Overnight Cybersecurity: Intel leaders want to bypass encryption commission

Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We're here to connect the dots as leaders in government, policy and industry wrap their arms around cyberthreats. What lies ahead for Congress, the administration and the latest company under siege? Whether you're a consumer, a techie or a D.C. lifer, we're here to give you ...


--LOCK IT UP: Senate Intelligence Committee leaders want to move swiftly on encryption legislation and bypass a proposed national commission to study the topic first. "I don't think a commission is necessarily the right thing when you know what the problem is. And we know what the problem is," said Senate Intelligence Committee Chairman Richard BurrRichard Mauze BurrOvernight Energy: Trump rolls back methane pollution rule | EPA watchdog to step down | China puts tariffs on US gas Graham: Mueller is going to be allowed to finish investigation Trump authorizes sanctions against foreign governments that interfere in US elections MORE (R-N.C.). Burr is working on a bill with his committee's ranking member, Sen. Dianne FeinsteinDianne Emiel FeinsteinTrump: I hope voters pay attention to Dem tactics amid Kavanaugh fight Hillary Clinton: FBI investigation into Kavanaugh could be done quickly Graham calls handling of Kavanaugh allegations 'a drive-by shooting' MORE (D-Calif.), that would guarantee law enforcement access to encrypted data. But Sen. Mark WarnerMark Robert WarnerRussia docs order sets Trump on collision with intel community Hillicon Valley: North Korean IT firm hit with sanctions | Zuckerberg says Facebook better prepared for midterms | Big win for privacy advocates in Europe | Bezos launches B fund to help children, homeless Bipartisan trio asks US intelligence to investigate ‘deepfakes’ MORE (D-Va.) and House Homeland Security Committee Chairman Michael McCaul (R-Texas) are pushing their own competing proposal that would press pause on any immediate encryption legislation and instead establish a national commission to investigate the issue. Feinstein did not dismiss the idea, telling The Hill, "It's not a bad idea, actually." But she expressed concern about the time a commission might take to produce recommendations. Congress has to move fast, Feinstein said, given the recent San Bernardino attack in her home state. "Here's the problem," Feinstein said. "If the Internet goes totally dark, and there are apps that people can use to communicate to plot, to plan, to threaten, to do all of that, you've got a real problem." To read our full piece, click here.

--TAKING THE GLOVES OFF: A senior Israeli military figure is predicting that cyberattacks will spike in 2016 because nation-state actors will have no incentive to "behave" in the wake of the nuclear agreement with Iran. "In 2015, all the actors were trying to behave well, be good boys, because the global political system was very concentrated on the efforts to reach an arrangement regarding the Iranian issue," Major General Uzi Moskovitz, head of the Israeli defense forces' C4I Corps, told the publication. "So the Iranians had no incentive to impose attack waves on the US banking system [or] to impose any attacks on oil and natural gas companies in the Gulf, as they did in 2012." Israeli officials blame Iranian nationalist hackers for 2012 strikes on the oil company Saudi Aramco and the Qatari gas company RasGas. U.S. banks were hit by another attack the following month. Pointing to recent attacks on a Ukrainian power plant and Turkish banks as evidence of a ramping up of attacks, Moskovitz warned that the next wave of intrusions will likely take place in the "cyber-kinetic" realm. He declined to point to specific actors he believed would be responsible for such attacks. "I think that some of the players in the cyber-kinetic arena -- this is my opinion -- have decided to take their gloves off," he said. To read our full piece, click here.

--I CAN HAZ COMPANY?: Leading cybersecurity firm FireEye Inc. said Wednesday that it has acquired the threat intelligence firm iSight for $200 million. The move brings together two giants in the industry. FireEye's Mandiant division is a prominent investigator of high-profile hacks -- both Sony and Anthem employed Mandiant after they were breached -- while iSight has uncovered multiple major international cyber threats. The acquisition significantly expands FireEye's international tracking capabilities, adding 16,000 adversaries to its roster, about 20 times the number FireEye is currently tracking. "This acquisition extends FireEye's intelligence lead with an offering no one else in the industry can match," FireEye CEO David DeWalt said in a release. The purchase follows months of stiff devaluations of cybersecurity firms after a spate of headline-grabbing hacks sent prices skyrocketing in 2015. The deal includes a rider calling for another $75 million in cash and stock to iSight shareholders should the company meet certain sales targets by the second quarter of 2018. Still, even the full $275 million would be far short of the $1 billion iSight CEO John Watters said last year that he expected to raise in a potential initial public offering this year. To read our full piece, click here.



--SUMMER SCHOOL? Sen. Cory Booker (D-N.J.) is preparing legislation to help combat the massive online propaganda machine the Islamic State in Iraq and Syria (ISIS) uses to recruit foreigners.

"I'm a little frustrated when it comes to our efforts at counter-messaging," Booker said Wednesday during a Senate Homeland Security Committee hearing on ISIS ideology.

Booker said his bill would give the Department of Homeland Security "the tools to widely implement" courses in which college and high school students develop more effective counter-narratives for other teenagers and young adults.

Jessica Stern, a research professor at the Boston University Pardee School for Global Studies, is set to offer the course with some State Department backing. But she told lawmakers on Wednesday that these efforts must be expanded.

"I think we really haven't taken this issue ... seriously enough," she said.

To read our full piece, click here.



--FRANK UNDERWOOD CARES ABOUT CYBERSECURITY! Guys, Kevin Spacey is now the spokesman for an Internet security company? WISeKey is a digital security company based in Switzerland that, among other things, says its "military-grade encryption methods are the safest available."

"I've always been fascinated by this particular space," Spacey said at the World Economic Forum in Davos. "If you want to protect your content and you want to protect your intellectual property, now it's my responsibility to make sure we do that."

IDK, Frank, encryption is kind of hot politically right now, are you sure you really want to tackle this while you're running your reelection campaign?

Read on, here.



--ANOTHER GUILTY PLEA. A Ukrainian hacker on Wednesday pleaded guilty to operating a botnet that used over 13,000 computers to steal banking information, another in a recent spate of high-profile extraditions and convictions for hacking.

Sergey Vovnenko, also known as "Flycracker," "Centurion" and "Darklife," pleaded guilty to aggravated identity theft and conspiracy to commit wire fraud.

According to federal prosecutors, Vovnenko was part of an international ring that used so-called "Zeus" malware to steal debit and credit card numbers and other information.

Arrested in 2014, Vovnenko fought extradition from Italy and made his first court appearance in the U.S. in October.

Read more about the guilty plea at Reuters, here.




--The Senate Judiciary Committee will meet at 10 a.m. to mark up the Judicial Redress Act and the Defend Trade Secrets Act.



Links from our blog, The Hill, and around the Web.

The American Civil Liberties Union is taking its privacy fight to the states. (The Hill)

Dutch police have arrested 10 men suspected of using bitcoin to launder up to $22 million for drug dealers selling their product through anonymous online markets. (The Hill)

The secret information on former Secretary of State Hillary ClintonHillary Diane Rodham ClintonHillary Clinton: FBI investigation into Kavanaugh could be done quickly Hillary Clinton urges Americans to 'check and reject' Trump's 'authoritarian tendencies' by voting in midterms EXCLUSIVE: Trump says exposing ‘corrupt’ FBI probe could be ‘crowning achievement’ of presidency MORE's personal email was more highly classified than previously understood, according to the intelligence community's internal watchdog. (The Hill)

Privacy groups say Internet providers want to -- and do -- know more about you than social media companies. (The Washington Post)

Tensions between governments and U.S. tech firms over widening surveillance demands are likely to come to a head at the World Economic Forum in Switzerland this week. (The Wall Street Journal)

Researchers at Princeton University have found that, until recently, Alphabet's popular Nest thermostat was leaking the zip code of its users over the internet. (Motherboard)

If you'd like to receive our newsletter in your inbox, please sign up here: http://goo.gl/KZ0b4A