Hillicon Valley — Presented by Xerox — FBI director pressed on agency reportedly withholding Kaseya decryption key

Hillicon Valley — Presented by Xerox — FBI director pressed on agency reportedly withholding Kaseya decryption key
© Greg Nash

Today is Tuesday. Welcome to Hillicon Valley, detailing all you need to know about tech and cyber news from Capitol Hill to Silicon Valley. Subscribe here: thehill.com/newsletter-signup.

FBI Director Christopher Wray and other top officials were grilled on a myriad of threats to the homeland on Capitol Hill Tuesday. Wray in particular was taken to task over a report that the FBI temporarily withheld the decryption key for Kaseya following the devastating ransomware attack in July that compromised up to 1,500 companies.

Meanwhile, the Treasury Department took action to counter ransomware attacks by issuing its first sanctions against a virtual currency exchange for its involvement in facilitating ransomware payments, and one Senate Democrat urged TikTok to take action to curb a “devious” trend. 


Follow The Hill’s cyber reporter, Maggie Miller (@magmill95), and tech team, Chris Mills Rodrigo (@millsrodrigo) and Rebecca Klar (@rebeccaklar), for more coverage.

Let’s jump in.

Withholding the key for Kaseya  

The FBI allegedly withheld the release of a decryption key for almost three weeks that could have assisted groups crippled by the massive ransomware attack on IT group Kaseya earlier this year to unlock their networks. 

The allegations: The Washington Post reported on Tuesday that the FBI and other federal agencies made the decision to not give Kaseya the key while it pursued an operation to knock REvil, the cybercriminal group behind the attack, offline. Websites used by REvil went dark prior to the FBI’s planned operation. 

The ransomware attack on Kaseya, which took place just before the Fourth of July weekend, impacted up to 1,500 groups. Kaseya chose not to pay the ransom demanded by the hackers, and instead used a decryption key that the company said it had received from a “trusted third party” weeks after the attack.  

The FBI declined to comment on the report to The Hill. 

Wray weighs in: FBI Director Christopher Wray was questioned about the decision during a Senate Homeland Security and Governmental Affairs Committee hearing Tuesday, with Wray avoiding giving details on the decision due to the ongoing investigation into the incident. 

“When it comes to the issue of encryption keys or decryption keys, there is a lot of testing and validating that is required to make sure that they are going to actually do what they are supposed to do, and there is a lot engineering that is required to develop a tool that is required to put the tool in use,” Wray testified. “Sometimes we have to make calculations about how best to help the most people, because maximizing impact is always the goal.”

Read more here

Beyond cybersecurity concerns, Wray was testified that the FBI’s domestic terrorism caseload had “exploded” since 2020, and noted that social media was a major part of the problem. 

Read more here.Wray made these comments as part of a larger hearing on threats to the homeland alongside officials including Homeland Security Secretary Alejandro MayorkasAlejandro MayorkasCBP releases new guidelines for pregnant, infant detainees The massive messaging miscues of all the president's men (and women) Buttigieg has high name recognition, favorability rating in Biden Cabinet: survey MORE on Tuesday, which also included testimony on other cyber concerns and on border security issues. 

Read more about the hearing here.


Cracking down on crypto 

The Treasury Department on Tuesday announced a set of actions designed to crack down on ransomware attack payments following a major uptick in cases in recent months against U.S. companies.

As part of the actions, the Treasury Department’s Office of Foreign Assets Control (OFAC) issued its first sanctions against a virtual currency exchange, targeting SUEX OTC for allegedly facilitating ransomware payments.

In addition, OFAC issued an advisory warning that it could issue further sanctions against other cryptocurrency exchanges, cyber insurance companies, and financial institutions facilitating ransomware payments, particularly if the payments are made to previously sanctioned individuals or groups.

The advisory reiterated the federal government’s stance that victims should not pay ransoms, and that facilitating a payment “may enable criminals and adversaries with a sanctions nexus to profit and advance their illicit aims.”

“Ransomware and cyber-attacks are victimizing businesses large and small across America and are a direct threat to our economy,” Treasury Secretary Janet Yellen said in a statement Tuesday. “We will continue to crack down on malicious actors.”


Read more here

A ‘DEVIOUS’ DEMANDSen. Richard Blumenthal (D-Conn.) sent a letter to TikTok Tuesday demanding the platform do more to discourage the “devious lick” trend where students remove things from schools and other buildings.

“You have a responsibility to delete videos, ban users, and restrict hashtags that glorify property damage and threats to school safety to prevent this destructive behavior from spreading,” Blumenthal wrote to TikTok chief executive Shou Zi Chew. 

“While TikTok has taken steps to remove these videos, these actions were too little, too late and do not make up for the damage to schools across the country,” the Connecticut lawmaker wrote. 

The trend rose in popularity this month, with users one-upping each other by removing items as small as notebooks to whole sets of lockers.

Read more here






The Securities and Exchange Commission (SEC) is investigating Activision Blizzard over the gaming company’s handling of allegations of workplace sexual harassment and gender discrimination, the company said. 

The SEC has issued subpoenas to the company, as well as several current and former employees, regarding disclosures on employment matters and related issues, the company said in a statement.

Activision Blizzard said it is “confident in its prior disclosures” and is cooperating with the SEC’s investigation.

“While we continue to work in good faith with regulators to address and resolve past workplace issues, we also continue to move ahead with our own initiatives to ensure that we are the very best place to work. We remain committed to addressing all workplace issues in a forthright and prompt manner,” said Activision Blizzard CEO Bobby Kotick.


The SEC declined to comment on a possible investigation. 

Read more here


Google announced on Tuesday that it intends to purchase for $2.1 billion early next year a Manhattan property it has been leasing.

The 1.3 million-square-foot former freight terminal called St. John’s Terminal adds to the significant collection of real estate that the search and advertising giant has in New York.

The company already owns two buildings next door, bringing the combined campus to 1.7 million square feet.

The planned acquisition suggests that Google’s embrace of remote work in response to the coronavirus pandemic may not be a long-term strategy.

"New York's energy, creativity and world-class talent are what keep us rooted here and why we're deepening our commitment with plans to purchase St. John's Terminal," Alphabet and Google Chief Financial Officer Ruth Porat said in a press release. 

Read more here


Google employees are criticizing the removal of a voting app associated with Russian opposition leader Alexei Navalny just as the Russian parliamentary elections began.

Google and Apple on Friday removed an app called Smart Voting that advocated for candidates who opposed the Russian government after the companies received threats of fines and criminal persecution by the Russian government. 

Internal Google forums and memegen, a messaging app that has been used for previous employee protests at Google, had images and messages seen by Bloomberg criticizing the company for bowing down to Russia’s demands. 

Read more here


An op-ed to chew on: Government by algorithm: Can AI improve human decisionmaking?

Lighter click: Walmart skull investigation when

Notable links from around the web:

Uber Says It's on Track to Maybe Make a Fake Profit (Gizmodo / Tom McKay)

Facebook Rolls Out News Feed Change That Blocks Watchdogs from Gathering Data (The Markup / Corin Faife)

What would a healthy social media platform even look like? (Vox / Rebecca Jennings)

Key lawmakers to CISA: Let us send you more money, power (CyberScoop / Tim Starks)

One last thing: Lobbying to legalize

Amazon announced Tuesday that it is actively lobbying Congress in favor of legalizing cannabis at the federal level in part to promote equitable hiring practices. 

The company’s effort began in June, when it said it would no longer screen prospective employees for marijuana use for positions not regulated by the U.S. Department of Transportation (DOT). Amazon made the changes given data that shows certain cannabis policies disproportionately affect people of color, and due to a swath of states updating their own marijuana laws.

“Pre-employment marijuana testing has disproportionately affected communities of color by stalling job placement and, by extension, economic growth, and we believe this inequitable treatment is unacceptable,” Amazon said Tuesday.

Read more here

That’s it for today, thanks for reading. Check out The Hill’s technology and cybersecurity pages for the latest news and coverage. We’ll see you Wednesday.