| The Cyber and Tech Overnights are joining forces to give you Hillicon Valley, The Hill's new comprehensive newsletter detailing all you need to know about the tech and cyber news from Capitol Hill to Silicon Valley. Welcome! Follow the cyber team, Morgan Chalfant (@mchalfant16) and Olivia Beavers (@olivia_beavers), and the tech team, Ali Breland (@alibreland) and Harper Neidig (@hneidig), on Twitter. Send us your scoops, tips and compliments. HOW HACKERS CAN EXPLOIT DEVICES USED AT HOME: As Americans increasingly fill their homes with smart technology, the risk of hackers exploiting their devices is growing. Experts say the expanding ecosystem of internet-connected devices such as smart thermostats, home security systems and electric door locks are increasingly susceptible to hackers, including those trying to leverage voice-command devices. This risk is further compounded if an individual stores sensitive data on certain internet-connected products, like a credit card number or mailing address, which a hacker may be able to gain access to through other connected devices. One incident that drew particular attention this week highlighted some of the privacy fears surrounding voice-controlled devices and how they can operate seemingly independently of their owners' intentions. A woman in Portland, Ore., said her Amazon Echo recorded a private conversation she had with her husband and then sent an audio file of the recording to someone in the couple's contact list. An Amazon spokesperson explained that the device had misinterpreted a series of words in a background conversation as commands, leading the Echo in question to send the recording. The fallout: While the incident -- described as extremely rare -- did not apparently involve an active third-party, it added to renewed scrutiny over how voice-controlled devices can operate outside their owners' intent and how they might be exploited by hackers. Read more, here. DEMS SUSPICIOUS OF AMAZON'S FACE RECOGNITION TECH: A growing number of Democratic lawmakers and civil libertarians are voicing concerns about Amazon's facial recognition software, worrying that it could be misused. They fear that without proper oversight the technology could hurt minority or poor communities and allow police to ramp up surveillance. The software, known by the name Rekognition, matches images of faces from video and photos with those in a database. Amazon is defending the software, saying it is a useful tool for law enforcement and dismissing claims that it can be used for unauthorized surveillance. But critics are raising questions and calling for more safeguards after an American Civil Liberties Union (ACLU) chapter obtained hundreds of pages of documents showing Amazon offering the software to law enforcement agencies across the country. Black Caucus weighs in: "We are troubled by the profound negative unintended consequences this form of artificial intelligence could have for African Americans, undocumented immigrants, and protesters," Black Caucus Chairman Rep. Cedric Richmond (D-La.) wrote in a letter to Amazon. Reps. Keith Ellison (D-Minn.) and Emanuel Cleaver (D-Mo.): "A series of studies have shown that face recognition technology is consistently less accurate in identifying the faces of African-Americans and women as compared to Caucasians and men," Ellison and Cleaver wrote in their own letter. "The disproportionally high arrest rates for members of the black community make the use of facial recognition technology by law enforcement problematic because it could serve to reinforce this trend," they added. We take a closer look at those concerns here.
NEW DETAILS ON NORTH KOREAN CYBER THREAT: U.S. officials are alerting the public to two families of malware linked to the North Korean government that, if successfully deployed, allow hackers to remotely access devices and steal sensitive information.
The Department of Homeland Security (DHS) and FBI released a technical alert on the two forms of malware -- one a remote access tool, and the other a server message block worm -- on Tuesday. Officials said with "high confidence" that hackers associated with Pyongyang have used both forms of malware since at least 2009 to target media, aerospace, financial and critical infrastructure organizations across the globe, including those in the United States. Both forms of malware, which officials and cybersecurity experts have dubbed Joanap and Brambul, respectively, can allow hackers to remotely access devices and steal sensitive data or conduct other nefarious cyber activity. Interesting timing: The information about North Korean hacking efforts comes as the administration presses forward with discussions about a prospective summit between President Trump and North Korean leader Kim Jong Un. Trump abruptly canceled the summit last week, but has since signaled that it could still take place. The meeting was initially scheduled for June 12. We've got more on the alert here. TODAY IN 'YIKES' CYBERSECURITY NEWS: The Office of Management and Budget says in a new report that roughly three-fourths of federal agencies have cybersecurity programs that that are either "at risk or high risk." What does it mean by "high risk?" "Key, fundamental cybersecurity policies, processes, and tools are either not in place or not deployed sufficiently," the report states. OMB, along with the Department of Homeland Security, analyzed 96 agencies in the cybersecurity assessment. The report, issued late last week, was mandated by President Trump's 2017 cybersecurity executive order. Read it here. TRUMP TO MOVE FORWARD WITH CHINESE TECH CRACKDOWN: The Trump administration on Tuesday said it is going ahead with actions to crack down on Chinese trade practices by June 30. In a press release, the White House said President Trump is planning further export controls against China to counter Chinese intellectual property theft, including tariffs on Chinese tech exports believed to contain stolen American intellectual property. A 25 percent tariff will be levied on $50 billion of tech goods imported from China, and the U.S. pledges in the statement to continue litigating the issue in front of the World Trade Organization. The list of affected goods will be released by June 15, the White House said. Just more than a week ago, Treasury Secretary Steven Mnuchin said that the trade war with China was "on hold," with Chinese state media also reporting that Washington and Beijing had agreed to back off on tariffs. We've got the latest here. SEC CHARGES FOR CRYPTO COMPANY: The Securities and Exchange Commission on Tuesday announced that it is suing the blockchain company behind a $21 million initial coin offering for fraud. The agency also received court approval to freeze the assets of Titanium Blockchain Infrastructure Services Inc. the company running the alleged scheme. Titanium President Michael Alan Stollery, who the SEC is also suing, allegedly lied about having business relationships with the Federal Reserve and many high-profile companies, such as PayPal, Verizon, Boeing and The Walt Disney Company. "This ICO was based on a social media marketing blitz that allegedly deceived investors with purely fictional claims of business prospects," said Robert A. Cohen, Chief of the SEC Enforcement Division's Cyber Unit. We have the details here. TECH PUSHES BACK ON TOUGH AD RULES: The Internet Association, the trade group that represents tech giants like Google and Facebook, urged the Federal Election Commission on Tuesday not to impose rigid online election advertising regulations. "IA's recommended approach is to allow for more flexibility given the variety of ways that internet content is consumed and to preserve the ability of the IA's members to innovate and to allow users of those platforms to innovate," the group's filing reads. Lawmakers have been scrutinizing the industry's political ad disclosure practices in the wake of the 2016 campaign and after revelations that a Russian troll farm had spent thousands on social media ads to sow discord among U.S. voters. LATEST IN THE RUSSIA PROBE: MUELLER MOVES TO SENTENCE CALIFORNIA MAN: Special counsel Robert Mueller's team told a federal court on Tuesday that they want to press forward with the sentencing of Pichard Pinedo, a California man who pleaded guilty earlier this year to identity fraud related to the federal investigation into Russia interference. "The parties respectfully request that the Court refer this case for the preparation of a pre-sentence investigation report," according to the new court filings, which requested that the parties provide a joint status report by a June 28 deadline. "Defense counsel for Mr. Pinedo has reviewed and agreed with this report," the documents say, which were filed in the U.S. District Court for the District of Columbia. Pinedo pleaded guilty to one count of identity fraud in February and is cooperating with Mueller's probe. Mueller accused Pinedo of selling bank account numbers over the internet through an online service called "Auction Essistance," which helped his buyers evade the security protocols that are used by online digital payment companies, according to the court documents. More here. MEANWHILE … TRUMP STEPS UP MUELLER ATTACKS: President Trump on Tuesday intensified his attacks on Robert Mueller, predicting the special counsel's team will be "MEDDLING" in the fall midterm elections in order to hurt Republican candidates. Trump's Twitter outburst, in which he labeled Mueller's investigators as "13 Angry Democrats," is his latest attempt to undercut the credibility of the Russia investigation by arguing it is politically motivated. "The 13 Angry Democrats (plus people who worked 8 years for Obama) working on the rigged Russia Witch Hunt, will be MEDDLING with the mid-term elections, especially now that Republicans (stay tough!) are taking the lead in Polls," the president wrote. "There was no Collusion, except by the Democrats!" SF SUBPOENAS RIDE-SHARING COMPANIES OVER WORKER PAY: The San Francisco city attorney has subpoenaed Lyft and Uber in an investigation over how the companies pay their workers. The move comes after a California Supreme Court decision that makes it harder for companies to classify gig workers as independent contractors. "Our laws also guarantee employees basic humane benefits like sick leave, health care, and paid parental leave," City Attorney Dennis Herrera said in a statement. "We are not going to turn a blind eye if companies in San Francisco deny workers their pay and benefits." PAPUA NEW GUINEA GOING ON A SOCIAL MEDIA CLEANSE: Papua New Guinea is banning Facebook for one month in order to research the social network's effects on the population and to crack down on fake accounts. "The time will allow information to be collected to identify users that hide behind fake accounts, users that upload pornographic images, users that post false and misleading information on Facebook to be filtered and removed," he told the Post Courier newspaper in Papua New Guinea, according to The Guardian. "This will allow genuine people with real identities to use the social network responsibly." TWO ZTE EXECS SIDELINED AMID U.S.-CHINA TALKS: Chinese telecom giant ZTE has reassigned two senior executives as Beijing and Washington seek to hammer out a deal to save the embattled company. The South China Morning Post reported on Tuesday that ZTE executive vice president and chief technology officer Xu Huijun and Huang Dabin, who oversees corporate operations, have been sidelined and are no longer performing their typical duties. RUSSIA TURNS TO APPLE TO BLOCK TELEGRAM: Russia is asking Apple to remove Telegram from its app store after the messaging app refused requests to give the government backdoor access to its platform. Russia had tried to ban Telegram earlier this year but is reportedly having a difficult time completely blocking the app within its borders. The Russian government's watchdog Roskomnadzor on Tuesday, instead, asked Apple to boot the app from its Russian store. "In order to avoid possible action by Roskomnadzor for violations of the functioning of the above-mentioned Apple Inc. service, we ask you to inform us as soon as possible about your company's further actions to resolve the problematic issue," the Russian regulator wrote. SOME OP-EDS TO CHEW ON: Driverless alternatives: New urban microtransit, or new era of sprawl? Against China's unfair policies, Trump's only mistake is not going far enough NOTABLE LINKS FROM AROUND THE WEB: US firm in talks to purchase Israeli NSO Group. (Wall Street Journal) Former CIA director says the 'golden age of electronic surveillance' has ended. (Recode) Hackers targeted two Canadian banks. (Reuters) Mueller has obtained an election meddling presentation from a private Israeli intelligence firm. (The Wall Street Journal) Facebook's guidelines for moderating white supremacists. (Motherboard) Facebook recaps its 2018 hackathon aimed at keeping children safe on its platform. (Facebook) | 
沒有留言:
張貼留言