Overnight Cybersecurity: Hacktivists show their power by taking on KKK, Ashley Madison

Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We're here to connect the dots as leaders in government, policy and industry try to counter the rise in cyber threats. What lies ahead for Congress, the administration and the latest company under siege? Whether you're a consumer, a techie or a D.C. lifer, we're here to give you ...


--NOW I HAVE A MACHINE GUN, HO HO HO: Activist hackers -- so-called hacktivists -- are getting harder to differentiate from more serious threats such as terrorist groups and nation-state cyber warriors, security researchers say. Hacktivism is traditionally defined as breaching data to achieve a political or social objective. It can take many different forms, from website defacement to taking over a Twitter account. The recent breaches of Sony Pictures and the infidelity site Ashley Madison, along with the publication last week of alleged Klu Klux Klan member names, are all examples of online vigilantes taking matters into their own hands. "Hacktivists are the Russian Roulette," said Patrick Peterson, CEO of cybersecurity firm Agari. "They're the most terrifying for corporations and governments because you can't actually plot who they are or their motivations. One day, they try to shame a bank, the next day they try to blackmail Ashley Madison and the next day, they're taking the hoods off the Ku Klux Klan." But experts say it's increasingly difficult to tell the difference between hacktivism and more serious national security threats. To read our full piece, click here.

--DOES IT SOUND LIKE I'M ORDERING A PIZZA, LADY?!: One of the leading providers of prison phone services has been recording calls between inmates and their attorneys, according to an anonymous hacker who turned over some 70 million phone records to The Intercept. In an apparent act of "hacktivism," the hacker reportedly leaked the records out of concern that the provider, Securus Technologies, was violating inmates' constitutional rights by recording their conversations with legal counsel. Recording prison phone calls is a routine practice, with the distinct exception of calls between inmates and their attorneys. Private communications between attorneys and their clients is a long-established principle of the U.S. justice system. According to The Intercept's analysis of the hacked documents, at least 14,000 of the recorded conversations were between inmates and attorneys. "This may be the most massive breach of the attorney-client privilege in modern U.S. history, and that's certainly something to be concerned about," David Fathi, director of the ACLU's National Prison Project, told the publication. "A lot of prisoner rights are limited because of their conviction and incarceration, but their protection by the attorney-client privilege is not." To read our full piece, click here.

--COME OUT TO THE COAST, WE'LL GET TOGETHER, HAVE A FEW LAUGHS: Apple chief executive Tim Cook is warning that a controversial British surveillance bill could have "dire consequences." The investigatory powers bill would force data service providers to help law enforcement bypass encryption on suspects' devices during investigations. Cook blasted the proposed law for creating vulnerabilities that hackers, not just law enforcement, would be able to exploit. "Any backdoor is a backdoor for everyone," Cook told The Daily Telegraph in an interview. "Everybody wants to crack down on terrorists. Everybody wants to be secure. The question is how. Opening a backdoor can have very dire consequences." Critics of the law say it would also infringe on individuals' privacy, a sentiment that Cook echoed. "We believe very strongly in end-to-end encryption and no back doors," he said. "We don't think people want us to read their messages. We don't feel we have the right to read their emails." To read our full piece, click here.



--FISTS WITH YOUR TOES. Sen. Al FrankenAlan (Al) Stuart FrankenTake Trump literally and seriously in Minnesota Ninth woman accuses Al Franken of inappropriate contact Al Franken to host SiriusXM radio show MORE is doubling down on his years-long push to get Congress to ban so-called stalking apps.

The Minnesota Democrat has reintroduced legislation that would block companies from being able to secretly collect location information, as well as banning the development, use and sale of GPS stalking apps.

"A majority of Americans have smartphones now," Franken said. "[The legislation] will help a whole range of people affected by cyberstalking, including survivors of domestic violence, and it would finally outlaw unconscionable -- but perfectly legal -- smartphone apps that allow abusers to secretly track their victims."

Franken's proposal would also require that companies get permission from consumers before they collect location data off of a phone, tablet or in-car GPS or before they share it with a third party.



--I'M AGENT JOHNSON, THIS IS SPECIAL AGENT JOHNSON. NO RELATION. Just in case you didn't get enough opportunities in D.C. bars to ask, "So what do you do?", Tinder is now letting you put that on your profile -- just to make sure you're not blindly swiping right.

Read on, here.



--YIPEE KAI YAY… The number of "ransomware" attacks -- cyberattacks where hackers hold data hostage in exchange for some form of payment -- are expected to grow in 2016, according to a new study from McAfee Labs.

Researchers saw over 4 million instances of ransomware in the second quarter of this year, compared to fewer than 1.5 million instances in the third quarter of 2013.

Read the full report, here.



Links from our blog, The Hill, and around the Web.

TalkTalk estimates that the fallout from its highly-publicized breach will cost the British telecom provider between £30 million and £35 million ($45 million to $53 million), according to its half-year results. (The Hill)

Edward Snowden says he is "overwhelmed" by the public reaction to his disclosures about the government's mass surveillance programs. (The Hill)

Facebook said Wednesday requests for account data from governments globally jumped 18 percent in the first half of 2015. (Reuters)

Insta-damn: This Instagram app may have stolen over 500,000 usernames and passwords. (The Daily Dot)

A Tunisian Islamist hacktivist group has claimed responsibility for hacking the Web site of Europe's largest Jewish school, JFS in North London. (Reuters)


If you'd like to receive our newsletter in your inbox, please sign up here: http://goo.gl/KZ0b4A