Cybersecurity is expected to be a top priority in 2023 as lawmakers step up their efforts to address evolving threats, including ransomware attacks and foreign spyware.
Meanwhile, a Facebook whistleblower blasts the social media giant’s civic integrity, and Google has agreed to a multimillion-dollar settlement over location tracking.
This is Hillicon Valley, detailing all you need to know about tech and cyber news from Capitol Hill to Silicon Valley. Send tips to The Hill’s Rebecca Klar and Ines Kagubare.
Cyber priorities to watch out for this year
Cyberattacks have surged in recent years, with the health care system and other critical sectors increasingly coming under digital assaults as the threat of malware like ransomware and foreign spyware continues to evolve.
Last year in particular saw officials and lawmakers renew their focus on cybersecurity and seek to secure the country’s critical sectors from rising cyber threats. The issue is expected to take center stage again in the coming year, as many of those threats are still escalating while the cyber sector is confronting an ongoing workforce shortage in its efforts to bolster the U.S.’s digital defenses.
Here are four cyber concerns expected to take priority in 2023:
Threats to critical sectors: The financial, energy and health care sectors are all facing a skyrocketing number of hacks. Cyberattacks have robbed companies in those industries of hundreds of millions of dollars, exposed data and even disrupted essential services, as when a ransomware attack forced the Colonial Pipeline to shut down in 2021, causing gas shortages in several states.
- The health care sector in particular has seen a rise in cyberattacks in the last few years, particularly ransomware attacks targeting hospitals in order to gain access to sensitive information like patient data or medical research and technology.
- Increasing threats to the sector have set off alarm bells in Washington, with Sen. Mark Warner (D-Va.), chairman of the Senate Intelligence Committee, warning this fall that cyberattacks could lead to delays in treatment and even patients’ deaths.
Ransomware attacks: Recent years have seen an especially dramatic spike in ransomware attacks, particularly targeting the health care and financial sectors.
Last year alone, ransomware groups caused outages in multiple hospital systems, temporarily closed schools in parts of the U.S., carried out multimillion-dollar hacks on a number of companies and drove Costa Rica to declare a state of emergency in May as a barrage of attacks impacted its government services.
Foreign spyware: Foreign spyware garnered attention last year following controversy surrounding the embattled Israeli spyware firm NSO Group, which was blacklisted by the Department of Commerce in 2021 for allegedly facilitating unlawful surveillance used against government officials, journalists, dissidents and human rights activists.
Congress has since taken steps to address the allegations. In July, the House Intelligence Committee included a provision in the Intelligence Authorization Act authorizing the director of national intelligence to prohibit the U.S. intelligence community from buying and using foreign spyware.
Labor shortage: Rising cyber threats have brought new urgency to a long-time labor shortage in the industry as both federal agencies and private companies have scrambled to fill key cyber roles.
The industry has sought to address the shortage by investing in workforce development, and is expected to continue doing so moving forward.
Read more here.
FACEBOOK WHISTLEBLOWER: META LACKS CIVIL INTEGRITY
Frances Haugen, who became known as the Facebook whistleblower after she released thousands of documents about the platform’s content moderation policies and algorithm, said the company is not “committed” to civic integrity.
Haugen said on NBC’s “Meet the Press” that Facebook is more concerned with its stock prices and profit margins than public safety. She said she was initially optimistic about the company’s plans when she was hired as part of its civic integrity unit, which she said was one of the best in the industry.
- But she said she realized Facebook was not serious when it dissolved the unit after the 2020 presidential election.
- “When Facebook dissolved civic integrity, I saw that they weren’t willing to make that commitment anymore,” she said.
Haugen released thousands of internal documents from Facebook in 2021 about the company’s algorithm and its response to misinformation on the platform. She testified before Congress in October of that year that Facebook is prioritizing profits over its users’ safety.
Read more here.
GOOGLE REACHES SETTLEMENT OVER LOCATION TRACKING
Google has agreed to pay a total of $29.5 million to settle separate lawsuits with Washington, D.C., and Indiana over its location tracking practices.
Under the settlements, Google agreed to not make misrepresentations to users about an individual user’s location information in location history and web and app activity.
Indiana Attorney General Todd Rokita (R) said in a statement that the state reached a settlement with Google for $20 million to resolve its lawsuit over the company’s “deceptive location-tracking practices.”
“This settlement is another manifestation of our steadfast commitment to protect Hoosiers from Big Tech’s intrusive schemes,” Rokita said. “We will continue holding these companies accountable for their improper manipulation of consumers.”
Read more here.
BITS & PIECES
An op-ed to chew on: American national security requires smart spectrum planning
Notable links from around the web:
Ukraine War and Upcoming SEC Rules Push Boards to Sharpen Cyber Oversight (The Wall Street Journal / Catherine Stupp and Kim Nash)
Can these researchers help defend satellite systems targeted by hackers? (CyberScoop / Christian Vasquez)
Social Media Use Is Linked to Brain Changes in Teens, Research Finds (The New York Times / Ellen Barry)
ONE LAST THING
House says so long to TikTok
The House’s chief administrative officer banned TikTok from all mobile devices that the body manages last week, ahead of the federal government joining a growing number of states in prohibiting employees from having the app on their government-issued phones.
Multiple news outlets reported that Catherine Szpindor, the head of the office responsible for providing House members, officers and staff with administrative, technical and operational assistance, sent a memo to all House lawmakers and staff last week saying that the app is considered “high risk” due to multiple security issues.
- “House staff are NOT allowed to download the TikTok app on any House mobile devices,” the memo said, according to NBC. “If you have the TikTok app on your House mobile device, you will be contacted to remove it.”
- With the move, the House joined more than a dozen states and several federal agencies that had previously taken action to ban the app on government devices.
Read more here.
That’s it for today, thanks for reading. Check out The Hill’s Technology and Cybersecurity pages for the latest news and coverage. We’ll see you tomorrow.