Hillicon Valley: Google hit with another antitrust lawsuit by states | Federal government finds evidence hackers used multiple methods to access agency networks | Energy Dept., nuclear agency breached as part of massive cyberattack: report
Welcome to Hillicon Valley, The Hill’s newsletter detailing all you need to know about the tech and cyber news from Capitol Hill to Silicon Valley. If you don’t already, be sure to sign up for our newsletter with this LINK.
Welcome! Follow our cyber reporter, Maggie Miller (@magmill95), and tech team, Chris Mills Rodrigo (@chrisismills) and Rebecca Klar (@rebeccaklar_), for more coverage.
GOOGLE CHARGED OVER ANTITRUST ALLEGATIONS — AGAIN: A bipartisan group of state attorneys general filed another antitrust lawsuit against Google on Thursday focused on its online search market power, adding to the growing legal battles facing the tech giant.
The lawsuit — filed by 35 states and Washington, D.C., Guam and Puerto Rico — alleges Google illegally maintains monopoly power over search engines and search advertising markets through a series of anticompetitive contracts and conduct.
“Our economy is more concentrated than ever, and consumers are squeezed when they are deprived of choices in valued products and services,” Colorado Attorney General Phil Weiser (D) said in a statement. “Google’s anticompetitive actions have protected its general search monopolies and excluded rivals, depriving consumers of the benefits of competitive choices, forestalling innovation, and undermining new entry or expansion.”
Weiser was joined by Iowa Attorney General Tom Miller (D), Nebraska Attorney General Doug Peterson (R) and Tennessee Attorney General Herbert Slatery (R) at a press conference announcing the lawsuit.
The states are asking the court to unwind any advantages Google gained as a result of anticompetitive behavior, including calling for the divestiture of assets as appropriate.
Google defended its search engine in a lengthy statement Thursday, arguing that being forced to revert changes would harm the quality of results and ultimately small businesses.
“We know that scrutiny of big companies is important and we’re prepared to answer questions and work through the issues,” Adam Cohen, director of economic policy at Google, wrote in a blog post. “But this lawsuit seeks to redesign Search in ways that would deprive Americans of helpful information and hurt businesses’ ability to connect directly with customers.”
MULTIPLE METHODS USED BY HACKERS: The Department of Homeland Security’s (DHS) cybersecurity agency on Thursday warned of the “grave” threat posed to federal systems by a recent massive espionage attack by a nation state, warning that the hackers used multiple methods to access the systems for months.
The Cybersecurity and Infrastructure Protection Agency (CISA) put out an alert detailing the attack, widely reported to be carried out by a Russian military hacking group, on IT company SolarWinds.
By infiltrating a vulnerability in the company’s Orion software, the group was able to access federal networks, with DHS, the Commerce, State and Treasury departments, and branches of the Pentagon among the agencies reportedly breached, with the hackers potentially having had access to the networks since March.
The Washington Post reported Sunday that the group behind the attack is a Russian military group known as “Cozy Bear,” a prolific hacking group that previously targeted the State Department during the Obama administration and COVID-19 vaccine researchers earlier this year.
“CISA has determined that this threat poses a grave risk to the Federal Government and state, local, tribal, and territorial governments as well as critical infrastructure entities and other private sector organizations,” the agency wrote in the alert.
CISA, which put out an emergency directive earlier this week ordering all federal agencies to disconnect from SolarWinds software, warned that the hackers involved used other methods besides the SolarWinds vulnerability to access federal systems.
“CISA has evidence of additional initial access vectors, other than the SolarWinds Orion platform; however, these are still being investigated,” the agency wrote.
NUCLEAR AGENCY BREACHED IN ATTACK: Agencies within the Department of Energy, including the National Nuclear Security Administration (NNSA), were reportedly breached as part of a massive hack on an IT group that has hit almost a dozen federal agencies.
Politico reported Thursday that NNSA, which is charged with maintaining the nation’s nuclear weapons stockpile, had been hit as part of the nation state infiltration of SolarWinds software. The Washington Post on Sunday had attributed the attack to a prolific Russian military hacking group known as “Cozy Bear.”
Politico noted that other Energy agencies that found “suspicious activity” in their networks included the Federal Energy Regulatory Commission (FERC), the Sandia and Los Alamos national laboratories, the Office of Secure Transportation and the Energy Department’s Richland Field Office. According to the publication, more damage was done at FERC than at any of the other agencies.
A spokesperson for the NNSA declined to comment, referring The Hill to the Department of Energy, which did not respond to a request for comment on the cyber incident.
The Hill also reached out to the House Energy and Commerce and Senate Energy and Natural Resources panels, which have jurisdiction over the agencies. Politico reported that the Energy Department had begun the process of notifying committees of jurisdiction about the attack.
Other agencies hit as part of the massive espionage effort, which has been in progress since as early as March, include the Department of Homeland Security, the State Department, the Treasury Department, the Commerce Department, and branches of the Pentagon.
BIDEN’S VOW ON CYBERSECURITY: President-elect Joe Biden on Thursday vowed to elevate cybersecurity as an “imperative” when he takes office and said he would not “stand idly by” in the face of cyberattacks following a massive breach that impacted the U.S. government.
“I want to be clear: My administration will make cybersecurity a top priority at every level of government — and we will make dealing with this breach a top priority from the moment we take office,” Biden said in a statement. “We will elevate cybersecurity as an imperative across the government, further strengthen partnerships with the private sector, and expand our investment in the infrastructure and people we need to defend against malicious cyberattacks.”
Biden said that his administration would impose “substantial costs” on individuals responsible for malicious cyberattacks in order to deter such activity.
“Our adversaries should know that, as president, I will not stand idly by in the face of cyber assaults on our nation,” Biden said.
SENATORS REQUEST IRS BRIEFING ON HACK: The leaders of the Senate Finance Committee on Thursday asked the IRS for a briefing about whether sensitive taxpayer information was stolen as part of the SolarWinds hack.
“Given the extreme sensitivity of personal taxpayer information entrusted to the IRS, and the harm both to Americans’ privacy and our national security that could result from the theft and exploitation of this data by our adversaries, it is imperative that we understand the extent to which the IRS may have been compromised,” Finance Committee Chairman Chuck Grassley (R-Iowa) and ranking member Ron Wyden (D-Ore.) wrote in a letter to IRS Commissioner Charles Rettig.
“It is also critical that we understand what actions the IRS is taking to mitigate any potential damage, ensure that hackers do not still have access to internal IRS systems, and prevent future hacks of taxpayer data,” the senators added.
LAWMAKERS STRESS NEED FOR UNIVERSAL BROADBAND: Lawmakers and former federal officials said on Wednesday that universal broadband access is essential to boosting the American economy during and after the coronavirus pandemic.
The Federal Communications Commission (FCC) estimates that 18.3 million Americans still lack broadband access, though critics have argued that the methodology the agency uses overestimates that access.
That means millions of Americans have been hit particularly hard during a pandemic that’s forced people to work and go to school at home.
“The pandemic has conclusively proven that everyone needs internet connection to have a fair shot at success,” FCC Commissioner Jessica Rosenworcel said at The Hill’s “COVID-19, Tech, & Economic Resilience” event.
She told the event’s moderator, The Hill’s Steve Clemons, that there is an enormous amount of lost economic opportunity if the United States doesn’t figure out how to expand internet connectivity to all Americans.
Lighter click: A for effort
An op-ed to chew on: News industry must seize opportunity restore trust
NOTABLE LINKS FROM AROUND THE WEB:
Federal Labor Agency Investigation Finds Amazon Illegally Fired Protesting Warehouse Worker (Motherboard / Lauren Kaori Gurley)
In a Big Year for Video Games, These Players Are Shifting the Culture (The New York Times / Anita Sarkeesian and Carolyn Petit)
These ByteDance apps stored U.S. user data in China – at least until they started to disappear (Protocol / Issie Lapowsky)
Copyright 2023 Nexstar Media Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed. Regular the hill posts
Testing Video
ASR RAW Boys Lacrosse: Coronado 8, Poway 6
