Overnight Cybersecurity: Privacy activists prep for 2016 battle

Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We're here to connect the dots as leaders in government, policy and industry wrap their arms around cyberthreats. What lies ahead for Congress, the administration and the latest company under siege? Whether you're a consumer, a techie or a D.C. lifer, we're here to give you ...


--JUST LIKE JORDAN, WE'RE BACK: Privacy activists are set to kick off 2016 after a year of mixed results on Capitol Hill. Civil libertarians took one step forward last summer, reforming the National Security Agency (NSA) in the first major rollback of U.S. surveillance powers in a generation. But their efforts took a hit in mid-December, when they complained that they had been railroaded by controversial cybersecurity legislation that was tucked into a must-pass $1.1 trillion spending bill. They claim the measure will serve to empower the NSA just months after its authority was curbed. The two bills, pushing in different directions, are emblematic of 2015 in general. Privacy activists, who have seen swathes of the public grow skeptical of intelligence agencies' broad spying powers, have been unable to score the kind of wide-ranging and irreversible changes that they seek. To read our full recap, click here.

--THE WIN NO ONE NOTICED: Lawmakers pushing for global cyberspace norms scored an early win just before everyone fled D.C. for the holidays. The major cybersecurity bill that President Obama signed into law in late December includes a clause requiring the State Department to publicly produce an international cyberspace policy within 90 days. The edict is the product of months of cajoling from cyber-focused lawmakers on Capitol Hill, who regularly have warned that the lack of global cyberspace rules poses serious dangers. But these lawmakers acknowledge it's just the first step toward the ultimate goal: a Geneva Convention for cyberspace. The Geneva Convention treaties have governed the rules of war for over 150 years. As assaults increasingly move into the digital sphere, many believe a similar set of ground rules are needed for cyber war. "I think if you ask the secretary of State his priorities, this wouldn't necessarily be top 3, and I'm not saying it should be," Rep. Jim Himes (D-Conn.) told The Hill during a recent interview. "I'm just saying it should probably be on the top 10." To read our full piece, click here.

--NEW KIDS ON THE BLOCK: A previously unknown hacking group that says it opposes the Islamic State in Iraq and Syria (ISIS) has taken credit for the recent cyberattacks on Donald TrumpDonald John TrumpFlynn to campaign for Montana GOP Senate candidate Trump considering pardon for boxing legend after call from Sylvester Stallone Decline in EPA enforcement won't keep climate bill from coming MORE and the BBC. New World Hacking said the digital assault that overwhelmed Trump's website temporarily on Saturday was a protest of the Republican presidential front-runner's "racist" views, the group told cybersecurity news site Hackread. Trump's official campaign website, donaldjtrump.com, was unavailable for roughly 30 minutes. A member of New World Hacking said the group may go after the real estate mogul again. "We targeted the Trump site because this guy can get quite racist," New World Hacking told Hackread. "It doesn't matter to us how crazy he gets." The separate attack on the BBC, which shut down the news organization's websites last Thursday, was undertaken merely as a test of strength, the hacking group told the BBC. The group insists its main target is ISIS. "We are based in the U.S., but we strive to take down ISIS-affiliated websites, also ISIS members," one member of New World Hacking said in a series Twitter messages to a BBC reporter. To read our full piece, click here.



--WE GOT YOUR BACK APPLE. The Netherlands on Monday came out against any type of legislation that would guarantee government access to encrypted data.

The stance is the latest move in the growing international fight over encryption standards. In the wake of the terror attacks in Paris and San Bernardino, Calif., governments worldwide are debating whether to force companies to decrypt data upon government request. Proponents -- including a number of U.S. lawmakers -- say such a mandate would help law enforcement better uncover potential terrorist plots being planned on encrypted platforms invisible to officials. The British government, for instance, is backing a law that would ensure government access to certain secured data. But tech companies have countered that this type of guaranteed access would expose people's sensitive data to hackers and spies, as well as to legitimate investigators.

The Dutch statement's language mirrors some of the most recent messaging on encryption from the Obama administration. After months of deliberation, the White House decided it would not pursue any encryption legislation for the time being. The Dutch government similarly left the door open for future legislation when it said a law was "currently not desirable." Read our full piece, here.



--THE YEAR OF GEORGE? You can now go to Australia and order "The Hand Model" cocktail at a George Costanza-themed bar that opened on New Year's Eve. Jason Alexander, the actor that portrayed the hapless Seinfeld character, took notice over the weekend, tweeting, "That's right - I may not have an Emmy, but I got me a bar in Melbourne, Australia. G'day, mates."

See the full rundown of the menu over at the A.V. Club.



--TURKEY AND RUSSIA. Tensions between Turkey and Russia appear to be moving to cyberspace. Turkey's technology minister said Monday that the ongoing conflicts between the two powers may have spurred hackers to take down hundreds of thousands of Turkish websites in mid-December. "The crisis with Russia and other developments in the region could have incited this [cyberattack]," Science, Industry and Technology Minister Fikri Işık told a local Turkish paper, according to Hurriyet Daily News, the country's main English-language news organization. Separate reports on Sunday also claimed that Turkish activist hackers went after Russia's communications minister, temporarily knocking his Instagram account offline on Sunday. The account for the self-named "Börteçine Cyber Team" features Turkish flags and a portrait of Turkey's founding father Mustafa Kemal Ataturk. The fraught Turkey-Russia relationship was strained in November when Turkey shot down a Russian military jet on its Syrian border. Turkey claims the plane encroached on Turkish airspace and received multiple warnings before it was shot. But Russian President Vladimir Putin called the incident a "stab in the back" committed by "accomplices of terrorists."

Read more about how Turkey is responding to the attacks on Turkish websites here.

And click here to read about the attack on the Russian official's Instagram account.



--AN EXCUSE TO HEAR WERNER HERZOG TALK ABOUT THE INTERNET. The trailer is out for Werner Herzog's upcoming Netflix documentary about the Internet, "Lo and Behold, Reveries of the Connected World," which is perhaps the most Herzog-y title possible. The trailer seems promising, but doesn't give away a whole lot. Although the brief description of the movie from Netflix is pretty great: "Does the Internet dream of itself? Explore the horizons of the connected world."

Check it out over at IndieWire.



Links from our blog, The Hill, and around the Web.

Is the password dead? (TechCrunch)

Cybersecurity insurers may see premiums gross income rise by 300 percent or more in the next five years. (Bloomberg BNA)

A pair of 2015 Federal Trade Commission data breach cases may signal storm warnings for the agency's 2016 Data Security Initiatives. (Bloomberg BNA)

Five cybersecurity names to follow in 2016. (CSO)

Will future historians consider these days the digital dark ages? (NPR)

The malware found inside a recently-downed Ukrainian power plant points to a cyberattack. (Motherboard)


If you'd like to receive our newsletter in your inbox, please sign up here: http://goo.gl/KZ0b4A