Parler, a social network service popular with conservatives, went offline Monday after its web hosting service Amazon suspended it for allowing posts that encourage violence.
 
Before the site went down, Parler CEO John Matze accused Amazon and other tech giants of a “war on free speech.”
 
Google banned Parler’s smartphone app from its app store on Friday, also citing Parler’s allowance of posts that seek to incite violence in the United States.
 
Apple instituted its own Parler ban on Saturday.
 
The two-year-old Parler saw an increase in users in recent months as social media giants Facebook and Twitter stepped up enforcement of posts that violated their policies.
 
Both Facebook and Twitter suspended President Donald Trump’s accounts last week after his supporters stormed the U.S. Capitol.
…

Apple Inc and Amazon.com Inc have suspended Parler from their respective App Store and web hosting service, saying the social networking service popular with many right-leaning social media users has not taken adequate measures to prevent the spread of posts inciting violence.The action by Apple and Amazon follows a similar move by Alphabet Inc’s Google on Friday. Parler is favored by many supporters of U.S. President Donald Trump, who was permanently suspended from Twitter on Friday, and it is seen as a haven for people expelled from Twitter.“We have suspended Parler from the App Store until they resolve these issues,” Apple said in a statement Saturday.Apple had earlier given Parler 24 hours to submit a detailed moderation plan, pointing to participants’ using the service to coordinate Wednesday’s siege of the U.S. Capitol.Amazon’s move effectively takes the site offline unless it can find a new company to host its services.Amazon suspended Parler from its Amazon Web Services (AWS) unit, for violating AWS’s terms of services by failing to effectively deal with a steady increase in violent content, according to an email by an AWS Trust and Safety team to Parler, seen by Reuters.An Amazon spokesperson confirmed the letter was authentic.Due to the “very real risk to public safety” that Parler poses, AWS plans to suspend Parler’s account effective Sunday, at 11:59 p.m. PST, the email seen by Reuters showed.Parler Chief Executive John Matze lashed out at Amazon, Google and Apple, saying it was a coordinated effort knowing Parler’s options would be limited and it would inflict the most damage right as Trump was banned from other social media platforms.“There is the possibility Parler will be unavailable on internet for up to a week as we rebuild from scratch,” he said in a post on Parler.“This was a coordinated attack by the tech giants to kill competition in the marketplace… You can expect the war on competition and free speech to continue, but don’t count us out.”In addition to Parler, right-leaning social media users in the United States have flocked to messaging app Telegram and hands-off social site Gab, citing the more aggressive policing of political comments on mainstream platforms such as Twitter Inc and Facebook Inc.
…

U.S. tech giant Twitter took sharply different actions against the leaders of the U.S. and Iran on Friday, permanently banning President Donald Trump’s personal account while removing one tweet from Ayatollah Ali Khamenei’s apparent English account and suspending new posts on it.The greater severity of Twitter’s action against the @realdonaldtrump account, compared with the social media company’s treatment of Khamenei, prompted both critics and supporters of the U.S. president to post dozens of Twitter messages accusing the platform of double standards.Many of Twitter’s critics said the @Khamenei_IR account, which is not Twitter-verified but regularly shares his statements, has a history of posting comments against Israel, his regional enemy, that they view as more severe incitement to violence than recent Trump tweets deemed by the platform to violate its glorification of violence policy.The chairman of the U.S. Federal Communications Commission, Ajit Pal, tweeted screenshots of some of Khamenei’s most strongly worded anti-Israel posts in May, saying he believed they raise a “serious” question about potential glorification of violence.Serious question for @Twitter: Do these tweets from Supreme Leader of Iran @khamenei_ir violate “Twitter Rules about glorifying violence”? pic.twitter.com/oEkCC8UzFV— Ajit Pai (@AjitPaiFCC) May 29, 2020In a Friday message to VOA Persian, Jason Brodsky, policy director of U.S. advocacy group United Against Nuclear Iran, said: “Twitter accounts of Khamenei, other autocrats and their representatives include deeply hateful and dangerous content that incites violence against groups. We’ve seen Khamenei’s call for the elimination of Israel, which is incitement. So if Twitter has a policy against incitement of violence, it needs to be applied uniformly.”A Twitter spokesperson responded to the accusations of double standards in enforcing incitement prohibitions by telling VOA Persian that the platform has taken enforcement action against world leaders prior to Friday.The spokesperson said Twitter focused its Friday actions on what he called the “harm presented by [Trump’s personal] account specifically,” and shared a link to Twitter’s statement explaining why it believes Trump’s last tweets have the potential to incite further violence following Wednesday’s storming of the U.S. Capitol complex by some of his supporters.Asked what Twitter is doing to demonstrate that it is treating world leaders consistently, the spokesperson said the company’s policy of displaying a “government account” label for users affiliated with the five permanent member states of the U.N. Security Council will soon be expanded to include similar labeling for the officials of other nations. No further details were provided.Twitter’s action against the Khamenei account came hours before its banning of Trump.The Khamenei account had posted a Friday tweet in which the Iranian supreme leader called coronavirus vaccines produced by the U.S., Britain and France “completely untrustworthy” and accused the Western powers of trying to “contaminate” other nations by offering to send them the vaccines.I call on @Jack to suspend @khamenei_ir account for spreading dangerous lies about COVID-19. He has banned Iranians from @Twitter but spreads lies on the same platform about vaccines. His posts MUST have a warning label, at least. Please retweet this. pic.twitter.com/XCxDXK7qBw— Masih Alinejad 🏳️ (@AlinejadMasih) January 8, 2021The Khamenei tweet prompted Iranian activists such as VOA Persian TV show host Masih Alinejad to urge Twitter to suspend his account for spreading misinformation about the vaccines. Twitter removed the tweet from public view after several hours.Twitter’s spokesperson told VOA the offending tweet violated the platform’s misleading information policy and the @Khamenei_IR owner would have to delete the post before regaining access to the account.It was the first time since February 2019 that Twitter had acted against the Iranian supreme leader’s main English account.That month, the @Khamenei_IR account posted a tweet endorsing a 1989 fatwa by his predecessor Ayatollah Ruhollah Khomeini, who had condemned British author Salman Rushdie to death for writing a book that the ruling cleric deemed insulting to Islam, The Satanic Verses.Just a reminder that not only did Twitter remove this tweet by Iran’s supreme leader Ayatollah Khamenei for “threat of violence or physical harm” against Salman Rushdie last year, they also locked him out of his account for 24 hours until his account deleted the tweet. pic.twitter.com/T09y48Zo4S— Shayan Sardarizadeh (@Shayan86) October 28, 2020Twitter said the tweet about Rushdie constituted a threat of violence, removed it from public view and locked the @Khamenei_IR account for a day until the account owner deleted the post.In a Friday tweet, BBC Middle East correspondent Nafiseh Kohnavard said Twitter’s decisions to keep the Khamenei account visible and ban Trump have confounded many Iranians. Many Iranians users are asking Twitter how it closed down Mr. Trump’s account but Iran supreme leader Mr. Khamenei’s account is still active especially when Twitter is banned inside Iran and it’s needed VPN.— Nafiseh Kohnavard (@nafisehkBBC) January 9, 2021She said Twitter’s moves were especially perplexing to Iranians who resent Khamenei for blocking Twitter inside Iran and forcing them to access it via virtual private networks.The Trump administration has denounced Iran’s bans on Western social media platforms as suppression of legitimate forms of communication. Speaking in 2018, a State Department spokeswoman said: “When a nation clamps down on social media, we ask the question, ‘What are you afraid of?’”This article originated in VOA’s Persian Service. 
…

Alphabet’s Google on Friday suspended the Parler social networking app from its Play Store until the app adds robust content moderation, while Apple gave the service 24 hours to submit a detailed moderation plan.Parler is a social network to which many supporters of President Donald Trump have migrated after being banned from services including Twitter, which on Friday permanently suspended Trump’s account.In a statement, Google cited continued posts in the Parler app that seek “to incite ongoing violence in the U.S.”Google said, “For us to distribute an app through Google Play, we do require that apps implement robust moderation for egregious content. In light of this ongoing and urgent public safety threat, we are suspending the app’s listings from the Play Store until it addresses these issues.”In a letter from Apple’s App Store review team to Parler seen by Reuters, Apple cited instances of participants using the service to make plans to descend on Washington with weapons after a mob stormed the U.S. Capitol building on Wednesday.”Content that threatens the well-being of others or is intended to incite violence or other lawless acts has never been acceptable on the App Store,” Apple said in the letter.Apple gave Parler 24 hours to “remove all objectionable content from your app … as well as any content referring to harm to people or attacks on government facilities now or at any future date.” The company also demanded that Parler submit a written plan “to moderate and filter this content” from the app.Apple declined to comment.
…

As a major showcase for the latest innovations in consumer technology, the Consumer Electronics Show typically draws over 170,000 attendees from all over the world. But this year, it’s going all digital for the first time in its history. VOA’s Tina Trinh reports.
Produced by: Tina Trinh
 
…

With in-person coaching off the table because of the COVID pandemic, hundreds of companies nationwide are using virtual reality training to help employees master some essential skills. Maxim Moskalkov has the story.Camera: Aleksandr Bergan  
 
…

Facebook CEO Mark Zuckerberg said Thursday President Donald Trump’s Facebook and Instagram accounts will be suspended at least through Inauguration Day in the wake of violence by the president’s supporters that erupted Wednesday at the U.S. Capitol.“We believe the risks of allowing the President to continue to use our service during this period are simply too great,” Zuckerberg said in a statement on his Facebook page, adding that the account could remain locked indefinitely.“Therefore, we are extending the block we have placed on his Facebook and Instagram accounts indefinitely and for at least the next two weeks until the peaceful transition of power is complete.”Twitter barred Trump from posting messages on its platform Wednesday for 12 hours for “repeated and severe violations” of the social media company’s civic integrity rules.Twitter and Facebook had taken the unprecedented step of temporarily suspending Trump’s account on Wednesday as Trump continued to post inflammatory messages and make false accusations that the election was rigged in favor of President-elect Joe Biden. It was the most aggressive action the social media giants have taken against Trump.Twitter ordered the removal Wednesday of three Trump tweets, including a video urging his supporters who stormed the Capitol to “go home” while continuing to make false claims about the elections. Twitter said the posts were voluntarily deleted from Trump’s account after the company threatened to extend the suspension.Later Wednesday evening, Facebook said Trump would be barred from posting for 24 hours for two violations of its policies.Syracuse University communications professor and social media expert Jennifer Grygiel told The Associated Press that Wednesday’s deadly violence is a direct result of Trump’s abuse of social media to spread falsehoods and said the social media companies should bear some responsibility for the violence.“This is what happens,” Grygiel said. “We didn’t just see a breach at the Capitol. Social media platforms have been breached by the president repeatedly. This is disinformation. This was a coup attempt in the United States.”The incoming chairman of the Senate Intelligence committee, Democrat Mark Warner, applauded Twitter and Facebook for their actions in a statement Thursday, but he also criticized them for not taking more stringent action much sooner.“While I’m pleased to see social media platforms like Facebook, Twitter and YouTube take long-belated steps to address the president’s sustained misuse of their platforms to sow discord and violence, these isolated actions are both too late and not nearly enough,” Warner said.“Disinformation and extremism researchers have for years pointed to broader network-based exploitation of these platforms. As I have continually said, these platforms have served as core organizing infrastructure for violent, far right groups and militia movements for several years now — helping them to recruit, organize, coordinate and in many cases (particularly with respect to YouTube) generate profits from their violent, extremist content.” YouTube has not taken any action to silence Trump. The Associated Press reported that YouTube said it removed Trump’s video, but it was still publicly accessible on Thursday.The White House has not responded to the suspensions. 
…

Facebook and Alphabet’s YouTube took down a video from President Donald Trump on Wednesday that continued to make the baseless claim the election was fraudulent as he told supporters who had stormed the U.S. Capitol to go home.Twitter restricted users from retweeting the video “due to a risk of violence,” as hundreds of protesters sought to force Congress to undo the president’s election loss to Democratic President-elect Joe Biden. Twitter restricted a later tweet from Trump that again falsely alleged he had won the election.Later Wednesday night, Twitter locked the president’s account for 12 hours over “repeated and severe violations” of the social media platform’s civic integrity rules and threatened permanent suspension.Facebook Vice President of Integrity Guy Rosen tweeted that it believed the video “contributes to rather than diminishes the risk of ongoing violence,” saying the action was part of “appropriate emergency measures.”Google-owned YouTube said the video violated its policy against content that alleges “widespread fraud or errors changed the outcome of the 2020 U.S. Election.” YouTube spokesman Farshad Shadloo added the company does allow copies that include additional context.Social media companies have been under pressure to police misinformation on their platforms around the election. Trump and his allies have continuously spread unsubstantiated claims of election fraud that have proliferated online.In a statement on Wednesday, the Anti-Defamation League called for social media companies to suspend Trump’s accounts, saying the events at the Capitol resulted from “fear and disinformation that has been spewed directly from the Oval Office.”Former Facebook security chief Alex Stamos tweeted: “Twitter and Facebook have to cut him off. There are no legitimate equities left and labeling won’t do it.”A White House spokesperson did not immediately respond to a request for comment.According to researchers and public postings, violent rhetoric and advice on weaponry ramped up significantly in the past three weeks on many social media platforms as multiple groups planned rallies for Wednesday, including Trump supporters, white nationalists and enthusiasts of the wide-ranging conspiracy theory QAnon.
…

The U.S. Department of Justice confirmed on Wednesday that it had been the victim of a massive hacking operation linked to Russian intelligence.  In a statement, Justice Department spokesman Marc Raimondi said about 3% of the agency’s email accounts appeared to have been compromised, although no classified information was accessed. “After learning of the malicious activity, the Office of Chief Information Officer eliminated the identified method by which the actor was accessing the … email environment,” Raimondi said. Raimondi said the department learned about the previously unknown hack on its networks on Christmas Eve and determined that it constituted a “major” security incident. The disclosure came a day after U.S. intelligence agencies said that the hack was part of an ongoing intelligence operation and likely being carried out by Russia.  FILE – This Feb. 11, 2015, photo shows FireEye offices in Milpitas, Calif.The hack came to light in early December when private cybersecurity firm FireEye disclosed that its networks had been compromised. Investigators have traced the breach to SolarWinds, a Texas-based network management software company that the hackers used to penetrate the computer networks. In a statement Tuesday, the FBI, the Cybersecurity & Infrastructure Security Agency (CISA), the Office of the Director of National Intelligence (ODNI), and the National Security Agency (NSA) said that of the approximately 18,000 SolarWinds customers impacted by the hack, “a much smaller number has been compromised by follow-on activity on their systems.”  FILE – The SolarWinds logo is seen outside its headquarters in Austin, Texas, Dec. 18, 2020.“We have so far identified fewer than 10 U.S. government agencies that fall into this category and are working to identify the nongovernment entities who also may be impacted,” the agencies said. Officials had previously confirmed that the departments of Defense, Treasury, State, Homeland Security, Commerce and Energy were impacted. Among targeted businesses were Microsoft and Amazon.  U.S. President Donald Trump has faced criticism for failing to respond to the alleged Russian hacking operation and for suggesting that China may have been responsible.  The National Security Council has set up a task force made up of intelligence agencies to investigate and remediate the attack. “At this time, we believe this was, and continues to be, an intelligence gathering effort,” the agencies said in a statement. “We are taking all necessary steps to understand the full scope of this campaign and respond accordingly.” 
 
…

U.S. intelligence officials investigating last month’s massive cybersecurity breach that impacted thousands of companies and dozens of government agencies warn the hack is part of an ongoing intelligence operation, likely being carried out by Russia. The public conclusion, shared Tuesday by the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), the Office of the Director of National Intelligence (ODNI) and the National Security Agency (NSA), is the first formal statement of attribution from U.S. officials, and confirms previous comments by senior officials and lawmakers who said the evidence pointed “pretty clearly” to Moscow. FILE – The sign outside the National Security Agency (NSA) campus in Fort Meade, Md., June 6, 2013. All fingers are pointing to Russia as author of the worst-ever hack of U.S. government agencies.”This work indicates that an Advanced Persistent Threat (APT) actor, likely Russian in origin, is responsible for most or all of the recently discovered, ongoing cyber compromises of both government and nongovernmental networks,” according to the statement from the intelligence and security agencies. “At this time, we believe this was, and continues to be, an intelligence gathering effort,” they added. “We are taking all necessary steps to understand the full scope of this campaign and respond accordingly.” ‘Serious compromise’Evidence of the breach involving SolarWinds, a Texas-based software management company, first emerged in early December when the private cybersecurity firm FireEye announced its systems had been penetrated and that sensitive information had been stolen. In the days that followed, the hack was traced to SolarWinds, with investigators warning that approximately 18,000 customers, including U.S. government agencies and companies around the world, had been affected. FILE – Microsoft’s corporate headquarters in Redmond, Washington. (VOA/Diaa Bekheet)Late last month, software giant Microsoft said the hackers even managed to use the breach to access some of the company’s heavily guarded source code — the basic programming essential to running Microsoft programs and operating systems. But despite the huge number of SolarWinds customers affected by the hack, U.S. intelligence officials said Tuesday that “a much smaller number” were compromised by follow-on activities. “We have so far identified fewer than 10 U.S. government agencies that fall into this category and are working to identify the nongovernment entities who also may be impacted,” they said in the statement. U.S. officials had previously said the hack had impacted the departments of Defense, State, Homeland Security, Energy, Treasury and Commerce, as well as state and local governments. “This is a serious compromise that will require a sustained and dedicated effort to remediate,” the FBI, CISA, ODNI and the NSA said in Tuesday’s statement, adding the agencies will “continue taking every necessary action to investigate, remediate and share information with our partners and the American people.” Trump responseU.S. President Donald Trump has been largely silent on the SolarWinds hack, tweeting last month, “Everything is well under control,” while appearing to deflect blame from Moscow. “Russia, Russia, Russia is the priority chant when anything happens because Lamestream is, for mostly financial reasons, petrified of discussing the possibility that it may be China,” Trump said.The Cyber Hack is far greater in the Fake News Media than in actuality. I have been fully briefed and everything is well under control. Russia, Russia, Russia is the priority chant when anything happens because Lamestream is, for mostly financial reasons, petrified of….— Donald J. Trump (@realDonaldTrump) December 19, 2020In a tweet late Tuesday, the White House National Security Council said the president “continues to surge all appropriate resources to support the whole-of-government response to the recent cyber incident affecting government networks.”President @realDonaldTrump continues to surge all appropriate resources to support the whole-of-government response to the recent cyber incident affecting government networks. We are taking every necessary step to understand the full scope of this incident & respond accordingly. https://t.co/WnmH2dE1Y7— NSC (@WHNSC) January 5, 2021Democratic Senator Mark Warner, the vice chair of the Senate Intelligence Committee, however, accused the Trump administration of dragging its feet. “It’s unfortunate that it has taken over three weeks after the revelation of an intrusion this significant for this administration to finally issue a tentative attribution,” Warner said in a statement late Tuesday. “We need to make clear to Russia that any misuse of compromised networks to produce destructive or harmful effects is unacceptable and will prompt an appropriately strong response.” 
 
…

U.S. President Donald Trump on Tuesday signed an executive order banning transactions with eight Chinese software applications, including Ant Group’s Alipay, the White House said, escalating tensions with Beijing before President-elect Joe Biden takes office this month. The order, first reported by Reuters, tasks the Commerce Department with defining which transactions will be banned under the directive and targets Tencent Holdings Ltd.’s QQ Wallet and WeChat Pay as well. The move is aimed at curbing the threat to Americans posed by Chinese software applications, which have large user bases and access to sensitive data, a senior official told Reuters. A U.S. Tencent spokeswoman did not immediately comment. FILE – WeChat has an average of 19 million daily active users in the United States.The order signed by Trump also names CamScanner, SHAREit, Tencent QQ, VMate and WPS Office and says “the United States must take aggressive action against those who develop or control Chinese connected software applications to protect our national security.” A U.S. official told Reuters that even though the order gave the Commerce Department 45 days to act, the department plans to act before January 20 when Trump leaves office to identify prohibited transactions. Trump’s order says “by accessing personal electronic devices such as smartphones, tablets, and computers, Chinese connected software applications can access and capture vast swaths of information from users, including sensitive personally identifiable information and private information.” It added the data collection “would permit China to track the locations of federal employees and contractors, and build dossiers of personal information.” The Chinese Embassy in Washington did not immediately respond to a request for comment. FILE – A TikTok logo is displayed on a smartphone in this illustration.Another official said the order mirrors earlier Trump executive orders signed in August directing Commerce to block some transactions with WeChat and Chinese-owned Tiktok seeking to bar some transactions that have been blocked by U.S. courts. Any new transactions prohibited by the Trump administration are likely to face similar court challenges as the Commerce Department did when it sought to block transactions with WeChat and TikTok. The Commerce orders would have effectively banned the Chinese app’s use in the United States and barred Apple Inc. and Alphabet Inc.’s app stores from offering them for download for new users. U.S. Secretary of Commerce Wilbur Ross said in a statement he supports Trump’s “commitment to protecting the privacy and security of Americans from threats posed by the Chinese Communist Party.” The latest action has been under debate within the administration for an extended period. Many administration officials are eager to cement the hardline U.S. position with China on a number of fronts before Trump leaves office. Last month, the Commerce Department added dozens of Chinese companies, including the country’s top chipmaker SMIC and Chinese drone manufacturer SZ DJI Technology Co Ltd., to a trade blacklist. Also last month the administration published a list of Chinese and Russian companies with alleged military ties that restrict them from buying a range of U.S. goods and technology. In November, the administration put on hold an effort to blacklist Ant Group, the Chinese financial technology company affiliated with e-commerce giant Alibaba. 
…

U.S. intelligence officials investigating last month’s massive cybersecurity breach that impacted thousands of companies and dozens of government agencies warn the hack is part of an ongoing intelligence operation, likely being carried out by Russia. The public conclusion, shared Tuesday by the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), the Office of the Director of National Intelligence (ODNI) and the National Security Agency (NSA), is the first formal statement of attribution from U.S. officials, and confirms previous comments by senior officials and lawmakers who said the evidence pointed “pretty clearly” to Moscow. FILE – The sign outside the National Security Agency (NSA) campus in Fort Meade, Md., June 6, 2013. All fingers are pointing to Russia as author of the worst-ever hack of U.S. government agencies.”This work indicates that an Advanced Persistent Threat (APT) actor, likely Russian in origin, is responsible for most or all of the recently discovered, ongoing cyber compromises of both government and nongovernmental networks,” according to the statement from the intelligence and security agencies. “At this time, we believe this was, and continues to be, an intelligence gathering effort,” they added. “We are taking all necessary steps to understand the full scope of this campaign and respond accordingly.” ‘Serious compromise’Evidence of the breach involving SolarWinds, a Texas-based software management company, first emerged in early December when the private cybersecurity firm FireEye announced its systems had been penetrated and that sensitive information had been stolen. In the days that followed, the hack was traced to SolarWinds, with investigators warning that approximately 18,000 customers, including U.S. government agencies and companies around the world, had been affected. FILE – Microsoft’s corporate headquarters in Redmond, Washington. (VOA/Diaa Bekheet)Late last month, software giant Microsoft said the hackers even managed to use the breach to access some of the company’s heavily guarded source code — the basic programming essential to running Microsoft programs and operating systems. But despite the huge number of SolarWinds customers affected by the hack, U.S. intelligence officials said Tuesday that “a much smaller number” were compromised by follow-on activities. “We have so far identified fewer than 10 U.S. government agencies that fall into this category and are working to identify the nongovernment entities who also may be impacted,” they said in the statement. U.S. officials had previously said the hack had impacted the departments of Defense, State, Homeland Security, Energy, Treasury and Commerce, as well as state and local governments. “This is a serious compromise that will require a sustained and dedicated effort to remediate,” the FBI, CISA, ODNI and the NSA said in Tuesday’s statement, adding the agencies will “continue taking every necessary action to investigate, remediate and share information with our partners and the American people.” Trump responseU.S. President Donald Trump has been largely silent on the SolarWinds hack, tweeting last month, “Everything is well under control,” while appearing to deflect blame from Moscow. “Russia, Russia, Russia is the priority chant when anything happens because Lamestream is, for mostly financial reasons, petrified of discussing the possibility that it may be China,” Trump said.The Cyber Hack is far greater in the Fake News Media than in actuality. I have been fully briefed and everything is well under control. Russia, Russia, Russia is the priority chant when anything happens because Lamestream is, for mostly financial reasons, petrified of….— Donald J. Trump (@realDonaldTrump) December 19, 2020In a tweet late Tuesday, the White House National Security Council said the president “continues to surge all appropriate resources to support the whole-of-government response to the recent cyber incident affecting government networks.”President @realDonaldTrump continues to surge all appropriate resources to support the whole-of-government response to the recent cyber incident affecting government networks. We are taking every necessary step to understand the full scope of this incident & respond accordingly. https://t.co/WnmH2dE1Y7— NSC (@WHNSC) January 5, 2021Democratic Senator Mark Warner, the vice chair of the Senate Intelligence Committee, however, accused the Trump administration of dragging its feet. “It’s unfortunate that it has taken over three weeks after the revelation of an intrusion this significant for this administration to finally issue a tentative attribution,” Warner said in a statement late Tuesday. “We need to make clear to Russia that any misuse of compromised networks to produce destructive or harmful effects is unacceptable and will prompt an appropriately strong response.” 
 
…

Online communication and collaboration service Slack reported a global outage Monday, as millions returned to work after the Christmas and New Year’s holidays.”Our team is currently investigating, and we’re sorry for any troubles this may be causing,” Slack said in a statement.Slack has seen its popularity grow as many people work and study from home during the coronavirus pandemic. When it last reported, the company said it had 12 million daily users. Slack shares have surged by 80% over the past year.According to The Associated Press, the outage began around 10 a.m. Eastern time, with outages reported in the United States, Germany, India, Britain, Japan and other countries.The disruption in service was the latest in a string of tech outages, which have seen Google services, Zoom and some Microsoft products suffer breakdowns in recent months.According to Bloomberg, Salesforce.com agreed to buy Slack Technologies, Inc. last year for $27.7 billion.  
…

More than 200 Google employees in the United States have formed a workers’ union, the elected leaders of the union wrote in a New York Times opinion piece on Monday.
 
The “Alphabet Workers Union” aims to ensure that employees work at a fair wage, without fear of abuse, retaliation or discrimination, the union heads wrote.
 
Google has been under fire from the U.S. labor regulator, which has accused the company of unlawfully questioning several workers who were then terminated for protesting against company policies and trying to organize a union. Google has said it was confident it acted legally.
 
“We’re building on years of organizing efforts at Google to create a formal structure for workers,” the union leaders wrote, adding that so far 226 employees had signed union cards with the Communications Workers of America.
 
“Our employees have protected labor rights that we support. But as we’ve always done, we’ll continue engaging directly with all our employees,” Kara Silverstein, director of people operations at Google, said on Monday.
…

The hacking group behind the SolarWinds compromise was able to break into Microsoft Corp. and access some of its source code, Microsoft said Thursday, something experts said sent a worrying signal about the spies’ ambition.Source code, the underlying set of instructions that run a piece of software or operating system, is typically among a technology company’s most closely guarded secrets, and Microsoft has historically been particularly careful about protecting it.It is not clear how much or what parts of Microsoft’s source code repositories the hackers were able to access, but the disclosure suggests that the hackers who used software company SolarWinds as a springboard to break into sensitive U.S. government networks also had an interest in discovering the inner workings of Microsoft products as well.Microsoft had disclosed that like other firms it found malicious versions of SolarWinds’ software inside its network, but the source code disclosure, made in a blog post, is new. After Reuters reported it was breached two weeks ago, Microsoft said it had not “found any evidence of access to production services.”Three people briefed on the matter said Microsoft had known for days that the source code was accessed. A Microsoft spokesman said security employees had been working “around the clock” and that “when there is actionable information to share, they have published and shared it.”FILE – A woman walks in front of the Microsoft stand during the Cybersecurity Conference in Lille, northern France, Jan. 29, 2020.The SolarWinds hack is among the most ambitious cyber operations ever disclosed, compromising at least a half dozen federal agencies and potentially thousands of companies and other institutions. U.S. and private sector investigators have spent the holidays combing through logs to try to understand whether their data have been stolen or modified.Modifying source code, which Microsoft said the hackers did not do, could have potentially disastrous consequences given the ubiquity of Microsoft products, which include the Office productivity suite and the Windows operating system. But experts said that even just being able to review the code could offer hackers insight that might help them subvert Microsoft products or services.”The source code is the architectural blueprint of how the software is built,” said Andrew Fife of Israel-based Cycode, a source code protection company. “If you have the blueprint, it’s far easier to engineer attacks.”Code previously sharedMatt Tait, an independent cybersecurity researcher, agreed that the source code could be used as a road map to help hack Microsoft products, but he also cautioned that elements of the company’s source code were already widely shared, for example, with foreign governments. He said he doubted that Microsoft had made the common mistake of leaving cryptographic keys or passwords in the code.”It’s not going to affect the security of their customers, at least not substantially,” Tait said.Microsoft noted that it allows broad internal access to its code, and former employees agreed that it is more open than other companies.FILE – A laptop computer featuring Windows 10 is seen on display at Microsoft Build in San Francisco, April 29, 2015.In its blog post, Microsoft said it had found no evidence of access “to production services or customer data.””The investigation, which is ongoing, has also found no indications that our systems were used to attack others,” it said.Reuters reported a week ago that Microsoft-authorized resellers were hacked and their access to productivity programs was used in attempts to read email. Microsoft acknowledged some vendor access was misused but has not said how many resellers or customers may have been breached.There was no response to requests for comment from the FBI, which is investigating the hacking campaign, or from the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency.Attributed to RussiaU.S. officials have attributed the SolarWinds hacking campaign to Russia, an allegation the Kremlin denies.Both Tait and Ronen Slavin, Cycode’s chief technology officer, said a key unanswered question was which source code repositories were accessed. Microsoft has a huge range of products, from widely used Windows to lesser known software such as social networking app Yammer and the design app Sway.Slavin said he was worried by the possibility that the SolarWinds hackers were poring over Microsoft’s source code as prelude to a much more ambitious offensive.”To me the biggest question is, ‘Was this recon for the next big operation?’ ” he said.
…

In the not-so-distant future, America’s evening skies could be filled with the buzzing sounds of delivery drones.On Monday, the Federal Aviation Administration (FAA) approved the use of delivery drones over populated areas at night. Many see the move as the next step to widespread adoption of drone deliveries.“The new rules make way for the further integration of drones into our airspace by addressing safety and security concerns,” FAA Administrator Steve Dickson said in a statement. “They get us closer to the day when we will more routinely see drone operations such as the delivery of packages.”Delivery companies like UPS and Amazon have been investing in the technology for years. Both companies have seen surging profits during the coronavirus pandemic as more Americans turn to home delivery for many items, including groceries.Alphabet’s Wing is also investing in drone technology.The FAA said the new regulations provide “an essential building block toward safely allowing more complex” drone operations. According to the new FAA rules, drones of more than a certain weight must have remote identification capabilities and be equipped with anti-collision lights. The FAA also said the drones cannot have any exposed rotating parts that could potentially injure a person.In some cases, the drones can be operated above moving vehicles “depending on the level of risk.” The new rules will become effective 60 days after they are published in the Federal Register next month.Despite the new regulations, Bloomberg reports it will still be years before delivery drones are widely used. 
…

People around the world turned to technology to help them get through the pandemic, but in some key ways tech fell short. Michelle Quinn reports.Videographer:  Deana Mitchell, Matt Dibble
…

The suspected Russian hackers behind the worst U.S. cyberattack in years used reseller access to Microsoft Corp. services to penetrate targets that had no compromised network software from SolarWinds Corp., investigators said.Updates to SolarWinds’ Orion software were the only known point of entry until Thursday, when security company CrowdStrike Holdings Inc. said hackers had gained access to the vendor that sold it Office licenses and had used that to try to read CrowdStrike’s email. It did not specifically identify the hackers as being the ones that compromised SolarWinds, but two people familiar with CrowdStrike’s investigation said they were.CrowdStrike uses Office programs for word processing but not email. The failed attempt, made months ago, was pointed out to CrowdStrike by Microsoft on December 15.CrowdStrike, which does not use SolarWinds, said it had found no impact from the intrusion attempt and declined to name the reseller.”They got in through the reseller’s access and tried to enable mail ‘read’ privileges,” one person familiar with the investigation told Reuters. “If it had been using Office 365 for email, it would have been game over.”Many Microsoft software licenses are sold through third parties, and those companies can have near-constant access to clients’ systems as the customers add products or employees.Be on guardMicrosoft said Thursday that those customers need to be vigilant.”Our investigation of recent attacks has found incidents involving abuse of credentials to gain access, which can come in several forms,” said Microsoft senior director Jeff Jones. “We have not identified any vulnerabilities or compromise of Microsoft product or cloud services.”The use of a Microsoft reseller to try to break into a top digital defense company raises new questions about how many avenues the hackers, whom U.S. officials have alleged are operating on behalf of the Russian government, have at their disposal.FILE – This Feb. 11, 2015, photo shows FireEye offices in Milpitas, Calif.The known victims so far include CrowdStrike security rival FireEye Inc. and the U.S. departments of Defense, State, Commerce, Treasury and Homeland Security. Other big companies, including Microsoft and Cisco Systems Inc., said they found tainted SolarWinds software internally but had not found signs that the hackers used it to range widely on their networks.Until now, Texas-based SolarWinds was the only publicly confirmed channel for the initial break-ins, although officials have been warning for days that the hackers had other ways in.Microsoft reportReuters reported a week ago that Microsoft products were used in attacks. But federal officials said they had not seen it as an initial vector, and the software giant said its systems were not utilized in the campaign.
 
Microsoft then hinted that its customers should still be wary. At the end of a long, technical blog post Tuesday, it mentioned seeing hackers reach Microsoft 365 Cloud “from trusted vendor accounts where the attacker had compromised the vendor environment.”Microsoft requires its vendors to have access to client systems in order to install products and allow new users. But discovering which vendors still have access rights at any given time is so hard that CrowdStrike developed and released an auditing tool to do that.After a series of other breaches through cloud providers, including a major set of attacks attributed to Chinese government-backed hackers and known as CloudHopper, Microsoft this year imposed new controls on its resellers, including requirements for multifactor authentication.The Cybersecurity and Infrastructure Security Agency and the National Security Agency had no immediate comment.Also Thursday, SolarWinds released an update to fix the vulnerabilities in its flagship network management software Orion following the discovery of a second set of hackers who had targeted the company’s products.That followed a separate Microsoft blog post Friday saying that SolarWinds’ software had been targeted by a second and unrelated group of hackers in addition to those linked to Russia.The identity of the second set of hackers, or the degree to which they may have successfully broken in anywhere, remains unclear.Russia has denied having any role in the hacking.
…

The U.S. cybersecurity agency said on Wednesday that a sprawling cyber espionage campaign made public earlier this month is affecting state and local governments, although it released few additional details.The hacking campaign, which used U.S. tech company SolarWinds as a springboard to penetrate federal government networks, was “impacting enterprise networks across federal, state, and local governments, as well as critical infrastructure entities and other private sector organizations,” the Cybersecurity and Infrastructure Security Agency (CISA) said in a statement posted to its website.The CISA said last week that U.S. government agencies, critical infrastructure entities, and private groups were among those affected but did not specifically mention state or local bodies. So far only a handful of federal government agencies have officially confirmed having been affected, including the U.S. Treasury Department, the Commerce Department, and the Department of Energy.CISA did not identify the state or local agencies affected and did not immediately return an email seeking additional detail on the notice.Reuters has previously reported that Pima County, Arizona, was among the victims of the wave of intrusions.The county did not immediately return a message seeking comment late Wednesday. The county’s chief information officer previously told Reuters his team had taken its SolarWinds software offline immediately after the hack became public and that investigators had not found any evidence of a further compromise.Senior U.S. officials and lawmakers have alleged that Russia is to blame for the hacking spree, a charge the Kremlin denies.
…

Twitter said Tuesday it would not automatically transfer the millions of followers of official Trump administration accounts to the incoming Biden administration but instead would give users the option to continue or not. The move affects followers of government-led accounts such as @WhiteHouse and @POTUS, which will be transferred to Joe Biden when he takes over the presidency in January. Twitter’s decision won’t affect the personal account @realDonaldTrump, which is frequently used by President Donald Trump and has some 88 million followers. FILE – President Donald Trump’s Twitter feed is photographed on an Apple iPad in New York, June 27, 2019.The official government accounts “will not automatically retain their existing followers. Instead, Twitter will notify followers of these accounts to provide context that the content will be archived and allow them the choice to follow the Biden administration’s new accounts,” a Twitter statement said. “For example, people who follow @WhiteHouse will be notified that the account has been archived as @WhiteHouse45 and given the option to follow the new @WhiteHouse account.” Twitter has been working on the transition for the platform widely used by Trump since the election results were finalized and has indicated that as a private citizen Trump may not have as much leeway in stretching the rules for newsworthy comments. While not as widely followed as Trump’s personal account, @POTUS has some 33 million followers and @WhiteHouse 26 million. The transfer will affect other institutional accounts such as @VP, @FLOTUS, @PressSec, @Cabinet, and @LaCasaBlanca, according to Twitter. Last month, Twitter indicated any special treatment that Trump has enjoyed ends with his presidency. “Twitter’s approach to world leaders, candidates and public officials is based on the principle that people should be able to choose to see what their leaders are saying with clear context,” the San Francisco company said. “This policy framework applies to current world leaders and candidates for office, and not private citizens when they no longer hold these positions.” 
 
…

U.S. lawmakers are expected to endorse $1.9 billion to fund a program to remove telecom network equipment that the U.S. government says poses national security risks as part of a year-end spending bill and COVID-19 bill, a source briefed on the matter said on Sunday.Lawmakers are also expected to back $3.2 billion for an emergency broadband benefit for low-income Americans.The Federal Communications Commission said in June it had formally designated China’s Huawei Technologies Co and ZTE Corp as threats, a declaration that bars U.S. firms from tapping an $8.3 billion government fund to purchase equipment from the companies.Earlier this month, the FCC finalized rules that require carriers with ZTE or Huawei equipment to “rip and replace” that equipment but is awaiting funding from Congress.Huawei said earlier this month it was disappointed in the FCC’s decision “to force removal of our products from telecommunications networks. This overreach puts U.S. citizens at risk in the largely underserved rural areas – during a pandemic – when reliable communication is essential.”The $7 billion COVID Relief Broadband Package “establishes a temporary, emergency broadband benefit program at the FCC to help low-income Americans, including those economically challenged by the COVID-19 pandemic, get connected or remain connected to broadband,” the source said.The source also said the program will supply a $50 monthly subsidy to qualifying households “to help them afford broadband service and an internet-connected device.”The bill also expands eligibility for the rip-and-replace reimbursement program to communications providers with 10 million subscribers or less but prioritizes reimbursement for providers with 2 million subscribers or less, the source said, citing a draft fact sheet.The bill is expected to include $285 million for connecting minority communities and will establish an Office of Minority Broadband Initiatives at the National Telecommunications and Information Administration (NTIA). 
…

U.S. lawmakers briefed on the massive cybersecurity breach that has impacted government agencies and the private sector are calling for the country to act, warning that so far, all evidence is pointing to Russia as the culprit. The admonitions, from both Republicans and Democrats, follow warnings from U.S. cybersecurity officials that the scope of the hack is potentially much bigger than originally thought, encompassing multiple software platforms going back at least as far as March of this year. FILE – Sen. Marco Rubio, R-Fla., asks a question during a Senate Foreign Relations committee hearing in Washington, July 30, 2020.”The full extent of the cyberhack [sic] is still unknown but we already know it is unprecedented in scale & scope,” the acting chairman of the Senate Intelligence Committee, Republican Marco Rubio, tweeted Friday. “The methods used to carry out the cyberhack are consistent with Russian cyber operations,” Rubio added, warning that once officials can attribute the intrusion with complete certainty, “America must retaliate, and not just with sanctions.” The full extent of the cyberhack is still unknown but we already know it is unprecedented in scale & scope, in all likelihood ongoing & at a level of sophistication only a few nation-states are capable of.
— Marco Rubio (@marcorubio) FILE – Sen. Mark Warner, D-Va., addresses the news media in Alexandria, Va., Nov. 3, 2020.”An incident of this magnitude and lasting impact requires an engaged and public response by the U.S. government,” Senator Mark Warner said in a statement issued Friday. “It is extremely troubling that the president does not appear to be acknowledging, much less acting upon, the gravity of this situation.” Indications of a cyber intrusion first went public earlier this month when the private cybersecurity firm FireEye announced its systems had been penetrated and that sensitive information had been stolen. The hack was later traced to updates for network management software from a Texas-based company called SolarWinds, which the hackers exploited to get into the networks of at least 18,000 users. In an updated alert issued Friday, the cybersecurity unit of the U.S. Department of Homeland Security warned the hackers had been exploiting the SolarWinds software update going back to at least March. The SolarWinds logo is seen outside its headquarters in Austin, Texas, Dec. 18, 2020.But the Cybersecurity and Infrastructure Security Agency (CISA) further warned the problem was not contained to SolarWinds. “CISA has evidence of initial access vectors other than the SolarWinds Orion platform,” the alert warned, saying the agency is investigating instances in which other platforms were used to access critical networks. “This threat poses a grave risk to the federal government and state, local, tribal and territorial governments, as well as critical infrastructure entities and other private sector organizations,” CISA said. “This is a patient, well-resourced and focused adversary that has sustained long duration activity on victim networks.” Research by tech giant Microsoft, made public Thursday, indicated the hackers precisely targeted at least 40 organizations. The vast majority were in the United States, but companies in Canada, Mexico, Britain, Belgium, Israel and the United Arab Emirates were also attacked. FILE – Microsoft President Brad Smith speaks during a Reuters Newsmaker event in New York, Sept. 13, 2019.”This is not ‘espionage as usual,’ even in the digital age,” Microsoft President Brad Smith wrote on the company’s blog. “This is not just an attack on specific targets, but on the trust and reliability of the world’s critical infrastructure.” Former U.S. government officials also worried about the impact of the hack. “The scope of it is large but exactly how large remains to be seen, and exactly how severe remains to be seen,” Michael Daniel, who served as a special assistant to former U.S. President Barack Obama on cyber issues, told VOA’s Russian Service. “The damage could be very, very significant to U.S. national security and to our economic security,” he said. Yet despite the warnings from current and former government officials, and private security firms, as of late Friday, U.S. President Donald Trump had yet to comment on the breach. Instead, Trump’s Twitter feed was full of unsubstantiated allegations of election fraud, praise for the distribution of coronavirus vaccines and threats to veto the $740 billion defense spending bill, which drew the ire of some key lawmakers. I will Veto the Defense Bill, which will make China very unhappy. They love it. Must have Section 230 termination, protect our National Monuments and allow for removal of military from far away, and very unappreciative, lands. Thank you! https://t.co/9rI08S5ofO
— Donald J. Trump (@realDonaldTrump) December 17, 2020″This year’s National Defense Authorization Act provides critical tools and authorities to help defend against and disrupt malicious cyber activity and effectively hunt for threats and vulnerabilities on the federal cyber network,” the chairman and ranking member of the Senate Armed Services Committee said in a joint statement late Friday. “The NDAA is always ‘must-pass’ legislation,” Republican Jim Inhofe and Democrat Jack Reed added. “But this cyber incident makes it even more urgent that the bill become law without further delay.” NEW: Senate Armed Services Committee statement on #SolarWindsHack
“significant, sophisticated, and ongoing cybersecurity intrusion against the United States… has the hallmarks of a #Russia|n intelligence operation” per @JimInhofe@SenJackReedpic.twitter.com/2d5KqPrECR
— Jeff Seldin (@jseldin) December 17, 2020Already, officials have determined that the hackers gained access to systems for the departments of Energy, Treasury and Commerce, though the Energy Department said networks related to nuclear security appeared to have been spared.  “At this point, the investigation has found that the malware has been isolated to business networks only and has not impacted the mission essential national security functions of the department,” spokeswoman Shaylyn Hynes said in a statement Thursday.  DOE UPDATE ON CYBER INCIDENT RELATED TO SOLAR WINDS COMPROMISE pic.twitter.com/l9X1AH4VJw
— DOE Press Staff (@EnergyPress) December 17, 2020U.S. President-elect Joe Biden called the cybersecurity breach “a matter of great concern.” “I want to be clear: My administration will make cybersecurity a top priority at every level of government — and we will make dealing with this breach a top priority from the moment we take office,” he said in a statement Thursday, shortly after the latest CISA alert was issued. “Our adversaries should know that, as president, I will not stand idly by in the face of cyber assaults on our nation,” he added. Biden is set to be inaugurated as the 46th U.S. president on January 20. Russian Service’s Danila Galperovich contributed to this report.
…