Today is Thursday. Welcome to Hillicon Valley, detailing all you need to know about tech and cyber news from Capitol Hill to Silicon Valley. Subscribe here: thehill.com/newsletter-signup.
Malicious cyber activities linked to Russia over the past year were laid bare, with Microsoft and Mandiant releasing reports showing a rise in cyberattacks, particularly those aimed at the U.S and healthcare groups in particular.
Meanwhile, Google and YouTube took a step to confront climate change deniers, and two senators introduced legislation to protect the digital privacy of Americans crossing the border.
Let’s jump in.
Russia has indeed been sketchy online this year
Cyberattacks originating in Russia accounted for more than half of intrusions tracked by Microsoft since mid-2020, the company said in a report released Thursday.
New report: The findings were detailed in Microsoft’s annual Digital Defense Report. The company said it tracked threat activity from a number of countries, but found that 58 percent of attacks reported by customers originated in Russia, followed by North Korea at 23 percent.
“Over the past year, Russia-based activity groups have solidified their position as acute threats to the global digital ecosystem,” the report states. “They have also shown a high tolerance for collateral damage, which leaves anyone with connections to targets of interest vulnerable to opportunistic targeting.”
The report went on to say that more than 90 percent of the Russian-linked threat activity was carried out by a threat group Microsoft named “Nobelium,” which the company blamed in May for using a U.S. Agency for International Development email marketing account to target hundreds of organizations in two dozen countries, including government agencies.
U.S. hit hard: Microsoft found that the U.S. was the most targeted nation by far, accounting for almost half of attacks between July 2020 and June 2021. By contrast, Ukraine was the second most targeted country, with 19 percent of threat activity aimed within its borders.
Read more about the findings here.
Illustrating the continuing cyber threats linked to Russia, cybersecurity group Mandiant released research Thursday finding that a Russian-speaking cyber criminal group is disproportionately using ransomware attacks to target hospitals and health care groups across North America as the COVID-19 pandemic continues.
Mandiant labeled the group “FIN12,” noting that it has been in existence since at least 2018, but was increasingly hitting organizations in North America with annual revenues of more than $300 million with ransomware attacks.
According to Mandiant, one in five of FIN12’s victims were health care groups, many of which operate hospitals, while other victims have included groups in business services, education, finance, government, manufacturing, retail and technology.
Read more about these findings here.
A MESSAGE FROM AEP
Nine-in-Ten Voters in Key Frontline Districts Support Candidates Who Ensure U.S. Tech Remains Globally Competitive
A new survey released by Ipsos in partnership with the American Edge Project (AEP) shows that voters in frontline districts want their elected officials to focus on issues of national security, jobs, and health care as opposed to breaking up tech companies.
See the poll here.
Big Tech takes a stand on climate change
Google announced a new policy Thursday prohibiting the monetization of content that contradicts the scientific consensus on climate change.
That means that Google advertisers and publishers and YouTube creators will not be able to make ad revenue off of climate denialism.
“Advertisers simply don’t want their ads to appear next to this content. And publishers and creators don’t want ads promoting these claims to appear on their pages or videos,” the Silicon Valley giant said in a blog post.
The new prohibition marks some of the more aggressive action that a tech platform has taken against misinformation about climate change.
Google said Thursday that it consulted with representatives from the United Nations Intergovernmental Panel on Climate Change Assessment Reports to develop the policy.
Read more about the decision here.
GET A WARRANT
Sens. Ron Wyden (D-Ore.) and Rand Paul (R-Ky.) introduced legislation Thursday that would require law enforcement to obtain a warrant before searching Americans’ phones and laptops at the border.
The Protect Data at the Border Act would apply Supreme Court precedent requiring probable cause to search electronic devices after arrests to border crossings.
The government has claimed an exception to the Fourth Amendment’s broad warrant requirement for activities at the border despite a lack of statutory clarity on the matter.
“Traveling near the border shouldn’t give the government a free pass to throw out our rights and thumb through our phones without any suspicion of wrongdoing,” Wyden said in a statement.
Read more about the bill here.
ELECTION SECURITY CONCERNS
Republicans lawmakers in North Carolina said that they want to inspect voting machines that were used during the 2020 presidential election in Durham County to see if they could have been connected to the internet, which is illegal in the Tar Heel State.
Rep. Jeff McNeely, a North Carolina Republican and member of the freedom caucus, said he and other members of the group pulled Durham County out of a hat that had the name of all 100 North Carolina counties, according to WRAL.
McNeely, during a news conference, said he and other Republicans want to inspect the voting machines because of “many, many millions of accusations” of “machine tampering and votes being switched because of modems, according to WRAL.
Read more here.
A MESSAGE FROM AEP
Ipsos + AEP frontline district poll across 32 districts found that:
There is virtually no constituency for breaking up U.S. tech companies. Despite recent efforts to break up U.S. tech companies, just 14% support such a move, including just 15% of Democrats, 12% of independents, and 12% of Republicans.
Voters believe breaking up tech companies will harm the economy, national security, and small businesses.
The poll results make it clear that policymakers who are pushing misguided tech regulation are out of touch with voters.
See the poll here.
YET ANOTHER BAD DAY FOR FACEBOOK
A Russian court has ordered Facebook to pay more than $350,000 in fines for not taking down unlawful posts.
The Tagansky District Court in Moscow directed Facebook to pay 26 million rubles, more than $361,000, to bailiffs after Facebook did not pay their fines, according to The Associated Press, citing court officials.
Roskomnadzor, a Russian state communications watchdog, reportedly requested that Russian courts financially penalize Facebook because it did not take down content that was illegal, including posts that endorsed unsanctioned protests against the Kremlin.
So far this year Facebook has been ordered by Roskomnadzor to pay 80 million rubles, the equivalent of $1.1 million, in fines, but it has failed to do so, according to the AP.
Read more here.
BITS AND PIECES
An op-ed to chew on: Foreign COVID misinformation helps fuel public health skepticism
Lighter click: Happens all the time to everyone
Notable links from around the web:
Ransomware hackers find vulnerable target in US grain supply (NBC News / Kevin Collier)
Google blocked Russian government phishing emails targeting 14,000 users (Vice Motherboard / Lorenzo Franceschi-Bicchierai)
DEA Went Undercover to Infiltrate a Vigil for George Floyd (Gizmodo / Dell Cameron)
One last thing: Facebook whistleblower testifying again
Facebook whistleblower Frances Haugen, who testified before Congress on Tuesday about her former employer, will be meeting with House committee investigating the Jan. 6 attack on the Capitol, CNN reported, citing three sources.
The House select committee could hear from Haugen as early as Thursday, according to the network. The lawmakers on the committee are tasked with investigating the events surrounding the Jan. 6 insurrection, in which supporters of former President Trump stormed the Capitol in an effort to stop Congress from certifying Joe Biden’s 2020 election win.
CNN reported that the committee wants to know from Haugen how the platform was used to organize and encourage the violent protest.
Read more here.
That’s it for today, thanks for reading. Check out The Hill’s technology and cybersecurity pages for the latest news and coverage. We’ll see you Friday.