Microsoft extends free program to protect political campaigns from cyberattacks to Canada

Welcome to Hillicon Valley, The Hill’s newsletter detailing all you need to know about the tech and cyber news from Capitol Hill to Silicon Valley. If you don’t already, be sure to sign up for our newsletter with this LINK.

Welcome! Follow the cyber team, Olivia Beavers (@olivia_beavers) and Jacqueline Thomsen (@jacq_thomsen), and the tech team, Harper Neidig (@hneidig) and Emily Birnbaum (@birnbaum_e).


FANCY BEAR STRIKES AGAIN: The group of Russian hackers thought to be responsible for stealing a trove of emails from the Democratic National Committee has been targeting European think tanks, Microsoft said in a blog post on Wednesday.

Microsoft announced that it had uncovered spearfishing attempts by the group, known as APT 28 or Fancy Bear, that targeted employees at the German Council on Foreign Relations, The Aspen Institutes in Europe and The German Marshall Fund.

It’s the second time in the past six months that Microsoft has revealed its efforts to crack down on APT 28, which is believed to have ties to Russian intelligence.

“The attacks we’ve seen recently, coupled with others we discussed last year, suggest an ongoing effort to target democratic organizations,” Tom Burt, the company’s vice president for customer security and trust, wrote in the blog post. “They validate the warnings from European leaders about the threat level we should expect to see in Europe this year.”

According to Microsoft, the hacker group sent its targets fraudulent emails that included malicious links that aimed to inject malware into the organizations’ software systems.

More on the hack here.


BOOKER WON’T BOOK IT: Sen. Cory BookerCory Anthony BookerSanders campaign reports raising M in less than a day Gillibrand uses Trump Jr. tweet to fundraise Trump: Bernie Sanders ‘missed his time’ for White House MORE (D-N.J.) this week offered up Newark as the new home for Amazon’s second headquarters after the company pulled back from its plans to build offices in New York City.

Booker’s comments set him at odds with other 2020 presidential hopefuls, including progressive Sens. Bernie SandersBernard (Bernie) SandersSanders campaign reports raising M in less than a day The Memo: Bernie Sanders’s WH launch sharpens ‘socialist’ question Gillibrand uses Trump Jr. tweet to fundraise MORE (I-Vt.) and Elizabeth WarrenElizabeth Ann WarrenSanders campaign reports raising M in less than a day The Memo: Bernie Sanders’s WH launch sharpens ‘socialist’ question Gillibrand uses Trump Jr. tweet to fundraise MORE (D-Mass.), both of whom celebrated the cancellation as a win by grass-roots activists and local lawmakers.

“We want HQ2,” Booker said, referring to the Amazon offices by their nickname. “We’ve sent that message out already.”

The Democratic presidential candidate told Cheddar that while he “applauds” the local community in New York for raising issues specific to their neighborhood, Newark leaders have mobilized around bringing in Amazon.

When Amazon canceled the New York plans last week, a company spokesperson said that it would not be searching for a new site at this time. It still plans to build offices in Northern Virginia.

The politics: Amazon’s New York cancellation has provided another opportunity for Democratic presidential candidates to draw battle lines over where they stand on big tech corporations, a division that highlights the growing rift between business-friendly Democrats and the ascendant left wing.  

More on Booker’s wooing of HQ2 here.


SQUARING OFF: A conservative advocacy group put up a billboard in Times Square on Wednesday calling out Rep. Alexandria Ocasio-CortezAlexandria Ocasio-CortezJack Abramoff targets Dems as part of new super PAC The Memo: Bernie Sanders’s WH launch sharpens ‘socialist’ question Dems think they’re beating Trump in emergency declaration battle MORE (D-N.Y.) over Amazon’s recently announced decision to scrap plans for building a second headquarters in Queens.

The Job Creators Network (JCN) is putting up the billboard in the tourist hotspot for one week, the organization announced. The group blames Ocasio-Cortez for the consequences it says will follow the tech giant’s decision.

“The pullout of Amazon–because of anti-business politicians, notably Ocasio-Cortez–is a major blow to the New York economy. The retreat will not only cost the area $12 billion in economic activity, but 25,000 new jobs that would have paid an average salary of $150,000,” the group said in a statement.

Ocasio-Cortez and other local activists were vocal in their opposition to Amazon’s move, claiming it would not create jobs for people already living in the area and make the community unaffordable for low-income residents.

More on the conservative criticism here.


SHOPPERS BEWARE: Cyber thieves are ramping up their use of malicious codes on e-commerce sites as a way to steal credit card information from consumers, according to a report released Wednesday.

Symantec’s annual Internet Security Threat Report said that in 2018 hackers turned to what’s known as “formjacking” in order to “steal credit card details and other information from payment forms on the checkout web pages of e-commerce sites.” To achieve that, they used malicious JavaScript code, researchers found.

Formjacking 101: “Requiring only a few simple lines of code loaded onto a website, formjacking represents a significant threat to online retailers, or anyone who collects personally identifiable information from their customers via their website,” Symantec said in its report. “On average, more than 4,800 unique websites are compromised with formjacking code every month.”

The impact: The security firm said cyber criminals likely made at least tens of millions of dollars last year from this sort of attack.

Read more here.


SECRETS, SECRETS ARE NO FUN: Google says it was a mistake not to disclose the presence of a microphone in its Nest Secure home security system, but insists it was “never intended to be a secret” after customers raised concerns about the product.

The company earlier this month announced it would add Google Assistant support to the Nest Secure system, meaning owners would have the ability to deliver voice commands to control the system. The announcement immediately raised questions because it meant Google was allowing users to activate a built-in microphone that customers previously did not know existed.

Google’s response: “The on-device microphone was never intended to be a secret and should have been listed in the tech specs,” a Google spokesperson said in a statement on Wednesday. “That was an error on our part.”

The spokesperson noted that the microphone “has never been on” and can only be activated “when users specifically enable the option.”

Google did not include mention of the microphone when it announced the launch of its Nest Secure system in 2017. The company now says that was an oversight, and that the mic was included for the purpose of offering expanded features through the system in the future.

“Security systems often use microphones to provide features that rely on sound sensing,” Google said in the statement this week. “We included the mic on the device so that we can potentially offer additional features to our users in the future, such as the ability to detect broken glass.”

The controversy is likely to intensify scrutiny over whether tech companies are doing enough to protect their customers’ privacy.

More on the Nest controversy here.


A LIGHTER CLICK: Here’s the right way to spend your snow day.


AN OP-ED TO CHEW ON: Will Democrats’ ‘virtual caucuses’ in Iowa be crashed by Russian hackers? ‘We’ll see’



Can Washington keep watch over Silicon Valley? The FTC’s Facebook probe is a high-stakes test. (The Washington Post)

Pinterest quietly blocks all vaccine-related searches, which is one solution, I guess. (Gizmodo)

Verizon is first to market in the U.S. with the new Samsung Galaxy S10 5G. (Verizon)

Nestle, Disney pull YouTube ads, joining furor over child videos. (Bloomberg News)

Lyft is planning to list shares on Nasdaq and go public as early as next week. (The Wall Street Journal)

Source link