Hillicon Valley: DNC reports attempted hack to FBI | GOP delays election security bill | Verizon calls restricting firefighters’ data a ‘mistake’ | Russian hackers send warning to conservatives

by Jacqueline Thomsen, Ali Breland, Harper Neidig and Olivia Beavers - 08/22/18 8:05 PM ET

Welcome to Hillicon Valley, The Hill’s newsletter detailing all you need to know about the tech and cyber news from Capitol Hill to Silicon Valley.

Welcome! Follow the cyber team, Olivia Beavers (@olivia_beavers) and Jacqueline Thomsen (@jacq_thomsen), and the tech team, Harper Neidig (@hneidig) and Ali Breland (@alibreland).

DNC REPORTS ATTEMPTED HACK TO FBI: The Democratic National Committee (DNC) has notified the FBI of what it believes to be an attempt to hack into its voter database.

A Democratic source told several publications that the organization received an alert early Tuesday that a fake login site had been created to try and obtain usernames and passwords from those seeking to access the database.

The alert was reportedly issued by the cloud service provider for the database and the San Francisco–based security firm Lookout.

{mosads}

The fake pages were designed to look like the site used by Democratic officials and candidates across the country to access a service called Voterbuilder, which itself hosts the voter database.

The source said the DNC did not have any evidence that the database had been accessed or changed.

The possibility of another hack on Democrats quickly brought back memories of the 2016 cyberattack, with party officials cautioning that a threat still hovers over the November’s midterm elections.

“These threats are serious, and that’s why it’s critical that we all work together, but we can’t do this alone,” DNC chief security officer Bob Lord said. “We need the [Trump] administration to take more aggressive steps to protect our voting systems. It is their responsibility to protect our democracy from these types of attacks.” Read more here.

GOP SLAMS BRAKES ON ELECTION SECURITY BILL: The Senate Rules and Administration Committee was scheduled to hold its long-anticipated markup of a bill on election security Wednesday, but it was scrapped at the last minute over a lack of GOP support.

A spokeswoman for Senate Rules and Administration Committee Chairman Roy Blunt (R-Mo.) confirmed to The Hill that the markup had been postponed, shortly before it was scheduled to begin.

A GOP Senate aide told The Hill that the secretaries of several states had “expressed concerns about certain provisions” in the legislation.

“In order for a truly bipartisan election security bill to reach the floor, additional majority support is necessary,” the aide said.

The legislation, introduced by Sens. James Lankford (R-Okla.) and Amy Klobuchar (D-Minn.), would help guard election systems against cyberattacks.

Klobuchar said in a statement that she was “disappointed” by the markup’s delay, thanking Democrats who supported it and calling it “irresponsible” to not pass legislation ahead of the November midterm elections.

“For everyone else who delayed this action today, I hope that you will listen to the clarion cry of our intelligence community and continue to work with us and reschedule the markup and pass the bill into law,” she said. Read more here.

VERIZON FIGHTS FIRE WITH … SLOWER DOWNLOAD SPEEDS: Verizon said it made a mistake when it throttled a California fire department’s data usage as it was battling the largest wildfire in the state’s history.

In a statement on Tuesday, Verizon said it normally lifts restrictions on data during times of emergency and would be reviewing why it didn’t when requested by the Santa Clara County Fire Department in June.

“This customer purchased a government contract plan for a high-speed wireless data allotment at a set monthly cost,” the company said in the statement. “Under this plan, users get an unlimited amount of data but speeds are reduced when they exceed their allotment until the next billing cycle. Regardless of the plan emergency responders choose, we have a practice to remove data speed restrictions when contacted in emergency situations.”

“In this situation, we should have lifted the speed restriction when our customer reached out to us,” Verizon added. “This was a customer support mistake. We are reviewing the situation and will fix any issues going forward.”

Santa Clara County fire chief Anthony Bowden said that the department had contacted Verizon to complain about the throttling but was told the throttle would be removed if the county switched “to a new data plan at more than twice the cost.”

In a sworn statement included in the filing on Monday, Bowden said his crews’ data were throttled to less than half a percent their normal download speeds under the Verizon plan due to high usage while fighting the Mendocino Complex Fire, which is the largest fire ever recorded in California and is still raging today.

Bowden said Verizon was told that the restriction was severely affecting the department’s ability to coordinate and track their resources.

“Verizon representatives confirmed the throttling, but, rather than restoring us to an essential data transfer speed, they indicated that County Fire would have to switch to a new data plan at more than twice the cost, and they would only remove throttling after we contacted the Department that handles billing and switched to the new data plan,” Bowden wrote in the filing. Read more here.

TRUMP HITS SOCIAL MEDIA AGAIN: President Trump on Tuesday railed against social media censorship, declaring he would “rather have fake news than have anybody … stopped and censored.”

During a rally in Charleston, W.Va., Trump told the crowd that his administration is “standing up to social media censorship.” While the issue has been championed by conservatives, Trump pushed back against potential censorship of any accounts, regardless of political affiliation.

“I would rather have fake news than have anybody — including liberals, socialists, anything — than have anybody stopped and censored,” Trump said.

“You can’t pick one person and say ‘well we don’t like what he’s been saying, he’s out,'” he added.

He warned against embracing censorship of opposing viewpoints, because “it can turn around, it can be them next.” Read more here.

RESEARCHERS SAY ALGORITHM IS BETTER AT SPOTTING FAKE NEWS THAN HUMANS: Researchers at the University of Michigan say they have developed an algorithm that is better than humans at detecting fake news stories.

Veronica Perez-Rosas, Rada Mihalcea and Alexandra Lefevre of the University of Michigan engineering and computer science department and Bennett Kleinberg of the University of Amsterdam psychology department found that humans were able to spot hoax stories 70 percent of the time, while their algorithm was able to spot fake news 76 percent of the time.

“You can imagine any number of applications for this on the front or back end of a news or social media site,” Mihalcea said in a statement. “It could provide users with an estimate of the trustworthiness of individual stories or a whole news site.”

The researchers used linguistic analysis to look at grammatical structure, word choice, punctuation and complexity to parse out fake news. Read more here.

RUSSIAN HACKERS FIRE WARNING SHOT AT CONSERVATIVES: Microsoft’s revelation that Russia-linked hackers targeted conservative groups is raising flags about who the Kremlin has in its crosshairs ahead of the 2018 midterm elections.

The majority of previously disclosed cyberattacks linked to Moscow have targeted Democrats, but the latest false sites, apparently created by the hacking group known as “Fancy Bear,” were aimed at conservative think tanks publicly critical of Russia — a sign that the group could be expanding its attacks to go after any potential enemies in the U.S.

While Microsoft noted that it lacked “evidence to indicate the identity of the ultimate targets of any planned attack involving these domains,” experts said the revelations serve as a reminder that Democrats aren’t the only ones susceptible to attacks, particularly as prominent Republicans escalate their criticisms of Russia and President Vladimir Putin.

“Vladimir Putin uses cyber operations to promote those who support his political agenda and undermine those who do not,” said Priscilla Moriuchi, director of strategic threat development for the security firm Recorded Future. “This includes people and organizations on both sides of the political aisle.”

Even Republican leaders acknowledged that they weren’t exempt from cyberattacks.

“To Republicans, if you think the Russians don’t have you in mind you’re making a great mistake,” Sen. Lindsey Graham (R-S.C.) said. “They’re trying to undermine the democratic process. Now that we’re in charge, I think we’re a natural target.” Read more here.

YOU BETTER SHAPE UP… BECAUSE WE NEED YOU TO BE SECURE: A bipartisan group of lawmakers on the Senate Intelligence Committee raised concerns Wednesday about the election voting systems provided by one of the largest vendors in the United States, questioning whether the company is doing enough to safeguard itself from hackers.

Four committee members wrote in a letter they were disappointed that Election Systems & Software (ES&S) has not agreed to undergo independent testing to determine the security level of its systems. The letter comes after an annual hacking conference earlier this month appeared to reveal security vulnerabilities in ES&S voting systems.

“We are concerned that ES&S and other election system providers may not be prepared for the growing threats to our elections,” Senate Intelligence Committee Vice Chairman Mark Warner (D-Va.) and Sens. Susan Collins (R-Maine), James Lankford (R-Okla.), and Kamala Harris (D-Calif.) wrote in a letter to the company.

The senators criticized ES&S for its refusal to allow independent testing of its systems at the popular DEFCON convention, where hackers attempted to find ways to exploit voting technology.

“We are disheartened that ES&S chose to dismiss these demonstrations as unrealistic and that your company is not supportive of independent testing,” the lawmakers wrote in their letter to CEO Tom Burt. “We believe that independent testing is one of the most effective ways to understand and address potential cybersecurity risks.”

Sen. Ron Wyden (D-Ore.), a member of the Intelligence panel, separately slammed ES&S on Wednesday for failing to provide answers to basic questions about its cybersecurity practices. “It is inexcusable that American democracy depends on hackable voting technology made by a handful of companies that have evaded oversight and stonewalled Congress. That must end,” Wyden said during a Senate Rules Committee hearing, according to a transcript of his remarks.