In the future, keyboards and remote controls may be replaced with a more direct way for humans to interact with machines — hand gestures. VOA’s Elizabeth Lee has more.
Camera: Elizabeth Lee
Produced by: Elizabeth Lee
…
ukrlines skype чат
популярні новини
Taiwanese tech giants Foxconn and Taiwan Semiconductor Manufacturing Company announced Monday they will each donate five million coronavirus vaccine doses to the government in a deal with a China-based distributor. Taipei has been struggling to secure enough vaccines for its population, and its precarious political status has been a major stumbling block. As Taipei and Beijing accused each other of hampering vaccine deals, Foxconn and TSMC stepped in with a face-saving solution — buying the Pfizer-BioNTech doses from a Chinese distributor and donating them to Taiwan. “Me and my team feel the public anxiety and expectations on the vaccines and we are relieved to give the public an answer that relevant contracts have been signed,” Foxconn founder Terry Gou said in a post on his Facebook page. “Beijing authorities have not offered any guidance or interfered with the vaccine acquisition process,” he said, adding that the vaccines will be shipped directly by German firm BioNTech. Foxconn and TSMC, the world’s largest contract electronics and chip makers respectively, said they will spend $175 million each on the vaccines. Beijing’s authoritarian leadership views democratic self-ruled Taiwan as part of China’s territory and has vowed to one day seize the island, by force if needed. China tries to keep Taiwan internationally isolated, including blocking it from the World Health Organization. Taipei has been trying to secure Pfizer-BioNTech direct from Germany, but Shanghai-based Fosun Pharma has the distribution rights for China, Hong Kong, Macau and Taiwan. Attempts to sign a direct deal made little headway, something Taiwan blamed on Beijing. In return, Beijing has accused Taiwan of refusing to deal with Fosun Pharma and politicizing its vaccine search. Fosun issued a statement late Sunday saying it had signed a deal with the Taiwanese firms to sell 10 million shots, to be donated to “disease control institutions in the Taiwan region.” In an interview with China’s Global Times — a state-run tabloid — Fosun Chairman and CEO Wu Yifang accused Taipei of “rule-breaking in the whole process.” No further elaboration was provided. Taiwan had only received 726,000 vaccine doses before the United States and Japan recently donated 2.5 million and 2.37 million doses, respectively. So far, just 14 percent of its 23.5 million people have been vaccinated, according to the health ministry. Health Minister Chen Shih-chung previously revealed that Taiwan and BioNTech were about to finalize a deal in January when the company suggested the words “our country” had to be taken out of a Taiwanese press statement. Chen said authorities agreed to replace it with “Taiwan,” but the deal remained stalled. The Chinese government reacts angrily at any attempts to recognize Taiwan as an independent nation.
…
China’s technology ministry Monday announced a three-year action plan to develop the country’s cyber-security industry, which it estimates will be worth more than $38 billion by 2023, according to Reuters. The new strategy by the Ministry of Industry and Information Technology is being unveiled as Beijing tightens its grip on the country’s technology sector, underscored by its regulatory probe of ride-hailing giant Didi Global. The company was valued at $68 billion after its June 30 initial public offering, or IPO, on the New York Stock Exchange. But Chinese regulators launched a cybersecurity review of the company and said new users would not be allowed to register during the review, sending Didi Global share prices tumbling. The Cyberspace Administration of China then ordered Didi’s app removed from domestic mobile app stores. The agency has also ordered two other tech-based companies, Uber-like trucking startup Full Truck Alliance and Kanzhun, which connects job seekers and hiring enterprises via a mobile app, to suspend user registrations and submit to security reviews, citing risks to “national data security.” The two companies, like Didi Global, had also recently issued IPOs on U.S. stock exchanges. Some information for this report came from Reuters, CNBC, and the New York Times.
…
Iran’s railroad system came under cyberattack Friday, a semi-official news agency reported, with hackers posting fake messages about train delays or cancellations on display boards at stations across the country. The hackers posted messages such as “long delayed because of cyberattack” or “canceled” on the boards. They also urged passengers to call for information, listing the phone number of the office of the country’s supreme leader, Ayatollah Ali Khamenei. The semiofficial Fars news agency reported that the hack led to “unprecedented chaos” at rail stations. No group took responsibility. Earlier in the day, Fars said trains across Iran had lost their electronic tracking system. It wasn’t immediately clear if that was also part of the cyberattack. Fars later removed its report and instead quoted the spokesman of the state railway company, Sadegh Sekri, as saying “the disruption” did not cause any problem for train services. In 2019, an error in the railway company’s computer servers caused multiple delays in train services. In December that year, Iran’s telecommunications ministry said the country had defused a massive cyberattack on unspecified “electronic infrastructure” but provided no specifics on the purported attack. It was not clear if the reported attack caused any damage or disruptions in Iran’s computer and internet systems, and whether it was the latest chapter in the U.S. and Iran’s cyber operations targeting the other. Iran disconnected much of its infrastructure from the internet after the Stuxnet computer virus — widely believed to be a joint U.S.-Israeli creation — disrupted thousands of Iranian centrifuges in the country’s nuclear sites in the late 2000s.
…
U.S. President Joe Biden said he discussed recent ransomware attacks on the U.S. from Russia in a phone call Friday with Russian President Vladimir Putin.Biden said he told Putin, “I made it very clear to him that the United States expects when a ransomware operation is coming from his soil, even though it’s not sponsored by the state, we expect them to act if we give them enough information to act on who that is.”He told reporters at a White House signing ceremony Friday that the call “went well. I’m optimistic.”When asked if there would be consequences if Russia did not take action against ransonware criminals, he answered, “Yes.”Biden also said the two leaders “set up a means of communication now on a regular basis” to discuss such issues.Russia denies responsibilityRecent ransomware attacks have been linked to groups based in Russia. The Kremlin has denied any responsibility for the attacks.The White House said in a statement after the call that “President Biden underscored the need for Russia to take action to disrupt ransomware groups operating in Russia.”It said, “President Biden reiterated that the United States will take any necessary action to defend its people and its critical infrastructure in the face of this continuing challenge.”The Kremlin said that the two leaders agreed to cooperate on issues of cybersecurity and that the collaboration “must be permanent, professional and nonpoliticized and should be conducted via special communication channels … and with respect to international law.”The call came more than three weeks after the two leaders met in Geneva on June 16, when Biden appealed to Putin to crack down on cyber hackers in Russia.Some information for this report came from Reuters and The Associated Press.
…
Karmic fortune has arrived to the digital art market, with a kaleidoscopic splash of colors and the face of a revered Thai monk offering portable Buddhist good luck charms to tech-savvy buyers.Sales of non-fungible tokens (NFTs) — virtual images of anything from popular internet memes to original artwork — have swept the art world in recent months, with some fetching millions of dollars at major auction houses.CryptoAmulets is the latest venture to chase the craze, with founder Ekkaphong Khemthong sensing opportunity in Thailand’s widespread practice of collecting talismans blessed by revered monks.”I am an amulet collector and I was thinking about how I could introduce amulets to foreigners and to the world,” he told AFP.Collecting amulets and other small religious trinkets is a popular pastime in Buddhist-majority Thailand, where the capital Bangkok has a market solely dedicated to the traders of these lucky objects.Their value can rise thousands of dollars if blessed by a well-respected monk.Despite being a digital format, Ekkapong wanted CryptoAmulets to have the same traditional ceremony as a physical piece, which is why he approached Luang Pu Heng, a highly regarded abbot from Thailand’s northeast.”I respect this monk and I would love the world to know about him — he is a symbol of good fortune in business,” he said.Luang Pu Heng last month presided over a ceremony to bless physical replicas of the digital amulets, which show a serene image of his face.He splashed holy water onto his own visage as his saffron-robed disciples chanted and scattered yellow petals on the altar where the portraits were mounted.’We just tried to simplify it’One challenge was trying to explain the concept of NFTs to the 95-year-old abbot, who assumed he would be blessing physical amulets.”It’s very hard so we just tried to simplify it,” said Singaporean developer Daye Chan.”We said to him that it’s like blessing the photos.”Transforming amulets into crypto art also means the usual questions of authenticity plaguing a talisman sold in a market are eliminated, he added.”There are so many amulets being mass produced… All the records could be lost and these physical items can be easily counterfeited,” Chan said.NFTs use blockchain technology — an unalterable digital ledger — to record all transactions from the moment of their creation.”For our amulet, even a hundred years later, they can still check back the record to see what the blockchain is,” Chan said.But founder Ekkaphong would not be drawn on the karmic effectiveness of digital amulets, compared to their real-life counterparts.”They are different,” he said.On the CryptoAmulets website online gallery, different inscriptions are written in Thai — “rich,” “lucky” or “fortunate,” for instance — around each of the tokens.They are priced on a tiered system in ethereum, the world’s second-largest cryptocurrency after bitcoin, and are currently selling for between $46 and $1,840.Sales have been slow ahead of Sunday’s purchase deadline, with only 1,500 tokens sold out of the 8,000 available, and with Thais making up most of the buyers.Thai chef Theerapong Lertsongkram said he bought a CryptoAmulet because of his reverence for objects blessed by Luang Pu Heng, which he says have brought him good fortune.”I have had several lucky experiences such as winning small lottery prizes… or being promoted on my job,” said Theerapong, who works in a Stockholm restaurant.”I did not know anything about NFTs before, but I made the decision to buy it as I respect Luang Pu Heng so much,” he told AFP.But fellow collector Wasan Sukjit — who adorns the interior of his taxi with rare amulets — has a harder time with the concept.”Amulets need to be something physical, something people can hold,” he scoffed.”I prefer the ones I can hang on my neck.”
…
China’s most popular social media service has deleted accounts on LGBT topics run by university students and nongovernment groups, prompting concern the ruling Communist Party is tightening control over gay and lesbian content.WeChat sent account holders a notice they violated rules but gave no details, according to the founder of an LGBT group, who asked not to be identified further out of fear of possible official retaliation. She said dozens of accounts were shut down about 10 p.m. Tuesday.It wasn’t clear whether the step was ordered by Chinese authorities, but it came as the ruling party has tightened political controls and had tried to silence groups that might criticize its rule.WeChat’s operator, Tencent Holding Ltd., confirmed it received an email seeking comment but didn’t immediately respond.The Communist Party decriminalized homosexuality in 1997, but gay, lesbian, bisexual, transsexual and other sexual minorities still face discrimination. While there is more public discussion of such issues, some LGBT activities have been blocked by authorities.The official attitude is increasingly strict, the founder of the LGBT group said.Contents of the WeChat accounts, which included personal stories and photos of group events, were erased, according to the group’s founder.DevastatingThe former operator of a different group for university students, who asked not to be identified for fear of retaliation, called the step a devastating blow.University officials asked students two months ago to shut down LGBT social media groups or to avoid mentioning their school names, according to the LGBT group founder. She said universities in the eastern province of Jiangsu were told by officials to investigate groups for women’s rights and sexual minorities to “maintain stability.”Surveys suggest there are about 70 million LGBT people in China, or about 5% of the population, according to state media.Some groups have organized film festivals and other public events, but those have dwindled.One of the most prominent, Shanghai Pride, canceled events last year and scrapped future plans without explanation after 11 years of operation.China’s legislature received suggestions from the public about legalizing same-sex marriage two years ago, according to the official Xinhua News Agency. However, it gave no indication whether legislators might take action.
…
Between 800 and 1,500 businesses around the world have been affected by a ransomware attack centered on U.S. information technology firm Kaseya, its chief executive said Monday. Fred Voccola, the Florida-based company’s CEO, said in an interview that it was hard to estimate the precise impact of Friday’s attack because those hit were mainly customers of Kaseya’s customers. Kaseya provides software tools to information technology outsourcing shops: companies that typically handle back-office work for companies too small or modestly resourced to have their own tech departments. One of those tools was subverted Friday, allowing the hackers to paralyze hundreds of businesses on five continents. Although most of those affected have been small concerns such as dentists’ offices or accountants, the disruption has been felt more keenly in Sweden, where hundreds of supermarkets had to close because their cash registers were inoperative, or New Zealand, where schools and kindergartens were knocked offline. FILE – A sign reads: “Temporarily Closed. We have an IT-disturbance and our systems are not functioning”, posted in the window of a closed Coop supermarket store in Stockholm, Sweden, July 3, 2021.The hackers who claimed responsibility for the breach have demanded $70 million to restore all the affected businesses’ data, although they have indicated a willingness to temper their demands in private conversations with a cybersecurity expert and with Reuters. “We are always ready to negotiate,” a representative of the hackers told Reuters earlier Monday. The representative, who spoke via a chat interface on the hackers’ website, didn’t provide their name. Voccola refused to say whether he was ready to take the hackers up on the offer. “I can’t comment yes, no or maybe,” he said when asked whether his company would talk to or pay the hackers. “No comment on anything to do with negotiating with terrorists in any way.” Voccola said he had spoken to officials at the White House, the FBI and the Department of Homeland Security about the breach, but so far, he was not aware of any nationally important business being affected. “We’re not looking at massive critical infrastructure,” he said. “That’s not our business. We’re not running AT&T’s network or Verizon’s 911 system. Nothing like that.” Because Voccola’s firm was in the process of fixing a vulnerability in the software that was exploited by the hackers when the ransomware attack was executed, some information security professionals have speculated that the hackers might’ve been monitoring his company’s communications from the inside. Voccola said neither he nor the investigators his company had brought in had seen any sign of that. “We don’t believe that they were in our network,” he said. He added that the details of the breach would be made public “once its ‘safe’ and OK to do that.” About a dozen different countries have been affected by the breach, according to research published by cybersecurity firm ESET.
…
An Asian industry group that includes Google, Facebook and Twitter has warned that tech companies could stop offering their services in Hong Kong if the Chinese territory proceeds with plans to change privacy laws.
The warning came in a letter sent by the Asia Internet Coalition, of which all three companies, in addition to Apple Inc, LinkedIn and others, are members.
Proposed amendments to privacy laws in Hong Kong could see individuals hit with “severe sanctions”, said the June 25 letter to the territory’s privacy commissioner for personal data, Ada Chung Lai-ling, without specifying what the sanctions would be.
“Introducing sanctions aimed at individuals is not aligned with global norms and trends,” added the letter, whose contents were first reported by the Wall Street Journal.
“The only way to avoid these sanctions for technology companies would be to refrain from investing and offering their services in Hong Kong, thereby depriving Hong Kong businesses and consumers, whilst also creating new barriers to trade.”
In the six-page letter, AIC managing director Jeff Paine acknowledged the proposed amendments focus on the safety and personal data privacy of individuals. “However, we wish to stress that doxxing is a matter of serious concern,” he wrote.
During anti-government protests in Hong Kong in 2019, doxxing – or publicly releasing private or identifying information about an individual or organisation – came under scrutiny when police were targeted after their details were released online.
The details of some officers’ home addresses and children’s schools were also exposed by anti-government protesters, some of who threatened them and their families online.
“We … believe that any anti-doxxing legislation, which can have the effect of curtailing free expression, must be built upon principles of necessity and proportionality,” the AIC said.
Facebook did not immediately respond to a Reuters request for comment, while Twitter referred questions to the AIC.
Google declined to comment.
The former British colony of Hong Kong returned to Chinese rule in 1997 with the guarantee of continued freedoms. Pro-democracy activists say those freedoms are being whittled away by Beijing, especially with a national security law introduced last year cracking down on dissent. China denies the charge.
…
Businesses around the world rushed Saturday to contain a ransomware attack that has paralyzed their computer networks, a situation complicated in the U.S. by offices lightly staffed at the start of the Fourth of July holiday weekend. It’s not yet known how many organizations have been hit by demands that they pay a ransom in order to get their systems working again. But some cybersecurity researchers predict the attack targeting customers of software supplier Kaseya could be one of the broadest ransomware attacks on record. It follows a scourge of headline-grabbing attacks over recent months that have been a source of diplomatic tension between U.S. President Joe Biden and Russian President Vladimir Putin over whether Russia has become a haven for cybercriminal gangs. Biden said Saturday he didn’t yet know for certain who was responsible but suggested that the U.S. would respond if Russia was found to have anything to do with it. “If it is either with the knowledge of and or a consequence of Russia then I told Putin we will respond,” Biden said. “We’re not certain. The initial thinking was it was not the Russian government.” Cybersecurity experts say the REvil gang, a major Russian-speaking ransomware syndicate, appears to be behind the attack that targeted the software company Kaseya, using its network-management package as a conduit to spread the ransomware through cloud-service providers. “The number of victims here is already over 1,000 and will likely reach into the tens of thousands,” said cybersecurity expert Dmitri Alperovitch of the Silverado Policy Accelerator think tank. “No other ransomware campaign comes even close in terms of impact.” The cybersecurity firm ESET says there are victims in least 17 countries, including the United Kingdom, South Africa, Canada, Argentina, Mexico, Kenya and Germany. In Sweden, most of the grocery chain Coop’s 800 stores were unable to open because their cash registers weren’t working, according to SVT, the country’s public broadcaster. The Swedish State Railways and a major local pharmacy chain were also affected. Kaseya CEO Fred Voccola said in a statement that the company believes it has identified the source of the vulnerability and will “release that patch as quickly as possible to get our customers back up and running.” Voccola said fewer than 40 of Kaseya’s customers were known to be affected, but experts said the ransomware could still be affecting hundreds more companies that rely on Kaseya’s clients that provide broader IT services.John Hammond of the security firm Huntress Labs said he was aware of a number of managed-services providers — companies that host IT infrastructure for multiple customers — being hit by the ransomware, which encrypts networks until the victims pay off attackers. “It’s reasonable to think this could potentially be impacting thousands of small businesses,” said Hammond, basing his estimate on the service providers reaching out to his company for assistance and comments on Reddit showing how others are responding. At least some victims appeared to be getting ransoms set at $45,000, considered a small demand but one that could quickly add up when sought from thousands of victims, said Brett Callow, a ransomware expert at the cybersecurity firm Emsisoft. FILE – An “Out of Service” bag covers a gas pump as cars line up at a Circle K gas station near uptown Charlotte, North Carolina, May 11, 2021, after a ransomware attack shut the Colonial Pipeline, a major East Coast gasoline provider.Callow said it’s not uncommon for sophisticated ransomware gangs to perform an audit after stealing a victim’s financial records to see what they can really afford to pay, but that won’t be possible when there are so many victims to negotiate with. “They just pitched the demand amount at a level most companies will be willing to pay,” he said. Voccola said the problem is only affecting its “on premise” customers, which means organizations running their own data centers. It’s not affecting its cloud-based services running software for customers, though Kaseya also shut down those servers as a precaution, he said. The company added in a statement Saturday that “customers who experienced ransomware and receive a communication from the attackers should not click on any links — they may be weaponized.” Gartner analyst Katell Thielemann said it’s clear that Kaseya quickly sprang to action, but it’s less clear whether their affected clients had the same level of preparedness. “They reacted with an abundance of caution,” she said. “But the reality of this event is it was architected for maximum impact, combining a supply chain attack with a ransomware attack.” Supply chain attacks are those that typically infiltrate widely used software and spread malware as it updates automatically. Complicating the response is that it happened at the start of a major holiday weekend in the U.S., when most corporate IT teams aren’t fully staffed. That could also leave those organizations unable to address other security vulnerabilities, such a dangerous Microsoft bug affecting software for print jobs, said James Shank, of threat intelligence firm Team Cymru. “Customers of Kaseya are in the worst possible situation,” he said. “They’re racing against time to get the updates out on other critical bugs.” The federal Cybersecurity and Infrastructure Security Agency said in a statement that it is closely monitoring the situation and working with the FBI to collect more information about its impact. CISA urged anyone who might be affected to “follow Kaseya’s guidance to shut down VSA servers immediately.” Kaseya runs what’s called a virtual system administrator, or VSA, that’s used to remotely manage and monitor a customer’s network. The privately held Kaseya is based in Dublin, Ireland, with a U.S. headquarters in Miami. REvil, the group most experts have tied to the attack, was the same ransomware provider that the FBI linked to an attack on JBS SA, a major global meat processor that paid an $11 million ransom, amid the Memorial Day holiday weekend in May. Active since April 2019, the group provides ransomware as a service, meaning it develops the network-paralyzing software and leases it to so-called affiliates who infect targets and earn the lion’s share of ransoms. U.S. officials have said the most potent ransomware gangs are based in Russia and allied states and operate with Kremlin tolerance and sometimes collude with Russian security services. Asked about the attack during a trip to Michigan on Saturday, Biden said he had asked the intelligence community for a “deep dive” on what happened. He said he expected to know more by Sunday.
…
One of Sweden’s biggest supermarket chains said Saturday it had to temporarily close around 800 stores nationwide after a cyberattack blocked access to its checkouts.”One of our subcontractors was hit by a digital attack, and that’s why our checkouts aren’t working any more,” Coop Sweden, which accounts for around 20 percent of the sector, said in a statement.”We regret the situation and will do all we can to reopen swiftly,” the cooperative added.Ransomware Hits Hundreds of US Companies, Security Firm Says The REvil gang, a major Russian-speaking ransomware syndicate, appears to be behind the attackCoop Sweden did not name the subcontractor or reveal the hacking method used against it beginning on Friday evening.But the attack comes as a wave of ransomware attacks has struck worldwide, especially in the United States.Ransomware attacks typically involve locking away data in systems using encryption, making companies pay to regain access.Last year, hackers extorted at least $18 billion using such software, according to security firm Emsisoft.US IT company Kaseya on Friday urged customers to shut down servers running its VSA platform after dozens were hit with ransomware.In recent weeks, such attacks have hit oil pipelines, health services and major firms, and made it onto the agenda of US President Joe Biden’s June meeting with Russian counterpart Vladimir Putin.
…
A ransomware attack paralyzed the networks of at least 200 U.S. companies Friday, according to a cybersecurity researcher whose company was responding to the incident. The REvil gang, a major Russian-speaking ransomware syndicate, appears to be behind the attack, said John Hammond of the security firm Huntress Labs. He said the criminals targeted a software supplier called Kaseya, using its network-management package as a conduit to spread the ransomware through cloud-service providers. Other researchers agreed with Hammond’s assessment. “Kaseya handles large enterprise all the way to small businesses globally, so ultimately, [this] has the potential to spread to any size or scale business,” Hammond said in a direct message on Twitter. “This is a colossal and devastating supply chain attack.” Such cyberattacks typically infiltrate widely used software and spread malware as it updates automatically. It was not immediately clear how many Kaseya customers might be affected or who they might be. Kaseya urged customers in a statement on its website to immediately shut down servers running the affected software. It said the attack was limited to a “small number” of its customers.’SolarWinds with ransomware’Brett Callow, a ransomware expert at the cybersecurity firm Emsisoft, said he was unaware of any previous ransomware supply-chain attack on this scale. There have been others, but they were fairly minor, he said. “This is SolarWinds with ransomware,” he said. He was referring to a Russian cyberespionage hacking campaign discovered in December that spread by infecting network management software to infiltrate U.S. federal agencies and scores of corporations. Cybersecurity researcher Jake Williams, president of Rendition Infosec, said he was already working with six companies hit by the ransomware. It’s no accident that this happened before the Fourth of July weekend, when IT staffing is generally thin, he added. “There’s zero doubt in my mind that the timing here was intentional,” he said. Hammond of Huntress said he was aware of four managed-services providers — companies that host IT infrastructure for multiple customers — being hit by the ransomware, which encrypts networks until the victims pay off attackers. He said thousands of computers were hit. “We currently have three Huntress partners who are impacted with roughly 200 businesses that have been encrypted,” Hammond said. JBS attackHammond wrote on Twitter: “Based on everything we are seeing right now, we strongly believe this [is] REvil/Sodinikibi.” The FBI linked the same ransomware provider to a May attack on JBS SA, a major global meat processor. The federal Cybersecurity and Infrastructure Security Agency said in a statement late Friday that it was closely monitoring the situation and working with the FBI to collect more information about its impact. CISA urged anyone who might be affected to “follow Kaseya’s guidance to shut down VSA servers immediately.” Kaseya runs what’s called a virtual system administrator, or VSA, that’s used to remotely manage and monitor a customer’s network. The privately held Kaseya says it is based in Dublin, Ireland, with a U.S. headquarters in Miami. The Miami Herald recently described it as “one of Miami’s oldest tech companies” in a report about its plans to hire as many as 500 workers by 2022 to staff a recently acquired cybersecurity platform. Brian Honan, an Irish cybersecurity consultant, said by email Friday that “this is a classic supply chain attack where the criminals have compromised a trusted supplier of companies and have abused that trust to attack their customers.” He said it can be difficult for smaller businesses to defend against this type of attack because they “rely on the security of their suppliers and the software those suppliers are using.” Recovery might be easierThe only good news, said Williams, of Rendition Infosec, is that “a lot of our customers don’t have Kaseya on every machine in their network,” making it harder for attackers to move across an organization’s computer systems. That makes for an easier recovery, he said. Active since April 2019, the group known as REvil provides “ransomware as a service,” meaning it develops the network-paralyzing software and leases it to so-called affiliates who infect targets and earn the lion’s share of ransoms. REvil is among ransomware gangs that steal data from targets before activating the ransomware, strengthening their extortion efforts. The average ransom payment to the group was about $500,000 last year, said the Palo Alto Networks cybersecurity firm in a recent report. Some cybersecurity experts predicted that it might be hard for the gang to handle the ransom negotiations, given the large number of victims — though the long U.S. holiday weekend might give it more time to start working through the list.
…
As part of a cyberespionage operation targeting Central Asian countries, Chinese hackers recently sought to breach the computer networks of Afghanistan’s National Security Council, researchers at cybersecurity firm Check Point reported.The alleged attack by the Chinese-speaking hacking group known to cybersecurity experts as IndigoZebra is the latest in an operation that goes back as far as 2014 and has targeted political entities in neighboring Uzbekistan and Kyrgyzstan, the researchers wrote in a FILE – An iPhone displays a Facebook page, Aug. 11, 2019. Facebook said March 24, 2021, that hackers in China had used fake accounts and impostor websites in a bid to break into the phones of Uyghur Muslims.This is the first major Chinese cyberespionage operation in Afghanistan to come to light, coming just weeks after An icon for the Pulse Secure smartphone app, right, and a computer desktop info page are seen in Burke, Va., June 14, 2021. Suspected Chinese hackers penetrated U.S. entities’ computers in what cybersecurity experts called a major espionage campaign.China conducts large-scale cyberespionage operations around the world, cybersecurity experts say. In its latest threat assessment to Congress, the U.S. intelligence community wrote in April that China “presents a prolific and effective cyberespionage threat, possesses substantial cyber-attack capabilities, and presents a growing influence threat.”The Chinese Embassy in Washington did not respond to a request for comment.Check Point researchers said they investigated the cyberattack in Afghanistan after stumbling upon a suspicious email on a website that detects malware in email communications. The email had been apparently posted by one of its recipients on the Afghan National Security Council, according to Alexandra Gofman, the lead investigator on the Check Point team that probed the operation.Khalid Mafton of VOA’s Afghan Service contributed to this report.
…
Federal law enforcement agencies secretly seek the data of Microsoft customers thousands of times a year, according to congressional testimony Wednesday by a senior executive at the technology company.Tom Burt, Microsoft’s corporate vice president for customer security and trust, told members of the House Judiciary Committee that federal law enforcement in recent years has been presenting the company with between 2,400 to 3,500 secrecy orders a year, or about seven to 10 a day.”Most shocking is just how routine secrecy orders have become when law enforcement targets an American’s email, text messages or other sensitive data stored in the cloud,” said Burt, describing the widespread clandestine surveillance as a major shift from historical norms.The relationship between law enforcement and Big Tech has attracted fresh scrutiny in recent weeks with the revelation that Trump-era Justice Department prosecutors obtained as part of leak investigations phone records belonging not only to journalists but also to members of Congress and their staffers. Microsoft, for instance, was among the companies that turned over records under a court order, and because of a gag order, had to then wait more than two years before disclosing it.Since then, Brad Smith, Microsoft’s president, called for an end to the overuse of secret gag orders, arguing in a Washington Post opinion piece that “prosecutors too often are exploiting technology to abuse our fundamental freedoms.” Attorney General Merrick Garland, meanwhile, has said the Justice Department will abandon its practice of seizing reporter records and will formalize that stance soon.Burt is among the witnesses at a Judiciary Committee hearing about potential legislative solutions to intrusive leak investigations. House Judiciary Committee Chairman Jerrold Nadler said in opening remarks Wednesday that the Justice Department took advantage of outdated policies on digital data searches to target journalists and others in leak investigations. The New York Democrat said that reforms are needed now to guard against future overreach by federal prosecutors — an idea also expressed by Republicans on the committee.”We cannot trust the department to police itself,” Nadler said.Burt said that while the revelation that federal prosecutors had sought data about journalists and political figures was shocking to many Americans, the scope of surveillance is much broader. He criticized prosecutors for reflexively seeking secrecy through boilerplate requests that “enable law enforcement to just simply assert a conclusion that a secrecy order is necessary.”Burt said that while Microsoft Corp. does cooperate with law enforcement on a broad range of criminal and national security investigations, it often challenges surveillance that it sees as unnecessary, resulting at times in advance notice to the account being targeted.Among the organizations weighing in at the hearing was The Associated Press, which called on Congress to act to protect journalists’ ability to promise confidentiality to their sources. Reporters must have prior notice and the ability to challenge a prosecutor’s efforts to seize data, said a statement submitted by Karen Kaiser, AP’s general counsel.”It is essential that reporters be able to credibly promise confidentially to ensure the public has the information needed to hold its government accountable and to help government agencies and officials function more effectively and with integrity,” Kaiser said. As possible solutions, Burt said, the government should end indefinite secrecy orders and should also be required to notify the target of the data demand once the secrecy order has expired.Just this week, he said, prosecutors sought a blanket gag order affecting the government of a major U.S. city for a Microsoft data request targeting a single employee there.”Without reform, abuses will continue to occur and they will occur in the dark,” Burt said.
…
A federal judge on Monday dismissed antitrust lawsuits brought against Facebook by the Federal Trade Commission and a coalition of state attorneys general, dealing a significant blow to attempts by regulators to rein in tech giants. U.S. District Judge James Boasberg ruled Monday that the lawsuits were “legally insufficient” and didn’t provide enough evidence to prove that Facebook was a monopoly. The ruling dismisses the complaint but not the case, meaning the FTC could refile another complaint. “These allegations — which do not even provide an estimated actual figure or range for Facebook’s market share at any point over the past 10 years — ultimately fall short of plausibly establishing that Facebook holds market power,” he said. The U.S. government and 48 states and districts sued Facebook in December 2020, accusing the tech giant of abusing its market power in social networking to crush smaller competitors and seeking remedies that could include a forced spinoff of the social network’s Instagram and WhatsApp messaging services. The FTC had alleged Facebook engaged in a “a systematic strategy” to eliminate its competition, including by purchasing smaller up-and-coming rivals like Instagram in 2012 and WhatsApp in 2014. New York Attorney General Letitia James said when filing the suit that Facebook “used its monopoly power to crush smaller rivals and snuff out competition, all at the expense of everyday users.” Boasberg dismissed the separate complaint made by the state attorneys general, as well.
…
A Ukrainian hacker was sentenced to seven years in prison for his role in a notorious cybercrime group that stole millions of credit and debit card details from across the United States, the Department of Justice said Thursday.Andrii Kolpakov, 33, was also ordered to pay $2.5 million in restitution after pleading guilty to one count of conspiracy to commit wire fraud and one count of conspiracy to commit computer hacking, the department said in a press release.Kolpakov’s lawyer, Vadim Glozman, said his client was disappointed with the sentence but respected the judge’s decision.He said Kolpakov — who has already spent three years in custody after being apprehended by police in Spain in 2018 — planned to return to Ukraine after serving out the remainder of his sentence.Kolpakov was sentenced in the Western District of Washington. Glozman said that his client was currently in custody in Washington state.Kolpakov’s gang — dubbed “FIN7” — is among the most prolific cybercriminal enterprises in existence. A memo drawn up by U.S. prosecutors said that “no hacking group epitomizes the industrialization of cybercrime better,” alleging that the gang had over 70 people organized into discrete departments and teams, including a unit devoted to crafting malicious software and another unit composed of hackers who exploited victims’ machines.For cover, FIN7 masqueraded as a cybersecurity company called “Combi Security,” which claimed to be involved in penetration testing.Prosecutors say Kolpakov worked for FIN7 from at least April 2016 until his arrest in June 2018 and rose to become a midlevel manager directing “a small team of hackers” tasked with breaching victims’ computer systems and training new recruits to use FIN7’s malicious tools.
…
U.S. lawmakers debated into the night Wednesday over details of legislation aimed at curbing the power of Big Tech firms with a sweeping reform of antitrust laws.The House Judiciary Committee clashed over a series of bills with potentially massive implications for large online platforms and consumers who use them.The legislation could force an overhaul of the business practices of Google, Apple, Amazon and Facebook, or potentially lead to a breakup of the dominant tech giants. But critics argue the measures could have unintended consequences that would hurt consumers and some of the most popular online services.Rep. David Cicilline, who headed a 16-month investigation that led to the legislation, said the bills are aimed at restoring competition in markets stymied by monopolies.”The digital marketplace suffers from a lack of competition. Many digital markets are defined by monopolies or duopoly control,” Cicilline said as the hearing opened.”Amazon, Apple, Facebook and Google are gatekeepers to the online economy. They bury or by rivals and abuse their monopoly power conduct that is harmful to consumers, competition, innovation and our democracy.”The bills would restrict how online platforms operate, notably whether tech giants operating them could favor their own products or services.The measures would also limit mergers or acquisitions by Big Tech firms aimed at limiting competition and make it easier for users to try new services by requiring data “portability” and “interoperability.”The fate of the bills remained unclear, with some Republicans and moderate Democrats expressing concerns despite bipartisan support.Clash points included whether it is right to target laws at four big tech companies and whether government agencies will hobble them instead of letting them adapt to competition.”The interoperability measure is a huge step backwards,” said Oregon Republican Cliff Bentz. “Big Tech is certainly not perfect. This bill is not the way to fix the problem.”Representative Zoe Lofgren said she hoped the bill would include more measures for data privacy and security but endorses the concept.“The big platforms have all your information. And if you can’t move it, then you’re really a prisoner of that platform,” she said. “Who wants to leave a platform if they’ve got all your baby pictures and all of your videos of your grandchildren, locked up?”As the session stretched into the night, some members of the body lobbied to adjourn and resume the work another day.’They make it worse’Republican Representative Ken Buck, a supporter of the overhaul, said the legislation “represents a scalpel, not a chainsaw, to deal with the most important aspects of antitrust reform,” in dealing with “these monopolists (who) routinely use their gatekeeper power to crush competitors, harm innovation and destroy the free market.”But Representative Jim Jordan, a Republican, criticized the effort, renewing his argument that Big Tech firms suppress conservative voices.”These bills don’t fix that problem — they make it worse,” Jordan said. “They don’t break up Big Tech. They don’t stop censorship.”Steve Chabot, another Republican, called the initiative “an effort for big government to take over Big Tech.”The panel approved on a 29-12 vote a bill that was the least controversial, increasing merger filing fees to give more funding for antitrust enforcement.Tech firms and others warned of negative consequences for popular services people rely on, potentially forcing Apple to remove its messaging apps from the iPhone or Google to stop displaying results from YouTube or Maps.Apple released a report arguing that one likely impact — opening up the iPhone to apps from outside platforms — could create security and privacy risks for users.Forcing Apple to allow “sideloading” of apps would mean “malicious actors would take advantage of the opportunity by devoting more resources to develop sophisticated attacks targeting iOS users,” the report said.Amazon vice president Brian Huseman warned of “significant negative effects” both for sellers and consumers using the e-commerce platform, and reduced-price competition.”It will be much harder for these third-party sellers to create awareness for their business,” Huseman said.”Removing the selection of these sellers from Amazon’s store would also create less price competition for products, and likely end up increasing prices for consumers. The committee is moving unnecessarily fast in pushing these bills forward.”The measures may also impact other firms including Microsoft, which has not been the focus of the House antitrust investigation but which links services such as Teams messaging and Bing search to its Windows platform, and possibly other firms.
…
John McAfee, creator of the McAfee antivirus software, has been found dead in his cell in a jail near Barcelona, a government official told The Associated Press on Wednesday.
Hours earlier, a Spanish court issued a preliminary ruling in favor of the 75-year-old tycoon’s extradition to the United States to face tax-related criminal charges.
Security personnel at the Brians 2 penitentiary near the northeastern Spanish city tried to revive him, but the jail’s medical team finally certified his death, a statement from the regional Catalan government said.
The statement didn’t identify McAfee by name, but said he was a 75-year-old U.S. citizen awaiting extradition to his country. A Catalan government source familiar with the event who was not authorized to be named in media reports confirmed to the AP that the dead man was McAfee.
Spain’s National Court on Monday ruled in favor of extraditing McAfee, who had argued in a hearing earlier this month that the charges against him were politically motivated and that he would spend the rest of his life in prison if he was returned to the U.S.
The court’s ruling was made public on Wednesday and could be appealed. Any final extradition order would also need to get approval from the Spanish Cabinet.
Tennessee prosecutors charged McAfee with evading taxes after failing to report income made from promoting cryptocurrencies while he did consultancy work, as well as income from speaking engagements and selling the rights to his life story for a documentary. The criminal charges carry a prison sentence of up to 30 years.
The entrepreneur was arrested last October at Barcelona’s international airport. A judge ordered at that time that McAfee should be held in jail while awaiting the outcome of a hearing on extradition.
…
A landmark cyberbullying trial in Paris, involving thousands of threats against a teenager who savaged Islam in online posts, is blazing a trail in efforts to punish and prevent online abuse.It has also raised uncomfortable questions about freedom of expression, freedom to criticize a religion, and respect for France’s millions of Muslims. But most of all, it’s been a trial about the power of the online word, and prosecutors hope it serves as a wake-up call to those who treat it lightly.Thirteen young people of various backgrounds and religions from across France face potential prison time for charges including online harassment, online death threats and online rape threats in the two-day trial wrapping up Tuesday. It’s the first of its kind since France created a new court in January to prosecute online crimes, including harassment and discrimination.Tweet or post without thinkingOne of the defendants wants to become a police officer. Another says he just wanted to rack up more followers by making people laugh. Some denied wrongdoing, others apologized. Most said they tweeted or posted without thinking.The teen at the center of the trial, who has been identified publicly only by her first name, Mila, told the court she feels as if she’s been “condemned to death.””I do not see my future,” she said.Mila, who describes herself as atheist, was 16 when she started posting videos on Instagram and later TikTok harshly criticizing Islam and the Quran. Now 18, she testified that “I don’t like any religion, not just Islam.”Her lawyer Richard Malka said Mila has received some 100,000 threatening messages, including death threats, rape threats, misogynist messages and hateful messages about her homosexuality.Quit high school twiceMila had to quit her high school, then another. She is now monitored daily by the police for her safety.”It’s been a cataclysm, it feels like the sky is falling on our heads … a confrontation with pure hatred,” her mother told the court.Mila’s online enemies don’t fit a single profile. Among the thousands of threats, authorities tracked down 13 suspects who are on trial this week. All are being identified publicly only by their first names, according to French practice.TikTok videoThe trial focused on comments in response to a TikTok video by Mila in November criticizing Islam. A defendant named Manfred threatened to turn her into another Samuel Paty, a teacher who was beheaded outside Paris in October after showing caricatures of the Prophet Muhammad in class.Manfred told the court he was “pretending to be a stalker to make people laugh.””I knew she was controversial because she criticized Islam. I wanted to have fun and get new subscribers,” he testified.Defendant Enzo, 22, apologized in court for tweeting “you deserve to have your throat slit,” followed by a sexist epithet.Others argued their posts didn’t constitute a crime.”At the time, I was not aware that it was harassment. When I posted the tweet, I wasn’t thinking,” testified Lauren, a 21-year-old university student who tweeted about Mila: “Have her skull crushed, please.”Stands by criticismAlyssa, 20, one of the few Muslim defendants, says she reacted “like everyone else on Twitter” and stood by her criticism of Mila’s posts.While the defense lawyer argued that it’s not the same thing to insult a god or a religion and a human being, Alyssa disagreed.”For me, it is of the same nature. Mila used freedom of expression; I thought that (tweeting an angry response) was also freedom of expression,” she said.Freedom of expression is considered a fundamental right and blasphemy is not a crime in France. After Mila’s initial video in January 2020, a legal complaint was filed against her for incitement to racial hatred. That investigation was dropped for lack of evidence.Some French Muslims feel that their country, and President Emmanuel Macron’s government, unfairly stigmatize their religious practices.French society dividedMila’s online videos rekindled those concerns and divided French society. While the threats against her were broadly condemned, former Socialist President Francois Hollande was among those who argued that while she has the right to criticize religion, “she should not engage in hate speech about those who practice their religion.”Nawfel, 19, didn’t see the harm when he tweeted that Mila deserved the death penalty and insulted her sexuality. He has passed tests to become a gendarme and hopes not to be sentenced, to keep a clean record. The trial has given him new perspective on online activity.”Without social media, everyone would have a normal life,” he said. “Now there are many people who will think before they write.”Prison time, finesThe defendants face up to two years in prison and 30,000 euros in fines (about $37,000) if convicted of online harassment. Some are also accused of online death threats, an offense that carries a maximum prison sentence of three years and a fine of up to 45,000 euros ($55,000).The prosecutor, however, requested suspended sentences. A verdict is expected July 9.”You have the power to stop this digital lynching,” defense lawyer Malka told the judges. “Fear of the law is the only thing that remains.”Mila remains active on social networks.”I have this need to show that I will not change who I am and what I think,” she said. “I see it as like a woman who has been raped in the street and who is asked not to go out, so that it doesn’t happen again.”
…
The European Union announced Tuesday it is once again investigating Google for what could be anti-competitive activities in digital advertising.The investigation will try to determine if Google is harming competitors by restricting third party access to user data that could better target advertising.”We are concerned that Google has made it harder for rival online advertising services to compete in the so-called ad tech stack,” European Competition Commissioner Margrethe Vestager said in a statement.Google said it would cooperate in the investigation.”Thousands of European businesses use our advertising products to reach new customers and fund their websites every single day. They choose them because they’re competitive and effective,” a Google spokesperson said.The EU has fined Google more than $9.5 billion over the past decade for restricting third parties from online shopping, Android phones and online advertising.In the past year, online ads generated $147 billion in revenue for the U.S.-based company.Google’s ad business also is facing scrutiny in the U.S., where several states and the U.S. Justice Department are suing the company for alleged anti-competitive behavior.
…
The number of STEM jobs — science, technology, engineering and mathematics — have sped past the number of non-STEM jobs by three times since 2000. And experts say there might not be enough graduates in those fields to fill the jobs. “Look around at how many times a day you touch a computer, tablet, phone … these industries are accelerating so much that these high school kids will have jobs that don’t even exist yet,” said Kenneth Hecht, the leader of the National STEM Honor Society, an membership program that engages students from kindergarten into their career in STEM project-based learning (NSTEM). STEM covers both high-tech and long-established professions. For example, STEM jobs in demand include those in cloud computing, informatics and other software developers that write code for computation. They also include occupations for actuaries, cartographers, critical care nurses and epidemiologists. Jobs in the medical and healthcare fields have boomed because of the COVID-19 pandemic, as populations age, but traditionally, computer technology, or tech, is the number one major that international students pursue within STEM, according to a study by the Institute of International Education. Jobs in computer and information technology are projected to grow 11% from 2019 to 2029, according to the Bureau of Labor Statistics (BLS) website, “much faster than the average for all occupations.”These occupations are projected to add about 531,200 new jobs to the U.S. workforce by 2029. Jobs in cloud computing, big data, and information security will be in high demand, according to BLS.COVID plus and minuses Recent enrollment declines because of the COVID-19 pandemic have slowed the pipeline between graduates and jobs, as most international students rode out the pandemic in their home countries. But recent graduates who land STEM jobs show greater availability and higher salaries. “A STEM education and a STEM career can change the trajectory of one family’s path and even others,” said Kenneth Hecht, leader of the National STEM Honor Society that engages students from kindergarten into their career in STEM project-based learning (NSTEM). Nidhi Thaker, a Ph.D. student in the biochemistry and molecular biology department at University of Massachusetts-Amherst, also is optimistic about the promise of STEM opportunities. “Applying and combining a biology background with technology that can be helpful in making a product, and by product, I mean, it could be a machine, it could be a drug, it could be any other thing, to help medicine itself and to help the field grow,” is what biotechnology means to Thaker. Her experience working in the Boston area, one of America’s biotech hubs and close to several top U.S. universities like Massachusetts Institute of Technology and Harvard University, has been largely positive. “It’s not just work, work, work. They also incorporate, like, team-building exercises, going out and having parties and things like that,” Thaker noted. “It’s a very well rounded, cultural approach that they’re taking, in regard to giving all the benefits.” Lack of people skills One problem, though, is many graduates have a proficiency in tech skills but lack people skills, said Sahil Jain, senior enterprise architect at Adobe. “This means they are good at coding. You can give them a digest code, they will do it very well. But they cannot speak to the senior leadership at the customer site.” Jain explains that both soft and hard skills are necessary to do well in emerging technology jobs, yet students often excel at one or the other, not both. “That means they are good at speaking, but when it comes to technicalities, the customer brings his architects on the call, ‘Oh, tell me how this will work? Can you give me some architectural aspects as well?’ … That is where the big gap is,” he explained. In addition, Jain said the STEM job market is crowded with numerous evolving technologies. “The industry is evolving a lot. It’s no longer only cloud computing based. There are many, many areas of blockchain,” a way to code to enhance the security of the information. “We have machine learning, we have [artificial intelligence] …” said Jain, who has recently enrolled in Georgia Institute of Techology, a public university in Atlanta, to keep his skills up to date. Filling needed roles Even with initiatives to alert students to STEM opportunities, like NSTEM, there were an estimated 2.4 million positions unfilled in STEM fields in 2018, according to a study by Impact Science, a California teacher-founded initiative to engage young students with science.“Being on the educational side, these numbers are well published and well recognized in the world, and the question is and has been, ‘What do you do about it?’” Hecht asked. “If you look at the differences in ethnicities and gender it would be even worse,” which inspires one of NSTEM’s missions to help close equity divisions in STEM, he added. Immigration issues An April 2021 study by the National Foundation for American Policy (NFAP) found that “enrolling more international undergraduate students does not crowd out U.S. students at the average American university and leads to an increase in the number of bachelor’s degrees in STEM majors awarded to U.S. students.” “Each additional 10 bachelor’s degrees—across all majors—awarded to international students by a college or university leads to an additional 15 bachelor’s degrees in STEM majors awarded to U.S. students,” the study found. The data suggests that U.S. students are more likely to major in STEM fields if they go to school with international students. “In much of the U.S., STEM graduates are in short supply. Students who graduate with a STEM major typically earn more than other graduates, especially early in their careers,” according to the NFAP study. “The finding here that the presence of international students actually increases the number of U.S. students graduating with a STEM major is another reason to encourage international students to come to the United States,” stated Madeline Zavodny, the study’s author. “America’s future competitiveness depends on attracting and retaining talented international students,” according to companies like Google, Facebook, Microsoft and Twitter with other parties in a group letter to Immigration and Custom Enforcement (ICE) in July 2020. ICE had announced it would revoke international student visas during the COVID-19 pandemic if those students were not in person to study on campus. ICE Won’t Compel Foreign Students to Be on Campus Immigration agency retreats from ruling that risked student visa status
…
The number of STEM jobs — science, technology, engineering and mathematics — have sped past the number of non-STEM jobs by three times since 2000. And experts say there might not be enough graduates in those fields to fill the jobs. “Look around at how many times a day you touch a computer, tablet, phone … these industries are accelerating so much that these high school kids will have jobs that don’t even exist yet,” said Kenneth Hecht, the leader of the National STEM Honor Society, an membership program that engages students from kindergarten into their career in STEM project-based learning (NSTEM). STEM covers both high-tech and long-established professions. For example, STEM jobs in demand include those in cloud computing, informatics and other software developers that write code for computation. They also include occupations for actuaries, cartographers, critical care nurses and epidemiologists. Jobs in the medical and healthcare fields have boomed because of the COVID-19 pandemic, as populations age, but traditionally, computer technology, or tech, is the number one major that international students pursue within STEM, according to a study by the Institute of International Education. Jobs in computer and information technology are projected to grow 11% from 2019 to 2029, according to the Bureau of Labor Statistics (BLS) website, “much faster than the average for all occupations.”These occupations are projected to add about 531,200 new jobs to the U.S. workforce by 2029. Jobs in cloud computing, big data, and information security will be in high demand, according to BLS.COVID plus and minuses Recent enrollment declines because of the COVID-19 pandemic have slowed the pipeline between graduates and jobs, as most international students rode out the pandemic in their home countries. But recent graduates who land STEM jobs show greater availability and higher salaries. “A STEM education and a STEM career can change the trajectory of one family’s path and even others,” said Kenneth Hecht, leader of the National STEM Honor Society that engages students from kindergarten into their career in STEM project-based learning (NSTEM). Nidhi Thaker, a Ph.D. student in the biochemistry and molecular biology department at University of Massachusetts-Amherst, also is optimistic about the promise of STEM opportunities. “Applying and combining a biology background with technology that can be helpful in making a product, and by product, I mean, it could be a machine, it could be a drug, it could be any other thing, to help medicine itself and to help the field grow,” is what biotechnology means to Thaker. Her experience working in the Boston area, one of America’s biotech hubs and close to several top U.S. universities like Massachusetts Institute of Technology and Harvard University, has been largely positive. “It’s not just work, work, work. They also incorporate, like, team-building exercises, going out and having parties and things like that,” Thaker noted. “It’s a very well rounded, cultural approach that they’re taking, in regard to giving all the benefits.” Lack of people skills One problem, though, is many graduates have a proficiency in tech skills but lack people skills, said Sahil Jain, senior enterprise architect at Adobe. “This means they are good at coding. You can give them a digest code, they will do it very well. But they cannot speak to the senior leadership at the customer site.” Jain explains that both soft and hard skills are necessary to do well in emerging technology jobs, yet students often excel at one or the other, not both. “That means they are good at speaking, but when it comes to technicalities, the customer brings his architects on the call, ‘Oh, tell me how this will work? Can you give me some architectural aspects as well?’ … That is where the big gap is,” he explained. In addition, Jain said the STEM job market is crowded with numerous evolving technologies. “The industry is evolving a lot. It’s no longer only cloud computing based. There are many, many areas of blockchain,” a way to code to enhance the security of the information. “We have machine learning, we have [artificial intelligence] …” said Jain, who has recently enrolled in Georgia Institute of Techology, a public university in Atlanta, to keep his skills up to date. Filling needed roles Even with initiatives to alert students to STEM opportunities, like NSTEM, there were an estimated 2.4 million positions unfilled in STEM fields in 2018, according to a study by Impact Science, a California teacher-founded initiative to engage young students with science.“Being on the educational side, these numbers are well published and well recognized in the world, and the question is and has been, ‘What do you do about it?’” Hecht asked. “If you look at the differences in ethnicities and gender it would be even worse,” which inspires one of NSTEM’s missions to help close equity divisions in STEM, he added. Immigration issues An April 2021 study by the National Foundation for American Policy (NFAP) found that “enrolling more international undergraduate students does not crowd out U.S. students at the average American university and leads to an increase in the number of bachelor’s degrees in STEM majors awarded to U.S. students.” “Each additional 10 bachelor’s degrees—across all majors—awarded to international students by a college or university leads to an additional 15 bachelor’s degrees in STEM majors awarded to U.S. students,” the study found. The data suggests that U.S. students are more likely to major in STEM fields if they go to school with international students. “In much of the U.S., STEM graduates are in short supply. Students who graduate with a STEM major typically earn more than other graduates, especially early in their careers,” according to the NFAP study. “The finding here that the presence of international students actually increases the number of U.S. students graduating with a STEM major is another reason to encourage international students to come to the United States,” stated Madeline Zavodny, the study’s author. “America’s future competitiveness depends on attracting and retaining talented international students,” according to companies like Google, Facebook, Microsoft and Twitter with other parties in a group letter to Immigration and Custom Enforcement (ICE) in July 2020. ICE had announced it would revoke international student visas during the COVID-19 pandemic if those students were not in person to study on campus. ICE Won’t Compel Foreign Students to Be on Campus Immigration agency retreats from ruling that risked student visa status
…
Cybersecurity experts have been poring over the transcripts from Wednesday’s news conferences in Geneva to determine whether the U.S.-Russia summit will produce real progress in halting a wave of high-profile ransomware attacks. For most, the answer is: It’s too soon to tell. In the run-up to the meeting between President Joe Biden and Russian President Vladimir Putin, cyberattacks for ransom emanating from Russia emerged as a critical national security issue for the United States. Concern over Russia’s purported role in these attacks grew after ransomware criminals believed to be based in Russia breached the computer networks of Colonial Pipeline — the largest pipeline system for refined oil products in the U.S. — and beef processing giant JBS last month.FILE – A JBS Processing Plant stands dormant after halting operations on June 1, 2021 in Greeley, Colorado. JBS facilities around the globe were impacted by a ransomware attack, forcing many of their facilities to shut down.Biden vowed to confront Putin over ransomware. But while no breakthrough over cybersecurity emerged from the summit, the two leaders agreed to start consultations over the issue. Cyber consultations Experts from the two countries will be tasked to work on “specific understandings of what’s off-limits” and to follow up on cyberattacks that originate in either country, Biden said. What that will entail remains to be seen, but cybersecurity experts say the talks will likely be conducted by working groups composed of low-level officials from across the Biden administration and their Russian counterparts. Sixteen exemptions The president said he handed Putin a list of 16 sectors such as energy and water services that the U.S. insists are out of bounds to attacks. These were designated as critical infrastructure sectors under a 2013 presidential directive. “I talked about the proposition that certain critical infrastructure should be off-limits to attack, period — by cyber or any other means,” Biden told reporters. FILE – A gasoline station posts signage saying that it has run out of unleaded and mid-grade fuel and has a $20 limit on super, following a ransomware attack on Colonial Pipeline, at the pump in Atlanta, May 11, 2021.In addition to energy and water systems, the list includes information technology, health care and public health, and food and agriculture — all of which have been the FILE – John Demers of the National Security Division speaks during a press conference at the Justice Department in Washington, Oct. 7, 2020.John Demers, the outgoing head of the Justice Department’s national security division, said that while the U.S. has in the past asked Russia for information on cybercriminals, it has all but given up on seeking cooperation. “I think we’ve reached the stage today where there’s very little point in doing so,” Demers said at an event Tuesday sponsored by public sector media company CyberScoop. Biden said Russia will be judged by its actions.”Of course, the principle is one thing,” the president said. “It has to be backed up by practice. Responsible countries need to take action against criminals who conduct ransomware activities on their territory.” U.S. cyber offensive capability Biden said that while he issued no threats during the roughly three-hour meeting, he made it clear there will be consequences for Russian actions, telling Putin, “If you do that, then we’ll do this.” In recent years, the U.S. has significantly bolstered its offensive cyber capabilities. The United States Cyber Command is tasked with carrying out cyberspace operations against malicious foreign actors. As part of an offensive cyber operation, Cyber Command can block a target’s internet access, destroy its databases or take down the group’s entire computer network. “I pointed out to him we have significant cyber capability, and he knows it,” Biden said of Putin. “He doesn’t know exactly what it is, but it’s significant.” In 2018, a U.S. cyber operation reportedly blocked Russian troll farm Internet Research Agency’s internet access. Last year, Cyber Command, along with the National Security Agency, reportedly carried out a cyber operation against hackers working for Iran’s Islamic Revolutionary Guard Corps after they sent threatening emails to U.S. voters to undermine confidence in the November presidential elections.
…
Even as big tech companies such as Amazon limit their sale of facial recognition software to law enforcement, one company has not: Clearview AI, a facial recognition search engine that contains three billion images scraped from the internet. More than 3,000 U.S. law enforcement agencies employ the software, which uses an advanced algorithm to identify and match faces, the company says. “The way it works is very similar to Google, but instead of putting in words, you’re putting in photos of faces, and it will find anything publicly available on the internet that looks like that face,” said Hoan Ton-That, chief executive and co-founder of the company. Police argue that facial recognition software is an important tool in fighting and solving crimes. But its increasing use has raised concerns that there are too few rules in place for when and how police can use it. Limiting the scope of software Police typically have image search engines at their disposal that pull drivers’ license pictures or other photos among police records. Clearview AI, in contrast, has gathered billions of images from social media sites and other websites, which internet firms say were obtained by breaking their rules. Clearview AI’s Ton-That says that the company only pulls publicly available information. In one case, federal agents were able to identify a man suspected of sexual abuse of a girl using a single image from the “dark web,” an area of the internet only accessible by special software and matching it through Clearview AI. “He was in the background of someone else’s photo at the gym, in the mirror,” said Ton-That. “They were able to identify where the gym was, identify the person, he ended up doing 35 years in jail and they saved a seven-year-old.” A tool for law enforcement The software was also instrumental in helping federal as well as state and local law enforcement identify suspects that stormed the U.S. Capitol in January, according to Ton-That. In one way, Clearview AI, which has created its database from people’s social media accounts and other public parts of the internet, was well suited to help with this massive investigation of people whose mugshots wouldn’t necessarily be in police databases, he said. Police were able to use Clearview AI, which runs about a second per search, he said, and find matching photos online of some suspects. “So they were able to quickly identify them, and reduce a lot of false-positives, and also speed up the investigative process,” he said. What about privacy? When police violence protests swept the U.S. last year, Amazon and other tech firms suspended sales of their facial recognition technology to law enforcement, a suspension they have said is indefinite. Clearview AI continues to sell to law enforcement, and internet firms such as Facebook, Google and Twitter as well as civil rights advocates are raising the alarm about its power and potential abuse of people’s privacy. The American Civil Liberties Union (ACLU) has sued the company in Chicago and California. Kate Ruane, senior legislative counsel for the ACLU, said that facial recognition technology raises the specter of the government “being able to surveil us throughout every single aspect of our lives.” Federal, state and local governments, she says, “do admit that they use it, but they don’t tell us how, when or how often.” There needs to be oversight and regulation, she said, but until then, she is calling for a total moratorium on law enforcement use of facial recognition technology. Legislation & regulation In recent months, congressional leaders have introduced bills that would limit police use of purchased data that was “illegally obtained” via deception or breach of contract. Clearview’s Ton-That agrees that there needs to be more transparency and even regulation around the technology’s use. But as for banning police use of Clearview? “Given the success of our technology in solving crimes, especially crimes against children, it would be counterproductive and inappropriate to enact a moratorium or ban of facial recognition or Clearview AI’s product,” he said. Ton-That has a code of conduct for customers and has built-in prompts in its software to help law enforcement customers prevent the software’s misuse. Repressive governments’ use of facial recognition tech The ACLU and other civil rights groups are also concerned about the implications of this technology in the hands of repressive governments like China. “Because the implications are terrifying,” said the ACLU’s Kate Ruane, “especially what is going on in China, where it is trying to track citizens across every single aspect of their lives.” Ton-That says his company does not sell its software to foreign governments and is focusing for now on law enforcement in the U.S. “We’ve worked occasionally with some other private entities for investigative purposes, but we’ve decided just to focus on law enforcement,” he said. “It’s the easiest, most explainable and best use case of our technology.”
…