Welcome to Hillicon Valley, The Hill’s newsletter detailing all you need to know about the tech and cyber news from Capitol Hill to Silicon Valley. If you dont already, be sure to sign up for our newsletter with this LINK.
Welcome! Follow our cyber reporter, Maggie Miller (@magmill95), and tech team, Chris Mills Rodrigo (@chrisismills) and Rebecca Klar (@rebeccaklar_), for more coverage.
Virtual Event Announcement: America’s Agenda: Infrastructure
America needed to refresh its aging infrastructure prior to COVID-19. Now, there is added pressure on our existing digital infrastructure as more Americans are working and learning from home full time. How can we bring our physical infrastructure into the future and embrace options for increased safety and security by connecting them to smart, data-informed systems? On Thursday, October 29th at 1:00 PM ET, Reps. Rodney DavisRodney Lee DavisMcCarthy faces pushback from anxious Republicans over interview commentsMichigan Republican isolating after positive coronavirus testGOP Rep. Mike Bost tests positive for COVID-19MORE, Sam GravesSamuel (Sam) Bruce GravesAirline CEOs, union leaders implore Congress and the administration to avoid Oct. 1 furloughsMissouri Rep. Sam Graves wins GOP primaryOVERNIGHT ENERGY: House approves .5T green infrastructure plan | Rubio looks to defense bill to block offshore drilling, but some fear it creates a loophole | DC-area lawmakers push for analysis before federal agencies can be relocatedMORE and Eleanor Holmes NortonEleanor Holmes NortonOcasio-Cortez, progressives call on Senate not to confirm lobbyists or executives to future administration postsHopes for DC, Puerto Rico statehood riseShakespeare Theatre Company goes virtual for ‘Will on the Hill…or Won’t They?’MOREjoin us for “America’s Agenda: Infrastructure.” RSVP today for event reminders! Learn more here.
TREASURY SANCTIONS RUSSIA: The Treasury Departments Office of Foreign Assets Control on Friday sanctioned a Russian government research institution for alleged use of a dangerous malware virus to target critical infrastructure facilities in the U.S. and in the Middle East.
The sanctions were levied against the State Research Center of the Russian Federation FGUP Central Scientific Research Institute of Chemistry and Mechanics, or TsNIIKhM, which, according to the Treasury Department, used a malware virus known as Triton to target and manipulate control systems used to shut down critical infrastructure facilities in the event of an emergency in order to save lives.
The Triton malware was used by hackers in 2017 to target a petrochemical plant in the Middle East, successfully disrupting operations, and again last year to scan and probe at least 20 U.S. electric facilities for cyber vulnerabilities.
The Russian Government continues to engage in dangerous cyber activities aimed at the United States and our allies, Treasury Secretary Steven MnuchinSteven Terner MnuchinOn The Money: Pelosi cites progress, but says COVID-19 relief deal might be post-election | Eviction crisis sparked by pandemic disproportionately hits minorities | Weekly jobless claims fall to 787KTreasury sanctions Iran’s ambassador to IraqBipartisan group of senators call on Trump to sanction Russia over Navalny poisoningMORE said in a statement Friday.
This Administration will continue to aggressively defend the critical infrastructure of the United States from anyone attempting to disrupt it.
Secretary of State Mike PompeoMichael (Mike) Richard PompeoTreasury sanctions Iran’s ambassador to IraqBipartisan group of senators call on Trump to sanction Russia over Navalny poisoningHouse lawmakers call for continued assistance to LebanonMORE said in a separate statement that the United States remains steadfast in countering malign cyber activities by Russian actors on behalf of the Government of the Russian Federation.
Read more here.
CASE DISMISSED: A California appeals court on Thursday dismissed a challenge to a ruling requiring Uber and Lyft to classify their drivers as employees under state law.
The decision allows an August order from San Francisco Superior Court Judge Ethan Schulman compelling the rideshare giants to comply with AB5 to take effect, although likely not for at least 30 days.
The landmark labor law establishes a test for determining whether workers can be classified as independent contractors rather than employees.
Uber and Lyft have resisted complying with the law since it took effect this January, arguing their core business is technology rather than ride-hailing.
As full employees, drivers would get basic worker protections like a minimum wage and the right to organize.
Both companies had threatened to stop operating in the state entirely if forced to comply with the law.
However, they will have one more chance to avoid reclassifying their drivers and ask for the decision to be reviewed by the California Supreme Court.
Read more here.
FEDS WARN OF RUSSIAN HACKERS: The FBI and the Department of Homeland Securitys Cybersecurity and Infrastructure Security Agency (CISA) on Thursday warned that a Russian state-sponsored hacking group is targeting U.S. government systems and the aviation industry, successfully accessing at least two servers.
In a joint alert, the FBI and CISA report that a Russian advanced persistent threat (APT) group known in the security community as Energetic Bear, among other names, has been attacking U.S. state, local, territorial and tribal (SLTT) government networks, among other targets, since September.
The Russian state-sponsored APT actor has targeted dozens of SLTT government and aviation networks, attempted intrusions at several SLTT organizations, successfully compromised network infrastructure, and as of October 1, 2020, exfiltrated data from at least two victim servers, the FBI and CISA wrote in the alert.
The federal agencies noted that in at least one of the successful attacks, the hacking group had been able to access passwords, IT instructions, vendor and purchasing information and printable access badges.
While the FBI and CISA emphasized that there is no evidence to date that integrity of elections data has been compromised, the attacks had put some election data stored on SLTT networks at risk.
Read more here.
BIDEN SAYS FOREIGN NATIONS WILL PAY A PRICE: Former Vice President Joe BidenJoe BidenMore than 300 military family members endorse BidenFive takeaways from the final Trump-Biden debateBiden: ‘I would transition from the oil industry’MORE on Thursday emphasized that any nation that interferes in U.S. elections will pay a price while discussing election security during the final presidential debate.
Any country, no matter who it is, that interferes in American elections will pay a price, Biden said. Its been overwhelmingly clear in this election wont even get into the last one this election that Russia has been involved, Chinas been involved to some degree, and now we learn that Iran is involved.
They will pay a price if I am elected. They are interfering with American sovereignty, thats whats going on right now, Biden said.
Bidens comments were made one day after Director of National Intelligence John RatcliffeJohn Lee RatcliffeBiden: Countries that interfere in U.S. elections will ‘pay a price’Biden swipes at Trump ally Giuliani at debate: He’s ‘being used as a Russian pawn’Mistakes made by Iranian hackers tied them to threatening emails targeting US voters: reportMOREannounced that Iran and Russia had gained access to U.S. voter registration data and were aiming to sway public opinions related to the 2020 presidential election.
Ratcliffe said Iran is behind sending spoofed emails that aim to intimidate voters, incite social unrest and damage President TrumpDonald John TrumpMore than 300 military family members endorse BidenFive takeaways from the final Trump-Biden debateBiden: ‘I would transition from the oil industry’MORE. He also said it is behind circulating other content such as a video that appears to encourage individuals to fraudulently cast ballots, even from overseas.
Read more here.
BUNGLED SCHEME: Iranian hackers made mistakes that tied them to the emails threatening U.S. voters, Reuters reported Thursday.
Four people familiar with the matter told Reuters that government analysts and private investigators were quickly able to connect the thousands of emails to Iranian hackers because of mistakes in the video included in the email.
Either they made a dumb mistake or wanted to get caught, a senior U.S. government official told Reuters. We are not concerned about this activity being some kind of false flag due to other supporting evidence. This was Iran.
The errors enabled U.S. officials to link the emails to Iran in days instead of the usual months of investigation needed.
The connection to Iranian hackers does not automatically mean that they are working on behalf of the Iranian government, Reuters noted, adding that Iranian officials have denied being a part of the effort.
Read more here.
Lighter click:Helpful, and cute, guide
An op-ed to chew on: How Big Tech factors into the US-China geopolitical competition
NOTABLE LINKS FROM AROUND THE WEB:
CBP Refuses to Tell Congress How it is Tracking Americans Without a Warrant (Motherboard / Joseph Cox)
FTC discusses potential antitrust case against Facebook (Politico / Leah Nylen)
Ransomware hits election infrastructure in Georgia county (CNN / Brian Fung)
National Guard called in to thwart cyberattack in Louisiana weeks before election (Reuters / Christopher Bing)