Overnight Cybersecurity: US publicly blames North Korea for 'WannaCry' attack | SEC suspends trading in bitcoin-based firm | Lawmakers spotlight voting system security

Overnight Cybersecurity: US publicly blames North Korea for 'WannaCry' attack | SEC suspends trading in bitcoin-based firm | Lawmakers spotlight voting system security
© Screenshot

Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We're here to connect the dots as leaders in government, policy and industry try to counter the rise in cyber threats. What lies ahead for Congress, the administration and the latest company under siege? Whether you're a consumer, a techie or a D.C. lifer, we're here to give you ...

 

THE BIG STORY:

--U.S. PUBLICLY BLAMES NORTH KOREA FOR 'WANNACRY': Tensions between the Trump administration and North Korea ratcheted up further on Tuesday after the U.S. publicly blamed Pyongyang for a global cyberattack that crippled Britain's National Health Service and damaged systems at government agencies in other countries. The decision to call out North Korea for the WannaCry cyberattack is significant because the U.S. has only on rare occasions called out other nations for orchestrating cyberattacks. "We do not make this allegation lightly," White House homeland security adviser Tom Bossert told reporters Tuesday. "North Korea has acted especially badly, largely unchecked for more than a decade." The public denouncement is a sign of the Trump administration's effort to increase pressure on North Korea, though experts say that it is likely to fall short of having any effect unless officials can unite other countries in imposing further sanctions on the country. "The only way to do that is to squeeze the revenue streams that generate hard cash for Kim and his government," said Jim Lewis, a former State Department official and cybersecurity expert at the Center for Strategic and International Studies, referring to North Korean leader Kim Jong Un.

--The unprecedented WannaCry attack wreaked havoc in June, spreading to more than 300,000 computers in more than 150 countries. Machines in China and Russia were among those hardest hit. The attack is believed to have used a hacking tool, allegedly from the National Security Agency, that was made public by hacker group the "Shadow Brokers" earlier this year and leveraged a vulnerability in Microsoft Windows. Long before Tuesday's announcement, security researchers quickly linked the attacks to the Lazarus Group through hacking tools used in earlier versions of WannaCry, code used in other Lazarus projects and internet addresses. Lazarus, widely believed to be North Korean, is best known in the United States for a destructive attack against Sony Pictures in 2014 to punish the film studio for a movie mocking the North Korea and Kim. Bossert said Tuesday that the North Korean government directed the cyberattack, which was carried out by "intermediaries." He said that the United Kingdom, Australia, Canada, New Zealand and Japan have all endorsed the U.S. assessment of the attack.

--The press conference came a day after Bossert wrote an op-ed piece in The Wall Street Journal formally announcing the White House believed WannaCry was the work of North Korean actors. On Tuesday, Homeland Security Assistant Secretary for the Office of Cybersecurity and Communications Jeanette Manfra, who also appeared at the press conference, said that the attribution should serve as a call to private sector companies to collaborate with the government on security matters. She specifically praised Facebook and Microsoft for their work in countering North Korean operations. Last week, Facebook deleted several accounts used by the Lazarus group in attacks, work the company said it did in conjunction with Microsoft and other private partners. "Facebook has a long-standing commitment to security, and we continue to invest in efforts to protect people from cyber threats and keep our platform safe," the company said in a statement. "Our adversaries are not distinguishing between public and private. So neither should we," she said. Microsoft also said in a blog post that it worked with tech companies last week to help "disrupt" malware that the Lazarus group relies on, "cleaned customers' infected computers, disabled accounts being used to pursue cyberattacks and strengthened Windows defenses to prevent reinfection."

To read the rest of our coverage, click here and here.

 

A REGULATORY UPDATE: 

SEC HALTS TRADING IN BITCOIN-BASED COMPANY: The Securities and Exchange Commission (SEC) has suspended trading on shares of The Crypto Company, which deals in digital currencies, after its stock surged by roughly 2,700 percent in the past month.

Regulators said their decision was based on the "accuracy and adequacy of information in the marketplace" about The Crypto Company. In particular they raised concerns about "the compensation paid for promotion of the company, and statements in Commission filings about the plans of the company's insiders to sell their shares of The Crypto Company's common stock."

"Questions have also arisen concerning potentially manipulative transactions in the company's stock in November 2017," the SEC said in announcing the suspension.

The company's shares were trading at roughly $575 earlier this week.

The SEC's action against The Crypto Company comes amid an enormous rally in cryptocurrencies. In recent weeks, the highest market capitalization digital currencies like bitcoin and Ethereum have exploded in value as investors rush in.

According to the small firm's website, it consults on matters regarding cryptocurrency and develops technology for the "future of blockchain and cryptocurrencies" and manages a portfolio of "digital assets." Its investor relations page currently directs visitors to a 404 error page.

To read the rest of our piece, click here.

 

RESEARCH IN FOCUS:

Cybersecurity researchers at UpGuard revealed Tuesday that data left exposed on a cloud server by California data analytics firm Alteryx included sensitive information on 123 million American households.

"Exposed within the repository are massive data sets belonging to Alteryx partners Experian, the consumer credit reporting agency, and the US Census Bureau, providing full data sets for both Experian's ConsumerView marketing database and the 2010 US Census," UpGuard said in a blog post. "Taken together, the exposed data reveals billions of personally identifying details and data points about virtually every American household."

The personal information exposed online included home addresses and contact information, as well as details on home mortgage ownership and financial histories. UpGuard's director of cyber risk research Chris Vickery first discovered the Amazon cloud storage bucket, which had been configured to allow any Amazon Web Services user to access its contents, in early October.

According to Forbes, Alteryx moved to secure the bucket last week after being informed about the configuration error. A company spokesman said that the file "contained no names of any individuals or any other personal identifying information" and as a result "does not pose a risk of identity theft to any consumers."

 

A LIGHTER CLICK: 

"Star Wars: The Last Jedi" is cleaning up at the box office.

 

WHAT'S IN THE SPOTLIGHT:

VOTING SYSTEM SECURITY: A group of nearly two-dozen Democratic lawmakers wants the Department of Homeland Security (DHS) and FBI to brief the entire Congress on Russia's efforts to target state voter systems ahead of the 2016 election.

The Democratic lawmakers asked House Speaker Paul RyanPaul Davis RyanWatchdog group sues for donor list from Ryan-aligned nonprofit Terminating Budget Committees not as absurd as it sounds The writing is on the wall for bump stocks and Congress should finalize it MORE (R-Wis.) to arrange such a briefing in a letter sent Tuesday, labeling Moscow's efforts to target election-related systems an "attack."

The letter was signed by House Democrats representing 18 of the 21 states identified by Homeland Security earlier this year as Russian targets before the 2016 election.

In addition to a full briefing, the lawmakers also pressed Ryan to direct relevant congressional committees to investigate Russia's targeting of state election-related systems.

The House and Senate Intelligence Committees as well as the Senate Judiciary Committee are already investigating Russian interference in the election.

"We respectfully request that you ask DHS and the FBI to brief all Members of Congress on the Russian attack on 21 states' voting systems, direct the relevant Congressional committees to investigate this attack, and seek bipartisan solutions to secure our elections going forward," the lawmakers wrote in the letter to Ryan.

"When a sovereign nation attempts to meddle in our elections, it is an attack on our country," they wrote.

Homeland Security formally notified election officials in the various states of the targeting effort in September. The efforts largely consisted of hacking preparations, such as testing for vulnerabilities. However, voter registration databases in Arizona and Illinois suffered breaches.

Homeland Security officials first revealed that Russia had targeted election-related systems in 21 states during public testimony before the Senate Intelligence Committee in June.

As a result of a decision made in the waning days of the Obama administration following Russia's interference effort, Homeland Security designated election infrastructure as "critical," opening it up to federal protections in states and localities that request aid.

Since then, the department has stood up a special council to engage with state and local election officials on potential threats to their voter registration databases and other systems.

Also on Tuesday, Sens. James LankfordJames Paul LankfordOvernight Cybersecurity: Senators eye path forward on election security bill | Facebook isn't winning over privacy advocates | New hacks target health care This week: Senate barrels toward showdown over Pompeo Senators chart path forward on election security bill MORE (R-Okla.) and Amy KlobucharAmy Jean KlobucharOvernight Cybersecurity: Senators eye path forward on election security bill | Facebook isn't winning over privacy advocates | New hacks target health care Senators chart path forward on election security bill GOP poised to advance rules change to speed up Trump nominees MORE (D-Minn.) wrote a letter to new Homeland Security Secretary Kirstjen NielsenKirstjen Michele NielsenOvernight Cybersecurity: Senators eye path forward on election security bill | Facebook isn't winning over privacy advocates | New hacks target health care Homeland Security chief issues warning to ‘caravan’ Senators chart path forward on election security bill MORE calling on her to make election security a top priority during her tenure. "Election security is national security, and our election systems have become a target for foreign adversaries," the senators wrote.

"Given your significant experience across administrations, within the Department, and on issues of cybersecurity, we are hopeful that under your leadership DHS will make securing our election infrastructure a top priority," they wrote.

To read the rest of our piece, click here.

 

IN CASE YOU MISSED IT:

Links from our blog, The Hill, and around the Web.

Uncertainty high after repeal of net neutrality rules. (The Hill)

French privacy watchdog slams Whatsapp on data collection. (The Hill)

House intel panel interviews key figure in Trump dossier saga. (The Hill)

Cyber experts warn of purchasing internet-connected devices from third party vendors. (Quartz)

Cyber firm CEO says North Korea likely amassing bitcoin to pay for future cyberattacks. (CNBC)

If you'd like to receive our newsletter in your inbox, please sign up here.