Hillicon Valley — State Dept. employees targets of spyware

Today is Friday. Welcome to Hillicon Valley, detailing all you need to know about tech and cyber news from Capitol Hill to Silicon Valley. Subscribe here: thehill.com/newsletter-signup.

Follow The Hill’s cyber reporter, Maggie Miller (@magmill95), and tech team, Chris Mills Rodrigo (@millsrodrigo) and Rebecca Klar (@rebeccaklar_), for more coverage.

Ladies and gentlemen… the weekend! But before we get there, news broke today that the phones of almost a dozen State Department employees were targeted and hacked by spyware from embattled company NSO Group, which was recently blacklisted by the Commerce Department. 


Meanwhile, newly named Twitter CEO Parag Agrawal announced new leadership changes at the social media company and the Facebook Oversight Board is requesting public input as it weighs an advisory opinion on the platform’s controversial cross-check system. 

Let’s jump into the news.


NSO Group in hot water


The phones of at least nine State Department employees were recently hacked through the use of spyware from Israeli company NSO Group, a report published Friday found.

Reuters cited four people “familiar with the matter” in reporting that iPhones of the employees were hacked over the past several months. The individuals targeted were based in Uganda or working on issues involving Uganda. 

Company responds: NSO Group disputed the findings, with a spokesperson telling The Hill in a statement Friday that while the company had taken steps to crack down on the customers involved in targeting the employees — who Reuters said it wasn't able to identify — NSO had no reason to believe its products were involved. 


“Once the inquiry was received, and before any investigation under our compliance policy, we have decided to immediately terminate relevant customers’ access to the system, due to the severity of the allegations,” the spokesperson said. “To this point, we haven’t received any information nor the phone numbers, nor any indication that NSO’s tools were used in this case.”

Government responds: A spokesperson for the State Department declined to confirm the hacking efforts to The Hill on Friday, but stressed that “generally speaking the Department takes seriously its responsibility to safeguard its information and continuously takes steps to ensure information is protected.”

Both NSO Group and Israeli company Candiru were added to the Commerce Department’s Entity List last month, effectively blacklisting the use of the companies’ products. The step was taken due to allegations that both NSO Group and Candiru had developed spyware programs and sold them to foreign governments to target individuals including dissidents and journalists, allegations that NSO Group has pushed back against. 

Read more here. 


More Twitter shake-ups

Twitter will undergo a reorganization of key leadership roles under new CEO Parag Agrawal, the company announced Friday. 

The changes, which were laid out in a company-wide email, follow Twitter co-founder and CEO Jack Dorsey announcing earlier this week he would be stepping down from the top spot, putting Agrawal in charge of the social media platform as it seeks to reach lofty user and revenue growth goals. 

Who’s out: As part of the shake-up, head of engineering Michael Montano and chief design officer Dantley Davis will be stepping down and leaving the company by the end of the year. 

Twitter spokesperson Lauren Alexander confirmed the reorganization news. The changes were first reported by The Washington Post. 

The company also detailed the changes in a Securities and Exchange Commission (SEC) filing

Montano will be leaving the company after more than a decade. He joined Twitter in 2011. Davis came to Twitter in 2019, after previous product design stints at Netflix and Facebook. 

Who’s moving: The restructuring will create a General Manager model for the consumer, revenue and core tech divisions, which will be led by Kayvon Beykpour, Bruce Falck and Nick Caldwell, respectively, Twitter said in the filing.

The three general managers will lead all core teams across engineering, product management, design and research, according to the filing. 


Read more about the changes.


Facebook’s quasi-independent Oversight Board is asking the public to weigh in with comments on the social media platform’s cross-check program for some high-profile users.

The Oversight Board opened up public comments on Wednesday as part of its probe into the cross-check system, which reportedly kept certain public figures on the platform, including former President TrumpDonald TrumpMark Walker to stay in North Carolina Senate race Judge lays out schedule for Eastman to speed up records processing for Jan. 6 panel Michael Avenatti cross-examines Stormy Daniels in his own fraud trial MORE, from facing the full extent of Facebook’s content moderation policies.

The board is asking individuals and organizations to submit comments regarding whether a cross-check system is needed and whether it strengthens or undermines the protection of human rights. The board is also asking for comment as to what additional resources Meta, Facebook’s parent company, should dedicate to improving the cross-check system. 

Public comments are due by Jan. 14. 

Read more here.




The Chinese rideshare app Didi announced Friday that it will delist from the New York Stock Exchange just months after its initial public offering.

The company’s brief announcement on the microblog Weibo noted plans to relist on Hong Kong’s exchange, but gave few other details.

Didi had been valued at nearly $70 billion after its first day of trading in June, but has since seen its shares collapse amid a crackdown from Beijing.

Chinese authorities announced a probe of the company’s data security practices shortly after its listing, but that investigation has not yet been closed. 

Read more here.


Reality Winner's defense

Former National Security Agency contractor Reality Winner said this week that she believes she was acting in "service to the American people" when she leaked classified documents to the media in 2017.

Winner, who pleaded guilty to leaking classified information about Russia’s efforts to interfere with the 2016 elections and was sentenced to 63 months in prison, made her comments during her first television interview since she was released earlier this year.

She told Scott Pelley in a "60 Minutes" interview that her actions were "out of love for what this country stands for," CBS News reported.

"You knew it was stamped 'Top Secret.' You knew what that meant," Pelley said to Winner in a clip from the interview that aired on "CBS Mornings" on Friday.

"I knew that. I knew it was secret," Winner told him. "But I also knew that I had pledged service to the American people. And at that point in time, it felt like they were being led astray."

Read more.


GoFundMe has removed fundraisers for William "Roddie" Bryan, one of three men convicted last week on murder charges in the killing of Ahmaud Arbery in Georgia, the company said.

A spokesperson for GoFundMe told The Hill on Friday that the crowdfunding platform had removed three fundraisers for Bryan this week. No funds had been raised.

"GoFundMe prohibits raising money for the legal defense of a violent crime," the spokesperson said.

Bryan's attorney Kevin Gough wrote on Facebook that “The right to counsel, a guarantee enshrined in our Constitution, means little if ordinary people like Roddie Bryan cannot raise funds for their own defense — and that includes the right to raise funds for an appeal."

He said the cancellation of online efforts to raise funds for Bryan is "simply the latest manifestation of a woke left mob mentality" and added that the move "seeks to undermine the institutions of our government."

In November, Bryan, along with Gregory and Travis McMichael, who were also charged in the death of Ahmaud Arbery were found guilty of multiple counts of murder.

Read more.


An op-ed to chew on: To counter China, the Senate must confirm US ambassadors

Lighter click: Happy night 6

Notable links from around the web:

The Justice Department is ramping up its crackdown on money mules (CyberScoop / Tonya Riley)

Received some random cryptocurrency? It might be a phishing scam (Motherboard / Lorenzo Franceschi-Bicchierai)

‘I need my girlfriend off TikTok’: How hackers game abuse-reporting systems (Los Angeles Times / Brian Contreras)

One last thing: Global surveillance pushback

The U.S. is planning a global push to restrict surveillance tools to authoritarian regimes, senior Biden administration officials told multiple media outlets Thursday. 

The initiative among friendly countries would put in place conduct rules for exporting surveillance tools to countries that would use them to suppress human rights, The Wall Street Journal reported. 

An agreement would be reached among countries on export-licensing policies to limit technologies to nations that have been accused of using such products to suppress their populations.

“This is a group of like-minded governments who will commit to working together to determine how export controls could better monitor and, as appropriate, restrict the proliferation of such technologies given their increasing misuse by end users in human rights abuses,” a senior administration official told the Journal.

The initiative is set to be announced at the first Summit for Democracy scheduled for on Dec. 9 and Dec. 10.

Read more here.


That’s it for today, thanks for reading. Check out The Hill’s technology and cybersecurity pages for the latest news and coverage. We’ll see you Monday.