Hillicon Valley: Federal agencies warn hackers targeting U.S. hospitals with ransomware attacks | Cyberattack targets networks of Vermont, New York hospitals | Big tech companies report massive earnings amid pandemic
Welcome to Hillicon Valley, The Hill’s newsletter detailing all you need to know about the tech and cyber news from Capitol Hill to Silicon Valley. If you don’t already, be sure to sign up for our newsletter with this LINK.
Welcome! Follow our cyber reporter, Maggie Miller (@magmill95), and tech team, Chris Mills Rodrigo (@chrisismills) and Rebecca Klar (@rebeccaklar_), for more coverage.
FEDS WARN HACKERS TARGETING HOSPITALS: The FBI, the Department of Health and Human Services (HHS), and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) warned Wednesday that cybercriminals were stepping up ransomware attacks on health sector groups as the organizations grappled with a new wave of COVID-19 cases.
“CISA, FBI, and HHS have credible information of an increased and imminent cybercrime threat to U.S. hospitals and healthcare providers,” the agencies wrote in a joint alert.
The agencies warned that the cybercriminals behind the attacks were deploying Ryuk malware, a ransomware virus that was recently linked to an attack on a German hospital that crashed servers and led to the death of woman who was unable to receive life-saving care.
The virus was also involved in an attack on Pennsylvania-headquartered hospital chain Universal Health Services, with all 250 of its U.S. healthcare facilities negatively impacted by a ransomware attack earlier this month.
Multiple hospitals and healthcare groups in the U.S. have been targeted this week, including three hospitals in New York’s St. Lawrence County and Sky Lakes Medical Center in Oregon, which the medical center confirmed in a Facebook post on Tuesday.
MORE ATTACKS ON HOSPITALS: A cyberattack on the University of Vermont (UVM) Health Network this week negatively impacted systems at multiple hospitals in Vermont and New York, as hospitals across the country are facing a surge in both COVID-19 patients and cyber targeting.
“The University of Vermont Health Network is working with the Federal Bureau of Investigation and the Vermont Department of Public safety to investigate a now confirmed cyberattack that has affected some of our systems,” the health care network said in a statement released Thursday. “We expect that it will take some time to restore and we are working as quickly as possible to return to normal operations.”
The cyberattack impacted networks at seven hospitals and health care centers, including three New York hospitals, three Vermont hospitals, and one Vermont hospice center.
The organizations were negatively impacted by the attack to varying degrees, with two hospitals experiencing delays in patient services, and the University of Vermont Medical Center in Burlington, Vt., being forced to reschedule some elective procedures that were previously set to take place on Thursday.
“Staff are continuing to follow well-practiced standby procedures to ensure safe patient care,” the medical network said. “We understand the difficulty this causes for our patients and the community and apologize for the impact. There have been some changes to patient appointments and we are attempting to reach those patients who have been affected. We will continue to provide systems and patient service updates when they are available.”
The FBI’s Albany office confirmed its investigation into the attacks on the hospitals in a statement Thursday, declining to comment further than noting that “we are investigating a potential cyber attack at UVM health, along with our federal, state, and local partners.”
BIG TECH MAKES BIG MONEY: America’s biggest tech companies on Thursday reported massive earnings for the third quarter of 2020, strengthening their positions at a time when the coronavirus recession is ravaging other industries.
Amazon, Facebook, Google, Twitter and Alphabet, Google’s parent company, all notched significant gains from July through September.
Alphabet beat Wall Street expectations with revenue of $46.2 billion, up 14 percent from the same period a year earlier. Those numbers boosted its shares more than 9 percent.
“We had a strong quarter, consistent with the broader online environment,” CEO Sundar Pichai said in a statement. “It’s also a testament to the deep investments we’ve made in AI and other technologies, to deliver services that people turn to for help, in moments big and small.”
Google’s advertising brought in $37.1 billion, up from $33.7 billion in the third quarter last year, and YouTube ad revenue increased 30 percent to $5 billion.
That growth represents a major bounce back from the second quarter, when the company saw its first ever revenue decline as advertising plummeted early in the pandemic.
Amazon on Thursday said its third quarter sales rose 37 percent up to a record $96.2 billion. Those sales drove a $6.3 billion profit, up from $2.1 billion the year prior.
The e-commerce giant is predicting sales to rise again in the fourth quarter, with a forecast of between $112 and $121 billion.
Apple also exceeded Wall Street expectations with its earnings, but its stock fell slightly after trading with iPhone sales plunging.
WISCONSIN GOP GET PHISHED: The Republican Party of Wisconsin on Thursday said hackers stole $2.3 million as part of a recent cyberattack.
“Cybercriminals, using a sophisticated phishing attack, stole funds intended for the re-election of President Trump, altered invoices and committed wire fraud,” Wisconsin GOP Chairman Andrew Hitt said in a statement provided to The Hill on Thursday.
“These criminals exhibited a level of familiarity with state party operations at the end of the campaign to commit this crime,” Hitt said. “While a large sum of money was stolen, our operation is running at full capacity with all the resources deployed to ensure President Donald J. Trump carries Wisconsin on November 3rd.”
According to Hitt, the Wisconsin GOP discovered it had been the victim of a successful phishing attack on the night of Oct. 22, and that the party notified the FBI the next day of the attack. Hitt noted that the hackers stole the funds through the use of doctored invoices labeled as being from “WisGOP vendors.”
There is no evidence that any sensitive data was stolen or accessed by the hackers beyond the money that was taken.
A spokesperson for the FBI declined to comment on or confirm an investigation into the hacking incident.
The disclosure of the attack comes less than a week before Election Day, and as concerns around election security have ramped up.
HELD FOR RANSOM: Hackers on Tuesday released a sample of stolen election-related documents from networks in Hall County, Ga., as part of their efforts to pressure county officials into paying a ransom for control of the files.
The Wall Street Journal reported that the batch of files, which were largely administrative and nonsensitive in nature, came as part of a threat from hackers urging officials to comply with their demands or risk more sensitive information being released.
Hall County officials did not immediately return a request for comment from The Hill on Thursday.
The files reportedly appeared on a website run by a hacking group known for its use of DoppelPaymer ransomware, which encrypts files with a promise to return control to the original owner once demands are met.
County officials announced the attack earlier this month, and an investigation is underway.
TIKTOK GOES TO COURT…AGAIN: TikTok and the video sharing app’s parent company ByteDance sued rival app Triller on Wednesday in a countersuit over patent infringement claims.
Chinese-owned TikTok filed a complaint in San Francisco federal court that Triller’s lawsuit, filed over the summer, has “cast a cloud” over TikTok and ByteDance, “causing uncertainty” for the company.
The complaint also denies Triller’s allegations that TikTok infringed on Triller’s patent.
“A judicial declaration is necessary to resolve the real, immediate, and justiciable controversy concerning these issues and to determine the respective rights of the parties regarding the ’429 patent,” TikTok’s complaint states.
Triller, a U.S.-based video-sharing app, filed a lawsuit in July alleging that TikTok has been using its technology for years.
In response to TikTok’s countersuit, Triller CEO Mike Lu maintained that the Chinese company stole its technology and said Triller is prepared for a “David and Goliath” style court battle.
Lighter click: Congrats on the Netflix show though!
An op-ed to chew on: Many Americans still don’t have internet access–Congress should help
NOTABLE LINKS FROM AROUND THE WEB:
‘Revenge porn’ was already commonplace. The pandemic has made things even worse. (Washington Post / Jessica M. Goldstein)
The Republican Party has new villains but no battle plans. Brendan Carr is plotting their path forward. (The Verge / Makena Kelly)
QAnon Is Supposed to Be All About Protecting Kids. Its Primary Enabler Appears to Have Hosted Child Porn Domains. (Mother Jones / AJ Vicens and Ali Breland)
How a fake persona laid the groundwork for a Hunter Biden conspiracy deluge (NBC News / Ben Collins and Brandy Zadrozny)