Overnight Cybersecurity: Lawyer charged in Mueller probe pleads guilty to lying | Sessions launches cyber task force | White House tallies economic impact of cyber crime

View in your browser       Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We're here to connect the dots as leaders in government, policy and industry try to counter the rise in cyber threats. What lies ahead for Congress, the administration and the latest company under siege? Whether you're a consumer, a techie or a D.C. lifer, we're here to give you ...   THE BIG STORIES: --MAJOR DEVELOPMENTS IN RUSSIA PROBE: Special counsel Robert Mueller on Friday unveiled charges against 13 Russian nationals and three Russian groups for interfering with the 2016 U.S. elections. The explosive new charges allege that the Russians created false U.S. personas and stole the identities of real U.S. people in order to interfere with the 2016 presidential election, an assessment previously reached by U.S. intelligence agencies. "This indictment serves as a reminder that people are not always who they appear to be on the Internet," Deputy Attorney General Rod J. Rosenstein said at a press briefing announcing the indictments. "The indictment alleges that the Russian conspirators want to promote discord in the United States and undermine public confidence in democracy." President Trump, who has repeatedly cast doubt on whether Russia interfered with the election, was briefed on the indictments, the White House said. The efforts, which began in 2014, were connected to the so-called Internet Research Agency, a shadowy Russian operation based in St. Petersburg that leveraged Facebook and other social media platforms to spread divisive messages leading up to the 2016 election. The indictment says the goal of the entities and people indicted was to support now-President Trump's campaign and to hurt Democrat Hillary Clinton's, and that some defendants while posing as U.S. people communicated with "unwitting individuals associated with the Trump Campaign and with other political activists to seek to coordinate political activities." To read our full coverage, click here, here and here. --AND ON TUESDAY: Mueller charged attorney Alex Van Der Zwaan with lying to FBI investigators in the investigation. Van Der Zwaan pleaded guilty Tuesday afternoon, a development that was widely suspected after he was charged with making "materially false, fictitious, and fraudulent statements and representations" to special counsel Robert Mueller's office and FBI agents, according to a court filing released Tuesday morning. Van Der Zwaan allegedly lied about his last communications with Gates and then deleted emails requested by the special counsel's office, according to the indictment. He allegedly did so as part of his work for a firm hired by the Ukrainian Ministry of Justice to prepare a report on the trial of Yulia Tymoshenko, a former prime minister of Ukraine. The new charges came as Gates is reportedly nearing a plea deal with Mueller that could lead to his testimony against Paul Manafort, President Trump's former campaign chairman. Gates worked as Manafort's business partner. Last year, Mueller indicted them both, and both originally pleaded not guilty. The charges against Van Der Zwaan appear to be related to a report produced by the law firm Skadden, Arps, Slate, Meagher & Flom that helped the Ukrainian government counter international criticism that the 2011 prosecution and conviction of Tymoshenko had been driven by political aims. To read more of our coverage, click here and here. --SESSIONS LAUNCHES CYBER TASK FORCE Attorney General Jeff Sessions announced Tuesday that the Justice Department is creating a Cyber-Digital Task Force to examine outside attempts to interfere with U.S. elections. "At the Department of Justice, we take these threats seriously. That is why today I am ordering the creation of a Cyber-Digital Task Force to advise me on the most effective ways that this Department can confront these threats and keep the American people safe," Sessions said in a statement. Sessions said Deputy Attorney General Rod Rosenstein will name a senior Department official to chair the task force. The effort will seek to "canvass the many ways that the Department is combatting the global cyber threat" as well as "identify how federal law enforcement can more effectively accomplish its mission in this vital and evolving area," according to the press release. The task force will be in charge of looking into a broad range of efforts in which outside actors sought to interfere. It is tasked with providing a report on its findings at the end of June. President Trump spent the weekend tweeting that the grand jury's indictment vindicates him in the federal Russia probe because this particular set of charges did not point to collusion between Trump campaign aides and Russians.   A LEGISLATIVE UPDATE:  DEMS PRESS EQUIFAX TO EXTEND BREACH PROTECTIONS: A group of House Democrats is urging Equifax to extend protections for those affected by its massive data breach last year, arguing that the credit bureau's offering is inadequate. Every Democrat on the House Oversight and Government Reform Committee signed a letter to the company on Tuesday asking that it give consumers who were exposed by the breach free credit monitoring and identity theft protections for at least three years. Equifax is currently offering the free service for one year. "Given the sensitive nature of the personal information that was stolen--and the ability of criminals to store and use that information for years to come, we believe that the millions of U.S. consumers whose personal information was compromised in the Equifax data breach should receive the most robust form of credit protection and identity theft services available," wrote the group, led by Rep. Elijah Cummings (Md.), the Oversight panel's top Democrat. The breach gave hackers access to the personal information of more than 145 million people -- nearly half the U.S. population. Social Security numbers, names and addresses were among the information stolen in the hack. To read the rest of our piece, click here.   A REPORT IN FOCUS: A cybersecurity firm wrote Tuesday that a suspected North Korean hacking group is growing more sophisticated and advanced in its cyber espionage operations. The group known as APT37 is utilizing high-tech malware, both custom and destructive, to carry out attacks that align with Pyongyang's interests, FireEye found. "We assess with high confidence that this activity is carried out on behalf of the North Korean government given malware development artifacts and targeting that aligns with North Korean state interests," the company said in a blog post, linking the group's alleged activity by other entities like ScarCruft and Group123. The espionage group appeared to largely target North Korea's longtime regional rival, South Korea, in addition to Japan, Vietnam and other countries in the Middle East. APT37 specifically tailors attacks depending on its targets by using "strategic web compromises" and distributing malware "more indiscriminately" through torrent file-sharing sites, the firm found. This was done across various and related industries operating within a state to achieve its objectives with advanced malware. "The group has demonstrated access to zero-day vulnerabilities ... and the ability to incorporate them into operations," the report found. The report says the group became savvy in its efforts to evade detection including using the compromised systems, message platforms, and cloud providers along with other hiding spots. To read the blog post and full FireEye report, click here.   A LIGHTER CLICK:  A new cybercrime drama called 'Hackerville' is coming to television screens in Europe. (Variety)   WHAT'S IN THE SPOTLIGHT:  CYBER CRIME: The White House issued a report on Friday on the economic costs of cybercrime, estimating that malicious cyber activity cost the American economy as much as $109 billion in 2016. President Trump's Council of Economic Advisers compiled the 60-page report, which reviewed public information on the movement of the stock price of organizations impacted by breaches in order to assess the level of damage. The organizations were drawn from an analysis of Thomson Reuters news feed of articles on public breaches at companies. "We find that the stock price reaction to the news of an adverse cyber event is significantly negative," the report states, putting the figure between $57 billion and $109 billion in 2016 alone. While the sample excluded small and medium-sized businesses, the report notes "such events may be more devastating for smaller firms because, for example, for a business that is focused on a single product, IP theft could wipe out the firm's entire livelihood." The report cites a number of high-profile breaches, including the massive breach disclosed by Equifax last year in which hackers stole personal information on over 145 million Americans. Equifax's share price plummeted by 13.7 percent in one day after the breach was announced last September. It also digs into the Sony Pictures breach, for which U.S. officials have blamed North Korea. The report notes that cyberattacks targeting critical infrastructure in particular could have a "highly damaging" effect on the economy. "Firms in critical infrastructure sectors may generate especially large negative spillover effects to the wider economy," the report states. "Successful protection against cyber threats requires cooperation across firms and between private and public sectors." To read more from the report, click here.   IN CASE YOU MISSED IT: Links from our blog, The Hill, and around the Web. Homeland Security chief touts effort on election cybersecurity. (The Hill) Lawmakers worry about rise of fake video technology. (The Hill) Tesla cloud account hacked to mine cryptocurrency. (The Hill) Judge rejects AT&T inquiry into possible Trump influence in merger case. (The Hill) Uber CEO: Air taxis could become a reality within decade. (The Hill) OP-ED: New EU data protection rules a turning point for privacy. (The Hill) Trump's tech adviser Reed Cordish is leaving the White House. (Washington Post) A Department of Fish and Wildlife breach exposed information on thousands of Calif. state workers. (Sacramento Bee) Digital heart devices spark hacking concerns. (Reuters) Cyber firm Trend Micro releases its 2017 'security roundup' report. (Trend Micro)   If you'd like to receive our newsletter in your inbox, please sign up here.           Did a friend forward you this email? Sign up for Cybersecurity Newsletters     Forward Cybersecurity Newsletters       Privacy Policy  |  Manage Subscriptions  |  Unsubscribe  |  Email to a friend  |  Sign Up for Other Newsletters   The Hill 1625 K Street, NW 9th Floor, Washington DC 20006 ©2016 Capitol Hill Publishing Corp., a subsidiary of News Communications, Inc.