Welcome to Hillicon Valley, The Hill’s newsletter detailing all you need to know about the tech and cyber news from Capitol Hill to Silicon Valley. If you don’t already, be sure to sign up for our newsletter with this LINK.
Welcome! Follow our cyber reporter, Maggie Miller (@magmill95), and tech reporter, Chris Mills Rodrigo (@chrisismills), for more coverage.
SEND IN THE TROOPS: As the world continues to grapple with the COVID-19 pandemic, a related crisis has emerged.
ADVERTISEMENT
Hackers are taking advantage of the increased reliance on networks to target critical organizations such as health care groups and members of the public, stealing and profiting off sensitive information and putting lives at risk.
But cyber criminals are increasingly coming up against an army of information security professionals worldwide, who have come together over the past months to fight a quiet daily war online to block the efforts of hackers.
Thousands of professionals step up: One network of these white hat hackers is the nonprofit COVID-19 CTI League, which is made up of more than 1,400 volunteers in 76 countries and 22 different time zones from sectors including information security, telecommunications and law enforcement.
The group’s goal is to thwart efforts by criminal organizations to dismantle critical systems, including those that overworked hospitals rely on to ensure treatment for patients suffering from COVID-19.
Marc Rogers, the executive director of cybersecurity at software group Okta and one of the leaders of the CTI League, told The Hill that the mobilization of internet security professionals during the pandemic made him optimistic about fighting back.
“There is a literal army of infosec people out in the community who are working to protect these establishments,” Rogers said. “We haven’t seen any catastrophic situations yet, and I’m quietly hopeful that that’s because of the proactive work that all of these groups are doing.”
The group was only established in early March but has grown by leaps and bounds as members have quickly joined in the effort to defend vulnerable systems from attack.
ADVERTISEMENT
Making progress: According to an initial progress report published by the group this week, members have assisted law enforcement in taking down almost 3,000 cybercriminal assets online, and identified more than 2,000 cyber vulnerabilities at hospitals, health care groups and supporting facilities.
The CTI League is not the only new group formed in order to address increasing cyber threats.
C5 Capital helped bring together and form the Cyber Alliance to Defend Our Healthcare last month. The group was formed after cybersecurity portfolio groups managed by C5 began reporting spikes in cyberattacks on both the United Kingdom’s and Sweden’s health systems, and is currently made up of over a dozen top cybersecurity groups lending their skills to defend these networks.
“We were beginning to get calls from all over Europe in particular that there was a significant escalation in cyberattacks from March onward,” C5 Founder Andre Pienaar told The Hill. “We decided we had to do something to help, and launched the Cyber Alliance to Defend Our Healthcare as part of a transatlantic effort to protect the crucial care provided by hospitals and clinics.”
And health care organizations, where IT staffers are overworked and on the front lines of the COVID-19 pandemic, desperately need these protections.
Read more about the virtual defense efforts here.
DISINFORMATION EFFORTS INTENSIFY: U.S. intelligence officials have reportedly determined that Chinese operatives helped spread messages that aimed to spark alarm about the coronavirus pandemic starting in mid-March.
The New York Times, citing six American officials across different intelligence agencies, reported Wednesday that the messages prompted the intelligence apparatus to examine the new techniques China, Russia and other nations are using to spread disinformation about the outbreak.
In particular, they were startled by the ability of the disinformation campaign to pop up in the form of text messages on many Americans’ cellphones, an amplification technique that some of the officials told the Times they had not seen before.
NSC forced to respond: Many of the messages shared a common theme in which the receivers were encouraged to share the warnings that President TrumpDonald John TrumpGOP lawmaker calls McConnell remarks on state bankruptcy ‘shameful and indefensible’ Newsom wants to train 10,000 contact tracers in California Biden leads in three crucial Rust Belt states: Poll MORE was poised to lock down the country in a mandatory quarantine. The spread of the messages became so far-reaching that the White House National Security Council (NSC) publicly denounced the rumors as “FAKE.”
“Text message rumors of a national #quarantine are FAKE. There is no national lockdown,” the NSC tweeted at the time.
The messages often claimed that they heard from a close friend or family member who works at the Department of Homeland Security, the Pentagon or some other government agency that the government was preparing for a full-scale lockdown.
“I received a call very late last night from a source that works for Homeland security. He said that they are preparing to mobilize the national guard. Preparing to dispatch them across the US along with military. Next they will call in 1st responders. He said they are preparing to announce a nationwide 1 week quarantine for all citizens,” one of the messages read.
ADVERTISEMENT
Read more about the disinformation efforts here.
WE KNOW WHERE YOU LIVE: Facebook announced Wednesday that it will begin indicating the country of origin for some election-related posts in an attempt to curb political misinformation.
The feature will be piloted in the United States, starting with Facebook pages and Instagram accounts that are based outside of the country but that primarily reach American audiences.
For example, an account on either platform targeting American voters but located in Brazil will include a “Based in Brazil” label.
Users will be able to swipe up for more information about the accounts.
“These changes are part of our broader efforts to protect elections and increase transparency on Facebook and Instagram so people can make more informed decisions about the posts they read, trust and share,” product managers Anita Joseph and Georgina Sheedy-Collier wrote in a blog post.
ADVERTISEMENT
Facebook has taken several steps to limit foreign election influence on its platform since 2016.
Read more about the change here.
BRINGING HACKERS TO JUSTICE: The Justice Department on Wednesday said it had notified domain hosts about hundreds of websites that were attempting to exploit coronavirus concerns to scam or compromise network security.
The move came after the FBI’s Internet Crime Complaint Center received about 3,600 complaints related to COVID-19 scams, according to Department of Justice (DOJ). Many of the scams involved websites hawking coronavirus cures and vaccines or sites attempting to install malware viruses on networks.
Some of the sites were masquerading as public health organizations, such as the American Red Cross, or were trying to trick users into entering bank account details.
Skyrocketing complaints: Last week a senior FBI official said that the agency was receiving between 3,000 and 4,000 cybercrime complaints a day, up from an average of 1,000 per day before the pandemic.
ADVERTISEMENT
The DOJ said Wednesday that federal agencies referred complaints to the companies that host the sites. Most have since been taken down, according to DOJ.
“The department will continue to collaborate with our law enforcement and private sector partners to combat online COVID-19 related crime,” Assistant Attorney General Brian Benczkowski of the Justice Department’s Criminal Division said in a statement. “We commend the responsible internet companies that are taking swift action to prevent their resources from being used to exploit this pandemic.”
Read more about the operation here.
TIME TO DOWNLOAD THAT UPDATE: Hackers may have been able to exploit and access iPads and iPhones for years through newly discovered vulnerabilities on Apple’s email software, research released this week by cybersecurity group ZecOps found.
According to ZecOps, hackers sent blank emails through the Mail app that caused it to slow down or crash, which then allowed the hackers to gain access to the device and steal data such as photos or contacts. The initial email that allowed them into the device would then be deleted to cover their tracks.
The company wrote that it assessed with “high confidence” that the vulnerabilities were used by “advanced threat operators,” including at least one nation state, to target certain iPhone and iPad users.
Apple says it will respond: While Apple did not immediately respond to The Hill’s request for comment on the vulnerabilities, a spokesman for the company told Reuters that Apple will develop patches that will be rolled out on an upcoming software update.
ZecOps Founder and CEO Zuk Avraham told Reuters that his company had found evidence that the vulnerabilities were used by hackers at least six times to break into devices.
According to the report on the vulnerabilities, ZecOps discovered that the targets of the six attacks included a journalist in Europe, staffers at a North American Fortune 500 company, and a VIP from Germany, among others.
ZecOps wrote that the attacks began in early 2018 and that “it is likely that the same threat operators are actively abusing these vulnerabilities presently,” potentially doing so prior to 2018.
Read more about the vulnerabilities here.
A WARNING FROM GOOGLE: Google reported Wednesday that it had tracked at least a dozen foreign government-backed groups attempting to use information around the COVID-19 pandemic to target cyberattacks at the healthcare sector and the public.
Shane Huntley, a member of Google’s Threat Analysis Group (TAG), wrote in a blog post that his team had seen these threat groups “using COVID-19 themes as lure for phishing and malware attempts—trying to get their targets to click malicious links and download files.”
A major target of these attempted attacks are international and national healthcare organizations, along with their staffers, with the threat groups in some cases sending emails with fake links to the login page of the World Health Organization (WHO). Google traced some of this activity to a cybercrime group known as “Packrat,” which is based out of South America.
Health sector not the only target: Huntley wrote that while Google was adding additional security protections to higher-risk accounts as a result of its findings, it was clear that “health organizations, public health agencies, and the individuals who work there are becoming new targets as a result of COVID-19.”
But healthcare groups were not the only target, as hacker groups attempt to benefit from the COVID-19 crisis.
“Our security systems have detected examples ranging from fake solicitations for charities and NGOs, to messages that try to mimic employer communications to employees working from home, to websites posing as official government pages and public health agencies,” Huntley warned.
Read more about Google’s findings here.
ZOOM STEPS UP SECURITY: Video conferencing service Zoom rolled out an update Wednesday to enhance the security of its teleconferencing app and make it easier to block intruders.
The Zoom 5.0 version of the app will release within the week and will include upgraded encryption features, the company said.
Zoom has exploded in popularity as the coronavirus pandemic confines people to their homes. The platform reported 200 million daily users in March, a big leap from 10 million in December.
But it has faced a backlash over a multitude of security and privacy issues, including vulnerabilities that have led to uninvited guests being able to access and disrupt meetings through “Zoom-bombings.”
The updates announced Wednesday largely focus on addressing that vulnerability.
Read more about Zoom’s recent security efforts here.
DELAYED BENEFITS: Some drivers for Uber and Lyft who have lost work due to the coronavirus pandemic are accusing the ride-hailing firms of slow-walking unemployment benefits, though the companies say they are working with states to deliver financial assistance to drivers.
Ruthie Como, a Florida-based Uber driver, told CBS News she applied for unemployment at the end of March and was unable to obtain a phone number for the state to use to verify her previous employment, telling her to instead use the general service number. She said she was rejected for benefits when that number was not recognized.
“I’ve told Uber support this a few times, and have [been] given the same answer: ‘This is the only number we have at this time, [unemployment insurance] can call us to verify your status with us,'” Como told CBS.
Kristie Contine, who drove full time for Lyft in San Diego, said she applied for benefits March 25 and that a customer service rep for the company refused to provide her quarterly earnings for her to enter into the unemployment app.
When she calculated her income herself using the Lyft app, Contine said she was told about 10 days later that she was not entitled to any money.
Read more here.
FACEBOOK INVESTS: Facebook announced Tuesday it will invest $5.7 billion in the telecom branch of Indian company Reliance Industries.
Facebook said the investment, which makes it the largest minority shareholder in Jio Platforms Limited, will focus on connecting people with small businesses by linking its messaging platform WhatsApp with Reliance’s e-commerce tool JioMart.
“India is in the midst of one of the most dynamic social and economic transformations the world has ever seen, driven by the rapid adoption of digital technologies. In just the past five years, more than 560 million people in India have gained access to the internet,” the company said in a statement.
“Our goal is to enable new opportunities for businesses of all sizes, but especially for the more than 60 million small businesses across India.”
Read more here.
Lighter click: Mr. Senator r u ok
An op-ed to chew on: Prison phone companies are profiting from a pandemic, here’s how the FCC can help
NOTABLE LINKS FROM AROUND THE WEB:
The jury is still out on Zoom trials (Verge / Zoe Schiffer)
‘Pure hell for victims’ as stimulus programs draw a flood of scammers (The New York Times / Nathaniel Popper)
Vietnamese cyber espionage targets to China’s coronavirus response efforts (CyberScoop / Shannon Vavra)