Hillicon Valley: Treasury sanctions Russian group accused of targeting critical facilities | Appeals court rules Uber, Lyft must comply with labor laws | Biden: Countries that target US elections will 'pay a price'

Hillicon Valley: Treasury sanctions Russian group accused of targeting critical facilities | Appeals court rules Uber, Lyft must comply with labor laws | Biden: Countries that target US elections will 'pay a price'

Welcome to Hillicon Valley, The Hill's newsletter detailing all you need to know about the tech and cyber news from Capitol Hill to Silicon Valley. If you don’t already, be sure to sign up for our newsletter with this LINK.

Welcome! Follow our cyber reporter, Maggie Miller (@magmill95), and tech team, Chris Mills Rodrigo (@chrisismills) and Rebecca Klar (@rebeccaklar_), for more coverage.

Virtual Event Announcement: America's Agenda: Infrastructure 


America needed to refresh its aging infrastructure prior to COVID-19. Now, there is added pressure on our existing digital infrastructure as more Americans are working and learning from home full time. How can we bring our physical infrastructure into the future and embrace options for increased safety and security by connecting them to smart, data-informed systems? On Thursday, October 29th at 1:00 PM ET, Reps. Rodney DavisRodney Lee DavisLawmakers propose draft bill to create Capitol riot commission Pelosi says 9/11-style commission to investigate Capitol breach is 'next step' Conservative House Republican welcomes Clark as chief of US Chamber MORE, Sam GravesSamuel (Sam) Bruce GravesLawmakers offer competing priorities for infrastructure plans Commerce Bank joins companies halting support for officials who opposed Biden transition READ: The Republicans who voted to challenge election results MORE and Eleanor Holmes NortonEleanor Holmes NortonOVERNIGHT ENERGY: Biden returns to Obama-era greenhouse gas calculation | House passes major public lands package | Biden administration won't defend Trump-era relaxation of bird protections The Hill's 12:30 Report - Presented by Facebook - Divided House on full display Harris visits DC pharmacy to promote vaccine program MORE join us for "America's Agenda: Infrastructure." RSVP today for event reminders! Learn more here


TREASURY SANCTIONS RUSSIA: The Treasury Department’s Office of Foreign Assets Control on Friday sanctioned a Russian government research institution for alleged use of a dangerous malware virus to target critical infrastructure facilities in the U.S. and in the Middle East. 

The sanctions were levied against the State Research Center of the Russian Federation FGUP Central Scientific Research Institute of Chemistry and Mechanics, or TsNIIKhM, which, according to the Treasury Department, used a malware virus known as “Triton” to target and manipulate control systems used to shut down critical infrastructure facilities in the event of an emergency in order to save lives. 

The Triton malware was used by hackers in 2017 to target a petrochemical plant in the Middle East, successfully disrupting operations, and again last year to scan and probe at least 20 U.S. electric facilities for cyber vulnerabilities. 

“The Russian Government continues to engage in dangerous cyber activities aimed at the United States and our allies,” Treasury Secretary Steven MnuchinSteven MnuchinOn The Money: Schumer urges Democrats to stick together on .9T bill | Collins rules out GOP support for Biden relief plan | Powell fights inflation fears Mnuchin expected to launch investment fund seeking backing from Persian Gulf region: report Larry Kudlow debuts to big ratings on Fox Business Network MORE said in a statement Friday. 

“This Administration will continue to aggressively defend the critical infrastructure of the United States from anyone attempting to disrupt it.”


Secretary of State Mike PompeoMike PompeoUS intel: Saudi crown prince approved Khashoggi killing Golden statue of Trump at CPAC ridiculed online Five things to watch at CPAC MORE said in a separate statement that “the United States remains steadfast in countering malign cyber activities by Russian actors on behalf of the Government of the Russian Federation.”

Read more here.


CASE DISMISSED: A California appeals court on Thursday dismissed a challenge to a ruling requiring Uber and Lyft to classify their drivers as employees under state law.

The decision allows an August order from San Francisco Superior Court Judge Ethan Schulman compelling the rideshare giants to comply with AB5 to take effect, although likely not for at least 30 days. 

The landmark labor law establishes a test for determining whether workers can be classified as independent contractors rather than employees.

Uber and Lyft have resisted complying with the law since it took effect this January, arguing their core business is technology rather than ride-hailing.

As full employees, drivers would get basic worker protections like a minimum wage and the right to organize.

Both companies had threatened to stop operating in the state entirely if forced to comply with the law. 

However, they will have one more chance to avoid reclassifying their drivers and ask for the decision to be reviewed by the California Supreme Court.

Read more here.


FEDS WARN OF RUSSIAN HACKERS: The FBI and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) on Thursday warned that a Russian state-sponsored hacking group is targeting U.S. government systems and the aviation industry, successfully accessing at least two servers.

In a joint alert, the FBI and CISA report that a Russian advanced persistent threat (APT) group known in the security community as “Energetic Bear,” among other names, has been attacking U.S. state, local, territorial and tribal (SLTT) government networks, among other targets, since September.


“The Russian state-sponsored APT actor has targeted dozens of SLTT government and aviation networks, attempted intrusions at several SLTT organizations, successfully compromised network infrastructure, and as of October 1, 2020, exfiltrated data from at least two victim servers,” the FBI and CISA wrote in the alert. 

The federal agencies noted that in at least one of the successful attacks, the hacking group had been able to access passwords, IT instructions, vendor and purchasing information and printable access badges. 

While the FBI and CISA emphasized that there is “no evidence to date that integrity of elections data has been compromised,” the attacks had put some election data stored on SLTT networks at risk.  

Read more here.


BIDEN SAYS FOREIGN NATIONS WILL ‘PAY A PRICE’: Former Vice President Joe BidenJoe BidenNoem touts South Dakota coronavirus response, knocks lockdowns in CPAC speech On The Trail: Cuomo and Newsom — a story of two embattled governors Biden celebrates vaccine approval but warns 'current improvement could reverse' MORE on Thursday emphasized that any nation that interferes in U.S. elections will “pay a price” while discussing election security during the final presidential debate. 

“Any country, no matter who it is, that interferes in American elections will pay a price,” Biden said. “It’s been overwhelmingly clear in this election — won’t even get into the last one — this election that Russia has been involved, China’s been involved to some degree, and now we learn that Iran is involved.”


“They will pay a price if I am elected. They are interfering with American sovereignty, that’s what’s going on right now,” Biden said. 

Biden’s comments were made one day after Director of National Intelligence John RatcliffeJohn Lee RatcliffeFormer Trump officials eye bids for political office Grenell congratulates Buttigieg on becoming second openly gay Cabinet member Senate confirms Biden's intel chief, giving him first Cabinet official MORE announced that Iran and Russia had gained access to U.S. voter registration data and were aiming to sway public opinions related to the 2020 presidential election.

Ratcliffe said Iran is behind sending spoofed emails that aim to intimidate voters, incite social unrest and damage President TrumpDonald TrumpNoem touts South Dakota coronavirus response, knocks lockdowns in CPAC speech On The Trail: Cuomo and Newsom — a story of two embattled governors McCarthy: 'I would bet my house' GOP takes back lower chamber in 2022 MORE. He also said it is behind circulating other content such as a video that appears to encourage individuals to fraudulently cast ballots, even from overseas.

Read more here.


BUNGLED SCHEME: Iranian hackers made mistakes that tied them to the emails threatening U.S. voters, Reuters reported Thursday. 

Four people familiar with the matter told Reuters that government analysts and private investigators were quickly able to connect the thousands of emails to Iranian hackers because of mistakes in the video included in the email.


“Either they made a dumb mistake or wanted to get caught,” a senior U.S. government official told Reuters. “We are not concerned about this activity being some kind of false flag due to other supporting evidence. This was Iran.”

The errors enabled U.S. officials to link the emails to Iran in days instead of the usual months of investigation needed. 

The connection to Iranian hackers does not automatically mean that they are working on behalf of the Iranian government, Reuters noted, adding that Iranian officials have denied being a part of the effort.

Read more here.


Lighter click: Helpful, and cute, guide

An op-ed to chew on: How Big Tech factors into the US-China geopolitical competition



CBP Refuses to Tell Congress How it is Tracking Americans Without a Warrant (Motherboard / Joseph Cox)

FTC discusses potential antitrust case against Facebook (Politico / Leah Nylen)

Ransomware hits election infrastructure in Georgia county (CNN / Brian Fung) 

National Guard called in to thwart cyberattack in Louisiana weeks before election (Reuters / Christopher Bing)