Hillicon Valley: WhatsApp issues fix after spyware breach | Pompeo warns Russia against interference | Florida gov confirms election hacking | Federal labor board’s lawyer calls Uber drivers contractors | Graham zeroes in on 5G security
Welcome to Hillicon Valley, The Hill’s newsletter detailing all you need to know about the tech and cyber news from Capitol Hill to Silicon Valley. If you don’t already, be sure to sign up for our newsletter with this LINK.
Welcome! Follow the cyber team, Olivia Beavers (@olivia_beavers) and Maggie Miller (@magmill95), and the tech team, Harper Neidig (@hneidig) and Emily Birnbaum (@birnbaum_e).
WHATS-APPENING: WhatsApp is urging its users to update their apps after the company worked to fix a vulnerability that was reportedly exploited to target a human rights lawyer in the United Kingdom.
“WhatsApp encourages people to upgrade to the latest version of our app, as well as keep their mobile operating system up to date, to protect against potential targeted exploits designed to compromise information stored on mobile devices,” a WhatsApp spokesperson said in a statement. “We are constantly working alongside industry partners to provide the latest security enhancements to help protect our users.”
Back story: The Financial Times reported on Monday night that software developed by the Israeli private intelligence firm NSO Group could be used to compromise phones simply by calling them through the app, even if the recipient didn’t answer.{mosads}
According to the Times, the exploit had been used to target an unnamed human rights lawyer in the U.K. representing dissidents from Mexico and Saudi Arabia.
NSA responds: An NSO spokesperson said that it would investigate any misuse of its software, which has been used by governments like Saudi Arabia, the United Arab Emirates and Mexico.
“NSO’s technology is licensed to authorized government agencies for the sole purpose of fighting crime and terror. The company does not operate the system, and after a rigorous licensing and vetting process, intelligence and law enforcement determine how to use the technology to support their public safety missions. We investigate any credible allegations of misuse and if necessary, we take action, including shutting down the system.”
What’s next?: WhatsApp has fixed the vulnerability and is urging its 1.5 billion users to keep their apps and their mobile operating systems updated.
The company believes a select group of users were targeted with the exploit and is briefing human rights organizations about the vulnerability, according to a person familiar with the matter. WhatsApp has also notified law enforcement in the U.S., the person said.
HEY DON’T DO THAT: Secretary of State Mike Pompeo said Tuesday that he told Russian Foreign Minister Sergey Lavrov that the United States would not tolerate future Russian interference in American elections.
Speaking to reporters at a news conference in Sochi, Pompeo said he told Lavrov that “interference in American elections is unacceptable and if the Russians were engaged in that in 2020 it would put our relationship in an even worse place than it has been.”
“We would not tolerate that,” Pompeo said.
President Trump’s chief diplomat has faced pressure from Democrats to take a hard line on Russia’s election interference during his meeting with Russian officials this week. Pompeo said Tuesday that the U.S. was opposed to interference from any country.
“We’ve said this not only about the Russians but about other countries as well,” he told reporters. “Our elections are important and sacred and they must be kept free and fair and with no outside country interfering.”
Pompeo spoke to reporters after meeting with Lavrov in the Black Sea resort of Sochi. The two said they discussed a variety of bilateral and global issues, including arms control, the political upheaval in Venezuela, North Korean denuclearization and Iran.
Read more on Pompeo’s remarks here.
FLORIDA GOV CONFIRMS ELECTION HACKING: Florida Gov. Ron DeSantis (R) said Tuesday that Russian hackers successfully gained access to voter data in two counties during the 2016 presidential election.
DeSantis’s remarks come after he met with representatives from the FBI and Department of Homeland Security (DHS) about Moscow’s 2016 cyber efforts in his state, a briefing that came weeks after the release of special counsel Robert Mueller’s report about interference in the election.
“As many of you know, I recently met with the FBI concerning the election issue mentioned in the Mueller report,” DeSantis said during a press conference.
“Two Florida counties experienced intrusion into the Supervisor of Election networks. There was no manipulation or anything, but there was voter data that [hackers were] able to get. Now, that voter data was public anyways. Nevertheless, those were intrusions. It did not affect any voting or anything like that,” he continued.
What Mueller said: Mueller wrote in his report that his office accepted the FBI’s assessment that the GRU, Russia’s intelligence service, gained “access to the network of at least one Florida county government.”
According to the Mueller report, the GRU operatives sent “spearphishing emails to over 120 email accounts used by Florida county officials responsible for administering the 2016 U.S. election.” The emails included an attached Word document that had malware coded into it, which allowed the Russian hackers to infect the computers if the attachment was opened.
Mueller noted that his office “did not independently verify” the assessment of the hack from the FBI, which took the lead on the intrusion investigation.
What we don’t know: DeSantis said the FBI was working with the two counties at the time, and that county officials knew about the intrusion prior to the 2016 election.
He declined, however, to identify the counties, noting that he had “signed a disclosure agreement.”
“I’m not allowed to name the counties,” DeSantis said.
GRAHAM ZEROES IN ON 5G SECURITY CONCERNS: Senate Judiciary Committee Chairman Lindsey Graham (R-S.C.) on Tuesday pressed the Trump administration to work with Congress on combatting security threats from 5G wireless technology, including stopping business with countries using Chinese technologies.
“You’ve got hardening our critical infrastructure here at home that is mostly private sector based,” Graham said, during a hearing of his committee on 5G national security threats. “Now we’ve got a developing technology called 5G that if China dominates this market, we may not be able to do normal business or function normally, and we are sitting around looking at each other.”
Graham added “we’ve got a bunch of bills being introduced, but it’s going to take administrative leadership, it’s going to take the Trump administration working with Congress, to deal with both problems.”
Graham promised to “restart the conversation” around securing critical technology against threats from countries such as China and vowed to offer foreign allies “a better alternative than what China has on the table” in regards to 5G, including options other than doing business with Chinese telecommunications company Huawei.
Following the hearing, Graham discussed the idea of not doing business with foreign governments that utilize Chinese technology in order to lower national security threats.
“It seems to me the policy of the United States is that the criteria we are asking foreign government to meet can never be met with the current China,” Graham told reporters. “Until China stops being a Communist dictatorship, we are not going to support working with a country that uses their technology.”
FCC PUTS PRESSURE ON CHINA: The Federal Communications Commission (FCC) is ramping up its battle against Chinese telecom companies as the Trump administration pursues an aggressive trade strategy against China.
Analysts say the FCC’s recent action against China Mobile, and its ongoing investigations into two other Chinese telecom giants, could exacerbate tensions between the two countries amid high-stakes trade negotiations.
“If the FCC effectively wages war on Chinese tech companies in general, then that could make the Chinese government sit up and start to take notice,” Matthew Kendall, chief telecoms analyst at The Economist Intelligence Unit, told The Hill.
Where the trade talks stand: U.S.-China trade negotiations broke down without a deal last week after months of talks. The U.S. increased tariffs on $200 billion in Chinese goods and Beijing on Monday morning retaliated with tariffs on $60 billion of U.S. imports.
Neither side shows any sign of backing down.
The FCC’s role: The U.S. is escalating its pressure campaign against China on multiple other fronts, including the FCC’s increased scrutiny of Chinese telecom companies alleged to be closely tied to the ruling Communist Party of China.
FCC commissioners last Thursday voted 5-0 across party lines to block China Mobile, one of the largest telecom companies in the world, from U.S. markets over alleged national security concerns.
And at a press conference after the vote, FCC Chairman Ajit Pai revealed that the commission is looking into two other Chinese telecom companies — China Unicom and China Telecom — both of which have the same authorization that China Mobile USA was seeking.
“We must have a clear-eyed view of the threats that we face and be prepared to do what is necessary to counter those threats,” Pai said before casting his vote on China Mobile.
The application from China Mobile’s U.S. subsidiary, China Mobile USA, had languished at the FCC for eight years. The Delaware-based company first asked for authorization to provide services between the U.S. and other countries in 2011.
But the FCC didn’t pick up the matter until last week, as the U.S. and China turned up the heat in their trade talks, a decision that Gordon Smith, the CEO of telecom solutions provider Sagent, said likely was “not coincidental.”
“The telecom industry is strategic to all of our economies, and I think it’s a major trade chip that’s being used,” Smith told The Hill. “And I think U.S. action now is to get action from China on other matters.”
China Mobile weighs in: China Mobile in a statement also pointed to the amount of time it took the FCC to address its application.
“After 7 years and 8 months of application, FCC now denies CMI’s bid to operate in the U.S. without apparent reasons and basis,” China Mobile said. The company added that it hopes “the U.S. government will stop putting ‘unreasonable pressure’ on Chinese companies.”
What’s next: Experts who spoke to The Hill said the FCC’s decision to block China Mobile USA is only the latest broadside by the commission against Chinese telecom influence, and one of the many ways the Trump administration is putting pressure on China as trade talks deadlock.
“I think it’s just going to make the trade talks even more difficult,” Kendall said.
LABOR BOARD WEIGHS IN ON UBER DEBATE: The federal labor board’s top lawyer said Tuesday that Uber drivers should be classified as contractors, meaning they should not be eligible to the full range of benefits offered to full-time employees.
The National Labor Relations Board’s (NLRB) Office of the General Counsel said in an advice memo released Tuesday that the flexibility and control given to Uber drivers means they work with “entrepreneurial freedom consistent with independent-contractor status.”
“Drivers’ virtually complete control of their cars, work schedules, and log-in locations, together with their freedom to work for competitors of Uber, provided them with significant entrepreneurial opportunity,” reads the memo, which was issued last month.
The memo signals the NLRB will side with so-called gig economy companies, like Uber and Lyft, who insist that their workers should be classified as contractors rather than full-time employees.
Uber drivers and other gig economy workers have organized and rallied against this classification, saying it precludes them from fair labor practices such as minimum wage protections, the ability to form or join a union, and the full range of benefits given to employees.
Catherine Ruckelshaus, general counsel for the National Employment Law Project, told The Hill that the decision was “to be expected” from the Trump administration, which has sided largely with businesses across a range of issues.
“Workers are getting the message ‘don’t go to the U.S. government’ if they need any kind of help with their job,” Ruckelshaus said.
Read more on the advice memo here.
TWITTER TAKES ACTION ON ANTI-VAXXERS: Twitter has launched a new tool to combat vaccine misinformation on its platform following intense scrutiny from public health advocates and lawmakers over social media’s role in amplifying debunked conspiracy theories.
When Twitter users search “vaccines” or related terms, they will now receive a message with a link to the Department of Health and Human Services’s (HHS) website about vaccines.
“To make sure you get the best information on vaccinations, resources are available from the US Department of Health & Human Services,” the pop-up says with a link to vaccines.gov and the HHS Twitter handle.
“We recently launched a new tool so when someone searches for certain keywords associated with vaccines, a prompt will direct individuals to a credible public health resource,” Del Harvey, Twitter’s vice president of trust and safety, said in a blog post last Friday.
The social media giant also will no longer auto-suggest searches that “are likely to direct individuals to non-credible commentary and information about vaccines,” according to the blog post.
A change of heart: A Twitter spokesperson told The Hill in February that “Twitter’s open and real-time nature is a powerful antidote to the spreading of all types of false information.”
“We, as a company, should not be the arbiter of truth,” the spokesperson said at the time.
PRIVACY PIVOT PROBLEMS: Sen. Josh Hawley (R-Mo.) in a lengthy letter on Monday pressed Facebook CEO Mark Zuckerberg over his company’s recently announced plans to become a “privacy-oriented” platform after more than a year of scandals over its handling of user privacy.
Hawley in the six-page letter raised questions about how Facebook plans to monetize its platform once it shifts its focus to private messaging, as Zuckerberg has said the platform intends to do.
Zuckerberg two months ago announced Facebook would be reorienting itself to become a more privacy-minded platform, pledging to begin encrypting messages end-to-end with privacy features for calls, video chats, groups, stories, businesses, payments and commerce.
As part of this push, Facebook is planning on integrating its messaging services – Instagram Direct, WhatsApp and Facebook Messenger – so users can communicate across the different platforms.
Zuckerberg at a recent speech reiterated the promise to shift Facebook from a “town square” platform into one focused on encrypted messages and small groups.
“But we both know that your business model is monetizing private data, not promoting privacy,” Hawley wrote in the letter. “And we both know that platforms that tout encrypted messaging can still engage in unscrupulous data harvesting.”
“While I hope that you and your platform can play a role in building the privacy-first future, I worry that your recent announcements indicate a different intention,” Hawley, one of the most vocal tech critics in the Republican party, wrote.
The senator in the letter pressed Facebook over how it will protect users’ data once it integrates the messaging platforms and turns to a focus on Pages and Groups.
“If you succeed in capturing the encrypted messaging market, I fear that the net effect would be erosion rather than expansion of user privacy,” Hawley wrote.
Facebook did not immediately respond to The Hill’s request for comment.
Hawley also sent the letter to WhatsApp cofounders Brian Actin and Jan Koum, both of whom left Facebook after clashing with the company over data privacy.
AN OP-ED TO CHEW ON: Is the Supreme Court decision on Apple really good for consumers?
A LIGHTER CLICK: Following the market.
NOTABLE LINKS FROM AROUND THE WEB:
It’s almost impossible to tell if your iPhone has been hacked. (Vice)
Cybersecurity firm Crowdstrike files to go public. (CNBC)
AT&T will pull popular shows like Friends from streaming competitors, says CEO. (The Verge)
San Francisco poised to ban facial recognition surveillance. (The Wall Street Journal)
Copyright 2024 Nexstar Media Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.
