| Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We're here to connect the dots as leaders in government, policy and industry try to counter the rise in cyber threats. What lies ahead for Congress, the administration and the latest company under siege? Whether you're a consumer, a techie or a D.C. lifer, we're here to give you ... THE BIG STORIES: --NSA DIRECTOR EXPECTED TO RETIRE: National Security Agency Director Mike Rogers is expected to retire in the spring, according to multiple reports. Rogers, who currently serves in the dual-hat leadership role as NSA director and commander of Cyber Command, reportedly told NSA staff of his plans to retire in a classified memo on Friday. Rogers was nominated by President Barack Obama in 2014 to replace Keith Alexander, arriving at a time when the agency continued to receive fierce blowback as a result of the disclosures from former contractor Edward Snowden. Rogers has managed a sometimes-criticized reorganization of the agency during his four-year tenure. The agency has also had to contend with embarrassing leaks of its cyber tools by hacker group ShadowBrokers. News of Rogers' impending retirement comes months after President Trump decided to elevate Cyber Command, triggering a review of whether and when it should be ultimately split from NSA. That move had some in Washington talking about Rogers' future back in August. When contacted, the NSA would not comment on reports about Rogers' plans to depart on Friday. --INTEL FACES CLASS ACTION SUITS: Intel is facing at least three class-action lawsuits over massive security vulnerabilities in its computer chips that came to light this week. The lawsuits were filed in California, Oregon and Indiana, according The Guardian. The three cases focus on the delay in Intel disclosing the Meltdown and Spectre cyber-flaws, which make it and others firms' chips vulnerable to hackers. The company was first notified of the two vulnerabilities in June 2016, but did not publicly disclose them until last week after researchers brought them forward. The company said it had planned to make vulnerabilities public the following week. The lawsuits also allege that the patches to fix the vulnerabilities will cause computers to operate more slowly. Intel has disputed that claim, saying in a statement, "Contrary to some reports, any performance impacts are workload-dependent, and, for the average computer user, should not be significant and will be mitigated over time." Legal experts believe that more lawsuits over the vulnerabilities will follow. To read the rest of our piece, click here. --HOMELAND SECURITY ISSUES NEW GUIDELINES FOR DIGITAL DEVICE SEARCHES: Under updated guidelines, border agents must have "reasonable suspicion" of violations of law to conduct exhaustive forensic searches of smartphones, tablets and other electronic devices belonging to individuals entering and exiting the United States. Customs and Border Protection (CBP) on Friday issued the updated guidelines for searches of electronic devices at the U.S. border, which contain new restrictions on the circumstances under which officials can conduct what are called "advanced" searches. In those searches, agents connect external equipment to a device in order to analyze or copy its contents. According to the new directive, agents need to demonstrate reasonable suspicion of criminal wrongdoing or otherwise show that there is a "national security concern" in order to conduct advanced searches. Border agents are still allowed to manually search through devices -- which could involve sifting through photos, browsing histories or messages -- "with or without suspicion," in what are called basic searches. Sen. Ron Wyden (D-Ore.), who has clamored for more restrictions on digital device searches, described the new restrictions as an improvement but reiterated that a warrant should be required for searches on devices belonging to U.S. citizens. To read the rest of our piece, click here. A LEGISLATIVE UPDATE: TRYING AGAIN ON 702: Lawmakers are again poised to take up the issue of passing legislation to reauthorize Section 702 of the Foreign Intelligence Surveillance Act (FISA), a controversial provision that allows the intelligence community to collect data on non-Americans outside the United States without a warrant. Privacy-minded lawmakers and civil liberties groups have been pushing for restrictions on the program, which was poised to sunset at the end of 2017. Congress passed a short-term budget that extended the provision until Jan. 19, when the government will run out of money. The House Rules Committee is scheduled to take up legislation reauthorizing the program on Tuesday afternoon. The issue has been a hot topic in Washington, as multiple congressional committees have put forth their own iterations of the bill. The Trump administration, meanwhile, has been pushing for a clean reauthorization, describing the program as a critical national security tool. A LIGHTER CLICK: An alternative take on Meltdown and Spectre. A REPORT IN FOCUS: CRYPTOCURRENCY BEING ROUTED TO NORTH KOREA: A U.S.-based cybersecurity firm has uncovered malware apparently being used to mine the Monero cryptocurrency and send it to a university in North Korea. Cyber firm AlienVault released an analysis of the malware on Monday, saying that it installs software on victim computers that instructs them to perform complex computational tasks to "mine" Monero. The mined currency is then sent to a server located at Kim Il Sung University in Pyongyang. The revelation could point to an effort by those in North Korea to find an alternative stream of revenue as the country finds its economy squeezed by international sanctions imposed over its nuclear and ballistic missile program. "Crypto-currencies could provide a financial lifeline to a country hit hard by sanctions. Therefore it's not surprising that universities in North Korea have shown a clear interest in cryptocurrencies," AlienVault said Monday. "Recently the Pyongyang University of Science and Technology invited foreign experts to lecture on crypto-currencies. The Installer we've analysed above may be the most recent product of their endeavours," the California-based computer security firm continued. AlienVault noted, however, that the server in question is not connected to the wider internet and may be set up to "trick" security researchers into believing that the profits are being sent to North Korea. Despite Pyongyang's isolation from the global stage, the university does host some international students and professors, meaning that the malware's author may not necessarily be North Korean. Digital currencies like Monero have risen in popularity in recent years, particularly among cyber criminals looking to hide their tracks. Monero claims to be "untraceable," making it a popular payment choice for malware operators and other cyber criminals. To read the rest of our piece, click here. WHAT'S IN THE SPOTLIGHT: BOTNETS: The Trump administration has released a long-awaited report on combating the threat of botnets. It calls for more efforts across the government, industry, and international communities to take down the cyber armies. Botnets are a group of internet-connected devices leveraged to commit distributed denial of service (DDoS) and other cyberattacks. The threat gained broad attention with the denial of service attack on web services provider Dyn that took down popular websites like Twitter and Tumblr in October 2016. The Departments of Commerce and Homeland Security issued the draft report, which was mandated by Trump's cybersecurity executive order, on Friday, opening it up to industry for public comment. The report outlines a number of proposed goals for the public and private sectors --including Internet service providers and technology manufacturers -- to better tackle the threat. It emphasizes the "urgent need for coordination and collaboration" across stakeholder communities. Among the observations, it notes the need for better market incentives to get tech manufacturers to focus on building security into their products, rather than rushing them to market. The report is open for public comments until Feb. 12, 2018, which will be considered as the departments complete a final report to be delivered to President Trump by May 11. "No single investment or activity can mitigate all harms, but organized discussions and stakeholder feedback will allow us to further evaluate and prioritize these activities based on their expected return on investment and ability to measurably impact ecosystem resilience," the report states. "As we release this draft report for public comment, we look to stakeholders to help us refine the value, utility, and investment potential of the proposed activities, the opportunities for support and leadership, and impediments to implementation." To read the full draft report, click here. IN CASE YOU MISSED IT: Links from our blog, The Hill, and around the Web. Experts say US should expect more Iranian cyberattacks. (The Hill) Florida officials: Hack exposed 30K Medicaid patients' files. (The Hill) Hackers are targeting South Koreans involved in the Winter Olympics, according to cyber firm McAfee. (The Hill) Twitter allows apparent phishing scam to buy promoted tweet. (The Hill) The Aspen Institute launched a cybersecurity group, featuring Rep. Will Hurd (R-Texas). (Axios) A cyber unit has been activated in Battle Creek, Michigan. (Battle Creek Inquirer) CIA director says Russia and other nations are attempting to undermine U.S. elections. (Reuters) If you'd like to receive our newsletter in your inbox, please sign up here. | 
沒有留言:
張貼留言