Overnight Cybersecurity

Overnight Cybersecurity: Panel pushes agencies on dropping Kaspersky software | NC county won’t pay ransom to hackers | Lawmakers sound alarm over ISIS ‘cyber caliphate’

Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We’re here to connect the dots as leaders in government, policy and industry try to counter the rise in cyber threats. What lies ahead for Congress, the administration and the latest company under siege? Whether you’re a consumer, a techie or a D.C. lifer, we’re here to give you …

 

THE BIG STORY:

–GOP CHAIR TAKES ON KASPERSKY: Rep. Lamar Smith (R-Texas) is pressing fiercely ahead with his committee’s investigation into Kaspersky Lab, over what he described as “red flags” surrounding the cybersecurity firm at the center of allegations that Russia sought to steal U.S. secrets. “We’re going to make sure that our government computer systems are, in fact, secure and make sure that Kaspersky Lab and anyone else associated with Kaspersky is not trying to acquire classified information,” Smith told The Hill during a recent interview in his office on Capitol Hill. The House Science, Space and Technology Committee chairman has been probing Kaspersky since the Department of Homeland Security in September publicly barred federal government entities from using the firm’s products, citing the risk that the Russian government could “capitalize on access provided by Kaspersky products” to compromise federal computer systems with or without the cyber firm’s cooperation.

–…DOES NOT KNOW IF HE’LL CALL KASPERSKY AS WITNESS: Smith would not say whether the committee plans to ultimately interview Eugene Kaspersky, the company’s CEO, as part of its investigation. The House panel initially asked Kaspersky to testify at its first hearing, but walked back the request when the hearing was rescheduled and the investigation expanded. “You never interview an adverse witness until you get all the facts and all the details,” Smith said. “And that will be the last person that you talk to. The point may well come.”

To read the rest of our piece, click here.

–…COMMITTEE PUSHES AGENCIES ON DROPPING KASPERSKY: The House Science, Space and Technology Committee is pushing the Department of Homeland Security (DHS) to reveal which agencies have not fully complied with deadlines in a broad effort to identify and remove all Kaspersky Lab products from computers. DHS ordered all agencies on Sept. 19 to identify Kaspersky products on their systems and develop a plan to remove them within 60 days. “The federal government needs to leverage all resources to ensure that Kaspersky products on federal systems have been completely removed,” members of the committee wrote in a letter sent Wednesday asking DHS which agencies have yet to identify the software or make a plan to remove it. A DHS representative had testified at a Nov. 14 hearing before the committee that the vast majority of agencies were compliant with the directive, though some smaller agencies without the resources to search for Kaspersky products were unable to meet the deadline.

To read the rest of our piece, click here.

 

A RUSSIA INVESTIGATION UPDATE:

FLYNN TOLD BUSINESS PARTNER RUSSIAN SANCTIONS WOULD BE ‘RIPPED UP’ QUICKLY IN NEW PRESIDENCY: President Trump’s former national security adviser Michael Flynn told a former business associate that sanctions against Russia would be “ripped up” early in the new presidency, according to a whistle-blower’s account made public on Wednesday.

Within minutes of Trump’s inauguration in January, Flynn informed his former associate that the plan to work with Russia to build nuclear reactors in the Middle East was “good to go,” because Flynn was ensuring the sanctions would be “ripped up” as one of Trump’s first orders of business.

The whistleblower’s account is detailed in a letter from Rep. Elijah Cummings (D-Md.), which he sent to Rep. Trey Gowdy (R-S.C.), chairman of the House Oversight and Government Reform Committee.

To read the rest of our piece, click here.

 

TRUMP JR. SAYS HE DIDN’T WORK DIRECTLY ON MISLEADING TRUMP TOWER STATEMENT: Donald Trump Jr., President Trump’s eldest son, said Wednesday that he spoke with a member of senior staff rather than directly with his father about crafting a response this past summer acknowledging his controversial June 2016 Trump Tower meeting with Russians.

Trump Jr., speaking behind closed doors to the House Intelligence Committee, did not dispute that his father was involved in crafting the statement but said that he did not speak with Trump directly about it, according to CNN.

He said that he spoke with White House communications director Hope Hicks instead. Hicks talked to the president while crafting the statement, according to CNN’s sources. 

Reports previously had said the president was directly involved in helping his son craft the statement about the meeting.  

White House press secretary Sarah Huckabee Sanders had said in August that the president weighed in on the statement “as any father would.” Other Trump aides denied a Washington Post report that Trump “dictated” the statement.

The president’s son’s remarks to the panel of lawmakers, who are investigating Russian interference in the 2016 election, comes during a voluntary, hours-long interview behind closed doors.

To read the rest of our piece, click here.

 

A LIGHTER CLICK: 

“HOW DO WE GET THE PAGE TAKEN DOWN WE ARE A VERY SECRET SOCIETY.” 

-Congressional edit to Wikipedia.  

 

A REPORT IN FOCUS:

ETHIOPIA MAY BE TARGETING DISSIDENTS IN US: Ethiopian dissidents living in the United States and other countries were repeatedly targeted by a militarized spyware campaign, the University of Toronto’s Citizen Lab reported Wednesday.

Those activists appear to have hit by PC 360, a spyware designed by the Israeli firm Cyberbit that is sold only to governments.

The government of Ethiopia is believed to have targeted Ethiopian journalists working in foreign countries in the past with a different brand of commercially available spyware.

Targets of the PC 360 attacks included activists and other supporters of the Oromos, a regionalized ethnic group clashing with Ethiopia’s Somali population. One was the director of the Oromos News Network (ONN) website, Jawar Mohammed, who lived in Minneapolis. Another was Henok Gabisa, a visiting academic at Washington and Lee University in Virginia, who founded the Association of Oromo Public Defenders.

The spyware was transmitted through malicious links to documents and videos. Users looking to read or watch were instructed to download fake updates for Adobe products that contained PC 360.

To read the rest of our piece, click here.

 

A HACK IN FOCUS:

COUNTY REFUSES TO PAY HACKER RANSOM: Local officials in North Carolina have decided not to pay hackers who are demanding a $23,000 ransom in return for stolen data.

Dena Diorio, the manager of Mecklenburg County, announced the decision Wednesday afternoon hours after telling reporters that officials were weighing whether to pay the ransom to retrieve the data. 

“I am confident that our backup data is secure and we have the resources to fix this situation ourselves,” Diorio said in a statement. “It will take time, but with patience and hard work, all of our systems will be back up and running as soon as possible.”

Hackers paralyzed some key county operations on Tuesday after the ransomware made its way into county computer systems. Diorio said earlier Wednesday that 48 of the county’s 500 servers had been impacted by the attack.

To read the rest of our piece, click here.

 

WHAT’S IN THE SPOTLIGHT:

THE CYBER CALIPHATE: Sen. Ron Johnson (R-Wis.) joined a number of lawmakers on Wednesday to highlight concerns over ISIS’s success in leveraging digital platforms to recruit and spread terrorist propaganda.

“It is good that we by and large have taken away the physical caliphate,” Johnson, the chair of the Senate Homeland Security and Governmental Affairs Committee, said during remarks at a hearing on evolving terror threats.

“[But] we have in no way, shape or form denied them the cyber caliphate. That may be a more persistent, long-term threat.”

The U.S.-led coalition battling ISIS has made notable gains in recent months, liberating large swaths of territory in Iraq and Syria from the group’s fighters.

Still, lawmakers and officials remain focused on the group’s efforts to recruit would-be fighters and spread terrorist messaging using social media and other digital platforms, in addition to inspiring future attacks.

To read the rest of our piece, click here.

 

IN CASE YOU MISSED IT:

Links from our blog, The Hill, and around the Web.

North Carolina county mulls its ransomware options. (The Hill)

Rod Rosenstein is content with the pace of the Mueller investigation. (The Hill)

Opinion: How the NSA could spy on any American phone — without congressional approval (The Hill)

Around 1 in 12 are disappointed with heavy-handed political messages in… Star Wars? (Morning Consult)

State’s former top cyber diplomat says: “We didn’t see the Russian threat coming.” (The Register)

“To add to the confusion, Tampa Bay police say they didn’t even request a sign language interpreter for that particular news conference.” (The Daily Dot)

If you’d like to receive our newsletter in your inbox, please sign up here.