Spiegel Stuff: Hillicon Valley — Presented by CCIA — Surgeon general issues health misinformation advisory | Biden administration stepping up efforts to respond to ransomware attacks | Cyber bills gain new urgency after rash of attacks

Presented by the Computer and Communications Industry Association

Welcome to Hillicon Valley, The Hill's newsletter detailing all you need to know about the tech and cyber news world from Capitol Hill to Silicon Valley. If you don’t already, be sure to sign up for our newsletter by clicking HERE.

Welcome and Happy Thursday! Follow our cyber reporter, Maggie Miller (@magmill95), and tech team, Chris Mills Rodrigo (@millsrodrigo) and Rebecca Klar (@rebeccaklar), for more coverage.

The Biden administration put pressure Thursday on tech companies to do more to combat the spread of the misinformation on their platforms. Surgeon General Vivek Murthy issued an advisory calling the spread of misinformation an “urgent threat to public health” — especially as the federal government pushes for more Americans to get coronavirus vaccines.

The administration also took steps Thursday to boost its response to the ongoing and increasing ransomware attacks on U.S. companies and critical infrastructure. Cybersecurity concerns are a top bipartisan priority on Capitol Hill as well in the wake of recent attacks, and several bipartisan bills are gaining sponsors and likely to be rolled out this month.

MAKING MOVES ON MISINFORMATION: Surgeon General Vivek Murthy on Thursday issued an advisory calling health misinformation an “urgent threat” amid the COVID-19 vaccination push.

“Health misinformation is an urgent threat to public health,” Murthy said in a statement. “It can cause confusion, sow distrust, and undermine public health efforts, including our ongoing work to end the COVID-19 pandemic.”

The advisory, the first issued by the surgeon general during the Biden administration, calls for a range of sectors to take action.

It calls on technology and social media companies to do more to fight misinformation on their platforms, including redesigning algorithms to avoid amplifying misinformation and strengthening the monitoring of it.

Read more here.

MAKING MOVES ON RANSOMWARE: The Biden administration on Thursday announced new cross-agency measures to address the recent major ransomware attacks on companies including Colonial Pipeline and software group Kaseya.

A senior administration official told The Hill that an interagency task force, created as part of President Biden’s directive in April for federal agencies to address ransomware attacks, has made progress in identifying and coordinating action on a range of fronts regarding ransomware concerns.

These include working to disrupt cyber criminal groups and the infrastructure responsible for ransomware attacks, building an international coalition to confront cyber threats abroad, addressing the use of cryptocurrency to pay ransoms, improving cyber hygiene and promoting the reporting of ransomware incidents.

In addition, administration officials told reporters on a call Wednesday that the State Department will launch a financial rewards program for information on foreign state-sponsored hacking efforts targeting U.S. critical infrastructure.

The Treasury Department is also involved, with the agency’s Financial Crimes Enforcement Network set to announce Thursday that it will convene a virtual conference on ransomware later this year with groups including financial institutions and technology firms.

A MESSAGE FROM CCIA

New House Judiciary regulatory proposals aimed at just a few tech companies are more anti-consumer than antitrust. More here from CCIA, which has advocated for tech industry competition since 1972.

A TRUE BIPARTISAN EFFORT: Bipartisan bills aimed at strengthening U.S. cybersecurity after a string of major attacks are making headway in both the House and Senate.

The rare cooperation between Democrats and Republicans is a sharp contrast to the partisan divisions over other measures like voting rights legislation and major infrastructure components.

“Unlike some of the other things I’m working on, huge, huge progress,” Senate Intelligence Committee Chairman Mark Warner (D-Va.) said of a cybersecurity proposal he is spearheading.

“We are very close to having almost every member of the committee on it,” Warner told The Hill on Tuesday. “It has been purely waiting for the members to get back [to Washington]. I’ve got to have a couple of member-to-member discussions, but the notion that we need some level of mandatory incident reporting. The fact that many business groups have coalesced behind this, I think it’s all great news.”

The draft bill, backed by Sens. Marco Rubio (R-Fla.) and Susan Collins (R-Maine) on the Intelligence Committee, would require federal agencies, federal contractors and owners and operators of critical infrastructure to report cybersecurity incidents within 24 hours to the Cybersecurity and Infrastructure Security Agency.

MICROSOFT TAKES ACTION: Microsoft on Thursday announced that it had disrupted the use of what it described as “cyberweapons” manufactured and sold by an Israeli-based company to target victims worldwide including journalists and human rights activists.

The group, known as “Sourgum,” is what Microsoft described as a “private sector offensive actor,” and was known to sell weapons to government agencies around the world that were then used to hack into the personal devices of targeted individuals, including phones, computers and other internet-connected devices.

“These agencies then choose who to target and run the actual operations themselves,” Cristin Goodwin, general manager of Microsoft’s Digital Security Unit, wrote in a blog post published Thursday.