Overnight Hillicon Valley — Pro-Chinese group tries to mobilize US protests
Today is Wednesday. Welcome to Hillicon Valley, detailing all you need to know about tech and cyber news from Capitol Hill to Silicon Valley. Subscribe here: digital-staging.thehill.com/newsletter-signup.
Cybersecurity researchers released a report detailing a wide-ranging effort by a pro-Chinese influence group to mobilize protests in the U.S. around COVID-19 and other issues, with the group the same one that Facebook, Twitter and Google have previously taken action against.
Meanwhile, on Capitol Hill, one Senate Democrat is pressing Amazon to change its search algorithm due to evidence that the site was spreading COVID-19 misinformation, while a group of Florida lawmakers pressed the Justice Department for information on how the SolarWinds breach impacted U.S. Attorneys’ Offices.
Follow The Hill’s cyber reporter, Maggie Miller (@magmill95), and tech team, Chris Mills Rodrigo (@millsrodrigo) and Rebecca Klar (@rebeccaklar_), for more coverage.
Let’s jump in.
Chinese influence efforts expand
Cybersecurity group Mandiant Threat Intelligence found evidence that the pro-People’s Republic of China group behind the protest efforts, first discovered in 2019, has expanded from using traditional social media sites like Facebook and Twitter to being found on 30 social media sites and 40 other websites and forums.
While Mandiant noted that no successful protests have been seen as a result of the efforts of the group’s call for physical protests, the group’s efforts have increased, with Mandiant finding evidence of the group posting in at least seven languages across the sites to get their messaging out.
“We have observed extensive promotion of Russian, German, Spanish, Korean, and Japanese-language content on U.S. and non-U.S.-based platforms, in addition to the typical English and Chinese-language activity that has been widely reported on,” the Mandiant researchers wrote in the blog post detailing their findings. “This represents a significant development in our collective understanding of this pro-PRC activity set.”
Read more about the effort here.
Warren goes after Amazon’s algorithms
Sen. Elizabeth Warren (D-Mass.) is urging Amazon to create a plan to modify its algorithm after her staff found books spreading misinformation about the COVID-19 pandemic prominently displayed in searches about the virus and vaccines.
“As cases of COVID-19 continue to rise, Amazon is feeding misinformation loops through its search and ‘Best Seller’ algorithms, potentially leading countless Americans to risk their health and the health of their neighbors based on misleading and inaccurate information that they discover on Amazon’s website,” Warren wrote in a letter sent to Amazon CEO Andy Jassy.
Warren said that when her staff searched for “COVID-19” and “vaccine,” the first result on the top left corner of the screen was a book that “perpetuates dangerous conspiracies about COVID-19,” including claims that lack scientific basis asserting supplements sold on the author’s website can prevent COVID-19 infection.
MORE SOLARWINDS CONCERNS
A group of House and Senate lawmakers from Florida are looking for answers around the effect of last year’s SolarWinds breach on U.S. Attorneys’ Offices (USAOs) and on the way the Justice Department approaches cybersecurity.
The bipartisan group, led by Senate Intelligence Committee Vice Chairman Marco Rubio (R-Fla.), sent a letter to Attorney General Merrick Garland on Tuesday questioning him over reports earlier this year that the SolarWinds breach had impacted email servers of 27 USAOs around the country.
“The DOJ confirmed the breach affected 80 percent of Microsoft email accounts used by USAO employees in New York, but did not provide additional information on the extent of the hack or its effect on Florida USAOs or offices in other identified states,” the lawmakers wrote. “This announcement is alarming as USAO email servers contain highly sensitive information.”
The Northern District of Florida was among the U.S. Attorney’s Offices that had email accounts compromised as part of the breach. The over a dozen lawmakers who signed the letter all represent Florida, where they noted that the offices are “responsible for the prosecution of some of the most significant federal crimes, including crimes related to drugs and trafficking.”
LIKE AND COMMENT?
Australian news publishers are liable for Facebook comments posted by third parties in response to the publishers’ content, the country’s high court ruled Wednesday.
The court dismissed an appeal against a previous ruling in favor of former juvenile detainee Dylan Voller in his high-profile defamation case against Australian newspapers and television stations.
“The Court of Appeal was correct to hold that the acts of the appellants in facilitating, encouraging and thereby assisting the posting of comments by the third-party Facebook users rendered them publishers of those comments,” the court ruled.
A(NOTHER) MICROSOFT VULNERABILITY
Microsoft this week warned that hackers are actively exploiting a vulnerability in its Windows program, urging customers to take steps to shore up security.
“Microsoft is investigating reports of a remote code execution vulnerability in MSHTML that affects Microsoft Windows,” the company wrote in a security alert issued Tuesday. “Microsoft is aware of targeted attacks that attempt to exploit this vulnerability by using specially-crafted Microsoft Office documents.”
Microsoft warned that an attacker could target victims through Microsoft Office documents, with users tricked into opening a malicious document, which opens a page on Internet Explorer that downloads malware onto the system.
BAD DAY FOR ONE HACKER
The Department of Justice (DOJ) announced Wednesday that a Ukrainian hacker was extradited to the U.S. for allegedly selling computer passwords on the dark web.
Glib Oleksandr Ivanov-Tolpintsev, 28, was extradited to the U.S. for charges related to “conspiracy, trafficking in unauthorized access devices, and trafficking in computer passwords,” the DOJ said, according to a release.
Ivanov-Tolpintsev was first taken into custody last year by authorities in Korczowa, Poland, before his extradition.
If convicted, he faces up to 17 years in federal prison. Sneed ordered the Ukrainian man to remain in prison pending his trial.
BITS AND PIECES
An op-ed to chew on: Air Force needs a data-driven acquisition supply chain
Lighter click: What happened when the chicken crossed the road
Notable links from around the web:
In Silicon Valley, criminal prosecutors see no evil (The New York Times / David Streitfeld)
Russian cybercrime continues as government-backed attacks on companies dwindle, CrowdStrike says (CyberScoop / Tim Starks)
Wildfire smoke is everywhere now. Here are the best apps to check air quality in your area (The Washington Post / Tatum Hunter)
One last thing: New cryptocurrency investigation
The chief executive of Coinbase claimed in a series of tweets Tuesday that the Securities and Exchange Commission (SEC) is investigating his company over an upcoming cryptocurrency lending program.
Brian Armstrong alleged that the agency has threatened to sue Coinbase if the feature is launched.
“Look….we’re committed to following the law. Sometimes the law is unclear. So if the SEC wants to publish guidance, we are also happy to follow that,” Armstrong wrote.
“But in this case they are refusing to offer any opinion in writing to the industry on what should be allowed and why, and instead are engaging in intimidation tactics behind closed doors,” he added. “Whatever their theory is here, it feels like a reach/land grab vs other regulators.”
The planned platform would allow users with a stablecoin — a crypto asset ostensibly pegged to national currencies — called USD Coin to make money by lending it to other users and recouping interest.
That’s it for today, thanks for reading. Check out The Hill’s technology and cybersecurity pages for the latest news and coverage. We’ll see you Thursday.
Copyright 2024 Nexstar Media Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed..