Hillicon Valley: Google extending remote work policy through July 2021 | Intel community returns final Russia report to Senate committee after declassification | Study finds election officials vulnerable to cyberattacks

Welcome to Hillicon Valley, The Hill’s newsletter detailing all you need to know about the tech and cyber news from Capitol Hill to Silicon Valley. If you don’t already, be sure to sign up for our newsletter with this LINK.

Welcome! Follow our cyber reporter, Maggie Miller (@magmill95), and tech reporter, Chris Mills Rodrigo (@chrisismills), for more coverage.

WORKING FROM HOME FOREVER: Google will keep its employees at home until next July at least, a spokesperson for the search giant confirmed to The Hill Monday.

“To give employees the ability to plan ahead, we are extending our global voluntary work from home option through June 30, 2021 for roles that don’t need to be in the office,” Google CEO Sundar Pichai wrote in a memo to employees.

The extension of the company’s existing remote work policy will apply to roughly 200,000 full-time and contract employees at Google and its parent company Alphabet, according to The Wall Street Journal, which first reported on the extension.

Google had previously told employees to return to offices at the beginning of January.

Silicon Valley companies were some of the first to send white-collar workers home in March when the coronavirus pandemic began spreading in the U.S. The companies are now again leading the way in extending remote work.

Amazon earlier this week extended its work-from-home policy through January 2021. The company’s warehouse workers, several of which have died of COVID-19, are not included in the extension.

Read more about the extension here. 

RUSSIA REPORT PENDING: The intelligence community (IC) recently returned the last volume of the Senate Intelligence Committee’s Russia interference report to the panel after conducting a declassification review, which means the highly-anticipated report could be publicly released in a matter of weeks, The Hill has learned.

The Office of the Director of National Intelligence (ODNI) returned the fifth volume of the committee’s Russia report, which focuses on its counterintelligence findings, to the panel last week, according to a source familiar with the matter. 

The panel and ODNI are expected to have a back-and-forth review process over the redactions that were made by the IC, which means it will likely be weeks before the declassified version of the report is released to the public. 

Then-Intelligence Committee Chairman Sen. Richard Burr (R-N.C.) and Vice Chairman Sen. Mark Warner (D-Va.) — the leaders of the Senate Intelligence Committee who spearheaded the bipartisan investigation — sent the report to ODNI in mid-May and asked Director of National Intelligence John Ratcliffe to conduct an expeditious declassification review. 

The release of the report will bring to a close the panel’s years-long, deep-diving probe into Russian interference in the 2016 presidential election. 

The Senate panel launched its bipartisan probe in January 2017 and it quickly became one of the most high-profile congressional investigations in recent years. It sought to determine if members of the Trump campaign conspired or coordinated with Russia during the heated presidential race. 

Unlike the House Intelligence Committee’s parallel Russia probe, the Senate panel has been able to work in a largely bipartisan manner and without acrimony. Still, the probe has cast a shadow over the White House and at times has faced attacks from President Trump and his allies.

This report will follow four earlier volumes the committee has already released, which focused on U.S. election security, Russia’s disinformation campaign on social media platforms, how the Obama administration responded to Russian interference, and most recently, the January 2017 intelligence community assessment.

Read more about the upcoming report here.

The Future of Human Connectivity — Wednesday, July 29

The report, compiled by cybersecurity group Area 1 Security, found that over 50 percent of election administrators have “only rudimentary or non-standard technologies” to protect against malicious emails from cyber criminals, with less than 30 percent using basic security controls to halt phishing emails. 

The study also found that around 5 percent of election administrators use personal emails, which are seen as less secure than government emails, and some election administrators use a custom email infrastructure known to have been targeted by Russian military hackers during prior elections. 

Email phishing is a key way hackers infiltrate networks, with hackers attempting to trick individuals into clicking on malicious links or attachments or providing sensitive information in other ways that allows the hacker to access a network. Area 1 Security noted that 90 percent of cyberattacks begin with a phishing email.

The security researchers at Area 1 Security noted that while the diversity of election systems and infrastructure across U.S. election jurisdictions would make it “impossible” for a nationwide hacking incident to occur, the low email security standards could easily lead to localized cyber incidents. 

“The disparate approaches to cybersecurity by state, local and county officials is such that should a cybersecurity incident occur in one small town, whether in a ‘battleground state’ or not, even if statistically insignificant, could cause troubling ripple effects that erode confidence in results across the entire country,” the researchers wrote in the report. 

The researchers urged election administrators to stop using personal email accounts and custom email infrastructure, and advocated for Congress to send further election security funds to help states bolster cybersecurity prior to the November general elections. 

Read more about the study here. 

COMING UP THIS WEEK: A House hearing with high-profile tech executives is now scheduled for Wednesday after it was delayed for the late Rep. John Lewis’s (D-Ga.) memorial service.

The hearing in front of the House Judiciary antitrust subcommittee, which was originally scheduled for Monday, will feature testimony from the CEOs of Amazon, Apple, Facebook and Google as part of the panel’s investigation into competition in digital markets, with many lawmakers suggesting the four tech behemoths wield too much power. 

The noon hearing will be the first time Amazon’s Jeff Bezos, Apple’s Tim Cook, Facebook’s Mark Zuckerberg and Google’s Sundar Pichai will all appear at a hearing together, and it will be Bezos’s first time in front of Congress. 

“Since last June, the Subcommittee has been investigating the dominance of a small number of digital platforms and the adequacy of existing antitrust laws and enforcement. Given the central role these corporations play in the lives of the American people, it is critical that their CEOs are forthcoming. As we have said from the start, their testimony is essential for us to complete this investigation,” said Reps. Jerry Nadler (D-N.Y.) and David Cicilline (D-R.I.), the chairmen of the House Judiciary Committee and antitrust panel, respectively. 

Read more about the upcoming hearing here. 

REPUBLICANS BACK UP INTEL AGENCIES: Senate Majority Leader Mitch McConnell (R-Ky.) and Senate Intelligence Committee Chairman Marco Rubio (R-Fla.) defended a senior intelligence official over an assessment released Friday that warned of foreign election interference from Russia, Iran and China. 

McConnell and Rubio also slammed Democrats for their statement claiming William Evanina, the director of the National Counterintelligence and Security Center (NCSC), of not going “far enough in alarming the American people” in the assessment. 

“We are disappointed by the statement from Senator [Chuck] Schumer, Senator [Mark] Warner, Speaker [Nancy] Pelosi, and Representative [Adam] Schiff about Bill Evanina,” Rubio and McConnell said in a joint statement Sunday, referring to the statement released by the Democrats on Friday. 

“Evanina is a career law enforcement and intelligence professional with extensive experience in counterintelligence. His reputation as a straight-shooter immune from politics is well-deserved,” they added. 

The Republicans said that the U.S. is “safer” with Evanina and his team on watch. 

“We believe the statement baselessly impugns his character and politicized intelligence matters. Their manufactured complaint undercuts Director Evanina’s nonpartisan public outreach to increase Americans’ awareness of foreign influence campaigns right at the beginning of his efforts,” they said. 

Evanina released a statement Friday warning that Russia, Iran and China were targeting U.S. elections through disinformation and hacking efforts. 

McConnell and Rubio said the threat still remains, but they are confident that the U.S. is “far better prepared than four years ago.” 

The Democrats said Evanina’s statement is “almost meaningless,” adding that it “omits much on a subject of immense importance.”

Read more about election interference concerns here. 

TWITTER IN THE KNOW: Several people warned Twitter CEO Jack Dorsey about oversight of the contractors and employees who are able to override users’ security settings since 2015, Bloomberg News reported, citing former employees with knowledge of security protocols.

While the concerns came to the forefront this month after 130 high-profile users’ accounts were hacked and used to promote a cryptocurrency scam, the security flaws have existed for years, to the point that in 2017 and 2018, some contractors deliberately looked into celebrity accounts, including Beyonce’s, under the guise of help-desk inquiries.

The people behind this month’s hack reportedly reached at least one company employee by phone to gain access to security information that in turn gave them access to Twitter internal user-support tools, people familiar with the investigation told the publication.

The company last week began requiring all employees to take an online security training course outlining common phishing techniques, and a spokesperson told the publication it regularly conducts security training “in line with our commitment to protecting the privacy and security of the people we serve.”

This week, Dorsey reportedly told investors Twitter “fell behind, both in our protections against social engineering of our employees and restrictions on our internal tools,” according to the publication.

Former security employees told the publication that Twitter management has failed to manage support staff and contractors’ access to sensitive information, leading contractors to find ways of accessing the data of everyone from celebrities to exes.

Read more here. 

Lighter click: National heroes dance too

An op-ed to chew on: Is it time to designate social media as ‘critical infrastructure’?

NOTABLE LINKS FROM AROUND THE WEB: 

Jeff Bezos cast in a role he never wanted: Amazon’s D.C. defender (The New York Times / David McCabe and Karen Weise) 

We’re in the middle of the COVID-19 crisis. Big tech is already planning for the next one (Protocol / Issie Lapowsky) 

Car companies want to monitor your every move with emotion-detecting AI (Vice Motherboard / Todd Feathers) 

Congress has battled airlines, banks, tobacco, and baseball. Now it’s preparing to clash with Big Tech (The Washington Post / Tony Romm) 

Garmin confirms cyber attack as fitness tracking systems come back online (The Verge / Thomas Ricker and Chris Welch)