Overnight Technology

Hillicon Valley: Sanders finds perfect target in Amazon | Cyberattacks are new fear 17 years after 9/11 | Firm outs alleged British Airways hackers | Trump to target election interference with sanctions | Apple creating portal for police data requests

Welcome to Hillicon Valley, The Hill’s newsletter detailing all you need to know about the tech and cyber news from Capitol Hill to Silicon Valley.

Welcome! Follow the cyber team, Olivia Beavers (@olivia_beavers) and Jacqueline Thomsen (@jacq_thomsen), and the tech team, Harper Neidig (@hneidig) and Ali Breland (@alibreland). And CLICK HERE to subscribe to our newsletter.

 

SANDERS FINDS PERFECT TARGET IN AMAZON: Sen. Bernie Sanders (I-Vt.) has found the perfect new target for his message about inequality ahead of a possible second run for the White House in 2020: Amazon, the nearly $1 trillion online retailer.

Sanders’s attacks on Amazon and its CEO, Jeff Bezos, have won support from the left and the right, elevating his views on the plight of the poor and middle class even amid a soaring economy.

{mosads}The left-wing firebrand is using his elevated national platform to highlight issues like low wages and poor working conditions at the online retailer, and his attacks are resonating with unlikely allies, like conservative Fox News host Tucker Carlson.

“Bezos and Amazon are really a symbol and a prime example of the extreme wealth inequality that exists in America today,” Josh Miller-Lewis, a spokesman for Sanders’s Senate office, told The Hill on Tuesday.

The Vermont senator has been escalating his attacks on the company in recent weeks.

We took a look at what it means for Sanders ahead of 2020 and for Amazon.

 

CYBERATTACK THREAT LOOMS ON 9/11 ANNIVERSARY: Seventeen years after the 9/11 terror attacks, lawmakers are stepping up their warnings about how the next assault on the U.S. could be a cyberattack.

Airports and airlines increasingly rely on cyber networks to operate, yet there are no federal regulations specifically governing their use.

Lawmakers say they are drafting legislation that would impose new standards for cybersecurity as experts argue U.S. airlines are vulnerable to attacks.

“Cybersecurity risks, without question, represent the most preeminent and existent threat to the continuous safe, secure and efficient operations on U.S. airports and the global aviation system,” Michael Stephens, the head of IT and general counsel for Tampa International Airport, said at a congressional hearing last week.

While the industry has its own cybersecurity standards, lawmakers argue they aren’t enough and that the roles of federal agencies have to be more clearly spelled out when it comes to addressing cyber threats to aviation.

“We must urge security agencies to think creatively about potential new attack actors as terrorists continue to search for new vulnerabilities to target,” Rep. Bonnie Watson Coleman (D-N.J.) said. “With that in mind, we must do more when it comes to the cybersecurity of transportation systems. We cannot allow them access to cockpits via cyber means.”

Watson Coleman is working on a bill that would require the Transportation Security Administration to adopt rules that would require both airlines and airports to adopt baseline cybersecurity standards. 

Read more here.

 

CYBER FIRM SAYS, ‘YOU DID IT!’ A cybersecurity firm is naming the alleged hackers behind the recent British Airways attack that may have seized the personal data from 380,000 of the company’s customers.

RiskIQ on Tuesday morning attributed the attack against the largest U.K. airline to Magecart — a sophisticated and persistent hacking group that has actively carried out a series of extensive digital credit card-skimming campaigns earlier this year.

“Magecart set up custom, targeted infrastructure to blend in with the British Airways website specifically and avoid detection for as long as possible,” Yonathan Klijnsma, head researcher at RiskIQ, wrote in a blog post.

“While we can never know how much reach the attackers had on the British Airways servers, the fact that they were able to modify a resource for the site tells us the access was substantial, and the fact they likely had access long before the attack even started is a stark reminder about the vulnerability of web-facing assets.”

Magecart recently carried out another headline-grabbing cyber heist, making off with some of Ticketmaster’s customers’ credit card information earlier this year by placing digital skimmers — devices that steal credit card data.

Ticketmaster wasn’t the only victim. Magecart targeted more than 800 e-commerce sites around the world between February 2017 and June 2018, RiskIQ said in July

Read more here.

 

NEW EXECUTIVE ORDER COMING: President Trump will reportedly sign an executive order mandating that sanctions be implemented against any foreign companies that interfere in U.S. elections.

Reuters reported Tuesday that Trump could sign the order as soon as Wednesday, directing that sanctions be placed against overseas companies that U.S. intelligence found to have meddled in elections.

The United States has repeatedly slapped Russia with sanctions after U.S. intelligence agencies determined that the country had interfered in the 2016 presidential election.

The Hill has reached out to the White House for comment. The White House declined to comment to Reuters.

Trump faced some criticism for not being tough enough against Russia earlier this year, after he appeared to side with Russian President Vladimir Putin’s denials of interference in the 2016 election.

The order would come just weeks ahead of November’s midterm elections. Intelligence officials, including Director of National Intelligence Dan Coats, have warned of possible foreign meddling in the elections.

Read more here.

 

POINTING FINGERS AT RUSSIA: Intelligence officials probing mysterious attacks that have caused brain injuries to diplomats in Cuba and China now reportedly suspect Russia is the prime perpetrator.

The intelligence community arrived at the conclusion after examining intercepted communications collected during an extensive and ongoing investigation including the FBI, CIA and other agencies, according to NBC News.

However, the network said the evidence is not yet definitive enough to formally accuse the Kremlin of directing the continuing attacks that began in late 2016.

“The investigation is ongoing. We have made no determination on who or what is responsible for the health attacks,” State Department spokeswoman Heather Nauert said in a statement to The Hill.

It was reported earlier this month that microwave weapons were suspected in the attacks, in which diplomats heard painful sounds, lost their hearing, or suffered vertigo. However, the possibility that other weapons were also used has not been ruled out. 

Read more here.

 

DHS CHIEF TO STATES: ELECTION SECURITY IS ON YOU: Homeland Security Secretary Kirstjen Nielsen said at an election security conference Monday that the U.S. has not experienced a level of interference this year like that seen in 2016, but warned that threats to election systems “are real and evolving.”

“Each state — and even county — must develop a tailored approach based on what works best for their systems, and their voters. That’s why you are the ones in charge – you know what works best for your communities,” Nielsen said during remarks at the National Election Security Summit.

“Protecting an election from the Russian government wasn’t originally part of your mission or mine, but it is the challenge before all of us now,” she continued.

State election officials have butted heads with lawmakers over efforts to secure elections, with some secretaries of state arguing that measures included in legislation currently being debated in the Senate go too far.

Nielsen used her speech to urge local election officials to report any possible malicious activity, saying that DHS is “able to provide assistance in identifying solutions.”

“No piece of information is too small to help us better understand the risks and share information across the sector,” she said. “The info you share with us becomes part of a larger picture, and is critical to helping us understand the threat environment, and develop new ways to support you.”

 

ARIZONA AG PROBING GOOGLE: Arizona reportedly launched an investigation into Google’s location data collection practices.

The company could face a hefty fine depending on how the state’s attorney general rules on the case over Google’s extensive location tracking.

The probe was started by Republican Attorney General Mark Brnovich and is not yet public, but was reported by the Washington Post.

Arizona is acting alone at the moment but the investigation could encourage other states and even the federal government to take similar actions of their own on the matter.

Brnovich had previously signaled his interest in the investigation in a public filing on Aug. 21. It said the attorney general’s office had retained a law firm to “help probe an unnamed tech company” and its “storage of consumer location data, tracking of consumer location, and other consumer tracking through … smartphone operating systems, even when consumers turn off ‘location services’ and take other steps to stop such tracking.”

Read more here.

 

NO IT WASN’T … YES IT WAS: A pair of top House Democrats are pushing back against the latest Republican allegations aimed at the FBI and Justice Department, stating that GOP lawmakers are intentionally fabricating conspiracy theories in an effort to protect President Trump.

Reps. Elijah Cummings (D-Md.) and Jerrold Nadler (D-N.Y) — the top Democrats on the House Oversight and Government Reform and Judiciary committees, respectively — rebutted the claim of a GOP lawmaker that two FBI officials conspired to leak damaging information to the press in an attempt to hurt Trump.

“Republicans in Congress repeatedly cherry-pick, mischaracterize, and then leak bits and pieces of documents to fabricate conspiracy theories to protect President Trump, and this is just the latest example,” Cummings and Nadler wrote in a joint statement.

Their remarks come after Rep. Mark Meadows (R-N.C.) raised “grave concerns” about several newly revealed text messages sent between former FBI counterintelligence agent Peter Strzok and former FBI lawyer Lisa Page. Meadows claims the text messages show the pair discussing a media leak as well as what he indicated were other signs of officials leaking to reporters.

Read more here.

 

APPLE OPENING NEW PORTAL FOR LAW ENFORCEMENT DATA REQUESTS: Apple is slated to unveil later this year a new portal that law enforcement agencies can use to submit and track requests for user data related to investigations.

The technology company said it will also create a team to train law enforcement regarding digital evidence as well as offer online training to authorities on how to submit requests through the portal, according to a letter sent to Sen. Sheldon Whitehouse (D-R.I.) by the company that was provided to The Hill.

Apple has previously handled such requests over email.

“As more data ends up online and on our devices, we have to come up with new, smart ways for tech companies and law enforcement to unlock information that can solve crimes,” Whitehouse said in a statement to The Washington Post.

Read more here.

 

AN OP-ED TO CHEW ON: Verizon’s California data throttling offers ethical lessons for companies.

 

A LIGHTER TWITTER CLICK: I’m switching back to pencils.

 

NOTABLE LINKS FROM AROUND THE WEB:

Hackers can steal a Tesla Model S in seconds by cloning its key fob. (Wired)

The EU could vote to wreck the internet tomorrow. (Motherboard)

Reddit banned a major white nationalist community, but others are still active. (BuzzFeed News)

Amazon is stuffing its search results pages with ads. (Recode)