Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We’re here to connect the dots as leaders in government, policy and industry try to counter the rise in cyber threats. What lies ahead for Congress, the administration and the latest company under siege? Whether you’re a consumer, a techie or a D.C. lifer, we’re here to give you …
THE BIG STORIES:
–TRUMP NOT CONVINCED RUSSIA BEHIND DNC HACK: “I don’t think anybody knows it was Russia that hacked into the DNC,” Donald Trump said at the debate at Hofstra University in Hempstead, N.Y. “She’s saying Russia, Russia, Russia, but I don’t know. Maybe it was. It could be Russia, but it could also be China. It could also be lots of other people. It could also be someone sitting on their bed that weighs 400 pounds.” His statement came after Clinton firmly pointed a finger at Russia for recent cyberattacks, and raised her eyebrow at Trump’s stance on Russian President Vladimir Putin.
To read the rest of our piece, click here.
{mosads}–HE’S ACCUSED 400-POUND HACKERS BEFORE: “Probably it was China or somebody else. Might be a 400-pound person sitting in bed. OK? Might be. Some of the greatest hackers of all time,” Trump told a crowd in Scranton in July.
–CHRIS CILLIZZA ON TWITTER: There goes the 400-pound-hacker vote for Trump.
–WHOEVER IS BEHIND IT MIGHT BE HACKING MORE THINGS: The FBI is investigating the potential cell phone hacking of Democratic officials, also believed to be perpetrated by Russian intelligence. The attacks started within the last month, or so – meaning they started right around the time the Russians, Chinese, 400-pound men, or whoever else was kicked out of the Democratic Congressional Campaign Committee.
To read the rest of our piece, click here.
A POLICY UPDATE:
–GIVE US SOME COVER. Commerce Secretary Penny Pritzker is floating the idea of giving businesses protections so that they can discuss cyberattacks with officials without risking any punishment. She called it a “reverse Miranda” right – the right to have what you say not used against you in any legal capacity.
“Laws and regulations alone cannot protect us from the emerging cyber threats,” Pritzker said at a U.S. Chamber of Commerce conference on cybersecurity Tuesday. “The federal government cannot regulate cyber risk out of existence.”
Pritzker said that with regulations and Federal Trade Commission actions there are often civil, legal and regulatory risks that discourage businesses from acknowledging cyberattacks. She said that led to a relationship between regulators and businesses that is “inherently adversarial, not collaborative.”
That can mean that government cannot provide assistance when it would be beneficial, cannot investigate attacks or help all companies learn from past breaches.
“When companies are under attack, they do not think of how government can help them. What they see are the risks of engagement,” she said.
To read the rest of our piece, click here.
A LIGHTER CLICK:
–BOOM INDUSTRY. Martin Shkreli is auctioning off the right to punch him in the face.
A LETTER IN FOCUS:
–ANOTHER DAY, ANOTHER LETTER ABOUT YAHOO: Six Democratic senators are blasting Yahoo CEO Marissa Mayer, saying the delay in reporting a high-profile security breach is “unacceptable.”
“We are… disturbed that user information was first compromised in 2014, yet the company only announced the breach last week,” Sens. Patrick Leahy (Vt.), Al Franken (Minn.), Elizabeth Warren (Mass.), Richard Blumenthal (Conn.), Ron Wyden (Ore.) and Ed Markey (Mass.) wrote in a letter to Mayer on Tuesday.
Yahoo last week acknowledged that 500 million accounts were compromised.
The senators have six questions for Mayer, including when Yahoo first learned of the breach, how many users were affected, what protections Yahoo is offering to them and what steps the company is taking to prevent such breaches in the future.
The senators also want to know if the U.S. government had warned Yahoo of a possible state-sponsored hack. In a press release last week, the company said it believed state-sponsored hackers were behind the breach.
To read the rest of our piece, click here.
WHO’S IN THE SPOTLIGHT:
–FACEBOOK: German regulators have halted the social network’s plans to use data from their subsidiary, WhatsApp, in Facebook’s targeted advertisements.
To read the rest of our piece, click here.
A LOOK AHEAD:
WEDNESDAY
–The House Oversight IT subcommittee will hold a hearing on the integrity of the ballot box, at 2 p.m.
IN CASE YOU MISSED IT:
Links from our blog, The Hill, and around the Web.
A college student in Georgia was arrested for hacking into school systems to change grades – one peer’s F to an A, another’s C to an A and his own B to an A. (Sophos).
Since we reported about the record-breaking denial of service attack against Brian Krebs, the attack accelerated to nearly a terrabit a second, 50 percent larger than any other attack in history. (The Register)
Trolls on Reddit and 4Chan manipulated 70 online polls to make Donald Trump appear to win the debate. (Daily Dot)
Certificate authorities are supposed to make sure users can trust they’ve connected to the websites they think they’ve connected to. Mozilla is mulling a ban on a Chinese certificate authority for violating that trust. (ThreatPost).