Overnight Technology

Hillicon Valley: YouTube disables 200+ accounts over Hong Kong misinformation | Lawmakers sound alarm over Chinese influence efforts | DHS cyber agency details priorities | State AGs get tough on robocalls | DOJ busts online scammers

Welcome to Hillicon Valley, The Hill's newsletter detailing all you need to know about the tech and cyber news from Capitol Hill to Silicon Valley. If you don't already, be sure to sign up for our newsletter with this LINK.

Welcome! Follow the cyber team, Olivia Beavers (@olivia_beavers) and Maggie Miller (@magmill95), and the tech team, Harper Neidig (@hneidig) and Emily Birnbaum (@birnbaum_e).


FROM HONG KONG TO DC?: A bipartisan group of lawmakers is warning that the Chinese government is harnessing social media platforms to carry out disinformation campaigns about the protests in Hong Kong in an attempt to manipulate public opinion abroad.

The efforts crossed a line for tech companies Facebook and Twitter. The social media firms announced this week they were shuttering numerous accounts tied to the Chinese government, alleging that the communist state had carried out disinformation campaigns on its platforms.

Experts say this marks the first time China has launched a significant social media-based disinformation campaign geared toward Western audiences, particularly the U.S., and lawmakers warn it could be a taste of what's in store for the 2020 presidential race.

"I think our digital platforms like Facebook and Google should view this as a trial run for our elections in 2020," said Rep. John Ratcliffe (R-Texas), a member of the House Intelligence Committee. "Certain foreign governments, including China, are attempting to limit the dissemination of facts while simultaneously spreading their own disinformation -- and if they succeed in doing it to the people of Hong Kong, what will stop them from trying to do it to us?"

Lawmakers offer applause: Lawmakers and experts praised the Silicon Valley giants for taking action, saying their response signals some lessons have been learned since the 2016 presidential election, when Russia's efforts went undetected for months.

"Twitter and Facebook acted appropriately in quickly discovering a substantial disinformation operation linked to China targeting protestors in Hong Kong, disclosing the activity and accounts to the public and removing those networks from their platforms," House Intelligence Committee Chairman Adam Schiff (D-Calif.) said in a statement to The Hill. "We know from experience that social media platforms can be powerful engines for spreading false information online with real world consequences."

...And criticism: Experts are also pushing the platforms to go further with their policies, as some question how Chinese-owned media were able to purchase advertisements on top U.S. social media platforms in the first place.

Using Russia's playbook: "The Chinese are moving the techniques they use to control their domestic population to target foreign audiences," Jim Lewis, a cybersecurity and technology expert with the Center for Strategic and International Studies, told The Hill.

Paul Barrett, a disinformation researcher who serves as the deputy director of the Center for Business and Human Rights at New York University's Stern School of Business, said that if China were to launch a U.S.-focused campaign during next year's presidential campaign, it would likely favor Democrats, considering the country's strained relationship with President Trump.

"The Russians wanted to get Donald Trump elected," Barrett said. "I assume the Chinese would ... go against Trump because they're not very fond of him."

Read more on what this means for the US here.

More on how tech is dealing with Hong Kong...


YOUTUBE TAKEDOWN: Google announced Thursday that it had taken down 210 YouTube channels as part of the company's effort to counter Chinese-backed groups trying to undermine the recent pro-democracy protests in Hong Kong.

The channels were removed after Google determined that they "behaved in a coordinated manner while uploading videos related to the ongoing protests in Hong Kong," the company said in a post.

"This discovery was consistent with recent observations and actions related to China announced by Facebook and Twitter," Google added. "We found use of VPNs and other methods to disguise the origin of these accounts and other activity commonly associated with coordinated influence operations."

More on YouTube's response here.

In other cyber and tech news...

DHS CYBER PRIORITIES: The Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) plans to prioritize election security, cybersecurity at federal agencies, and the "persistent threat" posed by China, among its many goals.

The agency laid out its key priorities in a new "strategic intent" document released on Thursday, which CISA Director Christopher Krebs described in the introduction as the "keystone" for the agency.

Among Krebs' operational priorities is addressing Chinese threats to U.S. supply chains and to the rollout of 5G networks, bolstering election security efforts at the state and local level, and protecting the cybersecurity of industrial control systems.

Other priorities are protecting federal networks against cyber attacks, such as ransomware incidents that have increasingly spread across the country, and defending "soft targets" and crowded venues from physical threats.

Why it matters: CISA is the primary agency responsible for assisting state and local governments with securing elections, replacing the former National Protection and Programs Directorate in a law that took effect last year.

Krebs, who is the agency's first director, laid out the strategic plan during a speech on Thursday at Auburn University's Center for Cyber and Homeland Security in Auburn, Ala. He emphasized CISA's core mission of "defend today, secure tomorrow."

"I know what the Russians did in 2016, I know what they tried to do in 2018, I need to know what they're going to try to do in 2020," Krebs said.

More on the agency's plans here.

CAN YOU HEAR ME NOW?: A group of 51 state attorneys general and 12 phone companies on Thursday announced a sweeping effort to combat the scourge of illegal robocalls dialing up millions of U.S. customers every year.

The set of anti-robocall principles and practices, unveiled at a press conference in Washington, D.C., would require the phone companies to take steps towards preventing the spam calls and work in tandem with law enforcement to take down illegal robocalling operations.

"Illegal robocalls harass and harm people all across this country," said North Carolina Attorney General Josh Stein (D) during the conference. "By adopting these technological solutions and improving their cooperation with law enforcement, these phone companies are going to better serve their customers."

The details: Under the deal between industry groups and the government, which is over a year and a half in the making, the companies - including AT&T, Verizon, Sprint and Comcast - have agreed to implement call-blocking technology at no extra cost to customers, and offer their customers a range of "free, easy-to-use call blocking and labeling tools."

Many of the companies involved in the agreement had already agreed to implement the call authentication technology, referred to as "STIR/SHAKEN."

The phone companies agreed to a set of eight principles to cut down on the billions of illegal robocalls in the U.S. annually. The principles include a commitment to cooperate with law enforcement in investigations of illegal robocallers - which often operate overseas - as well as to confirm the identity of any new customers by collecting information on their business location, federal tax ID, and more.

The principles do not come with a timeline or specific enforcement mechanisms.

A long road: Stein said it took "extensive" negotiations to come to a private-public agreement, noting it was not all received "enthusiastically."

"In terms of whether the companies don't live up to it, we have ways other than going to court to encourage their ongoing cooperation," he said.

Read more here.

PLEASE SEND MONEY: The Department of Justice on Thursday unsealed a 252-count federal indictment charging 80 defendants, many of whom are Nigerian nationals, with conspiring to steal millions of dollars through online scams.

The indictment was unsealed by the U.S. Attorney's Office for the Central District of California and was made public shortly after authorities arrested 14 of the defendants across the United States, with 11 of these defendants apprehended in the Los Angeles region. The majority of the defendants are outside the country, with many likely in Nigeria.

The defendants involved in the case were charged with attempting to defraud individuals of millions of dollars through the use of business email compromise (BEC) and online romance scams, in addition to other schemes meant to target the elderly.

The investigation is being led by the FBI, with each of the defendants charged with "conspiracy to commit fraud, conspiracy to launder money, and aggravated identity theft," according to the Justice Department. Some defendants also face fraud and money laundering charges.

U.S. Attorney Nick Hanna described the scams used by the defendants during a press conference on Thursday, saying that "fraud networks now target individuals and businesses alike."

"In the BEC scams, the fraudsters will often hack a company's email system, impersonate company personnel, and direct payments to bank accounts that funnel money back to the fraudsters in Nigeria," Hanna said. "In the romance scams, victims think they are developing a dating relationship, when in fact they are just being tricked into sending money to the fraudsters."

Hanna added that "we believe this is one of the largest cases of its kind in U.S. history."

Read more here. 

TEXAS HOLDIN' EM: A recent spree of ransomware attacks in Texas has highlighted the increasing threat they pose to city governments, with experts warning the "lucrative" attacks won't go away.

The Texas Department of Information Resources has confirmed that 22 Texas entities, mostly local governments, have been hit by the ransomware attacks that took place late last week. The department pointed to a "single threat actor" as being responsible for the attacks, which did not impact any statewide systems.

While the agency has refused to identify which entities were attacked due to an ongoing investigation, the governments of Keene, Texas and Borger, Texas, announced this week that they were among those impacted, with the attacks making it difficult for the two towns to handle utility payments from residents.

There have been a string of ransomware attacks on other cities around the United States prior to the Texas attacks that appear to back up Orlando.

What can be done: DHS's Cybersecurity and Infrastructure Security Agency (CISA) has published guidelines that it recommends organizations follow in regard to protecting themselves against ransomware attacks. Those recommendations include updating software, not clicking links in unsolicited emails, and backing up data on a regular basis.

Niam Yaraghi, a nonresident fellow with the Brookings Institute's Center for Technology Innovation, echoed some of CISA's steps, recommending in a Brookings article published in June that "basic security safeguards" should be put in place, and groups should invest in new technology.

"Government agencies usually have less resources to invest in information security technologies," Yaraghi wrote. "Old and fragmented computer systems exacerbate this problem, since older systems are much more difficult and expensive to maintain than newer one."

"Despite these difficulties, all levels of government should invest in upgrading security technologies to reasonable levels, or else many more agencies will soon become victims of ransomware attacks," Yaraghi stressed.

Read more on the attacks here. 

FACEBOOK REMOVES MYANMAR ACCOUNTS: Facebook on Thursday said the military in Myanmar is still using the platform to sow ethnic divisions in the country, almost a year after the social media giant faced furious criticism for failing to catch a government campaign to spread disinformation about the nation's minority Rohingya Muslims.

The company said it removed 89 accounts, 107 pages, 15 groups and five Instagram accounts over "inauthentic behavior" in Myanmar. This is the fourth time over the past year Facebook has reported takedowns of accounts linked to Myanmar's military.

"Our investigation found that some of this activity was linked to individuals associated with the Myanmar military," Facebook's head of cybersecurity policy, Nathaniel Gleicher, wrote in a blog post.

According to Gleicher, the accounts were posting about "national and local topics, including crime, ethnic relations, celebrities, and the military."

"We identified these accounts through our internal investigation into suspected coordinated inauthentic behavior in the region," Gleicher wrote.

The social media giant has sought to remove violent actors and identify incendiary content for months after reports indicated Myanmar's military officials used the platform to stoke hatred and fear as the military engaged in a campaign of ethnic cleansing against the persecuted Muslim minority.

Read more here.

EU OPENS ITS WALLET TO COMPETE: The European Union is exploring the creation of a massive wealth fund of more than $100 billion to promote their own businesses to compete with U.S. and Chinese tech giants, Politico reported.

The outlet obtained a 173-page document outlining plans for the bloc's president-elect, Ursula von der Leyen, that includes a proposal to boost "European champions."

"The emergence and leadership of private non-EU competitors, with unprecedented financial means, has the potential to obliterate the existing innovation dynamics and industrial position of EU industry in certain sectors," the document reads.

"Europe has no such companies" to counter giants like Facebook, Google, Amazon, Apple and Microsoft from the U.S. and Baidu, Alibaba and Tencent from China, officials said in the proposal.

EU regulators have taken a tough stance against U.S. tech giants in enforcing antitrust, privacy and tax laws, prompting accusations that Europe was acting out of protectionist impulses.

According to Politico, the new fund would invest directly in European companies to build them up.

Read more here.

TEXAS GOV TALKS ONLINE EXTREMISM: Texas Gov. Greg Abbott (R) is reportedly meeting with tech executives on Thursday to discuss combating extremism in the wake of a mass shooting that killed 22 people in El Paso, Texas, earlier this month.

Representatives from Google, Twitter and Facebook are slated to meet with the governor to discuss possible measures to fight the threat of online extremism, The Associated Press reports.

FBI officials and state lawmakers will also be part of the roundtable discussion, according to the AP.

The suspect accused of gunning down 22 people at a Walmart in El Paso allegedly posted a manifesto online ahead of the attack warning of a "Hispanic invasion."

Read more here.

LIGHTER CLICK: Happy Birthday to our favorite Panda

AN OP-ED TO CHEW ON: Ending the moon versus Mars fight.


The war inside Palantir: Data-mining firm's ties to ICE under attack by employees. (The Washington Post)

Overstock CEO resigns due to romantic involvement with Russian agent. (Axios)

Hi, Alexa. How do I stop you from listening in on me? (The New York Times)

Extremists creep into Roblox, an online game popular with children. (NBC News)