Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We’re here to connect the dots as leaders in government, policy and industry try to counter the rise in cyber threats. What lies ahead for Congress, the administration and the latest company under siege? Whether you’re a consumer, a techie or a D.C. lifer, we’re here to give you…
mishandle (a job or situation); spoil (something).
“she had mucked up her first few weeks at college”
2.
BRITISH
remove (manure and other dirt) from a horse’s stable or other animal’s dwelling.
THE BIG STORIES:
–NEXT STEPS: A federal judge on Wednesday opened the door to interviewing Democratic presidential front-runner Hillary Clinton as part of a review into her use of a private email server while secretary of State. Judge Emmet Sullivan of the U.S. District Court for the District of Columbia laid out the ground rules for interviewing multiple State Department officials about the emails, with an eye toward finishing the depositions in the weeks before the party nominating conventions. Clinton herself may be forced to answer questions under oath, Sullivan said, though she is not yet being forced to take that step. “Based on information learned during discovery, the deposition of Mrs. Clinton may be necessary,” Sullivan said in an order on Wednesday. Discovery is the formal name for the evidence-gathering process, which includes depositions. “If plaintiff believes Mrs. Clinton’s testimony is required, it will request permission from the Court at the appropriate time.” The order leaves open the possibility that Clinton will be forced to answer detailed questions on the eve of her formal selection as the Democratic presidential nominee about her creation of the server. Any deposition would surely roil the presidential race and force her campaign to confront the issue, which has dogged her for a year. To read our full piece, click here.
–FLYING TOO CLOSE TO THE SUN: The activist hacking group Anonymous on Tuesday attacked Greece’s central bank in what the group vowed is the first salvo in a 30-day strike against banks worldwide. The bank’s website was temporarily disrupted by a distributed denial of service, or DDoS attack, in which hackers force a server to crash by bombarding it with phony traffic. “The attack lasted for a few minutes and was successfully tackled by the bank’s security systems,” a bank official told Reuters. “The only thing that was affected by the denial-of-service attack was our website.” Anonymous has already taken responsibility for the attack in a YouTube video declaring the start of a 30-day operation targeting “the global banking cartel.” “Olympus will fall,” a computerized voiceover says. “Like Icarus, the powers that be have flown to close to the sun, and the time has come to set the wings of their empire ablaze.” To read our full piece, click here.
UPDATE ON CYBER POLICY:
–NOPE, NO, NOPE. Sen. Ron Wyden (D-Ore.) is expected within days to unveil legislation blocking a Justice Department request to expand its remote hacking powers.”Sen. Wyden is currently speaking with interested co-sponsors and plans on introducing legislation within days to reverse the amendments to Rule 41,” a Wyden aide told The Hill.
The proposed alteration to little-known criminal procedure rules — approved by the Supreme Court last week — would allow judges to grant warrants for electronic searches in multiple locations or even when investigators don’t know the physical location of a device.
The Justice Department, which has been working for years on getting the change, insists the revision to what’s known as Rule 41 is a necessary update to match the realities of modern digital investigations.
But the amendment has met with swift pushback from tech companies, such as Google, as well as from civil liberties organizations and from Wyden himself, who fear the change will give the FBI the authority to hack computers with little oversight.
–MORE DERBY FEVER. Trust me, there is information in this Joe Drape piece that you absolutely need to have in your arsenal.
A REPORT IN FOCUS:
–LIKE A THIEF IN THE NIGHT. Hackers have stolen hundreds of millions of login credentials for email accounts with Microsoft, Yahoo, Google and a popular Russian service.Reuters reports that it is “one of the biggest stashes of stolen credentials to be uncovered since cyberattacks hit major U.S. banks and retailers two years ago.”
But don’t panic yet. A Microsoft spokesperson characterized stolen credentials to Reuters as an unfortunate reality.
“Microsoft has security measures in place to detect account compromise and requires additional information to verify the account owner and help them regain sole access,” the spokesperson said.
The data was discovered for sale by a Russian hacker for the absurdly low price of $1, according to Alex Holden, founder and chief information security officer of Hold Security.
–THE FBI. The agency is advising companies not to pay any ransom when they are victimized by hackers who encrypt their data for the purposes of extortion.Paying the ransom only encourages the thieves to attack others, FBI Cyber Division Assistant Director James Trainor told The Wall Street Journals.
He said that so-called ransomware attacks are on the rise.
“The uptick and variance in ransomware in the first quarter of 2016… has been unbelievable,” Trainor said at a Monday event.
Links from our blog, The Hill, and around the Web.
Facebook CEO Mark Zuckerberg says the prospect of messaging service WhatsApp or other communication services being blocked in Brazil is “very scary.” (The Hill)
Facebook has paid $10,000 to a 10-year-old hacker who uncovered a security flaw in its Instagram app. (The Hill)
FBI requests for customer records under a secretive surveillance order increased by nearly 50 percent in 2015, according to a government transparency report published this week. (Reuters)
Google has made HTTPS connections the default for all of the sites on its Blogspot domain. (TechCrunch)
