Hillicon Valley — Cyber agency warns of increased threats to manufacturing groups

·5 min read


Today is Wednesday. Welcome to Hillicon Valley, detailing all you need to know about tech and cyber news from Capitol Hill to Silicon Valley. Subscribe here: thehill.com/newsletter-signup.

Follow The Hill's cyber reporter, Maggie Miller (@magmill95), and tech team, Chris Mills Rodrigo (@millsrodrigo) and Rebecca Klar (@rebeccaklar_), for more coverage.

Critical manufacturing groups are increasingly at risk from attack, a top federal agency warned Wednesday, pointing to a spike in vulnerabilities to the sector caused by changes during the COVID-19 pandemic.

Meanwhile, DoorDash is asking all employees to start making monthly deliveries again, and the company TuSimple completed testing of its driverless semitruck in Arizona.

Let's jump into the news.

Manufacturing groups at risk

Manufacturing organizations are at higher risk of being targeted by hackers during the COVID-19 pandemic, the nation's key cybersecurity agency warned Wednesday.

Key target: The Cybersecurity and Infrastructure Security Agency (CISA) laid out the potential threats to the critical manufacturing sector in an insights report released Wednesday, noting that attacks could increase due to more remote work, which had expanded the threat surface for hackers to exploit.

"The Critical Manufacturing Sector is at risk from increased cyber-attack surface areas and limited cybersecurity workforces related to the COVID-19 pandemic," the report reads. "These trends increase the vulnerability of the Critical Manufacturing Sector to the growing number of ransomware attacks aimed at private businesses by increasing attack surfaces and reducing protective abilities. To mitigate future threats, the Critical Manufacturing Sector should prioritize the management of risks."

Key areas of concerns highlighted by CISA include the increased use of robotics and remote processes during the pandemic to protect workers, which CISA noted has opened up new security vulnerabilities, and the increasing lack of qualified personnel to protect highly technical manufacturing systems. Ransomware attacks, which have become a major concern during the course of the pandemic in all sectors, have also become a threat to manufacturing companies.

Warning: "If current trends hold, attacks against manufacturing sector infrastructure will continue to increase," the report reads. "A new threat to manufacturing-ransomware...has begun to target systems lacking the inherent security controls required to protect themselves. The result can be catastrophic production loss and downtime as well as lost revenues and penalties for production delays."

Read more here.

A MESSAGE FROM HUAWEI

DASHING INTO THE NEW YEAR

San Francisco-based delivery company DoorDash will require all employees to make deliveries under its reinstated WeDash program, a spokesperson confirmed Wednesday.

DoorDash started the program when the company first launched in 2013, but had paused it "for a bit" during the pandemic, the spokesperson said.

"It's a great program that reflects our values, brings us closer to the product and helps us build empathy for all our audiences," the spokesperson said in an email.

The program will require all employees, including the company's engineers and even CEO, to make at least one delivery a month. Any money employees earn from participating is donated to a nonprofit, a spokesperson told CNN Business.

Read more here.

SELF-DRIVING TRUCKS ROLL FORWARD

Technology firm TuSimple this week completed testing of its driverless semitruck in Arizona.

The company said on Wednesday that the truck successfully drove an 80-mile route on public roads, according to The Associated Press.

The truck, which was led and flanked by vehicles prepared to step in if necessary, began its trip at a railyard in Tucson and traveled all the way to a Phoenix distribution center. TuSimple told the AP that the semi was able to navigate lane changes, off ramps and traffic signals without issue, "naturally interacting with other motorists."

"This test reinforces what we believe is our unique position at the forefront of autonomous trucking, delivering advanced driving technology at commercial scale," TuSimple CEO Cheng Lu said.

Read more here.

APPLE VS. META

Apple is offering large bonuses to employees in an attempt to retain talent from rivals such as Meta, the parent company of Facebook, Bloomberg News reported.

The reported bonuses range from approximately $50,000 to as much as $180,000, according to Bloomberg. Many company engineers have received sums in the amount of roughly $80,000, $100,000, or $120,000 in shares, sources told the outlet.

Apple informed some engineers in the silicon design, hardware and select software and operations groups last week that they will receive the bonuses, which are being issued as restricted stock units.

Read more here.

A MESSAGE FROM HUAWEI

BITS AND PIECES

An op-ed to chew on: Is China's power peaking? And other top national security questions for 2022

Lighter click: Feeling attacked on all sides

Notable links from around the web:

As omicron washes over America, much of the country still isn't using exposure notification apps (The Washington Post / Gerrit De Vynch and Cat Zakrzewski)

How Discord, Born From an Obscure Game, Became a Social Hub for Young People (The New York Times/ Kellen Browning)

Iranian hackers behind Cox Media Group ransomware attack (The Record / Catalin Cimpanu)

Chinese hackers use Log4j exploit to go after academic institution (CyberScoop / Tonya Riley)

One last thing: Biden and Putin to chat, again

Vladimir Putin
Vladimir Putin

President Biden will hold another phone call with Russian President Vladimir Putin on Thursday amid ongoing tensions with Ukraine and ahead of upcoming discussions on Moscow's security demands.

National Security Council spokesperson Emily Horne said in a statement that the two leaders will discuss "a range of topics, including upcoming diplomatic engagements with Russia."

"The Biden Administration continues to engage in extensive diplomacy with our European Allies and partners, consulting and coordinating on a common approach in response to Russia's military build-up on the border with Ukraine," Horne said.

The call, which was first reported by CNN, is the second held between the two leaders as fears grow that Russia could be planning an invasion of Ukraine amid Moscow massing tens of thousands of troops near the Ukrainian border. Earlier this month, Biden held a two-hour virtual call with Putin, during which he warned that Russia would suffer economic consequences if it invaded Ukraine.

While the upcoming call will be focused on issues around Ukraine, the two leaders also previously met in June to discuss Russian-linked cyberattacks on U.S. companies, and discussed the issue again during a call in July.

Read more here.

That's it for today, thanks for reading. Check out The Hill's technology and cybersecurity pages for the latest news and coverage. We'll see you Thursday.

Our goal is to create a safe and engaging place for users to connect over interests and passions. In order to improve our community experience, we are temporarily suspending article commenting