The State Department will offer rewards up to $10 million for information leading to the identification of anyone engaged in foreign state-sanctioned malicious cyber activity against critical U.S. infrastructure — including ransomware attacks — and the White House has launched a task force to coordinate efforts to stem the ransomware scourge.The Biden administration is also launching the website stopransomware.gov to offer the public resources for countering the threat and building more resilience into networks, a senior administration official told reporters.Another measure being announced Thursday to combat the ransomware onslaught is from the Financial Crimes Enforcement Network at the Treasury Department. It will engage banks, technology firms and others on better anti-money-laundering efforts for cryptocurrency and more rapid tracing of ransomware proceeds, which are paid in virtual currency.  Officials are hoping to seize more extortion payments in ransomware cases, as the FBI did in recouping most of the $4.4 million ransom paid by Colonial Pipeline in May.The rewards are being offered under the State Department’s Rewards for Justice program. It will offer a tips-reporting mechanism on the dark web to protect sources who might identify cyber attackers and/or their locations, and reward payments may include cryptocurrency, the agency said in a statement.  The administration official would not comment on whether the U.S. government had a hand in Tuesday’s online disappearance of REvil, the Russian-linked gang responsible for a July 2 supply chain ransomware attack that crippled well over 1,000 organizations globally by targeting Florida-based software provider Kaseya. Ransomware scrambles entire networks of data, which criminals unlock when they get paid.Cybersecurity experts say REvil may have decided to drop out of sight and rebrand under a new name, as it and several other ransomware gangs have done in the past to try to throw off law enforcement.Another possibility is that Russian President Vladimir Putin actually heeded President Joe Biden’s warning of repercussions if he didn’t rein in ransomware criminals, who enjoy safe harbor in Russia and allied states.That seemed improbable, however, given Kremlin spokesman Dmitry Peskov’s statement to reporters Wednesday that he was unaware of REvil sites disappearing.”I don’t know which group disappeared where,” he said. He said the Kremlin deems cybercrimes “unacceptable” and meriting of punishment, but analysts say they have seen no evidence of a crackdown by Putin.
 
…

It began in February with a tweet by pop star Rihanna that sparked widespread condemnation of Indian Prime Minister Narendra Modi’s handling of massive farmer protests near the capital, souring an already troubled relationship between the government and Twitter.Moving to contain the backlash, officials hit Twitter with multiple injunctions to block hundreds of tweets critical of the government. Twitter complied with some and resisted others.Relations between Twitter and Modi’s government have gone downhill ever since.At the heart of the standoff is a sweeping internet law that puts digital platforms like Twitter and Facebook under direct government oversight. Officials say the rules are needed to quell misinformation and hate speech and to give users more power to flag objectionable content.Critics of the law worry it may lead to outright censorship in a country where digital freedoms have been shrinking since Modi took office in 2014.Police have raided Twitter’s offices and have accused its India chief, Manish Maheshwari, of spreading “communal hatred” and “hurting the sentiments of Indians.” Last week, Maheshwari refused to submit to questioning unless police promised not to arrest him.On Wednesday, the company FILE – In this Feb. 25, 2021, photo, India’s Information Technology Minister Ravi Shankar Prasad, left, and Information and Broadcasting Minister Prakash Javadekar new regulations for social media companies and digital streaming websites.Tech companies also must assign staff to answer complaints from users, respond to government requests and ensure overall compliance with the rules.Twitter missed a three-month deadline in May, drawing a strong rebuke from the Delhi High Court. Last week, after months of haggling with the government, it appointed all three officers as required.“Twitter continues to make every effort to comply with the new IT Rules 2021. We have kept the Government of India apprised of the progress at every step of the process,” the company said in a statement to the Associated Press.Apar Gupta, executive director of the Internet Freedom Foundation, says he worries the rules will lead to numerous cases against internet platforms and deter people from using them freely, leading to self-censorship. Many other critics say Modi’s Hindu nationalist government is imposing what they call a climate of “digital authoritarianism.”“If it becomes easier for user content to be taken down, it will amount to the chilling of speech online,” Gupta said.The government insists the rules will benefit and empower Indians.“Social media users can criticize Narendra Modi, they can criticize government policy, and ask questions. I must put it on the record straight away . . . But a private company sitting in America should refrain from lecturing us on democracy” when it denies its users the right to redress, the ex-IT minister, Ravi Shankar Prasad, told the newspaper The Hindu last month.FILE – India’s Prime Minister Narendra Modi.Despite the antagonisms between Modi and Twitter, he has been an enthusiastic user of the platform in building popular support for his Bharatiya Janata Party. His government has also worked closely with the social media giant to allow Indians to use Twitter to seek help from government ministries, particularly during health emergencies. Bharatiya Janata Party’s social media team has meanwhile been accused of initiating online attacks against critics of Modi.Still, earlier internet restrictions had already prompted the Washington-based Freedom House to list India, the world’s most populous democracy, as “partly free” instead of “free” in its annual analysis.The law announced in February requires tech companies to aid police investigations and help identify people who post “mischievous information.” That means messages must be traceable, and experts say this it could mean end-to-end encryption would not be allowed in India.Facebook’s WhatsApp, which has more than 500 million users in India, has sued the government, saying breaking encryption, which continues for now, would “severely undermine the privacy of billions of people who communicate digitally.”Officials say they only want to trace messages that incite violence or threatening national security. WhatsApp says it can’t selectively do that.“It is like you are renting out an apartment to someone but want to look into it whenever you want. Who would want to live in a house like that?” said Khursheed of Laminar Global.The backlash over online freedom of expression, privacy and security concerns comes amid a global push for more data transparency and localization, said Kolla, the tech expert.Germany requires social media companies to devote local staff and data storage to curbing hate speech. Countries like Vietnam and Pakistan are drafting legislation similar to India’s. In Turkey, social media companies complied with a broad mandate for removing content only after they were fined and faced threats to their ad revenues.Instead of leaving, some companies are fighting the new rules in the courts, where at least 13 legal challenges have been filed by news publishers, media associations and individuals. But such cases can stretch for months or even years.Mishi Choudhary, a technology lawyer and founder of India’s Software Freedom Law Center, says that under the rules, social media platforms might lose their safe harbor protection, which shields them from legal liability over user-generated content. Courts have to decide that on a case-by-case basis, she said. And their legal costs would inevitably soar.“You know how it is in India. The process is the punishment,” Choudhary said. “And until we get to a place where the courts will actually come and tell us what the legal position is and determine those legal positions, it is open season for tech backlash.” 
…

A report by a non-profit group says Africa needs to increase internet access to boost its economies, especially in the wake of the COVID-19 pandemic.  The advocacy group found that while Africa’s locally routed online traffic has increased, only one in five Africans has internet access.  High taxes and frequent internet shutdowns by some African governments have also discouraged online trade.The Internet Society group says in a report this month Africa’s internet exchange points, or IXP’s, have increased from 19 to 46 in under eight years. Six countries have more than one IXP. An IXP is where multiple networks and service providers exchange internet traffic.  The increase is significant because a decade ago, most African countries routed their online traffic outside the continent.Dawit Bekele is the Africa regional vice president for the Internet Society, a global nonprofit organization that promotes the development and use of the internet. He said Africa having its own IXP’s improves internet performance for users on the continent.“By developing internet exchange points within Africa, we have limited this kind of unnecessary travels of internet traffic outside of Africa to come back to Africa, which has a considerable advantage to improving the user experience, be it the speed, connectivity or even the cost of connectivity,” he said.The Washington-based group says its goal is to eventually have 80 percent of internet traffic in Africa be exchanged locally.Michael Niyitegeka, an information technology expert, said public demand has forced African governments to improve internet access.“We can’t run away from the youth population. There are quite a number of young people and therefore their affinity or drive for technology and use of the Internet is way higher than our parents and they are more comfortable using technology than anything else. Finally, the other aspect I think is quite critical is the access to mobile technology devices is a big driver. We see quite a number of relatively cheap smart or internet-enabled phones in our markets and that has a massive effect on how many people can access the internet,” said Niyitegeka.In a 2020 study, the International Foundation Corporation said internet use could add $180 billion to Africa’s economies.However, some governments have taken steps to control digital communication by shutting down social media platforms and imposing a high tax on internet use.Omoniyi Kolande is the CEO of SeerBit, a Nigerian company that offers payment processing services to businesses. He said that government control of the internet will drive businesses backward. “It’s a way we are driven backward instead of moving forward. We are supposed to encourage access, we are supposed to encourage free access point for interaction for solutions, because if businesses had to put their product on platforms, as long as those platforms are put down or disconnected there is loss of revenue at that point and for payment gateway. We are already losing revenue as those businesses do not exist to achieve the purpose of what they should achieve,” he said.The United Nations Economic Commission for Africa notes that only 20 percent of the continent’s population has access to the Internet.The Internet Society Group is urging African governments to expand internet infrastructure to rural areas, where most of the population lives, so that they can benefit from it. 
…

In the future, keyboards and remote controls may be replaced with a more direct way for humans to interact with machines —  hand gestures. VOA’s Elizabeth Lee has more.  
Camera: Elizabeth Lee
Produced by: Elizabeth Lee
…

Taiwanese tech giants Foxconn and Taiwan Semiconductor Manufacturing Company announced Monday they will each donate five million coronavirus vaccine doses to the government in a deal with a China-based distributor. Taipei has been struggling to secure enough vaccines for its population, and its precarious political status has been a major stumbling block. As Taipei and Beijing accused each other of hampering vaccine deals, Foxconn and TSMC stepped in with a face-saving solution — buying the Pfizer-BioNTech doses from a Chinese distributor and donating them to Taiwan. “Me and my team feel the public anxiety and expectations on the vaccines and we are relieved to give the public an answer that relevant contracts have been signed,” Foxconn founder Terry Gou said in a post on his Facebook page. “Beijing authorities have not offered any guidance or interfered with the vaccine acquisition process,” he said, adding that the vaccines will be shipped directly by German firm BioNTech. Foxconn and TSMC, the world’s largest contract electronics and chip makers respectively, said they will spend $175 million each on the vaccines. Beijing’s authoritarian leadership views democratic self-ruled Taiwan as part of China’s territory and has vowed to one day seize the island, by force if needed. China tries to keep Taiwan internationally isolated, including blocking it from the World Health Organization. Taipei has been trying to secure Pfizer-BioNTech direct from Germany, but Shanghai-based Fosun Pharma has the distribution rights for China, Hong Kong, Macau and Taiwan. Attempts to sign a direct deal made little headway, something Taiwan blamed on Beijing. In return, Beijing has accused Taiwan of refusing to deal with Fosun Pharma and politicizing its vaccine search. Fosun issued a statement late Sunday saying it had signed a deal with the Taiwanese firms to sell 10 million shots, to be donated to “disease control institutions in the Taiwan region.” In an interview with China’s Global Times — a state-run tabloid — Fosun Chairman and CEO Wu Yifang accused Taipei of “rule-breaking in the whole process.” No further elaboration was provided. Taiwan had only received 726,000 vaccine doses before the United States and Japan recently donated 2.5 million and 2.37 million doses, respectively. So far, just 14 percent of its 23.5 million people have been vaccinated, according to the health ministry. Health Minister Chen Shih-chung previously revealed that Taiwan and BioNTech were about to finalize a deal in January when the company suggested the words “our country” had to be taken out of a Taiwanese press statement. Chen said authorities agreed to replace it with “Taiwan,” but the deal remained stalled. The Chinese government reacts angrily at any attempts to recognize Taiwan as an independent nation. 
…

China’s technology ministry Monday announced a three-year action plan to develop the country’s cyber-security industry, which it estimates will be worth more than $38 billion by 2023, according to Reuters. The new strategy by the Ministry of Industry and Information Technology is being unveiled as Beijing tightens its grip on the country’s technology sector, underscored by its regulatory probe of ride-hailing giant Didi Global.   The company was valued at $68 billion after its June 30 initial public offering, or IPO, on the New York Stock Exchange.   But Chinese regulators launched a cybersecurity review of the company and said new users would not be allowed to register during the review, sending Didi Global share prices tumbling. The Cyberspace Administration of China then ordered Didi’s app removed from domestic mobile app stores. The agency has also ordered two other tech-based companies, Uber-like trucking startup Full Truck Alliance and Kanzhun, which connects job seekers and hiring enterprises via a mobile app, to suspend user registrations and submit to security reviews, citing risks to “national data security.”   The two companies, like Didi Global, had also recently issued IPOs on U.S. stock exchanges.   Some information for this report came from Reuters, CNBC, and the New York Times. 
…

Iran’s railroad system came under cyberattack Friday, a semi-official news agency reported, with hackers posting fake messages about train delays or cancellations on display boards at stations across the country.  The hackers posted messages such as “long delayed because of cyberattack” or “canceled” on the boards. They also urged passengers to call for information, listing the phone number of the office of the country’s supreme leader, Ayatollah Ali Khamenei.  The semiofficial Fars news agency reported that the hack led to “unprecedented chaos” at rail stations.  No group took responsibility. Earlier in the day, Fars said trains across Iran had lost their electronic tracking system. It wasn’t immediately clear if that was also part of the cyberattack. Fars later removed its report and instead quoted the spokesman of the state railway company, Sadegh Sekri, as saying “the disruption” did not cause any problem for train services.  In 2019, an error in the railway company’s computer servers caused multiple delays in train services.  In December that year, Iran’s telecommunications ministry said the country had defused a massive cyberattack on unspecified “electronic infrastructure” but provided no specifics on the purported attack. It was not clear if the reported attack caused any damage or disruptions in Iran’s computer and internet systems, and whether it was the latest chapter in the U.S. and Iran’s cyber operations targeting the other. Iran disconnected much of its infrastructure from the internet after the Stuxnet computer virus — widely believed to be a joint U.S.-Israeli creation — disrupted thousands of Iranian centrifuges in the country’s nuclear sites in the late 2000s.  
…

U.S. President Joe Biden discussed recent ransomware attacks on the U.S. from Russia in a phone call Friday with Russian President Vladimir Putin, according to the White House.“President Biden underscored the need for Russia to take action to disrupt ransomware groups operating in Russia and emphasized that he is committed to continued engagement on the broader threat posed by ransomware,” according to a readout of the conversation released by the White House.Biden warned of consequences if ransomware attacks from Russia continued, the White House said.“President Biden reiterated that the United States will take any necessary action to defend its people and its critical infrastructure in the face of this continuing challenge,” the White House said.The call came more than three weeks after the two leaders met in Geneva on June 16, when Biden appealed to Putin, who has denied any responsibility, to crack down on cyber hackers in Russia.Some information for this report came from Reuters. 
…

Karmic fortune has arrived to the digital art market, with a kaleidoscopic splash of colors and the face of a revered Thai monk offering portable Buddhist good luck charms to tech-savvy buyers.Sales of non-fungible tokens (NFTs) — virtual images of anything from popular internet memes to original artwork — have swept the art world in recent months, with some fetching millions of dollars at major auction houses.CryptoAmulets is the latest venture to chase the craze, with founder Ekkaphong Khemthong sensing opportunity in Thailand’s widespread practice of collecting talismans blessed by revered monks.”I am an amulet collector and I was thinking about how I could introduce amulets to foreigners and to the world,” he told AFP.Collecting amulets and other small religious trinkets is a popular pastime in Buddhist-majority Thailand, where the capital Bangkok has a market solely dedicated to the traders of these lucky objects.Their value can rise thousands of dollars if blessed by a well-respected monk.Despite being a digital format, Ekkapong wanted CryptoAmulets to have the same traditional ceremony as a physical piece, which is why he approached Luang Pu Heng, a highly regarded abbot from Thailand’s northeast.”I respect this monk and I would love the world to know about him — he is a symbol of good fortune in business,” he said.Luang Pu Heng last month presided over a ceremony to bless physical replicas of the digital amulets, which show a serene image of his face.He splashed holy water onto his own visage as his saffron-robed disciples chanted and scattered yellow petals on the altar where the portraits were mounted.’We just tried to simplify it’One challenge was trying to explain the concept of NFTs to the 95-year-old abbot, who assumed he would be blessing physical amulets.”It’s very hard so we just tried to simplify it,” said Singaporean developer Daye Chan.”We said to him that it’s like blessing the photos.”Transforming amulets into crypto art also means the usual questions of authenticity plaguing a talisman sold in a market are eliminated, he added.”There are so many amulets being mass produced… All the records could be lost and these physical items can be easily counterfeited,” Chan said.NFTs use blockchain technology — an unalterable digital ledger — to record all transactions from the moment of their creation.”For our amulet, even a hundred years later, they can still check back the record to see what the blockchain is,” Chan said.But founder Ekkaphong would not be drawn on the karmic effectiveness of digital amulets, compared to their real-life counterparts.”They are different,” he said.On the CryptoAmulets website online gallery, different inscriptions are written in Thai — “rich,” “lucky” or “fortunate,” for instance — around each of the tokens.They are priced on a tiered system in ethereum, the world’s second-largest cryptocurrency after bitcoin, and are currently selling for between $46 and $1,840.Sales have been slow ahead of Sunday’s purchase deadline, with only 1,500 tokens sold out of the 8,000 available, and with Thais making up most of the buyers.Thai chef Theerapong Lertsongkram said he bought a CryptoAmulet because of his reverence for objects blessed by Luang Pu Heng, which he says have brought him good fortune.”I have had several lucky experiences such as winning small lottery prizes… or being promoted on my job,” said Theerapong, who works in a Stockholm restaurant.”I did not know anything about NFTs before, but I made the decision to buy it as I respect Luang Pu Heng so much,” he told AFP.But fellow collector Wasan Sukjit — who adorns the interior of his taxi with rare amulets — has a harder time with the concept.”Amulets need to be something physical, something people can hold,” he scoffed.”I prefer the ones I can hang on my neck.” 
…

 China’s most popular social media service has deleted accounts on LGBT topics run by university students and nongovernment groups, prompting concern the ruling Communist Party is tightening control over gay and lesbian content.WeChat sent account holders a notice they violated rules but gave no details, according to the founder of an LGBT group, who asked not to be identified further out of fear of possible official retaliation. She said dozens of accounts were shut down about 10 p.m. Tuesday.It wasn’t clear whether the step was ordered by Chinese authorities, but it came as the ruling party has tightened political controls and had tried to silence groups that might criticize its rule.WeChat’s operator, Tencent Holding Ltd., confirmed it received an email seeking comment but didn’t immediately respond.The Communist Party decriminalized homosexuality in 1997, but gay, lesbian, bisexual, transsexual and other sexual minorities still face discrimination. While there is more public discussion of such issues, some LGBT activities have been blocked by authorities.The official attitude is increasingly strict, the founder of the LGBT group said.Contents of the WeChat accounts, which included personal stories and photos of group events, were erased, according to the group’s founder.DevastatingThe former operator of a different group for university students, who asked not to be identified for fear of retaliation, called the step a devastating blow.University officials asked students two months ago to shut down LGBT social media groups or to avoid mentioning their school names, according to the LGBT group founder. She said universities in the eastern province of Jiangsu were told by officials to investigate groups for women’s rights and sexual minorities to “maintain stability.”Surveys suggest there are about 70 million LGBT people in China, or about 5% of the population, according to state media.Some groups have organized film festivals and other public events, but those have dwindled.One of the most prominent, Shanghai Pride, canceled events last year and scrapped future plans without explanation after 11 years of operation.China’s legislature received suggestions from the public about legalizing same-sex marriage two years ago, according to the official Xinhua News Agency. However, it gave no indication whether legislators might take action.
…

A breakthrough safety feature being developed for vehicles is designed to potentially save the 10,000 lives lost to drunk driving in the U.S. each year. VOA’s Julie Taboh has more.
Camera: Mike Burke    Footage: DADSS Program, WMUR
…

Between 800 and 1,500 businesses around the world have been affected by a ransomware attack centered on U.S. information technology firm Kaseya, its chief executive said Monday. Fred Voccola, the Florida-based company’s CEO, said in an interview that it was hard to estimate the precise impact of Friday’s attack because those hit were mainly customers of Kaseya’s customers. Kaseya provides software tools to information technology outsourcing shops: companies that typically handle back-office work for companies too small or modestly resourced to have their own tech departments. One of those tools was subverted Friday, allowing the hackers to paralyze hundreds of businesses on five continents. Although most of those affected have been small concerns such as dentists’ offices or accountants, the disruption has been felt more keenly in Sweden, where hundreds of supermarkets had to close because their cash registers were inoperative, or New Zealand, where schools and kindergartens were knocked offline. FILE – A sign reads: “Temporarily Closed. We have an IT-disturbance and our systems are not functioning”, posted in the window of a closed Coop supermarket store in Stockholm, Sweden, July 3, 2021.The hackers who claimed responsibility for the breach have demanded $70 million to restore all the affected businesses’ data, although they have indicated a willingness to temper their demands in private conversations with a cybersecurity expert and with Reuters. “We are always ready to negotiate,” a representative of the hackers told Reuters earlier Monday. The representative, who spoke via a chat interface on the hackers’ website, didn’t provide their name. Voccola refused to say whether he was ready to take the hackers up on the offer. “I can’t comment yes, no or maybe,” he said when asked whether his company would talk to or pay the hackers. “No comment on anything to do with negotiating with terrorists in any way.” Voccola said he had spoken to officials at the White House, the FBI and the Department of Homeland Security about the breach, but so far, he was not aware of any nationally important business being affected. “We’re not looking at massive critical infrastructure,” he said. “That’s not our business. We’re not running AT&T’s network or Verizon’s 911 system. Nothing like that.” Because Voccola’s firm was in the process of fixing a vulnerability in the software that was exploited by the hackers when the ransomware attack was executed, some information security professionals have speculated that the hackers might’ve been monitoring his company’s communications from the inside. Voccola said neither he nor the investigators his company had brought in had seen any sign of that. “We don’t believe that they were in our network,” he said. He added that the details of the breach would be made public “once its ‘safe’ and OK to do that.” About a dozen different countries have been affected by the breach, according to research published by cybersecurity firm ESET.  
…

An Asian industry group that includes Google, Facebook and Twitter has warned that tech companies could stop offering their services in Hong Kong if the Chinese territory proceeds with plans to change privacy laws.
The warning came in a letter sent by the Asia Internet Coalition, of which all three companies, in addition to Apple Inc, LinkedIn and others, are members.
Proposed amendments to privacy laws in Hong Kong could see individuals hit with “severe sanctions”, said the June 25 letter to the territory’s privacy commissioner for personal data, Ada Chung Lai-ling, without specifying what the sanctions would be.
“Introducing sanctions aimed at individuals is not aligned with global norms and trends,” added the letter, whose contents were first reported by the Wall Street Journal.
“The only way to avoid these sanctions for technology companies would be to refrain from investing and offering their services in Hong Kong, thereby depriving Hong Kong businesses and consumers, whilst also creating new barriers to trade.”
In the six-page letter, AIC managing director Jeff Paine acknowledged the proposed amendments focus on the safety and personal data privacy of individuals. “However, we wish to stress that doxxing is a matter of serious concern,” he wrote.
During anti-government protests in Hong Kong in 2019, doxxing – or publicly releasing private or identifying information about an individual or organisation – came under scrutiny when police were targeted after their details were released online.
The details of some officers’ home addresses and children’s schools were also exposed by anti-government protesters, some of who threatened them and their families online.
“We … believe that any anti-doxxing legislation, which can have the effect of curtailing free expression, must be built upon principles of necessity and proportionality,” the AIC said.
Facebook did not immediately respond to a Reuters request for comment, while Twitter referred questions to the AIC.
Google declined to comment.
The former British colony of Hong Kong returned to Chinese rule in 1997 with the guarantee of continued freedoms. Pro-democracy activists say those freedoms are being whittled away by Beijing, especially with a national security law introduced last year cracking down on dissent. China denies the charge.
 
…

Businesses around the world rushed Saturday to contain a ransomware attack that has paralyzed their computer networks, a situation complicated in the U.S. by offices lightly staffed at the start of the Fourth of July holiday weekend. It’s not yet known how many organizations have been hit by demands that they pay a ransom in order to get their systems working again. But some cybersecurity researchers predict the attack targeting customers of software supplier Kaseya could be one of the broadest ransomware attacks on record.  It follows a scourge of headline-grabbing attacks over recent months that have been a source of diplomatic tension between U.S. President Joe Biden and Russian President Vladimir Putin over whether Russia has become a haven for cybercriminal gangs. Biden said Saturday he didn’t yet know for certain who was responsible but suggested that the U.S. would respond if Russia was found to have anything to do with it.  “If it is either with the knowledge of and or a consequence of Russia then I told Putin we will respond,” Biden said. “We’re not certain. The initial thinking was it was not the Russian government.” Cybersecurity experts say the REvil gang, a major Russian-speaking ransomware syndicate, appears to be behind the attack that targeted the software company Kaseya, using its network-management package as a conduit to spread the ransomware through cloud-service providers. “The number of victims here is already over 1,000 and will likely reach into the tens of thousands,” said cybersecurity expert Dmitri Alperovitch of the Silverado Policy Accelerator think tank. “No other ransomware campaign comes even close in terms of impact.” The cybersecurity firm ESET says there are victims in least 17 countries, including the United Kingdom, South Africa, Canada, Argentina, Mexico, Kenya and Germany. In Sweden, most of the grocery chain Coop’s 800 stores were unable to open because their cash registers weren’t working, according to SVT, the country’s public broadcaster. The Swedish State Railways and a major local pharmacy chain were also affected. Kaseya CEO Fred Voccola said in a statement that the company believes it has identified the source of the vulnerability and will “release that patch as quickly as possible to get our customers back up and running.” Voccola said fewer than 40 of Kaseya’s customers were known to be affected, but experts said the ransomware could still be affecting hundreds more companies that rely on Kaseya’s clients that provide broader IT services.John Hammond of the security firm Huntress Labs said he was aware of a number of managed-services providers — companies that host IT infrastructure for multiple customers — being hit by the ransomware, which encrypts networks until the victims pay off attackers. “It’s reasonable to think this could potentially be impacting thousands of small businesses,” said Hammond, basing his estimate on the service providers reaching out to his company for assistance and comments on Reddit showing how others are responding. At least some victims appeared to be getting ransoms set at $45,000, considered a small demand but one that could quickly add up when sought from thousands of victims, said Brett Callow, a ransomware expert at the cybersecurity firm Emsisoft. FILE – An “Out of Service” bag covers a gas pump as cars line up at a Circle K gas station near uptown Charlotte, North Carolina, May 11, 2021, after a ransomware attack shut the Colonial Pipeline, a major East Coast gasoline provider.Callow said it’s not uncommon for sophisticated ransomware gangs to perform an audit after stealing a victim’s financial records to see what they can really afford to pay, but that won’t be possible when there are so many victims to negotiate with. “They just pitched the demand amount at a level most companies will be willing to pay,” he said.  Voccola said the problem is only affecting its “on premise” customers, which means organizations running their own data centers. It’s not affecting its cloud-based services running software for customers, though Kaseya also shut down those servers as a precaution, he said. The company added in a statement Saturday that “customers who experienced ransomware and receive a communication from the attackers should not click on any links — they may be weaponized.” Gartner analyst Katell Thielemann said it’s clear that Kaseya quickly sprang to action, but it’s less clear whether their affected clients had the same level of preparedness. “They reacted with an abundance of caution,” she said. “But the reality of this event is it was architected for maximum impact, combining a supply chain attack with a ransomware attack.” Supply chain attacks are those that typically infiltrate widely used software and spread malware as it updates automatically. Complicating the response is that it happened at the start of a major holiday weekend in the U.S., when most corporate IT teams aren’t fully staffed. That could also leave those organizations unable to address other security vulnerabilities, such a dangerous Microsoft bug affecting software for print jobs, said James Shank, of threat intelligence firm Team Cymru. “Customers of Kaseya are in the worst possible situation,” he said. “They’re racing against time to get the updates out on other critical bugs.” The federal Cybersecurity and Infrastructure Security Agency said in a statement that it is closely monitoring the situation and working with the FBI to collect more information about its impact. CISA urged anyone who might be affected to “follow Kaseya’s guidance to shut down VSA servers immediately.” Kaseya runs what’s called a virtual system administrator, or VSA, that’s used to remotely manage and monitor a customer’s network. The privately held Kaseya is based in Dublin, Ireland, with a U.S. headquarters in Miami.  REvil, the group most experts have tied to the attack, was the same ransomware provider that the FBI linked to an attack on JBS SA, a major global meat processor that paid an $11 million ransom, amid the Memorial Day holiday weekend in May. Active since April 2019, the group provides ransomware as a service, meaning it develops the network-paralyzing software and leases it to so-called affiliates who infect targets and earn the lion’s share of ransoms. U.S. officials have said the most potent ransomware gangs are based in Russia and allied states and operate with Kremlin tolerance and sometimes collude with Russian security services.  Asked about the attack during a trip to Michigan on Saturday, Biden said he had asked the intelligence community for a “deep dive” on what happened. He said he expected to know more by Sunday. 
…

One of Sweden’s biggest supermarket chains said Saturday it had to temporarily close around 800 stores nationwide after a cyberattack blocked access to its checkouts.”One of our subcontractors was hit by a digital attack, and that’s why our checkouts aren’t working any more,” Coop Sweden, which accounts for around 20 percent of the sector, said in a statement.”We regret the situation and will do all we can to reopen swiftly,” the cooperative added.Coop Sweden did not name the subcontractor or reveal the hacking method used against it beginning on Friday evening.But the attack comes as a wave of ransomware attacks has struck worldwide, especially in the United States.Ransomware attacks typically involve locking away data in systems using encryption, making companies pay to regain access.Last year, hackers extorted at least $18 billion using such software, according to security firm Emsisoft.US IT company Kaseya on Friday urged customers to shut down servers running its VSA platform after dozens were hit with ransomware.In recent weeks, such attacks have hit oil pipelines, health services and major firms, and made it onto the agenda of US President Joe Biden’s June meeting with Russian counterpart Vladimir Putin.
…

A ransomware attack paralyzed the networks of at least 200 U.S. companies on Friday, according to a cybersecurity researcher whose company was responding to the incident. The REvil gang, a major Russian-speaking ransomware syndicate, appears to be behind the attack, said John Hammond of the security firm Huntress Labs. He said the criminals targeted a software supplier called Kaseya, using its network management package as a conduit to spread the ransomware through cloud service providers. Other researchers agreed with Hammond’s assessment. “Kaseya handles large enterprise all the way to small businesses globally, so ultimately, [this] has the potential to spread to any size or scale business,” Hammond said in a direct message on Twitter. “This is a colossal and devastating supply chain attack.” Such cyberattacks typically infiltrate widely used software and spread malware as it updates automatically. It was not immediately clear how many Kaseya customers might be affected or who they might be. Kaseya urged customers in a statement on its website to immediately shut down servers running the affected software. It said the attack was limited to a “small number” of its customers. Brett Callow, a ransomware expert at the cybersecurity firm Emsisoft, said he was unaware of any previous ransomware supply-chain attack on this scale. There have been others, but they were fairly minor, he said. “This is SolarWinds with ransomware,” he said. He was referring to a Russian cyberespionage hacking campaign discovered in December that spread by infecting network management software to infiltrate U.S. federal agencies and scores of corporations. Cybersecurity researcher Jake Williams, president of Rendition Infosec, said he was already working with six companies hit by the ransomware. It’s no accident that this happened before the Fourth of July weekend, when IT staffing is generally thin, he added. “There’s zero doubt in my mind that the timing here was intentional,” he said. Hammond of Huntress said he was aware of four managed-services providers — companies that host IT infrastructure for multiple customers — being hit by the ransomware, which encrypts networks until the victims pay off attackers. He said thousand of computers were hit. “We currently have three Huntress partners who are impacted with roughly 200 businesses that have been encrypted,” Hammond said. Hammond wrote on Twitter: “Based on everything we are seeing right now, we strongly believe this [is] REvil/Sodinikibi.” The FBI linked the same ransomware provider to a May attack on JBS SA, a major global meat processor. The White House and the federal Cybersecurity and Infrastructure Security Agency did not immediately return messages seeking comment. 
…

As part of a cyberespionage operation targeting Central Asian countries, Chinese hackers recently sought to breach the computer networks of Afghanistan’s National Security Council, researchers at cybersecurity firm Check Point reported.The alleged attack by the Chinese-speaking hacking group known to cybersecurity experts as IndigoZebra is the latest in an operation that goes back as far as 2014 and has targeted political entities in neighboring Uzbekistan and Kyrgyzstan, the researchers wrote in a FILE – An iPhone displays a Facebook page, Aug. 11, 2019. Facebook said March 24, 2021, that hackers in China had used fake accounts and impostor websites in a bid to break into the phones of Uyghur Muslims.This is the first major Chinese cyberespionage operation in Afghanistan to come to light, coming just weeks after An icon for the Pulse Secure smartphone app, right, and a computer desktop info page are seen in Burke, Va., June 14, 2021. Suspected Chinese hackers penetrated U.S. entities’ computers in what cybersecurity experts called a major espionage campaign.China conducts large-scale cyberespionage operations around the world, cybersecurity experts say. In its latest threat assessment to Congress, the U.S. intelligence community wrote in April that China “presents a prolific and effective cyberespionage threat, possesses substantial cyber-attack capabilities, and presents a growing influence threat.”The Chinese Embassy in Washington did not respond to a request for comment.Check Point researchers said they investigated the cyberattack in Afghanistan after stumbling upon a suspicious email on a website that detects malware in email communications. The email had been apparently posted by one of its recipients on the Afghan National Security Council, according to Alexandra Gofman, the lead investigator on the Check Point team that probed the operation.Khalid Mafton of VOA’s Afghan Service contributed to this report.
…

Federal law enforcement agencies secretly seek the data of Microsoft customers thousands of times a year, according to congressional testimony Wednesday by a senior executive at the technology company.Tom Burt, Microsoft’s corporate vice president for customer security and trust, told members of the House Judiciary Committee that federal law enforcement in recent years has been presenting the company with between 2,400 to 3,500 secrecy orders a year, or about seven to 10 a day.”Most shocking is just how routine secrecy orders have become when law enforcement targets an American’s email, text messages or other sensitive data stored in the cloud,” said Burt, describing the widespread clandestine surveillance as a major shift from historical norms.The relationship between law enforcement and Big Tech has attracted fresh scrutiny in recent weeks with the revelation that Trump-era Justice Department prosecutors obtained as part of leak investigations phone records belonging not only to journalists but also to members of Congress and their staffers. Microsoft, for instance, was among the companies that turned over records under a court order, and because of a gag order, had to then wait more than two years before disclosing it.Since then, Brad Smith, Microsoft’s president, called for an end to the overuse of secret gag orders, arguing in a Washington Post opinion piece that “prosecutors too often are exploiting technology to abuse our fundamental freedoms.” Attorney General Merrick Garland, meanwhile, has said the Justice Department will abandon its practice of seizing reporter records and will formalize that stance soon.Burt is among the witnesses at a Judiciary Committee hearing about potential legislative solutions to intrusive leak investigations.  House Judiciary Committee Chairman Jerrold Nadler said in opening remarks Wednesday that the Justice Department took advantage of outdated policies on digital data searches to target journalists and others in leak investigations. The New York Democrat said that reforms are needed now to guard against future overreach by federal prosecutors — an idea also expressed by Republicans on the committee.”We cannot trust the department to police itself,” Nadler said.Burt said that while the revelation that federal prosecutors had sought data about journalists and political figures was shocking to many Americans, the scope of surveillance is much broader. He criticized prosecutors for reflexively seeking secrecy through boilerplate requests that “enable law enforcement to just simply assert a conclusion that a secrecy order is necessary.”Burt said that while Microsoft Corp. does cooperate with law enforcement on a broad range of criminal and national security investigations, it often challenges surveillance that it sees as unnecessary, resulting at times in advance notice to the account being targeted.Among the organizations weighing in at the hearing was The Associated Press, which called on Congress to act to protect journalists’ ability to promise confidentiality to their sources. Reporters must have prior notice and the ability to challenge a prosecutor’s efforts to seize data, said a statement submitted by Karen Kaiser, AP’s general counsel.”It is essential that reporters be able to credibly promise confidentially to ensure the public has the information needed to hold its government accountable and to help government agencies and officials function more effectively and with integrity,” Kaiser said.  As possible solutions, Burt said, the government should end indefinite secrecy orders and should also be required to notify the target of the data demand once the secrecy order has expired.Just this week, he said, prosecutors sought a blanket gag order affecting the government of a major U.S. city for a Microsoft data request targeting a single employee there.”Without reform, abuses will continue to occur and they will occur in the dark,” Burt said.
…

A robot called Robin is helping to ease kids’ anxiety in doctors’ offices and dental chairs. Deana Mitchell reports.
…

A federal judge on Monday dismissed antitrust lawsuits brought against Facebook by the Federal Trade Commission and a coalition of state attorneys general, dealing a significant blow to attempts by regulators to rein in tech giants. U.S. District Judge James Boasberg ruled Monday that the lawsuits were “legally insufficient” and didn’t provide enough evidence to prove that Facebook was a monopoly. The ruling dismisses the complaint but not the case, meaning the FTC could refile another complaint. “These allegations — which do not even provide an estimated actual figure or range for Facebook’s market share at any point over the past 10 years — ultimately fall short of plausibly establishing that Facebook holds market power,” he said. The U.S. government and 48 states and districts sued Facebook in December 2020, accusing the tech giant of abusing its market power in social networking to crush smaller competitors and seeking remedies that could include a forced spinoff of the social network’s Instagram and WhatsApp messaging services. The FTC had alleged Facebook engaged in a “a systematic strategy” to eliminate its competition, including by purchasing smaller up-and-coming rivals like Instagram in 2012 and WhatsApp in 2014. New York Attorney General Letitia James said when filing the suit that Facebook “used its monopoly power to crush smaller rivals and snuff out competition, all at the expense of everyday users.” Boasberg dismissed the separate complaint made by the state attorneys general, as well. 
 
…

A Ukrainian hacker was sentenced to seven years in prison for his role in a notorious cybercrime group that stole millions of credit and debit card details from across the United States, the Department of Justice said Thursday.Andrii Kolpakov, 33, was also ordered to pay $2.5 million in restitution after pleading guilty to one count of conspiracy to commit wire fraud and one count of conspiracy to commit computer hacking, the department said in a press release.Kolpakov’s lawyer, Vadim Glozman, said his client was disappointed with the sentence but respected the judge’s decision.He said Kolpakov — who has already spent three years in custody after being apprehended by police in Spain in 2018 — planned to return to Ukraine after serving out the remainder of his sentence.Kolpakov was sentenced in the Western District of Washington. Glozman said that his client was currently in custody in Washington state.Kolpakov’s gang — dubbed “FIN7” — is among the most prolific cybercriminal enterprises in existence. A memo drawn up by U.S. prosecutors said that “no hacking group epitomizes the industrialization of cybercrime better,” alleging that the gang had over 70 people organized into discrete departments and teams, including a unit devoted to crafting malicious software and another unit composed of hackers who exploited victims’ machines.For cover, FIN7 masqueraded as a cybersecurity company called “Combi Security,” which claimed to be involved in penetration testing.Prosecutors say Kolpakov worked for FIN7 from at least April 2016 until his arrest in June 2018 and rose to become a midlevel manager directing “a small team of hackers” tasked with breaching victims’ computer systems and training new recruits to use FIN7’s malicious tools.
…

U.S. lawmakers debated into the night Wednesday over details of legislation aimed at curbing the power of Big Tech firms with a sweeping reform of antitrust laws.The House Judiciary Committee clashed over a series of bills with potentially massive implications for large online platforms and consumers who use them.The legislation could force an overhaul of the business practices of Google, Apple, Amazon and Facebook, or potentially lead to a breakup of the dominant tech giants. But critics argue the measures could have unintended consequences that would hurt consumers and some of the most popular online services.Rep. David Cicilline, who headed a 16-month investigation that led to the legislation, said the bills are aimed at restoring competition in markets stymied by monopolies.”The digital marketplace suffers from a lack of competition. Many digital markets are defined by monopolies or duopoly control,” Cicilline said as the hearing opened.”Amazon, Apple, Facebook and Google are gatekeepers to the online economy. They bury or by rivals and abuse their monopoly power conduct that is harmful to consumers, competition, innovation and our democracy.”The bills would restrict how online platforms operate, notably whether tech giants operating them could favor their own products or services.The measures would also limit mergers or acquisitions by Big Tech firms aimed at limiting competition and make it easier for users to try new services by requiring data “portability” and “interoperability.”The fate of the bills remained unclear, with some Republicans and moderate Democrats expressing concerns despite bipartisan support.Clash points included whether it is right to target laws at four big tech companies and whether government agencies will hobble them instead of letting them adapt to competition.”The interoperability measure is a huge step backwards,” said Oregon Republican Cliff Bentz. “Big Tech is certainly not perfect. This bill is not the way to fix the problem.”Representative Zoe Lofgren said she hoped the bill would include more measures for data privacy and security but endorses the concept.“The big platforms have all your information. And if you can’t move it, then you’re really a prisoner of that platform,” she said. “Who wants to leave a platform if they’ve got all your baby pictures and all of your videos of your grandchildren, locked up?”As the session stretched into the night, some members of the body lobbied to adjourn and resume the work another day.’They make it worse’Republican Representative Ken Buck, a supporter of the overhaul, said the legislation “represents a scalpel, not a chainsaw, to deal with the most important aspects of antitrust reform,” in dealing with “these monopolists (who) routinely use their gatekeeper power to crush competitors, harm innovation and destroy the free market.”But Representative Jim Jordan, a Republican, criticized the effort, renewing his argument that Big Tech firms suppress conservative voices.”These bills don’t fix that problem — they make it worse,” Jordan said. “They don’t break up Big Tech. They don’t stop censorship.”Steve Chabot, another Republican, called the initiative “an effort for big government to take over Big Tech.”The panel approved on a 29-12 vote a bill that was the least controversial, increasing merger filing fees to give more funding for antitrust enforcement.Tech firms and others warned of negative consequences for popular services people rely on, potentially forcing Apple to remove its messaging apps from the iPhone or Google to stop displaying results from YouTube or Maps.Apple released a report arguing that one likely impact — opening up the iPhone to apps from outside platforms — could create security and privacy risks for users.Forcing Apple to allow “sideloading” of apps would mean “malicious actors would take advantage of the opportunity by devoting more resources to develop sophisticated attacks targeting iOS users,” the report said.Amazon vice president Brian Huseman warned of “significant negative effects” both for sellers and consumers using the e-commerce platform, and reduced-price competition.”It will be much harder for these third-party sellers to create awareness for their business,” Huseman said.”Removing the selection of these sellers from Amazon’s store would also create less price competition for products, and likely end up increasing prices for consumers. The committee is moving unnecessarily fast in pushing these bills forward.”The measures may also impact other firms including Microsoft, which has not been the focus of the House antitrust investigation but which links services such as Teams messaging and Bing search to its Windows platform, and possibly other firms. 
…