Hillicon Valley: New fears over Chinese espionage | T-Mobile, Sprint execs to testify on $26B merger | Cyber firm denies hacking back on China | Salesforce workers criticize border patrol contract

View in Browser     The Cyber and Tech overnights have joined forces to give you Hillicon Valley, The Hill's new comprehensive newsletter detailing all you need to know about the tech and cyber news from Capitol Hill to Silicon Valley. Welcome! Follow the cyber team, Olivia Beavers (@olivia_beavers) and Morgan Chalfant (@mchalfant16), and the tech team, Harper Neidig (@hneidig) and Ali Breland (@alibreland), on Twitter. Send us your scoops and tips.   FEARS OVER CHINESE ESPIONAGE: Fresh concerns over Chinese espionage are gripping Washington as lawmakers fear Beijing is gaining sensitive details on U.S. technologies. Lawmakers are scrutinizing the Pentagon over its efforts to keep military secrets safe from hackers, after Chinese actors allegedly breached a Navy contractor's computer and collected data on submarine technology. Last week, U.S. officials stepped up warnings that China regularly steals American intellectual property and technology, through cyberattacks and other means -- allegations Beijing denies. The issue took center stage at a congressional hearing Thursday, as lawmakers on the House Armed Services Committee pressed Trump administration officials on their efforts to protect U.S. military assets from Chinese spies. The backstory: The Washington Post reported earlier this month that hackers linked to the Chinese government had penetrated computers used by a contractor working for the Naval Undersea Warfare Center in January and February. The hackers stole over 600 gigabytes of data, including information on a secret submarine technology project. Rep. Adam Smith (D-Wash.), the ranking member of the Armed Services Committee, did not explicitly reference the incident, but noted a recent briefing on a cyber breach had left him concerned about the military's protections against foreign-aligned hackers. "It was shocking how disorganized, unprepared and quite frankly utterly clueless the branch of the military was that had been breached," Smith said. "Even in this day and age, we haven't figured out how to put together a cyber policy to protect our assets, in particular with our defense contractors we work with who store our data but not with adequate protection." Rep. Jim Langevin (D-R.I.), a member of the committee, confirmed to The Hill after the hearing that lawmakers had been briefed on the incident, but declined to offer further details. "The Armed Services Committee is engaged and we are meeting with [the Defense Department] to understand who was breached and what was taken," Langevin said. He agreed that the government is not adequately addressing threats to the military supply chain. "I'm going to be pressing to make sure that we rework and redo our contracting authority to require stronger cybersecurity protections," he added. The concerns over Chinese espionage are not limited to military technology. More from our story here.     FIGHT OVER BORDER PATROL CONTRACT AT SALESFORCE: Hundreds of Salesforce employees are putting pressure on company leadership to reevaluate its contract with Customs and Border Protection (CBP) amid the increased focus on President Trump's hardline immigration policies. Workers at the cloud computing company sent a letter to CEO Marc Benioff, urging him to "re-examine" Salesforce's relationship with the CBP and to "speak out against its practices." The workers said that they were particularly concerned about Salesforce tools aiding the agency's involvement in the separation of children from families at the border. "We cannot cede responsibility for the use of the technology we create -- particularly when we have reason to believe that it is being used to aid practices so irreconcilable to our values," the workers wrote in their letter first reported by Bloomberg and confirmed by The Hill. At issue: According to a release from March, Salesforce is helping CBP "modernize its recruiting process" and "manage border activities." The workers noted that even though Trump signed an executive order ending the family-separation practice, they still took issue with the CBP contract. We have more on the controversy here.   T-MOBILE, SPRINT CHIEFS TO TESTIFY WEDNESDAY: T-Mobile CEO John Legere and Marcelo Claure of Sprint will make the case for their $26 billion merger Wednesday before the Senate Judiciary antitrust subcommittee. The two will try to pitch the deal to lawmakers, including Democrats who have voiced concerns about the merger. Critics say the deal will reduce the number of competitors in an already highly-concentrated market. Legere and Claure argue that the 5G network the combined company will create will be able to provide benefits to consumers that outweigh concerns from the deal's skeptics. Read more here.   FAKE NEWS … ? Cybersecurity firm FireEye is pushing back on New York Times reporter David Sanger's new book for claiming the company's subsidiary breached web cameras used by hackers working for the Chinese government, describing one passage as a "serious mischaracterization" of the company's investigative work. Sanger's book, "The Perfect Weapon: War, Sabotage, and Fear in the Cyber Age," alleges that cyber firm Mandiant breached laptops belonging to the Chinese hackers and activated their cameras to track them as part of the company's work to link cyber-espionage activities to the Chinese group, known as APT1. On Monday, FireEye, which purchased Mandiant in early 2014, alleged that Sanger mischaracterized the firm's investigative efforts, stating that the company does not engage in nor endorse "hack back" techniques. "Mr. Sanger's description of how Mandiant obtained some of the evidence underlying APT1 has resulted in a serious mischaracterization of our investigative efforts," FireEye said a statement. "We did not do this, nor have we ever done this," the firm said. "To state this unequivocally, Mandiant did not employ 'hack back' techniques as part of investigation of APT1, does not 'hack back' in our incident response practice, and does not endorse the practice of 'hacking back.'" In an excerpt highlighted by Johns Hopkins University professor Thomas Rid, Sanger writes of investigators working for Kevin Mandia, now FireEye's CEO: "As soon as they detected Chinese hackers breaking into the private networks of some of their clients – mostly Fortune 500 companies –Mandia's investigators reached back through the network to activate the cameras on the hackers' own laptops. They could see their keystrokes while actually watching them at their desks." Sanger also claims he viewed footage of the hackers via the hacked cameras. "One day I sat next to some of Mandia's team, watching the Unit 61398 hacking corps at work; it was a remarkable sight," Sanger wrote. "My previous mental image of [People's Liberation Army] officers was a bunch of stiff old generals sitting around in uniforms with epaulets, reminiscing about the glory days with Mao. But these guys were wearing leather jackets or just undershirts, and probably saw Mao only if they visited his mausoleum in Tiananmen Square." FireEye suggested Monday that Sanger may have mistakenly concluded that the company breached the hackers' computers while viewing videos the company compiled showing hackers interacting with malware command and control servers. Those clips, the company said, were made through consensual network monitoring of the company's infected clients. One of the videos was made public in 2013, when Mandiant released its report exposing the cyber espionage group's activity. More on the story here.   SCOTUS SIDES WITH AMERICAN EXPRESS IN ANTITRUST CASE: The Supreme Court on Monday sided with American Express, upholding a provision in its contract that prohibits merchants from persuading shoppers to use credit cards with lower swipe fees. In a 5-4 ruling, the court held that the company's anti-steering provisions do not violate federal antitrust laws. Ohio and 10 others states -- Connecticut, Idaho, Illinois, Iowa, Maryland, Michigan, Montana, Rhode Island, Utah and Vermont -- brought the challenge, arguing the company's rule violates federal antitrust laws by restricting trade. The states claimed the rules had the actual market effect of raising the price of fees credit card companies charge merchants and that those increased costs have been passed on to the consumer. But the court said they had failed to prove those claims.   AMAZON, EBAY SIGN EU DEAL TO BLOCK DANGEROUS GOODS: The European Commission has signed an agreement with some of the largest online retailers aimed at cracking down on the market for illegal goods on the internet. The agreement was signed by Amazon, eBay, Alibaba and Rakuten. It requires them to remove illegal listings on their sites within two days of being flagged by authorities. "More and more people in the EU are shopping online," Vera Jourova, the EU's consumer protection chief, said in a statement. "E-commerce has opened up new possibilities for consumers, offering them more choice at lower prices. Consumers should be just as safe when they buy online, as when they buy in a shop."   NETFLIX FIRES EXEC OVER RACIAL SLUR: Netflix has fired its chief communications officer Jonathan Friedland after learning that he used a racial slur at least twice in the workplace, the company said Friday. CEO Reed Hastings said in a memo obtained by The Los Angeles Times that Friedland had used the n-word during a public relations meeting about offensive language, described by Hastings in a way that was "inappropriate and insensitive." A second incident occurring days later – with two black employees who were helping Friedland deal with the original offense – led to his firing, according to the Times.   FACEBOOK UNVEILS NEW DISINFORMATION TEAM: Executives at Facebook say that they hope a new team of ex-intelligence officers and media experts will help the company spot potential problems before they are exploited by bad actors. A team of experts including former cybersecurity officials, researchers and media buyers will act as the company's "Investigative Operations Team," company executives told BuzzFeed News. The group tests Facebook's advertising systems, pages, Instagram, Messenger and other parts of its applications, searching for ways in which the company's products can misused.   CHINA BLOCKS HBO SITE AFTER JOHN OLIVER SEGMENT: China has blocked HBO's website after comedian John Oliver made fun of its president, Xi Jinping, The New York Times reported Monday. The Times, citing censorship monitor GreatFire.org, said consumers in China have not been able to view the cable channel's internet content since Saturday. Oliver, who hosts "Last Week Tonight with John Oliver" on HBO, recently criticized China over its human rights record, according to the report.   COOPERATING WITH SOUTH KOREA: The governments of the U.S. and South Korea on Monday issued a statement underscoring their cooperation on enhancing the "digital economy," following the fourth U.S.-Republic of Korea Information and Communication Technology Policy forum that took place in Seoul on Friday. "In this dialogue, which included sessions with private sector representatives, both countries affirmed their joint commitment to policy and regulatory environments that foster efficiency, innovation, communication, social diversity, inclusiveness and sustainable economic growth, while respecting privacy and guarding against disruption, fraud, and theft," the statement issued by the State Department Monday morning read. "Participants discussed policy approaches critical to supporting innovation, the free flow of data, emerging technologies, and growth in the digital economy," it read. Topics discussed included cybersecurity, cross-border data flows, 5G, and artificial intelligence. The fifth forum is scheduled to take place in Washington next year.   LONGREAD OF THE DAY: Wired goes inside of the biggest cryptocurrency scandals. The piece is a deep dive into the spectacle that was Tezos, founded by a husband wife duo. Not well versed in crypto? Fear not, the story breaks down the technical concepts in an understandable way and has a riveting narrative to boot.   A LIGHTER TWITTER CLICK: Hello Clippy, I would like an iced latte to go please.   ON TAP FOR TUESDAY: The Senate Energy and Natural Resources Committee holds a hearing on President Trump's nominee to lead the Energy Department's new cybersecurity office at 10 a.m. The House Science Committee holds a hearing on artificial intelligence at 10:30 a.m. A Senate Judiciary subcommittee holds a hearing on election interference focused on the role of shell companies and virtual currencies at 2:30 p.m. The Wilson Center hosts a launch event for David Sanger's new book, "The Perfect Weapon," at 11 a.m.   NOTABLE LINKS FROM AROUND THE WEB: Trump looks to make more history, this time with Putin. (The Hill) Trump plans to restrict Chinese firms from investing in U.S. tech. (The Wall Street Journal) Mueller adds new prosecutors to Russian troll farm case -- and here's what it might signal. (The Washington Post) Instagram estimated to be worth $100 billion. (Bloomberg) Local law enforcement officials are looking to use a legal workaround to unlock encrypted devices. (Motherboard) Apple refutes report about brute force passcode hack. (Endgadget) Cybersecurity expert James Lewis argues that trying to kill ZTE is 'economic warfare that will backfire.' (Center for Strategic and International Studies) Instagram grandma's (The New York Times)           Did a friend forward you this email? Sign up for Technology Newsletters     Forward Technology Newsletters       Privacy Policy  |  Manage Subscriptions  |  Unsubscribe  |  Email to a friend  |  Sign Up for Other Newsletters   The Hill 1625 K Street, NW 9th Floor, Washington DC 20006 ©2016 Capitol Hill Publishing Corp., a subsidiary of News Communications, Inc.