Welcome to Hillicon Valley, The Hill’s newsletter detailing all you need to know about the tech and cyber news from Capitol Hill to Silicon Valley. If you don’t already, be sure to sign up for our newsletter with this LINK.
Welcome! Follow our cyber reporter, Maggie Miller (@magmill95), and tech team, Chris Mills Rodrigo (@chrisismills) and Rebecca Klar (@rebeccaklar_), for more coverage.
ACT OF WAR?: Lawmakers are raising questions about whether the attack on the federal government widely attributed to Russia constitutes an act of war.
ADVERTISEMENT
The hacking may represent the biggest cyberattack in U.S history, and officials are scrambling to respond.
The response is further complicated by the presidential transition — President TrumpDonald TrumpTrump signs bill to keep government open amid relief talks US to close two Russia consulates ‘Guardians of the Galaxy’ trends on social media following new Space Force name MORE has yet to comment publicly on the attack — and the fact that the U.S. has no clear cyber warfare strategy.
“We can’t be buddies with Vladimir PutinVladimir Vladimirovich PutinUS to close two Russia consulates Hillicon Valley: Lawmakers ask whether massive hack amounted to act of war | Microsoft says systems were exposed in massive SolarWinds hack | Senators push to keep tech liability shield out of UK trade agreement Overnight Defense: Biden team voices concern about ‘abrupt halt’ in Pentagon cooperation | Defense chief pushes back | Lawmakers question whether major cyberattack an act of war MORE and have him at the same time making this kind of cyberattack on America,” Senate Minority Whip Dick DurbinDick DurbinHillicon Valley: Lawmakers ask whether massive hack amounted to act of war | Microsoft says systems were exposed in massive SolarWinds hack | Senators push to keep tech liability shield out of UK trade agreement Overnight Defense: Biden team voices concern about ‘abrupt halt’ in Pentagon cooperation | Defense chief pushes back | Lawmakers question whether major cyberattack an act of war The Hill’s 12:30 Report: First White House officials to receive the COVID-19 vaccine MORE (D-Ill.) said of the attack during an interview Wednesday on CNN. “This is virtually a declaration of war by Russia on the United States and we should take that seriously.”
Sen. Mitt RomneyWillard (Mitt) Mitt RomneyLawmakers call for Trump to take action on massive government hack Hillicon Valley: Lawmakers ask whether massive hack amounted to act of war | Microsoft says systems were exposed in massive SolarWinds hack | Senators push to keep tech liability shield out of UK trade agreement Overnight Defense: Biden team voices concern about ‘abrupt halt’ in Pentagon cooperation | Defense chief pushes back | Lawmakers question whether major cyberattack an act of war MORE (R-Utah) on Thursday compared the incident to Russian bombers “flying undetected over the entire country,” and harshly criticized Trump for not doing enough to counter the attack.
“Our national security is extraordinarily vulnerable,” Romney said on SiriusXM’s “The Big Picture with Olivier Knox.” “In this setting, not to have the White House aggressively speaking out and protesting and taking punitive action is really, really quite extraordinary.”
Hackers believed to be part of a nation state have had access to federal networks since March after exploiting a vulnerability in updates to IT group SolarWinds’s Orion software. The hack has compromised the Treasury, State and Homeland Security departments and branches of the Pentagon, though it is expected to get worse. SolarWinds counts many more federal agencies as customers, along with the majority of U.S. Fortune 500 companies.
Read more here.
ADVERTISEMENT
MICROSOFT SYSTEMS EXPOSED: Microsoft’s systems were exposed as part of the suspected Russian cybersecurity hack that targeted SolarWinds and hit multiple government agencies, people familiar with the matter told Reuters.
The people told the newswire that Microsoft’s own products were used to further attacks on others. It’s unclear how many Microsoft users were affected.
CNBC noted that multiple government agencies use Office 365, including the Department of Defense.
Microsoft spokesperson Frank Shaw said in a statement posted to Twitter that the company had detected malicious SolarWind binaries, which it removed. It has not found evidence of “access to production services or customer data.”
“Our investigations, which are ongoing, have found absolutely no indications that our systems were used to attack others.”
Dozens of federal agencies had been breached earlier this year as part of the cyberattack on SolarWinds. The Cybersecurity and Infrastructure Security Agency issued an alert detailing the attack on Thursday, in which it warned that it posed a “grave risk” to federal and state governments, as well as private sector organizations.
Read more here.
SENATORS SAY KEEP SECTION 230 OUT: Senators from both sides of the aisle sent a letter to the U.S. Trade Representative on Friday urging him to keep language that mimics a U.S. tech liability shield to be left out of any potential free trade agreement with the United Kingdom.
The letter, signed by two Democrats and two Republicans, urges Trade Representative Robert LighthizerBob LighthizerWhiskey, workers and friends caught in the trade dispute crossfire GOP senator warns quick vote on new NAFTA would be ‘huge mistake’ Pelosi casts doubt on USMCA deal in 2019 MORE to refrain from including language that is modeled on section 230 of the Communications Decency Act in a trade agreement with the U.K.
The senators note the ongoing debate regarding Section 230, which grants tech companies liability protection for content posted by third parties.
“Including a safe harbor clause in any future trade agreements will further allocate more power to companies at the expense of individuals,” Sens. Mark WarnerMark Robert WarnerOn The Money: Congress passes bill to avert shutdown as coronavirus talks drag into weekend | Federal Reserve fight imperils relief talks Congress passes bill to avert shutdown as coronavirus talks drag into weekend Lawmakers call for Trump to take action on massive government hack MORE (D-Va.), Rob PortmanRobert (Rob) Jones PortmanHillicon Valley: Lawmakers ask whether massive hack amounted to act of war | Microsoft says systems were exposed in massive SolarWinds hack | Senators push to keep tech liability shield out of UK trade agreement Senators push to keep tech liability shield out of UK trade agreement The ‘Biden Team’ is risk-averse, but capable and ready MORE (R-Ohio), Richard Blumenthal (D-Conn.) and Chuck GrassleyChuck GrassleyHillicon Valley: Lawmakers ask whether massive hack amounted to act of war | Microsoft says systems were exposed in massive SolarWinds hack | Senators push to keep tech liability shield out of UK trade agreement Senators push to keep tech liability shield out of UK trade agreement Pelosi to get COVID-19 vaccine in ‘next few days’ as vaccination program begins for lawmakers MORE (R-Iowa) wrote.
“Congress can and should debate about Section 230 and how it has enabled platforms to turn a blind eye as their platforms are used to facilitate discrimination, cyber-stalking, terrorism, online frauds, and more. We urge USTR to refrain from including this provision in this and future free trade agreements until that debate has concluded,” they added.
ADVERTISEMENT
A spokesperson for the Office of the United States Trade Representative was not immediately available for comment.
Read more here.
TWITTER TARGETS TOXIC TWEETS: Twitter said Thursday it is increasing its efforts to combat negativity on the platform by testing a feature that will show users prompts indicating mutual interests shared by them and people to whom they respond on the platform.
In an emailed statement to Mashable, the company confirmed it began testing the feature among roughly 10 percent of Android users who use English as their primary language on the platform.
The prompts will show users topics and mutual followers when then go to respond to individual people on the platform; a screenshot of the test in practice showed a user seeing topics such a “dogs,” “rap,” and “soccer” among the mutual topics listed under a banner that reads “you have things in common.”
“It’s human nature to feel wary when replying to someone you don’t know,” Christine Su, senior product manager for conversations at Twitter, told the news outlet. “In the heat of the moment, people can forget there’s another human behind a Twitter account. By showing what we have in common, we hope to remind people of what connects us as a starting point.”
ADVERTISEMENT
Read more here.
HAPPY HOLIDAYS FROM ZOOM: Zoom is lifting its 40-minute cap on free meetings for users during certain days this holiday season, the company announced this week.
Zoom is allowing users unlimited meeting times during days spanning the end of Hanukkah, Christmas, New Year’s Eve and New Year’s Day, and the last days of Kwanzaa, as a “token of appreciation to our users during an extraordinary time,” the company said in a blog post.
The dates and times for the unlimited meetings are: 10 a.m. on Dec. 17 to 6 a.m. on Dec. 19, 10 a.m. on Dec. 23 to 6 a.m. on Dec. 26, and 10 a.m. on Dec. 30 to 6 a.m. on Jan. 2.
The time limit will be automatically lifted during the designated times, and users will not need to do anything to remove the limit, Zoom said.
Read more here.
ADVERTISEMENT
Lighter click: Extreme ice fetching champ
An op-ed to chew on: The US government just reduced its IoT attack surface; private sector should step up
NOTABLE LINKS FROM AROUND THE WEB:
We need to learn how to talk to (and about) accidental conspiracists (Nieman Lab / Ben Collins)
QAnon is still spreading on Facebook, despite a ban. (The New York Times / Sheera Frenkel)
The Activist Translating Climate Crisis Information Across the Globe (Motherboard / Samir Ferdowsi)