Hillicon Valley: Russian hackers linked to infrastructure attacks | Gab goes offline after Pittsburgh shooting | Voters aren't confident about election security | UK to tax tech giants

2018年10月29日星期一

Hillicon Valley: Russian hackers linked to infrastructure attacks | Gab goes offline after Pittsburgh shooting | Voters aren't confident about election security | UK to tax tech giants | Google's #MeToo moment

View in Browser

Welcome to Hillicon Valley, The Hill's newsletter detailing all you need to know about the tech and cyber news from Capitol Hill to Silicon Valley.

Welcome! Follow the cyber team, Olivia Beavers (@olivia_beavers) and Jacqueline Thomsen (@jacq_thomsen), and the tech team, Harper Neidig (@hneidig) and Ali Breland (@alibreland). And CLICK HERE to subscribe to our newsletter.

RINGING THE RUSSIAN ALARM: Russian hackers have recently been linked to cyberattacks targeting critical infrastructure in other countries, raising concerns about the nation's ability to target U.S. utilities.

Security firm FireEye this week said a Russian-linked research institute likely helped develop malicious software that was used to shut down a Saudi petrochemical plant last year. And research firm ESET said earlier this month that it uncovered a new hacking group, allegedly tied to Russia, that targeted companies in Ukraine and Poland.

Officials have been warning for months of a Russian campaign on the U.S. power grid. The new reports reveal the extent of the Moscow-tied hackers' work, and the threat they pose to critical U.S. infrastructure.

Chris Krebs, the Department of Homeland Security's (DHS) top cyber official, told The Hill this week that the department generally doesn't comment on reports like the one released by FireEye, but that it does work closely with the Defense Department, U.S. Cyber Command and the National Security Agency (NSA) when determining the risks posed by different actors to U.S. critical infrastructure.

"We always work to update our understanding of what the risks are to critical infrastructure and how we deal with global geopolitics," Krebs said. "Things that could tip the balance, create a more larger profile for a certain sector, in this case, perhaps, elections." Read about it here.

(CAN'T) SECURE THE BAG: A majority of Americans are not confident that the country's election systems are secure from cyber threats and that it is likely that a foreign country will try to influence next month's midterm elections, according to a new poll.

A Pew Research survey released Monday found that about 45 percent of respondents were at least somewhat confident that U.S. election systems are secure. However, only 8 percent said they were very confident in the security of the systems, and 55 percent said they are either not too or not at all confident that they are secure.

Respondents were also more likely to say that they believed that their state systems were secure, with 66 percent saying they were very or somewhat confident in those election systems.

And 67 percent of Americans believe it is very or somewhat likely that a foreign government like Russia will try to influence the midterm elections. Of those who said it was at least somewhat likely, 71 percent said foreign election interference is a major issue. Read more here.

UK TARGETING TECH GIANTS WITH DIGITAL TAX: The UK on Monday announced that it would be moving forward with a new digital services tax targeting tech giants.

Large internet companies will have to pay 2 percent of revenues they earn from UK users over the web starting in April 2020.

Philip Hammond, the UK's Chancellor of the Exchequer, said in a speech to parliament that the proposal will only be aimed at larger tech platforms.

"It will be carefully designed to ensure that it is established tech giants rather than our tech startups, shoulder the burden of this new tax," Hammond said. "The digital services tax will only be paid by companies that are profitable and which generate at least 500 million pounds a year in global revenues."

Similar proposals are being explored by the Organization for Economic Cooperation and Development (OECD) and the EU, as European countries grow frustrated over internet platforms largely escape taxation despite a large digital presence in their countries. Read more here.

HAD ENOUGH RUSSIA NEWS YET? Maria Butina, the woman accused of being a Russian agent, studied the cyber defenses of certain U.S. nonprofit organizations focused on human rights and media, The Associated Press reported Monday.

The news outlet reported that Butina, who was a graduate student at American University, gathered information on the organizations as part of an assignment at the university. She reportedly collected information on how the groups guard against potential cyber vulnerabilities.

The AP reported that Butina worked on the project with a professor who advised the State Department on issues involving cybersecurity, and her work focused on the nonprofit Internews, which works to ensure countries that are hostile to the press still have access to information.

The connections to the State Department and Internews would likely have been of interest to Russian officials, the AP reported. Read more here.

WELL, WHAT ABOUT CHINA? The U.S. Commerce Department announced Monday that it is restricting U.S. exports to the Chinese semiconductor firm Fujian Jinhua Integrated Circuit Company, Ltd.

The firm "poses a significant risk of becoming involved in activities that are contrary to the national security interests of the United States," according to the department's press release.

Jinhua has been added to the department's Entity List.

"When a foreign company engages in activity contrary to our national security interests, we will take strong action to protect our national security," Secretary of Commerce Wilbur Ross said in Monday's statement. "Placing Jinhua on the Entity List will limit its ability to threaten the supply chain for essential components in our military systems."

Through its use of what is likely American technology, Jinhua "is nearing completion of substantial production capacity for dynamic random access memory (DRAM) integrated circuits," the release charges.

"The additional production, in light of the likely U.S.-origin technology, threatens the long term economic viability of U.S. suppliers of these essential components of U.S. military systems."

Now that Jinhua has been added to the Entity List, any exports or transfers to Jinhua will have to be licensed.

Tensions have been relatively high between China and the U.S. in recent weeks and the U.S. has added multiple other Chinese companies to the Entity List this year.

Read more about it here.

INTEL STOPS SUPPORTING GOP LAWMAKER: Technology giant Intel Corp. said it will no longer donate to the reelection campaign of Rep. Steve King (R-Iowa).

Dawn Jones, Intel's director of policy and external partnerships, told employees about the decision in an internal email last week. In the email, Jones said the company reviewed the lawmaker's public remarks and determined they are at odds with Intel's principles.

"We had engaged with Rep. King because of his support for IP theft protections, which is important to Intel's business," Jones said in the email, according to a copy obtained by Popular Information. "However, an Intel employee raised concerns about the donations earlier this month. We looked into the congressman's public statements and determined that they conflict with Intel values. As a result, we are no longer donating to his campaigns." Read more here.

GAB TAKEN OFFLINE: The social media company used by the suspected Pittsburgh synagogue shooter to post anti-Semitic comments has gone offline.

Gab says in a message on its website that it is "under attack" and has been "systematically no-platformed" by hosting websites and other services.

A spokesman for GoDaddy told Reuters that the hosting site asked Gab to move to another registrar following the shooting, saying the social media platform hosted content that violated its terms of service.

"We have informed Gab.com that they have 24 hours to move the domain to another registrar," the spokesman said, adding that some of the content on Gab "promotes and encourages violence against people." Read more here.

GOOGLE HIT WITH A #METOO MOMENT: Google is facing a public relations crisis after a report that the company gave a lucrative exit package to a high-profile executive accused of sexual harassment.

The tech giant is now facing pressure to take a tougher stand on harassment and abuse in the workplace, in what could be a test of the #MeToo movement's influence in male-dominated Silicon Valley.

The New York Times bombshell about Google's workplace culture also comes at a difficult time for the internet search giant, which is already facing controversy on a number of fronts.

The Times report revealed that Google had given Andy Rubin, the creator of the Android mobile operating system, generous stock and exit benefits as it pushed him out the door following an accusation that he coerced an employee into performing oral sex in a hotel room in 2013. Read more here.

ON TAP: Symantec is hosting a government symposium tomorrow, featuring some top cyber officials. You can catch some of those same officials at Fifth Domain's CyberCon later this week.

AN OP-ED TO CHEW ON: Will tech fix election vulnerabilities before November?

A LIGHTER CLICK: I wish I didn't know either.

NOTABLE LINKS FROM AROUND THE WEB:

Wisconsin's $4.1 billion Foxconn boondoggle. (The Verge)

These vendors are running US elections, but won't say how secure they are. (AP)

These companies help global sellers skip customs dues, and they may be breaking the law. (The Wall Street Journal)

Google engineers are organizing a walkout to protest the company's protection of an alleged sexual harasser (BuzzFeed)

How the online business model encourages prejudice (The Guardian)

Will mindful technology save us from our phones--and ourselves? (The Ringer)