Hillicon Valley: Colonial Pipeline CEO says company paid hackers $4.4 million in ransomware attack | Facebook sets up 'special operations center' for content on Israeli-Palestinian conflict | Granholm expresses openness to pipeline cyber standards after

Hillicon Valley: Colonial Pipeline CEO says company paid hackers $4.4 million in ransomware attack | Facebook sets up 'special operations center' for content on Israeli-Palestinian conflict | Granholm expresses openness to pipeline cyber standards after
© Getty Images

Welcome to Hillicon Valley, The Hill's newsletter detailing all you need to know about the tech and cyber news from Capitol Hill to Silicon Valley. If you don’t already, be sure to sign up for our newsletter by clicking HERE.

Welcome! Follow our cyber reporter, Maggie Miller (@magmill95), and tech team, Chris Mills Rodrigo (@chrisismills) and Rebecca Klar (@rebeccaklar_), for more coverage.

The CEO of Colonial Pipeline on Wednesday gave his first interview since the company was hit by a ransomware attack earlier this month, confirming publicly that he approved the payment of $4.4 million to the hackers to regain access to IT systems. Meanwhile, Facebook has set up a special operations center to monitor content on its platforms involving the Israeli-Palestinian conflict, and Energy Secretary Jennifer GranholmJennifer GranholmOVERNIGHT ENERGY: Western wildfires prompt evacuations in California, Oregon| House passes bill requiring EPA to regulate 'forever chemicals' in drinking water | Granholm announces new building energy codes Granholm announces new building energy codes Annual Energy Department report finds slight recovery in energy industry jobs MORE expressed some tentative support for mandatory security standards for pipelines. 

ADVERTISEMENT

CONFIRMATION OF PAYMENT: The CEO of Colonial Pipeline, hit by a ransomware attack that forced it to shut down operations for much of last week, confirmed publicly for the first time Wednesday that the company paid the hackers behind the attack so it could regain access to its systems.

Colonial Pipeline CEO Joseph Blount told The Wall Street Journal that he authorized the company to pay the cyber criminals the equivalent of $4.4 million in Bitcoin on May 7, the day of the attack, for the keys to decrypt the network, less than the $5 million previously reported by Bloomberg. 

“I know that’s a highly controversial decision,” Blount told the publication. “I didn’t make it lightly. I will admit that I wasn’t comfortable seeing money go out the door to people like this.”

“But it was the right thing to do for the country,” he added.

Officials and cybersecurity experts have condemned the company for paying the ransom due to the potential that it might encourage hackers to target other critical infrastructure groups in the future. However, organizations targeted by ransomware attacks that choose not to pay often spend far more money and time recovering.

Read more about the decision here.

FACEBOOK’S RESPONSE: Facebook has set up a “special operations center” to monitor content on its platforms about the escalating Israeli-Palestinian conflict, a company executive said Wednesday. 

ADVERTISEMENT

The special operations center has 24-hour capabilities and includes native Arabic and Hebrew speakers to help Facebook identify content that violates its policies, as well as restore content that was removed in error, Facebook’s vice president of content policy, Monika Bickert, told reporters on a call. 

The special operations center, formalized last week, includes members of Facebook’s content review and content policy teams and puts them in regular contact with each other to help spot and respond to the “changing landscape,” Bickert said. 

Read more about the effort

GRANHOLM WEIGHS IN: Energy Secretary Jennifer Granholm on Wednesday threw her tentative support behind the idea of mandatory standards to secure pipelines in the wake of the debilitating ransomware attack on Colonial Pipeline earlier this month.

When asked by House Energy and Commerce Committee Chairman Frank Pallone Jr. (D-N.J.) during a hearing on whether pipelines should be subject to similar strict mandatory security standards that the electric sector is, Granholm testified that the U.S. is currently “inadequate” on pipeline security.

“I think that this is an example potentially of that,” Granholm said of the attack on Colonial Pipeline. “If we had had standards in place, would this particular ransomware attack have been able to happen? You know, I’m not 100 percent sure.”

“I do know that having good cyber hygiene on the private side as well as on the public side is a critical basic defense, and for entities that provide services to the public like that, especially critical services like energy, I think it’s an important consideration for this committee for sure,” she added.

Granholm’s remarks appear to differ from those made by President BidenJoe BidenTrump hails Arizona Senate for audit at Phoenix rally, slams governor Republicans focus tax hike opposition on capital gains change Biden on hecklers: 'This is not a Trump rally. Let 'em holler' MORE last week on cybersecurity standards, in which he rejected the idea of mandated cybersecurity standards. 

Read more about potential standards here

SCHOOL’S IN SESSION FOR HACKERS: Cyber criminals are stepping up their efforts to hack into vulnerable school districts, often launching ransomware attacks like the kind that shut down the Colonial Pipeline earlier this month.

The number of cyberattacks targeting schools has increased during the coronavirus pandemic, jumping almost 20 percent in 2020 compared with the previous year, according to one industry report.

The impact of those attacks is all the more damaging as the majority of districts have migrated to some level of virtual learning to comply with COVID-19 restrictions, making it easier for hackers to disrupt classes or take them offline altogether.

“We have seen major school districts, lots of students, essentially shut down, no learning going on for days,” Doug Levin, the national director of the K-12 Security Information Exchange, told The Hill.

Read more here.

FTC TAKES ON FRONTIER: Frontier Communications is accused of misrepresenting internet speeds it advertised and charged for, according to a lawsuit filed Wednesday by the Federal Trade Commission (FTC) and six state attorneys general.

The lawsuit alleges Frontier Communications, which provides service to about 1.3 million consumers across 25 states, did not provide many consumers with the maximum speeds they were promised, and the speeds consumers did receive often fell short of what was touted in the plans they had purchased. 

The complaint alleges in “numerous instances” the company billed, charged, collected or attempted to collect payment from consumers for “more expensive and higher-speed tiers” of internet service than Frontier has provided or has been capable of providing such consumers. 

A spokesperson for Frontier pushed back on the allegations and said the company will “present a vigorous defense.” 

Read more about the complaint

RUMBLINGS: Conservative venture capitalists Peter Thiel and J.D. Vance are investing in YouTube alternative Rumble, a platform popular among Republicans.

The investment group consists of Narya Capital, founded by Colin Greenspon. It also includes Vance and Colt Ventures, the family office of former Trump adviser Darren Blanton, The Wall Street Journal reported.

ADVERTISEMENT

The amount of the transaction was unknown but a source told the Journal it was significant and another source said the investment values the company around $500 million.

Rumble is one the new platforms that have appealed to the right as many conservatives see mainstream social media speech guidelines as too constrictive. 

The platform was founded in 2013 and gained notoriety after conservative commentator Dan Bongino and Rep. Devin NunesDevin Gerald NunesSunday shows preview: Bipartisan infrastructure talks drag on; Democrats plow ahead with Jan. 6 probe Lawmakers spend more on personal security in wake of insurrection Tucker Carlson claims NSA leaked private emails to journalists MORE (R-Calif.) promoted it last October, according to WSJ.

Read more.

PHONE UPDATE: Google announced new privacy features for its Android phone operating system Tuesday that will give users more control over their data but stop short of Apple’s more aggressive options.

The new features unveiled at Google’s annual I/O developer conference include visual cues that indicate when cameras or microphones are being used, the option to give apps access to approximate rather than precise location and a privacy dashboard.

“Android 12 is our most ambitious privacy release to date,” the company said on its blog. “Along the way, we have engaged closely with our developer community to build a platform that puts privacy at the forefront while taking into consideration the impact on developers.”

ADVERTISEMENT

The announcement of new features follows Apple’s rollout of its iOS 14 system in February.

That update forces apps to get permission from users to track them across other apps for advertising purposes.

Google could still adopt similar measures down the line, especially given that the company has made inroads toward limiting ad tracking on searches.

Read more. 

Lighter click: Parlez vous?

An op-ed to chew on: We need to formalize counter-disinformation education for children and teens

NOTABLE LINKS FROM AROUND THE WEB: 

Mob Violence Against Palestinians in Israel Is Fueled by Groups on WhatsApp (New York Times / Sheera Frenkel)

The Gig Economy's Business Model Is a Roadblock to Fighting Climate Change (Motherboard / Edward Ongweso Jr.)

Imperfect Offerings: Inside The Complex New World Of Trans Tech (The Verge / Kait Sanchez)

SolarWinds CEO reveals much earlier hack timeline, regrets company blaming intern (CyberScoop / Tim Starks)