Overnight Cybersecurity

Hillicon Valley: Feds eye more oversight of pipelines after Colonial attack | White House monitoring fuel shortages | Democrats urge Facebook to reverse WhatsApp update | Biden announces deal with Uber, Lyft for free vaccine rides

Welcome to Hillicon Valley, The Hill’s newsletter detailing all you need to know about the tech and cyber news from Capitol Hill to Silicon Valley. If you don’t already, be sure to sign up for our newsletter by clicking HERE. 

Welcome! Follow our cyber reporter, Maggie Miller (@magmill95), and tech team, Chris Mills Rodrigo (@chrisismills) and Rebecca Klar (@rebeccaklar_), for more coverage.

The impact of the ransomware attack on Colonial Pipeline continued to make waves Tuesday, with the Biden administration and members of Congress weighing further oversight of the oil and gas sector, and officials scrambling to respond to oil shortages in portions of the country. Meanwhile, members of the Congressional Hispanic Caucus urged Facebook to reverse a privacy update for WhatsApp, and President Biden announced a partnership with Uber and Lyft to provide free rides for Americans to get COVID-19 vaccines.  

ALL ABOUT COLONIAL PIPELINE, PART TWO:

UNDER THE FEDERAL MICROSCOPE: The Biden administration and Capitol Hill are taking a closer look at the security in place for critical oil and gas utilities following the Colonial Pipeline shutdown.

Some officials have indicated that the ransomware attack on a pipeline that provides almost half of the East Coast’s energy may have unfolded as it did due to the relative lack of federal oversight of pipelines compared to other utilities.

Read more about the potential new oversight here.

 

PIPELINE SECURITY PROGRAM: House Homeland Security Committee ranking member John Katko (R-N.Y.) on Tuesday dug into federal oversight of oil and gas sector cybersecurity following the shutdown of the Colonial Pipeline.

In a letter provided to The Hill and sent to acting Cybersecurity and Infrastructure Security Agency (CISA) Director Brandon Wales, Katko raised questions around the agency’s Pipeline Cybersecurity Initiative and assessments conducted on pipeline assets as part of the program.

“In the wake of the Colonial Pipeline ransomware incident, ensuring the success, growth, and effectiveness of the Pipeline Cybersecurity Initiative is more important than ever before,” Katko wrote. 

The Pipeline Cybersecurity Initiative was founded in 2018 and involves CISA working with the Transportation Security Administration, the Department of Energy and critical infrastructure stakeholders to assess and secure U.S. pipeline systems.

Read more about the letter here. 

 

WAITING BY THE PHONE: The Department of Homeland Security’s top cyber agency said Tuesday that it has not yet received important technical information from Colonial Pipeline regarding the crippling hack that led it to shut down a key fuel pipeline last week.

Acting Cybersecurity and Infrastructure Security Agency (CISA) Director Brandon Wales told the Senate Homeland Security Committee at a hearing that Colonial Pipeline did not reach out to his agency and that CISA was brought in by the FBI to deal with the breach.

“We received information fairly quickly in concert with the FBI. Right now, we are waiting for additional technical information on exactly what happened at Colonial so that we can use that information to potentially protect other potential victims down the road,” Wales said.

Read more about Wales’s comments here. 

 

THE HACK SINKS IN: Parts of the Southeastern U.S. are seeing gasoline shortages following a cyberattack that shut down Colonial Pipeline.

As of Tuesday afternoon, nearly 8 percent of Virginia gas stations, more than 6 percent of North Carolina gas stations and more than 4 percent of Georgia gas stations were without fuel, according to Gasbuddy analyst Patrick De Haan. 

Other states, like Florida and South Carolina, also saw some outages. 

In an interview with The Hill on Monday, De Haan predicted that parts of the Southeast were likely to be at the greatest risk of shortages because it’s situated between other key markets. 

Read more here. 

White House officials said late Monday night that the administration is monitoring the shortages.

“The President continues to be regularly briefed on the Colonial Pipeline incident. The Administration is continually assessing the impact of this ongoing incident on fuel supply for the East Coast,” White House press secretary Jen Psaki said.

Read more here. 

 

STILL WANT MORE?: Here are five takeaways about the Colonial Pipeline disruption, including how it has sparked fear of gas price increases, highlighted threats from ransomware attacks, and exposed energy sector vulnerabilities. 

Read more here. 

IN OTHER NEWS: 

REVERSE THAT: Members of the Congressional Hispanic Caucus on Tuesday urged Facebook to reverse plans for a required update to its messaging platform subsidiary WhatsApp over concerns about data privacy.

WhatsApp is issuing an update to its terms and services as it allows users to talk to businesses on the platform.

WhatsApp has said that the update will not change its policies around keeping personal conversations encrypted, meaning Facebook and WhatsApp cannot read the messages.

But the Democrats wrote in a letter Tuesday that WhatsApp’s failure to commit to the same privacy policy for the messages with businesses is a “potential misuse of data,” and could lead to the use of that information for targeted advertising.

Read more about the letter

 

ON THE HOUSE: President Biden on Tuesday announced a partnership with ride-sharing companies Lyft and Uber to provide free rides for Americans to get vaccinated.

The partnership is part of a host of actions to achieve the administration’s goal of having 70 percent of adult Americans receive at least one coronavirus vaccine dose by the Fourth of July. 

The announcement comes as Biden is meeting with governors to discuss vaccine strategy and innovative ways to get more people vaccinated against COVID-19. 

Lyft and Uber will provide rides to and from tens of thousands of vaccination sites through their apps, which will allow customers to select a vaccination site near them, follow directions to redeem their ride and get a free ride to and from the site. 

Read more about the announcement

 

REJECTED: Apple rejected 1 million new apps seeking to join its App Store last year, according to a blog post released Tuesday. 

The announcement providing some details about why Apple rejected certain apps and updates was released as the Silicon Valley giant fends off a legal challenge from Epic Games in the second week of a trial in California federal court. 

The trial is centered around allegations from Epic Games accusing Apple of anticompetitive behavior for kicking Epic’s Fortnite game out of the App Store after an update to the game offered a separate payment system that circumvented Apple’s 30 percent commission fees. 

Apple’s defense is largely based around an argument that its App Store rules protect customers, and Tuesday’s blog post further promoted the claim.

Read more here. 

 

TWITTER VS. TEXAS: A federal judge in California on Tuesday dismissed a lawsuit brought by Twitter that had sought to block Texas Attorney General Ken Paxton‘s (R) office from allegedly retaliating against the company for its decision to ban former President Trump from the platform.

In a 7-page ruling, the judge said Twitter’s lawsuit was premature because Paxton has not sought to enforce his January records request related to the company’s content moderation policies.

“The court finds Twitter’s lawsuit is premature, and, as such, is subject to dismissal,” wrote U.S. District Judge Maxine Chesney, a Clinton appointee.

Read more here

 

MR (PAY) WORLDWIDE: Google Pay announced Tuesday that it is partnering with remittance companies Wise and Western Union to offer options for users in the U.S. to transfer funds abroad.

American users will now be able to transfer money to app users in India and Singapore, and Google Pay plans to expand to 80 countries through Wise and 200 via Western Union by the end of the year.

Users will be able to make unlimited free transfer with Western Union until June 16 and Wise is waiving fees on the first transfer up to $500.

Read the rest.

Lighter click: This family has it all

An op-ed to chew on: Biden needs to counter Russia and China to secure our digital future

 

NOTABLE LINKS FROM AROUND THE WEB: 

Meet DarkSide, the ransomware gang blamed for the Colonial Pipeline attack (CyberScoop / Sean Lyngaas) 

In Biden’s broadband plan, cable is in for the fight of its life (Protocol / Issie Lapowsky)

The pipeline hack is causing major mass gasoline panic buying (Vice Motherboard / Aaron Gordon) 

Semiconductor makers and users form a group to push for chip funding (The New York Times / Thomas Kaplan)