Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We’re here to connect the dots as leaders in government, policy and industry try to counter the rise in cyber threats. What lies ahead for Congress, the administration and the latest company under siege? Whether you’re a consumer, a techie or a D.C. lifer, we’re here to give you …
THE BIG STORY:
–TRUMP’S SECURITY ADVISORS AFRAID TO BRING UP RUSSIAN THREAT: Trump security advisors, including the National Security Council and intelligence advisors, have largely given up presenting evidence of Russian threats to the president at risk of upsetting him, according to a corker of a piece in the The Washington Post.
–…THAT’S BIG, AND NOT JUST BECAUSE OF THE RUSSIA INVESTIGATION: Forget the Democratic National Committee – Russia internationally has one of the most developed cyberespionage programs, and is believed to be one of only a small handful of nations to even attempt to use cyberweaponry to down physical infrastructure. Moscow is thought to be behind downing the power grid in Ukraine in December 2015 and December 2016. And that’s just the cybersecurity threats. Russia has in recent years annexed a slab of a foreign nation and launched other influence campaigns around the world.
–…NSC KEEPS RUSSIA OUT OF OVAL OFFICE: A former administration official told the Post that while the National Security Council has held low level talks about Russia, there is what the article describes as an “unspoken understanding” not to discuss the matter with President Trump.
–…RUSSIA NOT BROUGHT UP AT DAILY BRIEFING: Russia related intelligence is often not included in the oral portion of the Presidential Daily Briefing (PDB) and only included in the written component. “If you talk about Russia, meddling, interference — that takes the PDB off the rails,” a former senior U.S. intelligence official told the post.
–…REP. ADAM SCHIFF (D-CA) IS NOT IMPRESSED: Of the PDB issue, the ranking member of the House Intelligence Committee tweeted: “Please tell me they are not referring to our commander in chief, the man that is supposed to be leader of the free world.”
A REPORT IN FOCUS:
NEW MALWARE: A hacker used a new type of malware targeting industrial control systems against a critical infrastructure organization. The attack resulted in operations shutting down, according to cybersecurity experts.
Cybersecurity firm FireEye, which has dubbed the malware “Triton,” said Thursday that its subsidiary, Mandiant, recently responded to an incident at an unidentified critical infrastructure organization. An attacker, likely sponsored by a nation state, had deployed the malware and inadvertently caused operations to shut down.
The malware specifically targets Triconex safety instrumented systems (SIS), a product that is manufactured by Schneider Electric, a European energy management firm that has global operations.
Malware targeting industrial control systems is particularly rare. Since the “Stuxnet” virus was used against Iranian nuclear power plants in 2010, there have been fewer than five known families.
FireEye provided few details on the victim, but assessed with moderate confidence that the hacker was operating on behalf of a nation state, citing the significant resources needed to carry out the attack and the lack of financial motivation. The researchers believe the hacker’s main goal was to cause physical damage.
Separately, Dragos, a cybersecurity firm that analyzes threats to industrial control systems, on Thursday made public research on the same malware. Dragos had previously only sent that information to its clients and to infrastructure protection groups.
To read the rest of our piece, click here.
A LIGHTER CLICK:
BETTER THAN REAL SPACE. Astronauts aboard the space station will get to watch the new Star Wars movie.
A REGULATORY UPDATE:
FCC NIXES NET NEUTRALITY:
The Federal Communications Commission (FCC) has voted to repeal its landmark net neutrality protections, capping off a months-long campaign by the agency’s Republicans to deregulate the broadband industry.
The FCC voted 3-2 along party lines Thursday to scrap its 2015 Open Internet Order as Democratic lawmakers and dozens of activists protested outside.
Democrats, consumer groups and tech companies have been rallying for months to try to stop the repeal plan, arguing that the rules are essential for preventing companies like Comcast and Verizon from abusing their powers as internet gatekeepers.
“As a result of today’s misguided action, our broadband providers will get extraordinary new power from this agency,” said Jessica Rosenworcel, a Democrat on the commission who voted against the repeal.
“They will have the power to block websites, throttle services and censor online content. They will have the right to discriminate and favor the internet traffic of those companies with whom they have pay-for-play arrangements and the right to consign all others to a slow and bumpy road,” Rosenworcel said.
Under the new regime, broadband companies will have to disclose publicly whether they engage in those practices. And, as Pai argues, the industry will not have a free pass because the Federal Trade Commission will have the authority to sue providers that deceive their consumers or use their powers to abuse competition on the web.
To read the rest of our piece, click here.
–…EFFECT ON CYBERSECURITY?
A strange side-effect of the ruling could be a benefit to cybersecurity.
Net neutrality requires internet service providers to treat all traffic the same. Without it, a Verizon or Comcast could hypothetically throttle their user’s connections to any site that doesn’t pay a premium for “fast lane service.”
But, while the debate tends to focus on the traffic users want to receive, the neutrality rules also apply to malicious traffic. Internet baddies often organize attacks using vast networks of computers to send so much traffic to a server that the server collapses. Net neutrality requires ISP’s to provide the same unencumbered service to those attacks as to someone checking their email.
Any problems mitigating that kind of attack, known as a denial of service, is largely theoretical. And there are certainly other ways to exempt cyberattacks from net neutrality other than eliminating the whole regulation.
IN CASE YOU MISSED IT:
‘Links from our blog, The Hill, and around the Web.
The New York attorney general will sue over the net neutrality rollback. (The Hill)
…Washington state, too. (The Hill)
…And there was a strange security scare in the middle of the vote. (The Hill)
Sally Ride will get her own postage stamp. (The Verge)
German intelligence lost a court bid to collect metadata on international calls. (Reuters)
If you’d like to receive our newsletter in your inbox, please sign up here.