Hillicon Valley: Russia-linked hackers hit Eastern European companies | Twitter shares data on influence campaigns | Dems blast Trump over China interference claims | Saudi crisis tests Silicon Valley | Apple to let customers download their data

Hillicon Valley: Russia-linked hackers hit Eastern European companies | Twitter shares data on influence campaigns | Dems blast Trump over China interference claims | Saudi crisis tests Silicon Valley | Apple to let customers download their data
© Getty Images

Welcome to Hillicon Valley, The Hill's newsletter detailing all you need to know about the tech and cyber news from Capitol Hill to Silicon Valley.

Welcome! Follow the cyber team, Olivia Beavers (@olivia_beavers) and Jacqueline Thomsen (@jacq_thomsen), and the tech team, Harper Neidig (@hneidig) and Ali Breland (@alibreland). And CLICK HERE to subscribe to our newsletter.


A SIGN OF THINGS TO COME? Hackers with alleged ties to Russia have infected three companies in Eastern Europe with sophisticated malware, a cybersecurity firm revealed on Wednesday.


Researchers at ESET say they have uncovered a new cyber-espionage group named GreyEnergy, which allegedly infected three unidentified energy and transport companies in Ukraine and Poland. The firm warns that this activity could be an early indicator that the hacking group is preparing to launch more damaging attacks in the future.

GreyEnergy, according to ESET, is the successor to another advanced persistent threat (APT) group known as BlackEnergy, which it says caused serious damage to Ukraine's critical infrastructure in 2015.

Although ESET, a Slovakia-based firm, does not attribute GreyEnergy's activities to any nation-state, the U.K. and other cyber firms like FireEye and iSight have tied the attacks on Ukraine's power grid to Russian hacking groups.

Britain's National Cyber Security Centre (NCSC) earlier this month released a dozen different aliases for a Russian intelligence hacking group it linked to aggressive cyber operations against Ukraine. Those names include Fancy Bear, Sandworm and BlackEnergy. Russia has denied any involvement in the attacks against its Western neighbor.

The NCSC attribution comes as the U.K. ramps up pressure against Russia for carrying out a nerve agent attack against Sergei Skripal and his daughter in Salisbury.

ESET first detected GreyEnergy activity in 2015 when BlackEnergy caused the first-ever blackout in Ukraine by targeting its energy grid in a cyberattack, noting that it has exhibited a "more modern toolkit with an even greater focus on stealth" than BlackEnergy.

"Around the time of that breakthrough incident, when around 230,000 people were left without electricity, we started detecting another malware framework and named it GreyEnergy," the firm wrote in a blog post. "It has since been used to attack energy companies and other high-value targets in Ukraine and Poland for the past three years."

Read more here.


TWITTER RELEASES DATA ON INFLUENCE CAMPAIGNS: Twitter is releasing an archive of all of the content it has discovered from Russian and Iranian disinformation campaigns since 2016.

The company announced Wednesday that the release of the datasets is intended to allow researchers to analyze how the state-backed efforts sought to sow discord among U.S. voters.

"Independent analysis of this activity by researchers is a key step toward promoting shared understanding of these threats," Twitter wrote in a blog post. "To support this effort, we have provided early access to a small group of researchers with specific expertise in these issues.

"Working with law enforcement and the authorities will always be our first priority, but we strongly believe that this level of transparency can enhance the health of the public conversation on the internet."

The dataset includes content from 3,841 accounts affiliated with the Internet Research Agency -- a Russian troll farm suspected of trying to help President TrumpDonald John TrumpFox News president, top anchors advised to quarantine after coronavirus exposure: report Six notable moments from Trump and Biden's '60 Minutes' interviews Biden on attacks on mental fitness: Trump thought '9/11 attack was 7/11 attack' MORE's campaign ahead of the 2016 election. It also includes 770 accounts suspected of originating in Iran.

Read more here.

YEAH, WE DON'T SEE IT: A group of top House Democrats on Wednesday blasted President Trump for "conflating" allegations of election interference, stating that a new intelligence assessment does not support his claims that China has attempted to meddle in U.S. elections.

Five Democrats, who are committee ranking members, said the Department of Homeland Security (DHS) provided their respective committees with an unclassified intelligence assessment on election security last week, which they say does not support Trump or Vice President Mike PenceMichael (Mike) Richard PenceSix notable moments from Trump and Biden's '60 Minutes' interviews Pence's 'body man' among aides who tested positive for coronavirus: report Biden: Meadows coronavirus remark a 'candid acknowledgement' of Trump strategy 'to wave the white flag' MORE's claims about China's interference efforts.

"No amount of foreign interference in our elections is acceptable. However, conflating the interference by Russian and Chinese actors is irresponsible and demonstrates the White House's partisan approach to the unprecedented Russian actions to undermine our democracy," the lawmakers wrote.

"It is reprehensible that two years after the 2016 elections, President Trump and Republicans in Congress have failed to tackle Russian election interference with any credibility."

Reps. Bennie ThompsonBennie Gordon ThompsonLong-shot Espy campaign sees national boost in weeks before election House chairman asks Secret Service for briefing on COVID-19 safeguards for agents Hillicon Valley: House panel says Intelligence Community not equipped to address Chinese threats | House approves bill to send cyber resources to state, local governments MORE (D-Miss.), Elijah CummingsElijah Eugene Cummings'Kamala' and 'Kobe' surge in popularity among baby names Women of color flex political might Black GOP candidate accuses Behar of wearing black face in heated interview MORE (D-Md.), Jerrold Nadler (D-N.Y.), Adam SmithDavid (Adam) Adam SmithA long overdue discussion on Pentagon spending Overnight Defense: Armed Services chairman unsold on slashing defense budget | Democratic Senate report details 'damage, chaos' of Trump foreign policy | Administration approves .8B Taiwan arms sales Democratic House chairman trusts Pentagon won't follow 'unlawful orders' on election involvement MORE (D-Wash.) and Robert Brady (D-Pa.) -- who sit on the House Homeland Security, Oversight and Government Reform, Judiciary, Armed Services, and Administration committees respectively -- all signed onto a statement that said nothing in the DHS assessment convinces them otherwise that the administration's "statements on this issue are driven by partisan politics rather than the facts."

Their letter comes after Trump has doubled down in recent weeks about his Chinese election interference claims.

Read more here.


FUDGING THE NUMBERS: A group of advertisers suing Facebook has filed a new complaint accusing the social media giant of knowing about glitches in its ad software that misrepresented viewership for videos but not disclosing the glitch to advertisers for over a year.

The advertisers, who sued Facebook in 2016 arguing that it provided incorrect data on video viewership, claimed in their filing Tuesday that the company knew of the incorrect information starting in 2015 but did not disclose it until well into 2016.

The new filings came after the advertisers reviewed 80,000 pages worth of internal Facebook documents and records they acquired as part of a court order.

Facebook's response: "This lawsuit is without merit and we've filed a motion to dismiss these claims of fraud. Suggestions that we in any way tried to hide this issue from our partners are false. We told our customers about the error when we discovered it -- and updated our help center to explain the issue." -A Facebook spokesperson.

Read more here.


MONEY VS. MORALITY: Saudi Arabia's alleged involvement in the disappearance and possible murder of a dissident Washington Post columnist is putting Silicon Valley in a difficult position, with potentially billions in business deals at stake.

The diplomatic crisis is putting a new spotlight on the Saudi kingdom's massive presence in the U.S. tech sector.

The Saudi sovereign wealth fund owns stakes in a number of startups, including a substantial share of Uber, and industry giants have been courting the royal family, hoping to get a foothold in the country.

According to a new Wall Street Journal estimate, Saudi Arabia, through its Public Investment Fund (PIF), is the single largest source of venture capital for U.S. startups, including many prominent companies.

Read more here.


CAN'T TURN DOWN A GOOD T-SHIRT: Scammers in Bangladesh created over 1,700 fake Women's March Facebook pages in order to sell t-shirts, according to a CNN report.

CNN reported the Facebook pages appeared to be run by local Women's March organizers when in reality they were being created out of the South Asian country, with some of the pages linking to web sites intended to design and sell t-shirts and other merchandise.

The news agency brought the list of false groups to Facebook over the weekend, which swiftly deleted them and informed CNN that it was conducting its own investigation into the matter.

"These Pages and events appear to have been created in order to profit from people interested in the event by selling march-related merchandise," Facebook spokesperson Andy Stone told CNN.

"We continue to investigate, remove additional associated fake events and Pages, and take action against those involved in creating them."

According to the news agency, most of the fake pages had no followers or attendees, but a few picked up a big following.  Read more here.


OH BOY: A senior official working for the Treasury Department's Financial Crimes Enforcement Network (FinCEN) has been charged with leaking confidential financial reports on former Trump campaign advisers Paul ManafortPaul John ManafortDOJ veteran says he's quitting over Barr's 'slavish obedience' to Trump Bruce Ohr retires from DOJ Don't forget: The Trump campaign gave its most sensitive data to a Russian spy MORE, Richard Gates and others to a media outlet.

Prosecutors say that Natalie Mayflower Sours Edwards, a senior adviser to FinCEN, photographed what are called suspicious activity reports, or SARs, and other sensitive government files and sent them to an unnamed reporter, in violation of U.S. law.

Banks file SARs confidentially in order to tip off law enforcement to potentially illegal financial transactions. The unauthorized document disclosures, which began last October, are said to have provided the basis for 12 news articles published by an unnamed news organization.

The charges are the latest indication of the Trump administration's efforts to root out alleged leakers within the government, something that prosecutors emphasized in announcing the charges on Wednesday.

The media disclosures included leaks about suspicious transactions made by Manafort, Trump's former campaign chairman, and Gates, Manafort's longtime business partner who also served on the Trump campaign and the transition team.

The complaint does not name the news organization to which Edwards sent the information from the documents, but lists the headlines of six articles published by BuzzFeed News between October 2017 and as recently as Monday that they allege were based on the leaks.

Those articles include several BuzzFeed reports regarding financial connections between President Trump's business empire, the Trump presidential campaign and Russia.

Reminder to turn on 'disappear setting: Edwards allegedly used an encrypted application to send files that contained or described the financial reports.

Read more here.


SIRI, WHAT DO YOU KNOW ABOUT ME? Apple is now allowing customers to download copies of all of the data it holds on them as part of its initiative to contrast its data collection practices with other tech giants that have been under scrutiny in recent months.

The iPhone maker launched the new feature for U.S. users on Wednesday, following an earlier rollout in Europe as the European Union implemented sweeping new data laws known as the General Data Protection Regulation.

The new privacy portal lets users access a copy of their data and to request corrections if they believe it contains mistakes.

Apple CEO Tim Cook has been repeatedly taking shots at companies like Facebook, whose privacy practices have been under the microscope, and emphasizing that his company minimizes the amount of data it collects.

Read more here.


INBOX: Assistant Secretary for Economic and Business Affairs Manisha Singh will attend the Privacy Shield annual review in Brussels this week.


IN REAL TIME: The Lawfare Blog, which is part of the Brookings think tank, issued a notice on Twitter that it is currently facing a distributed denial of service attack (DDOS) attack.

"Lawfare is currently experiencing a distributed denial of service attack. We're aware of the issue and hope to be back online shortly," they tweeted.


TWO JOBS: Several public funds that hold shares of Facebook stock are backing a proposal to remove CEO Mark ZuckerbergMark Elliot ZuckerbergLou Dobbs goes after Lindsey Graham: 'I don't know why anyone' would vote for him  Facebook, Twitter CEOs to testify before Senate Judiciary Committee on Nov. 17 Hillicon Valley: Five takeaways on new election interference from Iran, Russia | Schumer says briefing on Iranian election interference didn't convince him effort was meant to hurt Trump | Republicans on Senate panel subpoena Facebook, Twitter CEOs | MORE from his role as chairman of the company's board.

State treasurers in Illinois, Rhode Island and Pennsylvania as well as New York City Comptroller Scott Stringer co-filed the proposal on Wednesday, alongside the hedge fund Trillium Asset Management, which first floated the idea.

The proposal, which requests that the positions of CEO and chairman of the board be separated, is set to be voted on at the company's annual shareholder meeting in May. Read more here.


BREAKING GROUND: Tesla said Wednesday that it has secured land in Shanghai to build its first plant outside of the U.S., according to The Associated Press.

The electric carmaker first announced its plans to expand overseas in July after the Chinese government said it would end restrictions on full electric vehicle makers owned by foreign companies.

Tesla has pursued its expansion plans despite increased trade tension between the U.S. and China.

Read more here.


ON TAP: Cyberscoop is hosting its annual CyberTalks on Thursday from 7:30 a.m. to 2:00 p.m., featuring big names in cyber, including Director of National Intelligence Dan CoatsDaniel (Dan) Ray CoatsAvoiding the 1876 scenario in November Democrat asks intelligence director if Trump's personal debt is security problem FBI chief says Russia is trying to interfere in election to undermine Biden MORE.


A LIGHTER CLICK: Bots are spot on, especially about lawyers' dating lives.


Speaking of bots"IvankaTrump appears to no longer follow @kanyewest. (This bot cannot tell if this was an unfollow, suspension or block.)"



DNA testing can't tell us who we really are, but it can tell the cops. (New York Magazine)

Rumor of an election hack could be as damaging as the real thing. (Axios)

Fact-checkers call out WhatsApp to fix its role in fake news during Brazilian elections. (Poynter)

New Twitter data reveals how Iranians tried to manipulate online opinions by pretending to be foreign reporters. (The Washington Post)

What is NPC, the Pro-Trump internet's new favorite insult? (The New York Times)