Overnight Cybersecurity: House plan for long-term surveillance law bill 'dead for now' | North Korea expands money-making hacks | Five arrested in ransomware bust

Overnight Cybersecurity: House plan for long-term surveillance law bill 'dead for now' | North Korea expands money-making hacks | Five arrested in ransomware bust
© Getty

Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We're here to connect the dots as leaders in government, policy and industry try to counter the rise in cyber threats. What lies ahead for Congress, the administration and the latest company under siege? Whether you're a consumer, a techie or a D.C. lifer, we're here to give you ...





House Republicans' plans to vote on a stand-alone bill to renew a controversial surveillance authority are dead "for now," House Intelligence Committee Chairman Devin NunesDevin Gerald NunesConservative Dan Bongino launches alternative to the Drudge Report Poll: 46 percent of voters say Trump's Ukraine dealings constitute impeachable offense GOP member urges Graham to subpoena Schiff, Biden phone records MORE (R-Calif.) told reporters less than 24 hours after lawmakers scheduled a Rules Committee vote on the measure. They are butting up against a tight deadline: The current law, which the intelligence community says is critical to identify and disrupting terror plots, is set to expire at the end of the year. FISA Section 702 allows for warrantless surveillance of non-citizens outside the country. Occasionally, note opponents, the systems to protect Americans fail and the surveillance sweeps up domestic or a citizen's chatter. GOP lawmakers will attempt to hash out stark divisions in a conference meeting later on Wednesday, but after a closed-door meeting with key lawmakers in Majority Leader Kevin McCarthyKevin Owen McCarthyWhite House calls Democratic witness's mentioning of president's youngest son 'classless' Republicans disavow GOP candidate who said 'we should hang' Omar Nunes accuses Democrats of promoting 'conspiracy theories' MORE's (R-Calif.) office, no decisions had yet been made. "We're still working away on it," McCarthy said, but offered few other details.

--...POSSIBLE SHORT TERM RENEWAL? Among the slate of options and unanswered questions: Will lawmakers try to attach a short-term renewal of the program to a stopgap spending measure at the end of the week, or try to push through a more long-term solution? "There's a very little chance that a long-term FISA reauthorization has support of the overall conference," said House Freedom Caucus leader Rep. Mark MeadowsMark Randall MeadowsGOP lawmakers, Trump campaign rip 'liberal law professors' testifying in impeachment hearing Live coverage: Witnesses say Trump committed impeachable offenses House Republicans on Judiciary strategize ahead of Wednesday's impeachment hearing MORE (R-N.C.), whose caucus is calling for stronger privacy protections to fix what it sees as systemic Fourth Amendment violations under the current program. The Rules Committee vote, scheduled for 4 p.m. Wednesday, has since been postponed. In the upper chamber, Majority Whip Sen. John CornynJohn CornynPush to investigate Bidens sets up potential for Senate turf war Pressure grows on House GOP leaders to hold line ahead of impeachment trial GOP senators warn Trump trade deal will go into 2020 if deal not reached this week MORE (R-Texas) has suggested lawmakers will try to insert a short-term renewal into its continuing resolution, effectively punting the issue at least into the new year. But it's unclear what leaders mean by "short-term." Sens. Rand PaulRandal (Rand) Howard PaulTrump's legal team huddles with Senate Republicans Democratic congressman calls for study of effects of sex-trafficking law McConnell says he's 'honored' to be WholeFoods Magazine's 2019 'Person of the Year' MORE (R-Ky.) and Ron WydenRonald (Ron) Lee WydenTrump escalates fight over tax on tech giants Trump administration proposes tariffs on .4B in French goods Democratic congressman calls for study of effects of sex-trafficking law MORE (D-Ore.) on Wednesday threatened to mount a filibuster of any long-term extension of the law.

To read the rest of our piece, click here.



NEW YORK MAY SIDESTEP FCC ON SOME NET NEUTRALITY: New York State Assemblymember Patricia Fahy (D) is pushing a bill in an effort to protect the principles of net neutrality in her state in the wake of the Federal Communications Commission's (FCC) vote to repeal the popular Obama-era regulations.


According to Fast Company, Fahy has introduced a short piece of legislation that would prohibit state, county and city authorities from doing business with internet service providers that engage in business practices that were prohibited by the net neutrality rules, like blocking or throttling web content or making websites buy into internet "fast lanes."

"If you are going to be a contractor and want to work with New York, then you must meet the principles," Fahy told the magazine.

To read the rest of our piece click here.






LAZARUS RAISING MONEY... AGAIN: North Korea may be doubling down on its efforts to make money by hacking, according to new research by cybersecurity firm Proofpoint.

The Lazarus Group, an industry name for the believed-to-be North Korean hackers that breached Sony Pictures and launched the disastrous WannaCry malware, has already been linked to several different attempts to generate revenue by hacking. The group was tied to a string of bank robberies using the SWIFT interbank transfer request system totaling hundreds of millions of dollars, as well as recent attempts to phish cryptocurrency exchanges.  

Proofpoint explains in a new report that Lazarus has started infecting South Korean credit card terminals, called point of sale (POS) systems, to steal credit card information.

The firm believes this would make North Korea the first known nation to steal credit cards this way.

Lazarus is also now no longer just phishing cryptocurrency exchanges, but also individuals who appear to own bitcoin and other digital currencies.

On Tuesday, the Trump administration blamed North Korea for the WannaCry malware that infected hundreds of thousands of systems in May. Such attributions from the executive branch have been extremely rare.

The report outlines two new pieces of malware being used by the group. Both are updates to the group's old malware, known as Ratankba.

To read the rest of our piece, click here.



ROMANIAN RANSOMWARE: Romanian authorities have arrested five suspects allegedly spreading the CTB-Locker ransomware throughout Europe and the U.S.

The arrests were the summation of work in concert with Dutch, United Kingdom and U.S. authorities, with help coming from Europol and the cybersecurity firm McAfee.

The five suspects are not believed to have designed the ransomware. Instead, they ran what amounted to a CTB-Locker franchise, paying the designers 30 percent of all of their proceeds


To read the rest of our piece, click here.



Links from our blog, The Hill, and around the Web.

The Coinbase cryptocurrency exchange is investigating insider trading. (The Hill)

OP-ED: WannaCry demonstrates the defensive power of working together. (CNN)

OP-ED: You might already be qualified for a cyber job. (The Hill)


OP-ED: Don't regulate AI. (The Hill)

A cybersecurity firm is suing a cybersecurity reporter over a story about security flaws in their product. (ZD NET)

A British teen will avoid jail time despite running a DDoS service. (BankInfoSec)

Chinese attackers are targeting think tanks. (FireEye)