Overnight Hillicon Valley — Hacking goes global

Overnight Hillicon Valley — Hacking goes global
© Getty Images

Today is Thursday. Welcome to Hillicon Valley, detailing all you need to know about tech and cyber news from Capitol Hill to Silicon Valley. Subscribe here: thehill.com/newsletter-signup.

The United Nations (U.N.) on Thursday confirmed a report that its systems were breached in April, underscoring how cyberattacks have ripped across the globe and affected major organizations. The hackers behind the breach have not been identified, but we'll examine what we know so far.

Meanwhile, Amazon CEO Andy Jassy got (another) letter this week from a House Democrat pressing the company over the spread of vaccine misinformation on the e-commerce giant’s site. Rep. Adam SchiffAdam Bennett SchiffOvernight Hillicon Valley — Hacking goes global Schiff calls on Amazon, Facebook to address spread of vaccine misinformation Spotlight turns to GOP's McCarthy in Jan. 6 probe MORE (D-Calif.) sent a similar letter to Facebook as Democrats continue to push to hold tech giants accountable as officials grapple with vaccine hesitancy.

Follow The Hill’s cyber reporter, Maggie Miller (@magmill95), and tech team, Chris Mills Rodrigo (@millsrodrigo) and Rebecca Klar (@rebeccaklar_), for more coverage.

Let’s jump in.

United Nations confirms it was hacked this year 

The U.N. on Thursday confirmed that it was the victim of a cyberattack earlier this year and that attacks related to the original breach were ongoing.

The announcement was made in response to a report from Bloomberg News Thursday that hackers breached the U.N. in early April and stole data through the use of login credentials from a U.N. employee that were bought from the dark web.

“We can confirm that unknown attackers were able to breach parts of the United Nations infrastructure in April of 2021,” Stéphane Dujarric, spokesman for the U.N. Secretary-General, said in a statement.

Bloomberg cited findings from cybersecurity company Resecurity in reporting the breach. The firm found that the hackers were still active on U.N. networks as recently as early August.

Read more about the breach here.

Schiff targets COVID-19 misinformation

Rep. Adam Schiff (D-Calif.) is pressing Amazon and Facebook to address the spread of COVID-19 misinformation, accusing the tech giants of “directly profiting from the sensationalism of antivaccine misinformation.”  

“We cannot allow the rapid and dangerous spread of anti-vaccine marketing and misinformation to keep Americans from the valid, factual information they need to protect themselves from this virus,” Schiff wrote to the companies in letters shared by his office Thursday. 

Schiff’s letter is part of an ongoing push from congressional Democrats and the Biden administration for tech giants to accelerate efforts to remove misinformation about vaccines and the coronavirus.

Schiff’s letter to Amazon focuses on the e-commerce giant’s algorithm and recommendation system that he said is promoting “dangerous misinformation on vaccines.” 

Read more here.


A group of experts across multiple fields on Thursday recommended a sweeping set of actions to diversify the U.S. cybersecurity workforce, saying the field was “overwhelmingly” white and male. 

The Aspen Institute’s Tech Policy Hub and Aspen Digital detailed the recommendations in a report following two meetings over the past year with dozens of individuals across cybersecurity, government, academia, nonprofits and other industries.

“The field remains remarkably homogeneous, both among technical practitioners and policy thinkers, and there are few model programs or initiatives that have demonstrated real progress in building diverse and inclusive teams,” the report noted. “It is estimated that only 4% of cybersecurity workers self-identify as Hispanic, 9% as Black, and 24% as women.”

In order to increase diversity in the cybersecurity sector, the report’s authors focused on strengthening cybersecurity education initiatives, reworking the hiring process, retaining diverse talent, establishing mentorship programs and shifting the narrative around working in cybersecurity. 

Rep. Lauren UnderwoodLauren UnderwoodOvernight Hillicon Valley — Hacking goes global Report pushes for changes to diversify 'homogeneous' US cybersecurity workforce Biden's midterm strategies start to come into focus MORE (D-Ill.), the former chair of the House Homeland Security Committee’s cybersecurity subcommittee, praised the report during a virtual event hosted by the Aspen Institute on Thursday.

Read more about the report here.



Sen. Marco RubioMarco Antonio RubioOvernight Defense & National Security — Milley becomes lightning rod Joint Chiefs Chairman Milley becomes lightning rod on right GOP senators unveil bill designating Taliban as terrorist organization MORE (R-Fla.) knocked the CIA on Thursday over reports that the agency was considering establishing a presence on TikTok, which has faced scrutiny from lawmakers over its ties to China.

Rubio in a letter urged CIA Director William BurnsWilliam BurnsOvernight Hillicon Valley — Hacking goes global Rubio knocks CIA over consideration of TikTok presence The Taliban and the West need each other MORE to “commit that the CIA will not join TikTok, or any other social media platform that poses a serious threat to U.S national security as well as to Americans’ user data and privacy.”

The letter from Rubio, the vice chairman of the Senate Intelligence Committee, comes a day after a spokesperson for the CIA told Politico that joining TikTok was a possibility as the agency seeks to boost its social media footprint and help recruit people. However the spokesperson acknowledged the risk that China posed.

“With TikTok, obviously, there's the Chinese risk,” the spokesperson said.

Read more here.



Microsoft announced Thursday that it is indefinitely delaying its full return to the office amid uncertainty with COVID-19.

The company had previously set Oct. 4 as the earliest date for total reopening but now tells employees it will not establish a set return.

Instead, offices in the U.S. will open when able to do so safely based on public safety guidance. Employees will be notified 30 days before their local worksites will reopen.

Read more here.


An op-ed to chew on: US officials have much to learn from Afghanistan’s ‘Digital Dunkirk’

Lighter click: We needed that, Steve

Notable links from around the web

Apple’s effort to court ‘ethical’ hackers draws poor reviews (The Washington Post / Reed Albergotti) 

U.S. Cyber Czar: Too soon to tell if Russia ransomware has stopped (The Record / Martin Matishak)

Smart glasses made Google look dumb. Now Facebook is giving them a try (The New York Times / Mike Isaac)

Silicon Valley finds remote work is easier to begin than end (The AP / Michael Liedtke and Barbara Ortutay)

One last thing: California takes on Amazon

Amazon logo

The California Senate voted Wednesday to approve first-of-its-kind legislation that would regulate workplace performance metrics in warehouse settings after complaints from Amazon workers about compromised health as well as safety procedures. 

The bill, which has become one of the most fiercely contentious items on the agenda in Sacramento this year, would require companies that employ substantial numbers of warehouse employees to disclose the productivity requirements it sets for workers. It would allow employees to challenge quotas that they allege prevent them from taking bathroom breaks or other time to rest during the workday.

The measure does not specifically mention Amazon, though both supporters and opponents acknowledge the retail behemoth is the prime target for the new regulations. Assemblywoman Lorena Gonzalez (D), the bill’s lead author, said she drafted the legislation after Amazon workers came to her complaining of safety violations.

Read more here.


That’s it for today, thanks for reading. Check out The Hill’s technology and cybersecurity pages for the latest news and coverage. We’ll see you Friday.