Hillicon Valley: Trump signs off on sanctions for election meddlers | Russian hacker pleads guilty over botnet | Reddit bans QAnon forum | FCC delays review of T-Mobile, Sprint merger | EU approves controversial copyright law
Welcome to Hillicon Valley, The Hill’s newsletter detailing all you need to know about the tech and cyber news from Capitol Hill to Silicon Valley.
Welcome! Follow the cyber team, Olivia Beavers (@olivia_beavers) and Jacqueline Thomsen (@jacq_thomsen), and the tech team, Harper Neidig (@hneidig) and Ali Breland (@alibreland). And CLICK HERE to subscribe to our newsletter.
TRUMP’S COMING FOR ELECTION MEDDLERS: President Trump signed an executive order on Wednesday allowing sanctions on foreign companies, organizations or individuals the government determines to have interfered in U.S. elections.
The order is the latest effort by the Trump administration to address fears that Russia is looking to meddle in the November midterm elections, much like it did during the 2016 presidential race.
{mosads}”This clearly is a process put in place to try and ensure we are doing every possible thing we can to prevent any interference in our election,” Director of National Intelligence Dan Coats told reporters.
Trump has repeatedly cast doubt on whether Moscow interfered in the 2016 election, triggering criticism from lawmakers in both parties that his administration has not done enough to deter Russia and other state actors from running online disinformation campaigns or hacking into state voting systems.
Wednesday’s order is designed to address those concerns by showing the president and his team are taking the threat seriously.
“I think his actions speak for themselves,” national security adviser John Bolton said of Trump, adding that the president “cares deeply” about preventing foreign election interference.
BUT… Lawmakers say they still want to pass sanctions against Russia after Trump’s executive order, saying more needs to be done to respond to Moscow’s actions against the U.S.
“The best that can be said is that Donald Trump is sending mixed signals about interference in the U.S. election,” said Sen. Elizabeth Warren (D-Mass.).
Sen. Mike Crapo (R-Idaho), the chair of the Senate Banking, Housing and Urban Affairs Committee, called the order “a good step” but said his committee would still likely put up legislation requiring Russian sanctions.
And Sens. Marco Rubio (R-Fla.) and Chris Van Hollen (D-Md.), who jointly introduced legislation that would impose penalties for election interference earlier this year, said in a statement Wednesday the order “does not go far enough to address” malicious activity by foreign entities.
“Mandatory sanctions on anyone who attacks our electoral systems serve as the best deterrent,” the senators said. “We must make sure Vladimir Putin’s Russia, or any other foreign actor, understands that we will respond decisively and impose punishing consequences against those who interfere in our democracy.”
Sen. Mark Warner (D-Va.), the ranking Democrat on the Senate Intelligence Committee, also urged lawmakers to continue work on Rubio and Van Hollen’s legislation, characterizing Wednesday’s order as a move by other administration officials to force Trump to take action against Russia.
“In effect, what the executive order does and what this legislation does, it take that decision away and says if there’s a finding made then our country will take the following actions…because this commander in chief, at least in the case of Russian intervention, has not acted responsibly,” he said.
SPEAKING OF HACKERS: A renowned Russian hacker on Wednesday pleaded guilty in a U.S. District Court for his involvement in the Kelihos botnet, a global network of hijacked computers that he used to obtain users’ private or financial information.
The Kelihos botnet harvested thousands of login credentials, spewed out a bulk of spam e-mails and installed malicious software on these computer networks, according to a Justice Department press release.
“For over two decades, Peter Levashov operated botnets which enabled him to harvest personal information from infected computers, disseminate spam, and distribute malware used to facilitate multiple scams,” Assistant Attorney General Benczkowski said in a statement.
Spanish authorities apprehended Levashov on a U.S. warrant last year.
Levashov has claimed he worked for Russian President Vladimir Putin’s party, doing work on its behalf.
HACK THE DEPARTMENT OF HOMELAND SECURITY? Rep. John Ratcliffe (R-Texas), head of the House Homeland Committee’s Cybersecurity and Infrastructure Protection subcommittee, is planning to introduce an amendment on Thursday that will include some technical changes to a bill that aims to bring the “Hack the Pentagon Bug Bounty Program” to the Department of Homeland Security.
The bill, which was introduced by Rep. Kevin McCarthy (R-Calif.), would direct DHS to establish a vulnerability disclosure policy at the agency.
“As our understanding of cyber threats continues to mature, so should our approach in defending federal networks. Enabling the legal testing and disclosure of vulnerabilities on DoD websites spurred technologists and innovators across the globe to report thousands of security gaps over the past couple of years,” Ratcliffe said in the statement to The Hill.
“I’m looking forward to implementing a vulnerability disclosure policy at DHS through Leader McCarthy’s H.R. 6735, so we can leverage assistance from people who want to proactively contribute to bolstering the cybersecurity of our nation.”
Keep an eye out on his amendment as the committee does a markup tomorrow.
Q’D UP: Reddit has banned a forum dedicated to the QAnon conspiracy theory, saying users repeatedly violated its content policies.
“As of September 12, r/greatawakening has been banned due to repeated violations of the terms of our content policy,” a Reddit spokesperson said in a statement to The Hill. “We are very clear in our site terms of service that posting content that incites violence, disseminates personal information, or harasses will get users and communities banned from Reddit.”
QAnon followers believe in a vague and far-reaching conspiracy theory that posits a “deep state” plot against President Trump and a vast pedophile ring among elites.
Their theories are spurred by a poster or a group of posters that goes by the pseudonym “Q.”
Reddit’s been doing work here: The move is a part of the platform’s broader move undertaken this year to deal with troublesome parts of its platform. It’s long positioned itself a free speech haven, but has acknowledged that there are things it’s no longer willing to be a home for.
In line with this, on Tuesday, it banned r/milliondollarextreme, one of the largest groups where users frequently shared white nationalist content.
FCC DELAYS MERGER REVIEW: The Federal Communications Commission (FCC) wants more time to review the proposed T-Mobile–Sprint merger.
The agency announced Tuesday that it was pausing its informal 180-day “shot clock” to review the transaction in order to give its staff more time to review recent filings from the two companies.
“Additional time is necessary to allow for thorough staff and third-party review of newly-submitted and anticipated modeling relied on by the Applicants,” the commission wrote in a letter to the companies.
Big picture: The move itself is not a major obstacle for the merger, which needs both the FCC and the Justice Department’s approval. But the deal has generated significant opposition from consumer groups
SWERVE: A former director of the National Security Agency (NSA) on Tuesday split with other former intelligence officials who signed a letter condemning President Trump’s decision to revoke former CIA Director John Brennan’s security clearance.
In Mike Rogers’s first public appearance since retiring from his dual-hat role as NSA director and chief of Cyber Command under Trump, Rogers criticized the decision of other former senior officials who spoke out against the president on Brennan’s behalf — all while sharing the same stage with some of the signees at a panel discussion.
Sitting alongside former CIA Director Michael Hayden and former Director of National Intelligence James Clapper — both frequent critics of the president who signed the letter — Rogers dismissed the sentiment behind it, saying he did not believe it was the best way to fight the president’s controversial decision.
Rogers gave two reasons: It wouldn’t be effective and it may impact the work of current intelligence officials.
“I just thought to [see] a group of former senior intelligence officials complaining about how another former senior intelligence individual is being treated — I’m not sure is the most effective way to address a very valid concern,” Rogers said at the Hayden Center event, “Secrets, Presidents, and Dissent,” hosted at the George Mason University’s Schar School. Rogers also noted that this move could complicate matters for the men and women in the intelligence community.
“As a guy who was on the inside for part of this … I said, ‘Guys, this is not helpful,'” Rogers said.
“We must ensure that nothing we do calls into question the objective nature of intelligence,” Rogers continued, noting that this is what he stressed to his teams while working for the government.
OH NOW YOU TELL US: Rogers also refuted a report last year that claimed Trump asked him and another top intelligence official to publicly deny there was collusion between the Trump campaign and Russia.
The Washington Post, citing current and former officials, reported in March 2017 that the president asked Rogers and Director of National Intelligence (DNI) Dan Coats to push back on the federal probe and that the two intelligence officials refused.
Rogers said no such conversations occurred — a pushback that has come to light — roughly 18 months after the Post published the story.
“I was never asked that,” Rogers said at the event.
Rogers said he would never have accomplished anything if he spent his time trying to correct every erroneous press report.
When pushed, Rogers noted that he did not have conversations about collusion with either Trump or Vice President Mike Pence. “I’ve never been directed to do anything.” Read more here.
BAD NEWS FOR TECH IN EUROPE: Technology companies that neglect to take down online terrorist content could face heavy fines from Europe in the future.
The European Commission on Wednesday proposed new legislation that would penalize internet platforms like Facebook and YouTube for not removing extremist content quickly.
The proposal would require technology companies to remove such content within an hour of it being flagged by the government.
“One hour is the decisive time window, when the greatest damage can take place,” European Commission President Jean-Claude Juncker told the European Parliament during his state of the union address Wednesday.
Under the proposed rules, companies that don’t remove content within the one-hour timeframe face steep fines rising to as much as 4 percent of their global revenue for the previous year.
THAT’S NOT ALL FROM EUROPE: The European Parliament on Wednesday voted to approve controversial intellectual property legislation aimed at updating copyright laws to the benefit of news publishers.
The Copyright Directive is a proposal meant to protect works for its creators.
A number of large technology companies vigorously oppose the measures, but Europe’s largest news agencies have called for the law to pass, saying that companies like Google and Facebook have hurt their ad revenues.
“This is a great day for Europe’s creators,” Helen Smith, executive chair of European music body Impala, which represents a number of popular music acts, said to The Guardian. “The parliament has sent a clear message that copyright needs to be modernized to clarify obligations of platforms with regard to the creative works they distribute.”
Critics argue that the measures are bad for businesses.
TECH EXECS ARE COMING BACK TO THE HILL: Executives from Google, Apple and Amazon will testify before the Senate Commerce Committee later this month on consumer data privacy, the panel announced Wednesday.
The Sept. 26 hearing will also feature legal and privacy executives from AT&T, Twitter and telecom company Charter. No representatives from Facebook were included on the list of witnesses released Wednesday, nor were any privacy or consumer advocates.
The hearing, titled “Examining Safeguards for Consumer Data Privacy,” comes as various lawmakers, trade groups and consumer advocates float the idea of Congress implementing a set of national privacy standards.
SENATE WANTS STATE TO IMPROVE ITS CYBER: A bipartisan group of Senators is pressing the State Department to adopt what they call basic cybersecurity measures and are criticizing the agency for not employing multifactor authentication measures to protect employees against cyberattacks.
Sens. Ron Wyden (D-Ore.), Cory Gardner (R-Colo.), Ed Markey (D-Mass.), Rand Paul (R-Ky.), and Jeanne Shaheen (D-N.H.) on Tuesday sent a letter that urged Secretary of State Mike Pompeo to employ more multifactor authentication measures to secure the agency’s information systems. Multi-factor authentication helps protect against phishing attacks that usually aim to steal user data.
“We are sure you will agree on the need to protect American diplomacy from cyber attacks, which is why we have such a hard time understanding why the Department of State has not followed the lead of many other agencies and complied with federal law requiring agency use of [multifactor authentication],” the senators wrote to Pompeo.
“The Department of State’s Inspector General (IG) found last year that 33% of diplomatic missions failed to conduct even the most basic cyber threat management practices, like regular reviews and audits. The IG also noted that experts who tested these systems ‘successfully exploited vulnerabilities in email accounts of Department personnel as well as Department applications and operating systems,’ ” the letter continues.
The lawmakers asked Pompeo questions about what State has done to boost its security after the Office of Management and Budget (OMB) designated the agency’s cyber readiness as “high risk,” how the agency will address the lack of multifactor authentication that is required by law and for statistics that detail the department’s cyber incidences over the last three years.
The lawmakers asked Pompeo to answer these questions by October 12.
ANOTHER DAY, ANOTHER MCCARTHY TECH DIG: House Majority Leader Kevin McCarthy (R-Calif.) slammed Google on Wednesday as part of his ongoing criticism of the company’s alleged bias against conservatives.
The California Republican during an interview with Fox News on Wednesday slammed the company for its work with China, its search results accidentally showing one of the ideologies of the California Republican Party as “Nazism” and for work it did to mobilize the Latino vote.
“It’s their own executive that they said they have a silent donation where they tried to help people to help Hillary,” he said, referencing a report by Fox News‘s Tucker Carlson that described an email sent by Google’s Multicultural Marketing department head.
Google tries to shut it down: A Google spokesperson said in a statement to The Hill that the employee had expressed personal views and not those of the company.
“The employee’s email is an expression of her personal political views about the outcome of the 2016 election and those views do not reflect any official stance by the company,” the spokesperson said. “We have nearly 90,000 employees comprising a broad array of political affiliations. The email itself explicitly notes that she is speaking personally, and that Google’s efforts were non-partisan.
INSTA TAKES AIM AT OPIODS: Instagram is rolling out a new “get support” pop-up feature to offer resources to users who may be struggling with opioid or substance abuse.
The feature will launch in the U.S. on Wednesday and will eventually be available globally, according to BuzzFeed News.
With the new feature, Instagram users who search drug-related hashtags like #opioid or #uppers will see a menu pop-up that includes a link to a page containing information about resources to address substance abuse.
APPLE’S HEALTH KICK: Apple on Wednesday unveiled its latest Apple Watch, which includes an FDA-approved electrocardiogram (ECG) app that will allow users to record and monitor their heart activity.
“The completely redesigned Apple Watch Series 4 continues to be an indispensable communication and fitness companion, and now with the addition of groundbreaking features, like fall detection and the first-ever ECG app offered directly to consumers, it also becomes an intelligent guardian for your health,” Apple chief operating officer Jeff Williams said Wednesday.
The app will alert users of any abnormal cardiovascular activity or if their heart rate goes above or below certain thresholds.
AN OP-ED TO CHEW ON: Learning to improve resiliency against cyberattacks.
A LIGHTER TWITTER CLICK: Device launches are hard.
NOTABLE LINKS FROM AROUND THE WEB:
Google knows where you’ve been, but does it know who you are? (The New York Times)
Apple unveils its largest, most expensive iPhone. (The Wall Street Journal)
BSA, the Software Alliance releases its privacy framework.
An explainer of the largest white nationalist group that was just banned from Reddit. (BuzzFeed)
Copyright 2023 Nexstar Media Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.