Hillicon Valley: Seven Russians indicted for hacking | Apple, Amazon servers reportedly compromised by China | Pence calls on Google to end censored search engine work | Ireland investigates Facebook breach

Hillicon Valley: Seven Russians indicted for hacking | Apple, Amazon servers reportedly compromised by China | Pence calls on Google to end censored search engine work | Ireland investigates Facebook breach
© Getty Images

Welcome to Hillicon Valley, The Hill's newsletter detailing all you need to know about the tech and cyber news from Capitol Hill to Silicon Valley.

Welcome! Follow the cyber team, Olivia Beavers (@olivia_beavers) and Jacqueline Thomsen (@jacq_thomsen), and the tech team, Harper Neidig (@hneidig) and Ali Breland (@alibreland). And CLICK HERE to subscribe to our newsletter.


MUELLER STRIKES AGAIN: The Trump administration on Thursday indicted seven Russian intelligence officers on a slew of federal charges for allegedly conducting malicious cyber operations against the United States and its allies.

Officials with the Justice Department's national security division and the FBI announced the charges Thursday morning, shortly after officials in the United Kingdom and the Netherlands revealed a secret joint mission. That mission thwarted a Russian intelligence operation targeting a global chemical weapons watchdog at The Hague, called the Organization for the Prohibition of Chemical Weapons.

U.S. officials allege that some of the Russians caught in the operation at The Hague participated in a global hacking campaign against individuals and organizations in the U.S., Canada and Europe. These include attacks on Olympic organizations, including the World Anti-Doping Agency and the U.S. Anti-Doping Agency, as well as attacks on a U.S. nuclear power company in Pennsylvania.

The Russian hackers allegedly targeted Westinghouse, which officials noted supplies nuclear power to Ukraine. Officials would not comment on the motivation of that attack, or whether it was successful.  

The Russians linked to the operation foiled at The Hague were allegedly analyzing the chemical nerve agent used in the attack on former Russian intelligence officer Sergei Skripal. The U.K. charged two Russian intelligence officers with attempted murder in an unsuccessful operation to use a nerve agent, Novichok, on Skripal in March.

The Russians allegedly work for the GRU, Russia's military intelligence unit known for conducting brazen operations on targets across the globe. Earlier this year, special counsel Robert Mueller indicted 12 GRU officers for their role in the hacking plot to interfere in the 2016 presidential election. Three of those charged Thursday were also charged by Mueller in July, though the indictments did not result from the work of the special counsel's office.

Read more here.


THIS COMES AFTER: The United Kingdom on Wednesday blamed the Russian military intelligence group, GRU, for a series of "reckless" cyberattacks in recent years.

The British National Cyber Security Centre (NCSC) said with "high confidence" that it believes GRU was "almost certainly responsible" for a number of high profile cyberattacks in recent years.

They cited the 2017 BadRabbit ransomware attack in Europe, the 2016 Democratic National Committee (DNC) hack and a summer 2015 hack of emails from a U.K.-based TV station as examples of GRU attacks carried out under alternate names.

British Foreign Secretary Jeremy Hunt condemned the attacks, which he said "serve no legitimate national security interest."

Read more here.


WAIT, WAIT - WE AREN'T DONE: A prominent Russian-linked hacking group that carried out a series of high-profile cyberattacks during the 2016 election has reverted to more covert intelligence gathering methods, a cybersecurity firm revealed Thursday.

Symantec's investigations team says that the espionage group known as APT28 or Fancy Bear has opted for more low-key operations the past two years after carrying out the cyberattack against the Democratic National Committee (DNC) and other high-profile attacks during the 2016 presidential election.

From 2017 and into 2018, APT28 has carried out a range of intelligence gathering operations against military and government entities in both Europe and South America, Symantec found.

Researchers said the targeted organizations include military and government entities in Europe, the government of a South American country, an embassy belonging to an Eastern European country and an international organization. The FBI and Department of Homeland Security (DHS) have linked APT28 to the Russian government.

The more low-key operations come after APT28 was attributed with carrying out a series of high-profile cyberattacks during the 2016 presidential race. Those included sending spear-phishing emails to political targets like the DNC that allowed attackers to gain access to the national party's network and steal key data.

Mueller's indictment against the 12 Russian officers did not directly name the hacking group but said the charged GRU officers used malware known as X-Agent. The command-and-control (C&C) infrastructure of this malware has been tied to APT28 by cyber firms like CrowdStrike.

CrowdStrike has also previously reported that the profile of APT28 "closely mirrors the strategic interests of the Russian government, and may indicate affiliation with [the] GRU, Russia's premier military intelligence service."

Read more here.


PENCE CALLS OUT GOOGLE: Vice President Pence on Thursday called on Google to end its project to develop a censored search engine in order to comply with Chinese speech restrictions and tap into the country's market.

In a speech blasting China's ambitions before the right-wing Hudson Institute, Pence singled out Google over its "Project Dragonfly."

"More business leaders are thinking beyond the next quarter, and thinking twice before diving into the Chinese market if it means turning over their intellectual property or abetting Beijing's oppression. But more must follow suit," Pence said. "For example, Google should immediately end development of the 'Dragonfly' app that will strengthen Communist Party censorship and compromise the privacy of Chinese customers."

The Intercept revealed the project's existence in August, reporting that Google was vetting a censored service in order to get back into Chinese market, after having pulled its operations in 2010 over concerns about the Communist Party's restrictions on free speech.

Read more here.


FACEBOOK UNDER INVESTIGATION IN IRELAND: Ireland's internet privacy regulator has opened an investigation into the massive data breach Facebook announced last week affecting at least 50 million users.

The Data Protection Commission on Wednesday announced that it would probe whether Facebook was complying with the EU's sweeping new internet privacy law, the General Data Protection Regulation (GDPR).

The investigation will focus on if Facebook is working to "implement technical and organisational measures to ensure the security and safeguarding of the personal data it processes," the regulator said in a statement.

Facebook announced last Friday that hackers had exploited a vulnerability in the social network to gain access to at least 50 million user accounts, though it is still investigating the full extent of the breach. Facebook identified the hack on the Tuesday before the announcement.

"We have been in close contact with the IDPC [the Irish Data Protection Commissioner] since we have become aware of the security attack and will continue to cooperate with their investigation," a Facebook spokesperson said in a statement.

Read more here.


CYBER SUCCESS: The Senate on Wednesday passed a key cyber bill that solidifies the Department of Homeland Security's role as the main federal agency overseeing civilian cybersecurity.

Sen. Dan SullivanDaniel Scott SullivanAlaska in lockdown over leadership stalemate Bennet gives emotional speech ripping into Cruz over shutdown Trump tells GOP senators he’s sticking to Syria and Afghanistan pullout  MORE (R-Alaska) asked for "unanimous consent" to pass the Cybersecurity and Infrastructure Security Agency Act, a bipartisan bill that will establish a cybersecurity agency that is the same stature as other units within DHS.

The legislation, which has not been viewed as particularly contentious, passed the House easily last year, but stalled for several months in the Senate. Sens. Ron JohnsonRonald (Ron) Harold JohnsonWhite House, GOP defend Trump emergency declaration GOP senator says Republicans didn't control Senate when they held majority GOP senator voices concern about Trump order, hasn't decided whether he'll back it MORE (R-Wis.) and Claire McCaskillClaire Conner McCaskillMcCaskill: Lindsey Graham 'has lost his mind' Trey Gowdy joins Fox News as a contributor The Hill’s 12:30 Report: Trump AG pick Barr grilled at hearing | Judge rules against census citizenship question | McConnell blocks second House bill to reopen government MORE (D-Mo.), the leaders of the Senate Homeland Security Committee, successfully moved it through the upper chamber on Wednesday.

The bill will rebrand DHS's main cybersecurity unit known as the National Protection and Programs Directorate (NPPD) as the Cybersecurity and Infrastructure Protection Agency, spinning the headquarters office out into a full-fledged operational component of DHS on the same level as Secret Service or FEMA.

The Senate made some differences in the House-passed bill, including amendments from Sen. Lisa MurkowskiLisa Ann MurkowskiOn unilateral executive action, Mitch McConnell was right — in 2014 The Hill's 12:30 Report — Presented by Kidney Care Partners — Trump escalates border fight with emergency declaration On The Money: Trump declares emergency at border | Braces for legal fight | Move divides GOP | Trump signs border deal to avoid shutdown | Winners, losers from spending fight | US, China trade talks to resume next week MORE (R-Alaska) and a substitute amendment from Sen. Ron Johnson (R-Wis.). This means the legislation will have to be sent back to the lower chamber for approval before it arrives at the president's desk.

Top DHS officials have been pushing for the bill to pass, arguing it would better communicate their mission to the private sector and help DHS recruit top cyber talent. Read more here.


RUSSIA ISN'T THE ONLY ONE GETTING CYBER HEADLINES: Retail giant Amazon and tech giant Apple were among nearly 30 U.S. companies, including a major bank, that was compromised by a Chinese intelligence hardware hacking scheme, according to a Bloomberg report.

The companies and organizations were compromised through the installation of extra components onto computer chips that the groups had purchased. The components were installed while the chips were being manufactured.

The malicious chips were reportedly placed by the Chinese People's Liberation Army which was able to infiltrate the manufacturing process of a hardware company called Super Micro. At the size of a grain of rice, according to Bloomberg, the chips were designed to be inconspicuous and avoid detection.

Once in place, they could be used to access data on a computer and install malware.

Both Apple and Amazon have denied the report, saying in statements to Bloomberg that their systems were not compromised by hacks.

"We've found no evidence to support claims of malicious chips or hardware modifications," Amazon said in its statement to Bloomberg. Apple also said they had not "found malicious chips." "Apple has never found malicious chips, 'hardware manipulations' or vulnerabilities purposely planted in any server," the company said.

Bloomberg reported that the "companies' denials are countered by six current and former senior national security officials" who had knowledge of the Obama administration's discovery of the chips and the subsequent investigation that has continued into the Trump administration.

Spokespeople for the companies and U.S. intelligence have not publicly confirmed Bloomberg's reporting.

Read more here.


THUNE RIPS FCC ON RURAL BROADBAND: Lawmakers from both parties criticized the Federal Communications Commission over cuts to programs intended to boost rural broadband at a hearing Thursday.

The hearing before the Senate Commerce Committee brought business and industry leaders to address their concerns about improving broadband access. But much of the hearing focused on what lawmakers and industry saw as shortcomings by the FCC. 

Committee Chairman John ThuneJohn Randolph ThunePolls: Hiking estate tax less popular than taxing mega wealth, income Will Trump sign the border deal? Here's what we know Key GOP senator pitches Trump: Funding deal a 'down payment' on wall MORE (R-S.D.) called the FCC's performance "simply unacceptable." 

"The FCC's failure to ensure sufficient and predictable funding jeopardizes the vitality of America's rural communities." 

Thune criticized the agency for not following through on a promise to analyze the impact cuts to the Universal Service for High Cost Areas program is having on rural communities.

Read more here.


PROTECT YOUR BUSINESS EMAILS: Hackers are using a wide variety of methods to break into business email accounts, a cybersecurity firm revealed on Thursday.

Digital Shadows says it discovered email archives that were improperly backed up by employees or contractors, exposing sensitive, personal and financial information in over 12 million email archive files.

The firm said it discovered 27,000 invoices, 7,000 purchase orders, and 21,000 payment record that were exposed in these archive batches.

The company also warned that hackers are actively searching for company emails that contain common accounting domains like "ap@," "ar@", "accounting@," "accountreceivable@," "accountpayable@" and "invoice@." 

"These credentials are considered so valuable that one individual is offering up to $5,000 for a single username and password pair," the company wrote in a press release with the findings. The firm also found that for-hire hackers are asking for as little as $150 to compromise business emails as a service.


ABOUT THAT PRESIDENTIAL ALERT your phone may have received yesterday...

Some cyber experts are warning it means the phone has major access to private information.

"The 'Presidential alerts': they are capable of accessing the E911 chip in your phones - giving them full access to your location, microphone, camera and every function of your phone. This not a rant, this is from me, still one of the leading cybersecurity experts. Wake up people!" tweeted John McAfee, who founded the cyber firm McAfee.


FACEBOOK HIGHLIGHTS ANTI-SEX TRAFFICKING WORK: Facebook is defending its work in stopping human-trafficking on its platform as it faces a lawsuit accusing it of not doing enough on the matter.

"Human trafficking is abhorrent and is not allowed on Facebook," a Facebook spokesperson said in an emailed statement on Thursday a few days after a woman in Texas sued the company.

Facebook explained that the platform uses "technology to thwart this kind of abuse" and that they "encourage people to use the reporting links found across" Facebook so that its experts can assess it.

Read more here.


SURGE PRICING, BUT FOR WAGES: Drivers for Lyft and Uber packed into a New York City public hearing this week to call for a proposal that would establish a minimum pay rate of $15 per hour for tens of thousands of drivers using the ride-hailing services.

The Taxi and Limousine Commission hearing on Wednesday focused on ways to address low pay for rideshare drivers, many of whom are struggling to make ends meet, advocates say.

"For two years, we've fought for fair pay rules for New York City drivers," said Ryan Price, Executive Director of the Independent Drivers Guild, a driver advocacy group.

"We are pleased that New York is listening to drivers who have long suffered with earnings that fall below minimum wage, but it's critical that the city get this right. While the city's proposal has many strong points, the current version underestimates drivers' costs."

Read more here.




A LIGHTER TWITTER CLICK: This really happened.


AN OP-ED TO CHEW ON: Don't lock out the next generation of green tech.



Uber will offer free rides to polling stations on Election Day. (The Hill)

Rep. Ro KhannaRohit (Ro) KhannaOvernight Defense: House votes to end US support for Saudis in Yemen | Vote puts Trump in veto bind | Survey finds hazards in military housing | Senators offer new bill on Russia sanctions House passes bill to end US support for Saudi war in Yemen Congress poised to put Trump in veto bind MORE (D-Calif.) releases his Internet Bill of Rights.

How dirty money disappears into the blackhole of cryptocurrency. (The Wall Street Journal)

Facebook hack puts thousands of other sites at risk. (The New York Times)

That Facebook group you joined years ago? It might now be supporting Brett Kavanaugh. (The Washington Post)

Personnel changes at Coinbase (Bloomberg)