACK DOWN ON ENCRYPTED APPS: House Science, Space and Technology Committee leaders are pushing the Environmental Protection Agency to crack down on employees reportedly using encrypted chat apps to circumvent agency rules and public records laws.
Chairman Lamar Smith (R-Texas) and oversight subcommittee Chairman Darin LaHood (R-Ill.) sent a letter to EPA Inspector General Arthur Elkins on Tuesday asking him to investigate “a group of approximately a dozen career EPA officials … using an encrypted messaging application, Signal, to discuss potential strategies against any attempts by newly appointed political officials to redirect the EPA’s priorities.”
“Reportedly, this group of career officials at the EPA are aiming to spread their goals covertly to avoid federal records requirements, while also aiming to circumvent the government’s abilities to monitor their communications,” the GOP lawmakers wrote.
Not all communications between employees count as federal records. According to a National Archives Bulletin, records are only created while “conducting business” and federal employees are legally allowed to have personal accounts outside the federal records system.
“I think there is a lot of fear in government right now,” said Rep. Don Beyer (D-Va.), defending the employees. “It sounds more like employees are worried than conducting official business.”
Smith and LaHood’s letter comes after Axios reported that GOP operatives, including White House staffers are using the encrypted chat app Confide to avoid leaks.
“The federal law should be obeyed – whether the EPA, the Executive Branch, or anyone else,” Beyer said. “But at a minimum, the Executive Branch should be held to the standard of the EPA.”
To read the rest of our piece, click here.
A LIGHTER CLICK:
–YOU HAVE CHOLERA: The history of The Oregon Trail, as told by its creators.
A REPORT IN FOCUS:
–HUD HACKED? A security company that claims to have identified a Russian-speaking hacker who sold access to the U.S. Electoral Assistance Commission says that hacker successfully targeted more than 60 organizations, including the Department of Housing and Urban Development (HUD) and other federal agencies.
In a report on Wednesday, Recorded Future says the hacker, whom the firm has named Rasputin, breached more than 60 organizations in December, including U.S. and U.K. universities, city and state governments, and federal government agencies.
Recorded Future says that it has notified all of the organizations of the breaches. A HUD representative did not immediately return a request for confirmation.
To read the rest of our piece, click here.
WHAT’S IN THE SPOTLIGHT:
–YAHOO: The company on Wednesday warned some customers of a further breach. The notification is said to be tied to the company’s ongoing investigations of a massive breach reported in September.
Yahoo revealed in September that sensitive data associated with at least 500 million accounts had been stolen in late 2014, attributing the breach to a “state-sponsored actor.”
In mid-December, the company disclosed that another security breach dating back to August 2013 had compromised as many as one billion accounts. Affected users were at risk of having their names, email addresses and passwords stolen by an “unauthorized third party,” Yahoo said.
To read the rest of our piece, click here.
The news comes as Verizon may be angling to lower the price of its pending purchase of Yahoo.
To read the rest of that piece, click here.
IN CASE YOU MISSED IT:
Links from our blog, The Hill, and around the Web.
Julian Assange trolls the intelligence community. (The Hill)
House Homeland Security Chair McCaul tells a security conference we’re losing the war in cyberspace. (FCW)
McDonald’s has re-engineered the drinking straw. (Engadget)
Italy is mulling a bill to restrict government hacking. (Boing Boing)
VR company Magic Leap is being sued for gender discrimination by the consultant it brought in to prevent gender discrimination. (The Register)
A processor vulnerability makes it easier to hack computer memory. (Wired)
States say DHS is not clear enough about election help. (FCW)
Researchers found a Mac version of Xagent, the multiplatform malware used by Russian election hackers. (Ars Technica)
Trend Micro is out with a new study on which cities have the most exposed cyber assets. (Trend Micro)
If you’d like to receive our newsletter in your inbox, please sign up here.