October 8 2021

This Week in Washington

Reuters U.S. to tell critical rail, air companies to report hacks, name cyber chiefs
The Transportation Security Administration will introduce regulations that compel the most important U.S. railroad and airport operators to improve their cybersecurity procedures, Homeland Security Secretary Alejandro Mayorkas said on Wednesday. The upcoming changes will make it mandatory for “higher-risk” rail transit companies and “critical” U.S. airport and aircraft operators to do three things: name a chief cyber official, disclose hacks to the government and draft recovery plans for if an attack were to occur.

CyberScoop Rep. Katko introduces bill that would prioritize security for key US critical infrastructure
The top Republican on the House Homeland Security Committee introduced legislation Tuesday directing the Homeland Security Department’s cyber wing to identify U.S. digital infrastructure that, if attacked, would severely debilitate national security, economic security or public safety. Under the legislation from Rep. John Katko, R-N.Y., DHS’ Cybersecurity and Infrastructure Security Agency would designate the nation’s “systemically important critical infrastructure” (or “SICI”).

New York Times Facebook Whistle-Blower Urges Lawmakers to Regulate the Company
A former Facebook product manager who turned into a whistle-blower gave lawmakers an unvarnished look into the inner workings of the world’s largest social network on Tuesday and detailed how the company was deliberate in its efforts to keep people — including children — hooked to its service. In more than three hours of testimony before a Senate subcommittee, Frances Haugen, who worked on Facebook’s civic misinformation team for nearly two years until May, spoke candidly and with a level of insight that the company’s executives have rarely provided.

Associated Press US poised to sue contractors who don’t report cyber breaches
The Justice Department is poised to sue government contractors and other companies who receive U.S. government grants if they fail to report breaches of their computer systems or misrepresent their cybersecurity practices, the department’s No. 2 official said Wednesday. Deputy Attorney General Lisa Monaco said the department is prepared to take action under a statute called the False Claims Act that permits the government to file lawsuits over misused federal funds. The Justice Department will also protect whistleblowers who come forward to report those issues, she said.

Next Gov Senate Committee Passes Major FISMA Changes—Including a New Definition of ‘Major Incident’
The Senate Homeland Security and Governmental Affairs Committee approved legislation that seeks to overhaul how federal agencies and government contractors report on cyberattacks and guidance for defending against them. The committee on Wednesday cleared the Federal Information Security Modernization Act of 2021 along with a more controversial bill mandating private-sector reports of cyber incidents and ransomware payments.

Protocol The FTC’s next privacy move is a dangerous game years in the making
After many years of “concerns” and false starts, the FTC appears poised to tell tech companies what they must do — and stop doing — to protect consumer privacy. Crafting actual privacy rules is an ambitious undertaking that has eluded Congress for more than a decade. But the FTC, under new chair Lina Khan, seems ready to regulate most of the digital services industry and a good chunk of the “offline” world to boot. If history’s any guide, any move is sure to spur furious pushback that could endanger even the FTC’s basic powers.

The Washington Post Tech adversary Kanter tells senators he will pursue ‘vigorous’ antitrust enforcement in nomination hearing
Jonathan Kanter told lawmakers he would bring “vigorous” enforcement to the helm of the Justice Department’s antitrust division, as they weigh his nomination to serve as one of the federal government’s top competition cops. In a Senate Judiciary Committee hearing on Wednesday, he laid out bits of his plan for lawmakers, focusing on ensuring robust competition for businesses across the country.

Article Summary

Microsoft Official Blog Russian cyberattacks pose greater risk to governments and other insights from our annual report
During the past year, 58% of all cyberattacks observed by Microsoft from nation-states have come from Russia. And attacks from Russian nation-state actors are increasingly effective, jumping from a 21% successful compromise rate last year to a 32% rate this year. Russian nation-state actors are increasingly targeting government agencies for intelligence gathering, which jumped from 3% of their targets a year ago to 53% – largely agencies involved in foreign policy, national security or defense. The top three countries targeted by Russian nation-state actors were the United States, Ukraine and the UK.

Politico European Parliament calls for a ban on facial recognition
The European Parliament today called for a ban on police use of facial recognition technology in public places, and on predictive policing, a controversial practice that involves using AI tools in hopes of profiling potential criminals before a crime is even committed. In a resolution adopted overwhelmingly in favor, MEPs also asked for a ban on private facial recognition databases, like the ones used by the controversial company Clearview AI. The Parliament also supports the European Commission’s attempt in its AI bill to ban social scoring systems, such as the ones launched by China that rate citizens’ trustworthiness based on their behavior.

NBC 26 Education, technology leaders discuss efforts to strengthen cyber workforce in Northeast Wisconsin
Northeast Wisconsin education and technology leaders are working to strengthen the area’s cyber workforce. Rep. Mike Gallagher (R) 8th District, co-chair of the Cyberspace Solarium Commission (CSC), and Brad Smith, Microsoft president, hosted a roundtable Monday at TitleTown Tech to discuss what’s being done to train the community’s workforce and how access to cyber education can be increased. Microsoft Philanthropies offers a program called Technology Education and Literacy in Schools, which introduces high school students to computer science. Dickert said CESA 7 hopes to have all 8,000 teachers in the region “digitally skilled” so they can teach cyber education to students.

State Scoop Microsoft, Chicago team up to provide digital skills training

Microsoft will provide free digital skills training courses for at least 300,000 Chicagoans through a new economic development program announced on Friday. The new program, called “Accelerate Chicago,” is designed to boost the employability of residents who either lost their jobs as a result of the COVID-19 pandemic or those with few digital skills, and will provide “cross-training” for residents trying to switch career paths, according to the company. In Chicago, local branches of the NAACP, as well as other community organizations, will encourage their members to sign up for the free Microsoft courses, and residents will be able to take the courses at local technology and digital skills academies throughout the city.

TechCrunch Driving AI innovation in tandem with regulation

The European Commission announced first-of-its-kind legislation regulating the use of artificial intelligence in April. This unleashed criticism that the regulations could slow AI innovation, hamstringing Europe in its competition with the U.S. and China for leadership in AI. For example, Andrew McAfee wrote an article titled “EU proposals to regulate AI are only going to hinder innovation.”

Associated Press Kansas county spends more $70K to end cyberattack

A northeast Kansas county paid more than $70,000 to end a cyberattack that crippled its computer systems for about two weeks. Pottawatomie County administrator Chad Kinsley said the attackers had demanded more than $1 million, The Topeka Capital-Journal reports.

IEEE Spectrum Microsoft Predicts Weather for Individual Farms

DeepMC uses machine learning and AI to localize weather data: Now, researchers at Microsoft have developed a framework called DeepMC that can very accurately predict local weather, and could be used by farmers, renewable energy producers, and others. Microsoft researchers presented a study on the framework and its application at the Association of Computing Machinery’s Conference on Knowledge Discovery and Data Mining in August.

The Atlantic What Iowa is Losing as My Hometown Newspaper Crumbles

The grain elevator exploded on a cool April morning in 1987, six years before I was born. My father was testing a clay sample in a lab two miles away when suddenly the dial jumped. He ran outside, thinking that a car had smashed into the building. My mother, doing yard work at home, assumed that the nearby ammunition plant was testing a new explosive. Dale Alison saw the blast up close. He was 32 years old, and it was his first day as the city editor of The Hawk Eye, a newspaper in Burlington, Iowa.

Tech Podcast of the Week

Stats + Stories

  • Podcast on Data Privacy for Researchers
    Privacy is becoming an ever more potent concern as we grapple with the reality that our phones, computers, and our browser histories are filled with data that could reveal a lot about who we are, sometimes things we’d rather keep private. The issue of the privacy of data is not a new concern for researchers. In fact, whenever someone wants to work with people, oversight boards ask them about how they’ll keep data about participants private. But the data landscape for researchers and statisticians is changing and that’s the focus of this episode of Stats and Storie with guests Claire McKay Bowen and Joshua Snoke. (The Data Privacy Landscape is Changing – April 15, 2021)