Welcome to Hillicon Valley, The Hill’s newsletter detailing all you need to know about the tech and cyber news from Capitol Hill to Silicon Valley. If you don’t already, be sure to sign up for our newsletter with this LINK.
Welcome! Follow our cyber reporter, Maggie Miller (@magmill95), and tech team, Chris Mills Rodrigo (@chrisismills) and Rebecca Klar (@rebeccaklar_), for more coverage.
Virtual Event Announcement: America’s Agenda: Infrastructure
America needed to refresh its aging infrastructure prior to COVID-19. Now, there is added pressure on our existing digital infrastructure as more Americans are working and learning from home full time. How can we bring our physical infrastructure into the future and embrace options for increased safety and security by connecting them to smart, data-informed systems? On Thursday, October 29th at 1:00 PM ET, Reps. Rodney Davis, Sam Graves and Eleanor Holmes Norton join us for “America’s Agenda: Infrastructure.” RSVP today for event reminders! Learn more here.
TREASURY SANCTIONS RUSSIA: The Treasury Department’s Office of Foreign Assets Control on Friday sanctioned a Russian government research institution for alleged use of a dangerous malware virus to target critical infrastructure facilities in the U.S. and in the Middle East.
The sanctions were levied against the State Research Center of the Russian Federation FGUP Central Scientific Research Institute of Chemistry and Mechanics, or TsNIIKhM, which, according to the Treasury Department, used a malware virus known as “Triton” to target and manipulate control systems used to shut down critical infrastructure facilities in the event of an emergency in order to save lives.
The Triton malware was used by hackers in 2017 to target a petrochemical plant in the Middle East, successfully disrupting operations, and again last year to scan and probe at least 20 U.S. electric facilities for cyber vulnerabilities.
“The Russian Government continues to engage in dangerous cyber activities aimed at the United States and our allies,” Treasury Secretary Steven Mnuchin said in a statement Friday.
“This Administration will continue to aggressively defend the critical infrastructure of the United States from anyone attempting to disrupt it.”
Secretary of State Mike Pompeo said in a separate statement that “the United States remains steadfast in countering malign cyber activities by Russian actors on behalf of the Government of the Russian Federation.”
CASE DISMISSED: A California appeals court on Thursday dismissed a challenge to a ruling requiring Uber and Lyft to classify their drivers as employees under state law.
The decision allows an August order from San Francisco Superior Court Judge Ethan Schulman compelling the rideshare giants to comply with AB5 to take effect, although likely not for at least 30 days.
The landmark labor law establishes a test for determining whether workers can be classified as independent contractors rather than employees.
Uber and Lyft have resisted complying with the law since it took effect this January, arguing their core business is technology rather than ride-hailing.
As full employees, drivers would get basic worker protections like a minimum wage and the right to organize.
Both companies had threatened to stop operating in the state entirely if forced to comply with the law.
However, they will have one more chance to avoid reclassifying their drivers and ask for the decision to be reviewed by the California Supreme Court.
FEDS WARN OF RUSSIAN HACKERS: The FBI and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) on Thursday warned that a Russian state-sponsored hacking group is targeting U.S. government systems and the aviation industry, successfully accessing at least two servers.
In a joint alert, the FBI and CISA report that a Russian advanced persistent threat (APT) group known in the security community as “Energetic Bear,” among other names, has been attacking U.S. state, local, territorial and tribal (SLTT) government networks, among other targets, since September.
“The Russian state-sponsored APT actor has targeted dozens of SLTT government and aviation networks, attempted intrusions at several SLTT organizations, successfully compromised network infrastructure, and as of October 1, 2020, exfiltrated data from at least two victim servers,” the FBI and CISA wrote in the alert.
The federal agencies noted that in at least one of the successful attacks, the hacking group had been able to access passwords, IT instructions, vendor and purchasing information and printable access badges.
While the FBI and CISA emphasized that there is “no evidence to date that integrity of elections data has been compromised,” the attacks had put some election data stored on SLTT networks at risk.
BIDEN SAYS FOREIGN NATIONS WILL ‘PAY A PRICE’: Former Vice President Joe Biden on Thursday emphasized that any nation that interferes in U.S. elections will “pay a price” while discussing election security during the final presidential debate.
“Any country, no matter who it is, that interferes in American elections will pay a price,” Biden said. “It’s been overwhelmingly clear in this election — won’t even get into the last one — this election that Russia has been involved, China’s been involved to some degree, and now we learn that Iran is involved.”
“They will pay a price if I am elected. They are interfering with American sovereignty, that’s what’s going on right now,” Biden said.
Biden’s comments were made one day after Director of National Intelligence John Ratcliffe announced that Iran and Russia had gained access to U.S. voter registration data and were aiming to sway public opinions related to the 2020 presidential election.
Ratcliffe said Iran is behind sending spoofed emails that aim to intimidate voters, incite social unrest and damage President Trump. He also said it is behind circulating other content such as a video that appears to encourage individuals to fraudulently cast ballots, even from overseas.
BUNGLED SCHEME: Iranian hackers made mistakes that tied them to the emails threatening U.S. voters, Reuters reported Thursday.
Four people familiar with the matter told Reuters that government analysts and private investigators were quickly able to connect the thousands of emails to Iranian hackers because of mistakes in the video included in the email.
“Either they made a dumb mistake or wanted to get caught,” a senior U.S. government official told Reuters. “We are not concerned about this activity being some kind of false flag due to other supporting evidence. This was Iran.”
The errors enabled U.S. officials to link the emails to Iran in days instead of the usual months of investigation needed.
The connection to Iranian hackers does not automatically mean that they are working on behalf of the Iranian government, Reuters noted, adding that Iranian officials have denied being a part of the effort.
Lighter click: Helpful, and cute, guide
An op-ed to chew on: How Big Tech factors into the US-China geopolitical competition
NOTABLE LINKS FROM AROUND THE WEB:
CBP Refuses to Tell Congress How it is Tracking Americans Without a Warrant (Motherboard / Joseph Cox)
FTC discusses potential antitrust case against Facebook (Politico / Leah Nylen)
Ransomware hits election infrastructure in Georgia county (CNN / Brian Fung)
National Guard called in to thwart cyberattack in Louisiana weeks before election (Reuters / Christopher Bing)