Overnight Cybersecurity: Mueller files new charges against Manafort, Gates in Russia probe | Cyber scams spike in tax season | FCC repeal of net neutrality official | US, Australia talk cybersecurity

View in your browser       Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We're here to connect the dots as leaders in government, policy and industry try to counter the rise in cyber threats. What lies ahead for Congress, the administration and the latest company under siege? Whether you're a consumer, a techie or a D.C. lifer, we're here to give you ...   THE BIG STORIES: --MUELLER FILES NEW CHARGES AGAINST MANAFORT, GATES IN RUSSIA PROBE: Special counsel Robert Mueller has filed new charges against former Trump campaign staffers Paul Manafort and Richard Gates. A federal court in Virginia on Thursday returned a 32-count superseding indictment charging Manafort and Gates with committing tax fraud, failing to file reports on foreign bank and financial accounts and bank fraud conspiracy. "Manafort and Gates generated tens of millions of dollars in income as a result of their Ukraine work," the indictment says. "From approximately 2006 through the present, Manafort and Gates engaged in a scheme to hide income from United States authorities, while enjoying the use of the money." The new charges in the case against Gates and Manafort come less than a week after Mueller indicted 13 Russian nationals and Russian entities for orchestrating an elaborate scheme to interfere in the election using social media and other means. They also come on the heels of a guilty plea from lawyer Alex Van Der Zwaan, who confessed to lying to FBI agents about his conversations with Gates about a 2012 report he had a hand in compiling for Ukraine's government. The new indictment also follows reports that Mueller filed new charges under seal Wednesday in the case against Manafort and Gates. Meanwhile, Gates is rumored to be nearing a plea deal in Mueller's probe into alleged Russian interference in the 2016 U.S. elections, which would pave the way for him to cooperate as a witness against Manafort, his longtime business associate. To read the rest of our piece, click here. To read the superseding indictment, click here.   --SANCTIONS FOR 'NOTPETYA'?: The Trump administration is mulling levying new sanctions against Russia for interfering in the 2016 presidential election and its role in the massive "notPetya" cyberattack that had worldwide implications last summer, according to Reuters. Senior administration officials briefed reports on the issue Wednesday, countering criticism from some in Congress that the administration has been slow to act on punishing Russia. Congress overwhelmingly passed legislation last year to increase sanctions on Russia for its election meddling. The State Department announced last month that it was not imposing any new sanctions, citing evidence that the law was already having a deterrent effect. Last week, the Trump administration publicly blamed Moscow for the "notPetya" attack, which first broke out in Ukraine last June and quickly spread to computer systems in other areas of Europe and the United States. According to Reuters, one anonymous administration official spoke of "certainty" that the U.S. would have a response to the global malware attack. To read our coverage of the notPetya attribution, click here and here. --U.S., AUSTRALIA TALK CYBERSECURITY: U.S. and Australian officials met in Washington on Thursday to discuss the two countries' partnership on cybersecurity and joint efforts to hold hackers responsible for malicious activity online. Homeland Security Secretary Kirstjen Nielsen and outgoing NSA Director Adm. Mike Rogers met with Australian Prime Minister Malcolm Turnbull at a roundtable discussion hosted by the Center for Strategic and International Studies and the Australian Strategic Policy Institute, according to Homeland Security. The group, which also included private sector stakeholders, "discussed the strong U.S.-Australian partnership on cybersecurity issues, and the shared goal of improving deterrence and holding malicious cyber actors accountable," according to a readout of the meeting from Homeland Security. Nielsen gave voice to Homeland Security's efforts to secure the supply chain from cyber threats, which Homeland Security said is "being targeted by sophisticated adversaries with increasing regularity."   A NET NEUTRALITY UPDATE:  IT'S OFFICIAL: The Federal Communications Commission's (FCC) order repealing net neutrality was published in the Federal Register Thursday morning, opening the door for supporters of the Obama-era rules to launch legislative and legal challenges. The Republican-led FCC voted to repeal the consumer protections in December amid an outcry from internet users and activists worried that the move would give free rein to companies like Verizon and Comcast to disrupt the free flow of information online. "As a result of the mess the agency created, broadband providers will now have the power to block websites, throttle services, and censor online content," Democratic FCC Commissioner Jessica Rosenworcel, who voted against the repeal, said in a statement on Thursday. "This is not right. The FCC is on the wrong side of history and the wrong side of the law and it deserves to have its handiwork revisited, reexamined, and ultimately reversed." Now that the new rules have officially been published, net neutrality supporters are able to mount a legal challenge against them. Democratic attorneys general, public interest groups and internet companies have all promised to file lawsuits to preserve the 2015 protections. One group, Public Knowledge, said that it would be filing its own lawsuit on Thursday. "Despite the hard blow [FCC] Chairman [Ajit] Pai has dealt to the Open Internet, small businesses, and consumers, the fight for net neutrality continues," John Bergmayer, the group's senior counsel, said in a statement. "Today, Public Knowledge is filing a challenge to the FCC's action in the United States Court of Appeals for the District of Columbia Circuit, where we are confident that the FCC's illegal and procedurally flawed action will be rejected." Net neutrality supporters in Congress are also now able to try to overturn the repeal through legislation. To read more from our piece, click here.   A REPORT IN FOCUS:  THE CASE FOR PROTECTING DATA ACROSS BORDERS: A new analysis makes the case that the international community should protect the flow of information across borders as well as reject efforts to regulate data control based on geographic location frameworks. "Law enforcement requests for digital evidence should be based on the location and nationality of users, not the location of data," according to New America's Thursday report on "Rethinking Data, Geography, and Jurisdiction." The report addresses a key question arising within digital law about how to conduct oversight on a global issue that continues to change where and how it stores data. Where digital information is stored, whether at multinational companies and other entities, continues to change and to be redistributed "as more efficient storage space becomes available elsewhere on the globe," the report found. The report warned that contentious international disputes continue to arise over the unsolved issue, leading some governments to try to use geographic location of stored data as the basis for asserting legal jurisdiction. "This fragmentation [of the Internet], we argue, would fundamentally degrade the Internet's future potential for innovation, economic growth, and the other social, scientific, and democratic advancements we have come to expect from today's global network," the report says. The report identifies a series of possible solutions to the problem, both in the direction of international policy as well as diplomatic engagement between two countries. The report described one U.S.-U.K. bilateral data sharing deal as an example of progress. It called on all groups and individuals involved in the data sharing space to collaborate on establishing and then fostering  "shared global norms for appropriate data flow controls and to inject those shared principles into domestic law and policy." And it warned that the problem will otherwise "become more intractable" if they don't.   A LIGHTER CLICK:  Cool new jackets that will actually heat you up with A.I and the help of Alexa. (Technology Review) WHAT'S IN THE SPOTLIGHT:   TAX PHISHING SCAMS: Federal officials are warning of a spike in phishing campaigns during the IRS's tax filing season, particularly those targeting information from would-be victims' W-2 forms. The FBI's Internet Crime Complaint Center issued an alert late Wednesday warning of an increase in W-2 phishing campaigns. "This scam is just one of several new variations of IRS and tax-related phishing campaigns targeting W-2 information, indicating an increase in the interest of criminals in sensitive tax information," the alert says. The Internal Revenue Service (IRS) has seen an increase in reports of compromised or forged emails asking targets to provide information about their W-2 since the beginning of the year, according to the alert. In some cases, the emails were accompanied by a request for an unauthorized wire transfer. The alert indicates that hackers are largely targeting employees of organizations in hopes of carrying out "mass data thefts," but says individual taxpayers may also receive the phishing emails. "The most popular method remains impersonating an executive, either through a compromised or spoofed email in order to obtain W-2 information from a Human Resource (HR) professional within the same organization," the notice says. The Department of Homeland Security (DHS) also highlighted the uptick in W-2 phishing campaigns in an alert issued Wednesday. Officials and experts have repeatedly warned of hacking schemes that aim to leverage tax-filing season for financial gain. In 2016, then-IRS Commissioner John Koskinen reported a 400 percent surge in phishing and malware incidents during tax season. On Thursday, cybersecurity firm Kaspersky Lab released research highlighting how hackers have used spoofed websites to imitate real IRS pages and lure taxpayers to enter their data. To read the rest of our piece, click here.   IN CASE YOU MISSED IT: Links from our blog, The Hill, and around the Web. Judge to hear from attorneys who no longer want to represent Gates. (The Hill) Cyber criminals sell counterfeit certificates to masquerade malware software as legitimate. (Cyberscoop) The head of the Election Assistance Commission is being removed. (Reuters) OP-ED: Donna Brazile: So far, the effort to protect our elections simply has not been adequate. (The Hill) Democratic senators are concerned about the inability of U.S. border officials to fully verify electronic passports. (Wyden/McCaskill) What sort of oversight can help stop the spread of 'fake news'? (Just Security) Amazon eyes more 'Amazon Go' cashierless stores. (Recode) Department of Interior believes drones have 'limitless possibilities' (NextGov) Ethereum wallets are vulnerable to hackers. (Motherboard) If you'd like to receive our newsletter in your inbox, please sign up here.           Did a friend forward you this email? Sign up for Cybersecurity Newsletters     Forward Cybersecurity Newsletters       Privacy Policy  |  Manage Subscriptions  |  Unsubscribe  |  Email to a friend  |  Sign Up for Other Newsletters   The Hill 1625 K Street, NW 9th Floor, Washington DC 20006 ©2016 Capitol Hill Publishing Corp., a subsidiary of News Communications, Inc.