Hillicon Valley: Simulated cyberattack success | New bill for election security funding | Amazon could be liable for defective products

Hillicon Valley: Simulated cyberattack success | New bill for election security funding | Amazon could be liable for defective products
© Getty Images

Welcome to Hillicon Valley, The Hill's newsletter detailing all you need to know about the tech and cyber news from Capitol Hill to Silicon Valley. If you don’t already, be sure to sign up for our newsletter with this LINK.

Welcome! Follow our cyber reporter, Maggie Miller (@magmill95), and tech reporter, Chris Mills Rodrigo (@chrisismills), for more coverage.

(SIMULATED) CYBERATTACK ON CRITICAL SYSTEMS: The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) announced Friday the successful completion of a biannual simulated cyberattack aimed at preparing the U.S. and its partners to defend against a real attack on critical systems. 

ADVERTISEMENT

The three-day exercise, known as “Cyber Storm,” involved 2,000 participants from the fields of private industry, the federal government and international groups, and was described by CISA as the most extensive cybersecurity exercise in the United States.

CISA Assistant Director for Infrastructure Security Brian Harrell told reporters Friday following the end of the simulation that it was important to simulate a debilitating attack to increase coordination between all the potential groups, all of whom worked together remotely from their homes or places of work during the exercise.

“We’re more connected than ever, which means our nation’s critical infrastructure faces increased risks from cyber-attacks,” Harrell said in a statement. “No one company or government agency can be expected to go it alone, which is why exercises like Cyber Storm bring everyone together to discuss and exercise how we would respond collectively to a cyber-attack. Each Cyber Storm our coordination and capabilities get better, and this year was no different.”

He told reporters that the simulation — which mimics potential attacks on critical systems but does not actually attack or disrupt these systems — involved an “all out attack on different sectors” that was modeled on the capabilities of real-world adversaries. 

“Now is the time to exercise under blue sky conditions, you don’t want to exchange business cards during a hurricane,” Harrell told reporters. “The Cyber Storm exercise elements represented actual and potential risks and attacks were made to be as realistic as possible.”

Read more about the exercise here.

CYBER ELECTION RESOURCES: Reps. John KatkoJohn Michael KatkoThis week: House returns for pre-election sprint Hillicon Valley: Simulated cyberattack success | New bill for election security funding | Amazon could be liable for defective products Lawmakers introduce bill to help election officials address cyber vulnerabilities MORE (R-N.Y.) and Kathleen RiceKathleen Maura RiceHillicon Valley: Simulated cyberattack success | New bill for election security funding | Amazon could be liable for defective products Lawmakers introduce bill to help election officials address cyber vulnerabilities House lawmakers to launch probe into DHS excluding NY from Trusted Traveler Program MORE (D-N.Y.) on Friday introduced legislation to provide election officials with enhanced cybersecurity resources, as authorities ramp up warnings of foreign interference in U.S. elections this year. 

ADVERTISEMENT

The Cyber Navigators Act would provide funds for states and local authorities to hire cyber professionals to provide election-related cybersecurity support. The funds would be distributed to states by the Election Assistance Commission as part of a grant program.

Katko, who serves as ranking member on the House Homeland Security Committee cybersecurity subcommittee, said in a statement that the legislation marked a “continuation” of efforts to work with Republicans and Democrats to address election security concerns. 

“As we quickly approach November’s General Election, state and local governments must have the resources to ensure the integrity of their election systems,” Katko said. “This bipartisan bill authorizes a grant program to enable state and local governments to hire cybersecurity professionals capable of detecting and addressing vulnerabilities within election systems to strengthen our election security.”

The cybersecurity of elections has been an area of concern since the 2016 U.S. presidential elections, when Russian agents targeted election infrastructure in all 50 states, successfully accessing systems in Florida and Illinois, among other hacking and disinformation efforts. There is no evidence that any votes were changed. 

A senior intelligence official warned last week that Russia, China and Iran were attempting to interfere in the U.S. presidential election this year as well, with Russia favoring President TrumpDonald John TrumpSteele Dossier sub-source was subject of FBI counterintelligence probe Pelosi slams Trump executive order on pre-existing conditions: It 'isn't worth the paper it's signed on' Trump 'no longer angry' at Romney because of Supreme Court stance MORE, and China favoring former Vice President Joe BidenJoe BidenPelosi slams Trump executive order on pre-existing conditions: It 'isn't worth the paper it's signed on' Hillicon Valley: Subpoenas for Facebook, Google and Twitter on the cards | Wray rebuffs mail-in voting conspiracies | Reps. raise mass surveillance concerns Fox News poll: Biden ahead of Trump in Nevada, Pennsylvania and Ohio MORE

Read more about the legislation here.

BAD NEWS FOR AMAZON: A state appeals court in California has ruled that Amazon could be held liable for injuries due to defective products sold on their marketplace, similar to other traditional retailers, according to Reuters.

The appeal overturned a ruling from San Diego Superior Court that found Amazon was protected from liability because it is a service provider, which is not subject to California product liability law.

Though Amazon sells its own products on its marketplace, it also allows third-party vendors to list products for sale on its website. Those vendors store their products in Amazon’s warehouses or ship them directly to customers.

The lawsuit was brought by Angela Bolger, a woman who alleges that a defective replacement laptop battery she bought off Amazon caught fire and gave her third-degree burns.

The court ruled that Amazon placed itself in “the chain of distribution” and was intensely involved in the sale of the product, including demanding “substantial fees on each purchase.”

Read more here.

MAIL-IN VOTING WOES: The U.S. Postal Service (USPS) has warned officials in 46 states and the District of Columbia that delivery delays may mean that many ballots cast by mail in the November election won’t arrive in time to be counted.

The warnings were delivered in letters to state election officials by USPS general counsel and executive vice president Thomas Marshall.

In letters to 40 states, the Postal Service warned that state deadlines to request, return and count ballots may clash with the realities of mail delivery at a time when USPS is already facing financial troubles, delivery delays and an expected influx of election-related mail, The Washington Post first reported Friday, after obtaining the documents through a records request.

Among those states were critical electoral battlegrounds such as Florida and Michigan, according to the Post’s reporting.

Six other states and D.C. were reportedly told that the possible delays could impact smaller subsets of voters.

In a statement, Martha Johnson, a spokesperson for USPS, noted that the Postal Service typically conducts outreach with state and local election officials in election years.

“The letters were sent as part of these continuing educational efforts, building on other proactive outreach mailings sent in March and May, in addition to numerous meetings and phone calls made between the Postal Service and elections officials,” she said.

Read more here.

FACEBOOK VS. APPLE: Facebook on Friday chastised Apple for not waiving its revenue-sharing fee, saying that it has hurt small businesses during the coronavirus pandemic.

ADVERTISEMENT

The criticism comes as Facebook introduced a new paid events feature in 20 countries Friday. The new tool allows users to charge for live-streamed videos, such as a workout class.

The feature is designed to use the company's own payment system, Facebook Pay, for transactions, but Apple didn't agree to waive the 30 percent fee that it charges apps that process transactions on its devices. It also rejected Facebook using its in-app pay system.

“We went through our usual channels to suggest strongly to them to waive their fee or to let us use Facebook Pay — one of the two — and they declined,” Fidji Simo, head of Facebook’s main app, told Bloomberg. Simo added that Apple was an important business partner, but that Facebook didn't agree with its revenue-sharing policy.

“Helping small businesses recover from Covid is a critical thing that all tech companies should help with,” she said. “The reason we’re calling them out here is we hope they join us and end up waving their fees, so that’s really the goal here.”

The executive noted that Facebook would not be taking any cut of the revenue generated from its new feature.

Read more.

Lighter click: Da duh. Da duh. Da duh da duh da duh. 

ADVERTISEMENT

An op-ed to chew on: Bridging the digital divide has never been more critical

NOTABLE LINKS FROM AROUND THE WEB: 

Ron WydenRonald (Ron) Lee WydenHillicon Valley: Subpoenas for Facebook, Google and Twitter on the cards | Wray rebuffs mail-in voting conspiracies | Reps. raise mass surveillance concerns On The Money: Anxious Democrats push for vote on COVID-19 aid | Pelosi, Mnuchin ready to restart talks | Weekly jobless claims increase | Senate treads close to shutdown deadline Democratic senators ask inspector general to investigate IRS use of location tracking service MORE thinks we’re going about TikTok and China policy all wrong (Protocol / Emily Birnbaum) 

A third of TikTok’s users may be 14 or under, raising safety questions (The New York Times / Raymond Zhong and Sheera Frenkel) 

Playing remotely: The massive success of Jackbox Games during the pandemic (The Washington Post / Elise Favis)

The COVID-19 romance scam (The Verge / Zoe Schiffer)