Today is Tuesday. Welcome to Hillicon Valley, detailing all you need to know about tech and cyber news from Capitol Hill to Silicon Valley. Subscribe here: digital-staging.thehill.com/newsletter-signup.
Follow The Hill’s cyber reporter, Maggie Miller (@magmill95), and tech team, Chris Mills Rodrigo (@millsrodrigo) and Rebecca Klar (@rebeccaklar_), for more coverage.
President Biden warned during a speech updating the nation on the COVID-19 pandemic that misinformation spreading on social media is leading to vaccine hesitancy.
Meanwhile, a bipartisan group of lawmakers are seeking action on a website that is reportedly encouraging users to kill themselves, and DHS is expanding its bug bounty program to cover a new, sweeping vulnerability that has left organizations worldwide open to attacks.
Let’s jump into the news.
Biden: Misinformation fueling vax hesitancy
Misinformation spreading on social media platforms and cable television is fueling vaccine hesitancy, President Biden said Tuesday.
‘Dangerous misinformation’: “The unvaccinated are responsible for their own choices. But those choices have been fueled by dangerous misinformation on cable TV and social media,” Biden said during remarks about the COVID-19 pandemic.
“These companies and personalities are making money by peddling lies and allowing misinformation that can kill their own customers and their own supporters. It’s wrong. It’s immoral. I call on the bearers of these lies and misinformation to stop it, stop it now,” he added.
Biden’s comments come as the omicron variant spreads across the country, now making up about three quarters of COVID-19 cases in the U.S., according to the Centers for Disease Control and Prevention.
Biden said that vaccinated Americans, especially those who have received a booster shot, will be largely protected from severe illness from the omicron variant and made a plea for anyone who has yet to get vaccinated to do so.
“Let me say again and again and again and again, please get vaccinated. It’s the only responsible thing to do. Those who are not vaccinated are causing hospitals to become overrun again,” he said.
Building pressure: The latest comments build on the administration’s pressure for social media companies to crack down on health misinformation.
In July, Surgeon General Vivek Murthy issued an advisory calling misinformation an “urgent threat” and calling for tech companies to take action against the false claims. At the time, Biden went so far as to say social media platforms are “killing people” by allowing the content but later walked it back by placing the blame on the spreaders of the misinformation using platforms like Facebook.
Website crackdown
Congressional lawmakers are calling on technology companies to take the threat of websites that promote suicide seriously and limit their visibility after The New York Times published an investigation detailing how one such website allegedly contributed to the deaths of 45 individuals by suicide.
Wide array of lawmakers: A bipartisan coalition of House lawmakers issued a statement on Monday announcing it has requested briefings from search engines, web hosting companies, organizations that oversee content delivery networks and pertinent social media platforms to “better understand how this website is able to continue encouraging suicide.”
“It is imperative that companies take the threat of such sites seriously and take appropriate steps to mitigate harm,” the lawmakers added.
Briefings: They also said they have asked for briefings from the Department Health and Human Services (HHS) and the U.S. Surgeon General to “discuss this growing crisis and efforts to provide support for Americans and counter harmful online content.”
Reps. Cathy McMorris Rodgers (R-Wash.), Frank Pallone (D-N.J.), Brett Guthrie (R-Ky.), Anna Eshoo (D-Calif.), Morgan Griffith (R-Va.), Diana DeGette (D-Colo.), Bob Latta (R-Ohio), Mike Doyle (D-Pa.), Gus Bilirakis (R-Fla.) and Jan Schakowsky (D-Ill.) all signed the statement.
Rep. Lori Trahan (D-Mass.) led a bipartisan group of Congress members issuing a letter to the Department of Justice (DOJ) on Tuesday asking about options to take action on the site.
DHS EXPANDS BUG BOUNTY PROGRAM
The Department of Homeland Security (DHS) is expanding its recently announced bug bounty program for cyber vulnerabilities to include incentives for hackers to hunt down issues related to the Apache logging library log4j vulnerability.
The Hack DHS program, announced last week, will allow cybersecurity experts to hunt through some external DHS systems to find any vulnerabilities and to then receive payment for alerting DHS to those findings.
“In response to the recently discovered log4j vulnerabilities, @DHSgov is expanding the scope of our new #HackDHS bug bounty program and including additional incentives to find and patch log4j-related vulnerabilities in our systems,” Homeland Security Secretary Alejandro Mayorkas tweeted Tuesday.
“In partnership with vetted hackers, the federal government will continue to secure nationwide systems and increase shared cyber resilience,” he added.
Secret Service steps in
The U.S. Secret Service announced on Tuesday that it has chosen a senior agency official to lead the agency’s efforts on the crackdown on COVID-19 financial scams.
The agency said Assistant Special Agent in Charge Roy Dotson of the Jacksonville, Fla., field office will serve as the National Pandemic Fraud Recovery Coordinator.
In a statement the agency said he will oversee “efforts across multiple ongoing Secret Service investigations into the fraudulent use of COVID-19 relief applications, with stolen benefits nearing $100 billion.”
The agency said the release of money through the CARES Act — the $2 trillion relief package then-President Trump signed into law in March 2020 — attracted the attention of individuals and organized criminal groups throughout the world, adding that the exploitation of funds allocated during the pandemic is “an investigative authority” for the agency and its partners.
INTEL LAYS DOWN THE LAW
Intel has announced that unvaccinated employees who fail to meet the company’s Jan. 4 vaccination deadline and do not receive a religious or medical exemption will soon be put on unpaid leave.
Unvaccinated employees’ unpaid leave will begin in April, three months after the deadline, which was announced in November, according to The Associated Press.
The California-based tech company will consider employees’ exemption requests until March 15. Then employees who do not receive an exemption will begin unpaid leave for a minimum of three months starting April 4.
Intel’s Chief People Officer Christy Pambianchi confirmed that the employees on leave “will not be terminated” and will continue to receive their healthcare benefits while they are on leave, the AP reported.
BITS AND PIECES
An op-ed to chew on: New AI and free press standards fortify the fight against autocracy
Lighter click: These two things do not equate
Notable links from around the web:
The cybersecurity stories we were jealous of in 2021 (Vice Motherboard / Lorenzo Franceschi-Bicchierai)
That fun TikTok video? It’s actually an ad (The New York Times / Sapna Maheshwari)
Advertisers are sucking up student data, even after legal action, researchers say (CyberScoop / Tonya Riley)
One last thing: More NSO allegations
A United Arab Emirates (UAE) agency downloaded spyware from Israeli company NSO Group on to the phone of former reporter Jamal Khashoggi’s wife months before Khashoggi’s murder, new findings published Tuesday concluded.
The Washington Post cited findings from Citizen Lab that found that Hanan Elatr, then the fiance of Khashoggi, was arrested by UAE officials in Dubai in 2018. NSO Group’s Pegasus software was downloaded onto her Android phone in just over a minute while she underwent hours of questions, with the phone returned to her days later.
“We found the smoking gun on her phone,” Bill Marczak, a senior research fellow at Citizen Lab, told The Post after examining Elatr’s phones.
Pegasus spyware has been used by governments and other groups to steal data, turn on microphones and record calls without the user knowing. NSO Group has come under fire in recent months for allegations that it had developed and sold Pegasus to foreign governments as a tool to spy on dissidents, journalists, and others.
A spokesperson for NSO Group strongly pushed back against the findings outlined by the Post on Tuesday.
That’s it for today, thanks for reading. Check out The Hill’s technology and cybersecurity pages for the latest news and coverage. We’ll see you Wednesday.