Економіка

The U.S. has sanctioned seven Chinese officials for their participation in China’s clampdown on democracy in Hong Kong.

The officials were targeted under the 2020 Hong Kong Autonomy Act, which “imposes sanctions on foreign individuals and entities that materially contribute to China’s failure to preserve Hong Kong’s autonomy.” The sanctions provide for asset freezes and other penalties.

Those sanctioned are with China’s Hong Kong liaison office, which represents the Beijing government’s interests in Hong Kong.

Shortly before the sanctions were announced, Chinese foreign ministry spokesperson Zhao Lijian said at a regular news conference in Beijing that “China will respond firmly and forcefully to the measures taken by the United States.”

Separately Friday, the U.S. issued an advisory that warned U.S. companies about the legal perils and reputational risks if they conduct business in Hong Kong amid a shifting legal landscape in the former British colony.

President Joe Biden told reporters at the White House Thursday after reviewing the advisory that Hong Kong’s business environment is “deteriorating” and could get worse.

The seven individuals whom the U.S. Treasury Department added its list of “specially designated nationals” are Chen Dong, He Jing, Lu Xinning, Qiu Hong, Tan Tienui, Yang Jianping, and Yin Zonghua. They are all deputy directors at the liaison office, according to online biographies.

This report includes information from Reuters and Associated Press.
…

A Chinese gene company is collecting genetic data through prenatal tests from women in more than 50 countries for research on the traits of populations, raising concern that such a large DNA database could give China a technological advantage and the strategic edge to dominate global pharmaceuticals, according to a recent news report.

Analysts expressed unease with the developments exclusively reported by Reuters at BGI Group, the Chinese gene company, which is collecting genetic data via its NiPT prenatal test with the brand name NIFTY (Non-Invasive Fetal TrisomY).

The tests, sold in more than 50 countries, can detect abnormalities such as Down syndrome in the fetus by capturing DNA from the placenta in the bloodstream about 10 weeks into a pregnancy.

The tests are sold in 52 countries, including Germany, Spain and Denmark, as well as in Britain, Canada, Australia, Thailand, India and Pakistan, according to Reuters. They are not sold in the United States, where “government advisers warned in March that the genomic data BGI is amassing and analyzing with artificial intelligence could give China a path to economic and military advantage,” Reuters reported. 

Collecting the biggest and most diverse set of human genomes could propel China to dominate global pharmaceuticals, and also potentially lead to genetically enhanced soldiers, or engineered pathogens to target the U.S. population or food supply, the U.S. advisers said, according to Reuters.

Reggie Littlejohn, founder and president of the rights group Women’s Rights Without Frontiers, said that due to China’s strategy of fusing military and civilian interests, “any Chinese company can be forced by the government to supply its information to the military.”

China sells the prenatal tests “a good product at a lower cost because they’re able to do that,” Littlejohn said. “But what people don’t realize is that when they get these lower cost genetic tests,” the collected information goes to the Chinese military,” she told VOA via a video interview using Microsoft Teams.

The Reuters report said the company has “worked with the Chinese military to improve ‘population quality’ and on genetic research to combat hearing loss and altitude sickness in soldiers.”

China’s Ministry of Foreign Affairs dismissed the report, telling Reuters it was “a groundless accusation and smear campaign.”

Dan Harris, an international lawyer and author at the China Law Blog, told VOA Mandarin that he believes democratic entities, such as the United States, Japan, Korea, Australia and the European Union, are going to realize they “need to enact special laws to deal with China and China’s hoovering of data.”

Crystal Grant, a data scientist and molecular biologist with a Ph.D. in genetics who is a technology fellow in the Speech, Privacy and Technology Project at the American Civil Liberties Union, told VOA Mandarin via Teams video interview that this accumulation of DNA will challenge genomic policy worldwide.

By using what she described as “this massive amount of information” and supercomputers “to crack those codes is going to be a threat to genomic policy everywhere,” she told VOA in a video interview.

Huang Yanzhong, a senior fellow for global health at the Council of Foreign Relations, told VOA Mandarin in a TV interview in February that rapid advances in genetics and biotechnology have highlighted the need for the international community to step up regulations to prevent data abuse.

“It is not just China. The progress in the legal framework in this area is lagging behind,” Huang said. “It’s vital for the international community to sit down and work out a framework.”

Genetic engineering

Yet researchers worldwide in the academic, private and government sectors, are refining genetic engineering techniques and knowledge.

China’s interest in the field is not new. In 2018, researcher He Jiankui announced that he had produced twins genetically altered to resist HIV using a relatively new, accurate and very fast American-developed genetic editing technique known by its acronym, CRISPR.

In 2019, a Chinese court found He guilty of using “illegal medical practices” and sentenced He to three years in prison.

Prenatal privacy

Reuters found no evidence BGI violated patient privacy agreements or regulations. “However, the privacy policy on the NIFTY test’s website says data collected can be shared when it is ‘directly relevant to national security or national defense security’ in China,” the report stated.

BGI dismissed the Reuters report, saying that the company’s research has met national and international requirements.

“All NIPT data collected overseas are stored in BGI’s laboratory in Hong Kong and are destroyed after five years, as stipulated by General Data Protection Regulation (GDPR),” the company said in a statement released on July 9.

BGI emphasized that it developed the NIPT test alone, not in a partnership with China’s military.

Reuters interviewed four women who have used the BGI’s prenatal tests in Poland, Spain and Thailand. They all signed consent forms stating that their genetic data would be stored and used for research, yet they are not aware that their genetic information could end up in China.

Harris, the lawyer, told VOA that most of the time, people didn’t know what they were signing.

“Maybe the sign off says that it will be limited to BGI and BGI access, though XYZ, a Chinese military company, might be one of BGI’s subsidiaries,” which would mean that the consent form allowed BGI to transfer a woman’s genetic information to the Chinese military, he told VOA via Microsoft Teams.

One of the women, a 32-year-old office administrator from Poland, told Reuters that she would have chosen a different test had she known that her data might end up in China being used for research involving military applications.

U.S. federal authorities have been watching BGI’s record on data collection. Bill Evanina, former director of the United States National Counterintelligence and Security Center, told the CBS-TV newsmagazine 60 Minutes in January that he was extremely concerned when BGI offered to provide COVID-19 testing kits to several U.S. states last year.

“Knowing that BGI is a Chinese company, do we understand where that data’s going?” Evanina asked. They are the ultimate company that shows connectivity to both the communist state as well as the military apparatus.”

Edward You, supervisory special agent with the FBI and a former biochemist, told 60 Minutes in the same January episode that Beijing authorities are betting that accumulating large amounts of human DNA will prove to be a successful strategy.

“They are building out a huge domestic database,” You said. “And if they are now able to supplement that with data from all around the world, it’s all about who gets the largest, most diverse data set. And so, the ticking time bomb is that once they’re able to achieve true artificial intelligence, then they’re off to the races in what they can do with that data.”  
…

Australian cybersecurity experts are calling for more aggressive government action to protect businesses from ransomware attacks. Experts have warned a “tsunami of cybercrime” has cost the global economy about $743 billion.

Big companies can be attractive targets for cybercriminals who can extort millions of dollars after stealing sensitive commercial information.

The Cybersecurity Cooperative Research Centre is a collaboration between industry representatives, the Australian government and academics.

Its chief executive, Rachael Falk, believes Australia is an easy target for hackers because cyber defenses can be weak.

“More often than not, it is by sending an email where an employee clicks on a link,” she said. “They get into that organization, they have a good look around and they work out what is valuable data here that we can encrypt, which means we lock it up and we will take a copy of it. And then we will encrypt all the valuable data in that organization and then we will hold them to ransom for money. So, it is a business model for criminals that earns them money.”

The consequences for businesses can be extreme. They can lose valuable data, or have it leaked or sold by cyberthieves. In some cases, hackers can disable an organization’s entire operation. In March, a cyberattack disrupted broadcasts by Channel Nine, one of Australia’s most popular commercial television news networks. It sought help from the Australian Signals Directorate, a government intelligence agency.

Researchers want the government to require Australian companies to tell authorities when they are being targeted.

They also want clarity on whether paying ransoms is legal. Experts have said Australian law does not make it clear whether giving money to hackers is a criminal offense.

There is also a call for the government to use tax incentives to encourage Australian businesses to invest in cybersecurity.

Last year, federal government agencies said China had been responsible for a series of cyberattacks on Australian institutions, including hospitals and state-owned companies. 
…

Iran appears to be intensifying its effort to exploit U.S. and Western targets in cyberspace, running a campaign aimed at manipulating American military personnel and defense companies on social media.

Tehran’s latest campaign, orchestrated on Facebook by a group known as Tortoiseshell, used a series of sophisticated, fake online personas to make contact with U.S. servicemembers and employees of major defense companies in order to infect their computers with malware and extract information.

“This activity had the hallmarks of a well-resourced and persistent operation, while relying on relatively strong operational security measures to hide who’s behind it,” Facebook said Thursday in a blog post, calling it part of a “much broader cross-platform cyber espionage operation.”

Personas used

Employees of defense companies in the U.K. and other European countries were also targeted.

“These accounts often posed as recruiters and employees of defense and aerospace companies from the countries their targets were in,” Facebook said. “Other personas claimed to work in hospitality, medicine, journalism, NGOs and airlines.”

And the hackers were in no hurry.

“Our investigation found that this group invested significant time into their social engineering efforts across the internet, in some cases engaging with their targets for months,” Facebook said. “They leveraged various collaboration and messaging platforms to move conversations off-platform and send malware to their targets.”

Facebook said it has notified users who appeared to have been targeted, took down the fake accounts and blocked the malicious domains from being shared.

The social media company said it was able to trace the activity to Iran, in part because of the distinctive malware, known to have been developed by Mahak Rayan Afraz, a Tehran-based company with links to Iran’s Islamic Revolutionary Guard Corps.

Mandiant Threat Intelligence, a private cybersecurity company, said Thursday that it agreed with Facebook’s assessment that Iran, and the IRGC in particular, was behind the campaign.

Tortoiseshell “has historically targeted people and organizations affiliated with the U.S. military and information technology providers in the Middle East since at least 2018,” Mandiant Senior Principal Analyst Sarah Jones said in an email.

Jones also said it was noteworthy that some of the fake domains associated with the Iranian campaign used the name of former U.S. President Donald Trump, including, “trumphotel[.]net”, “trumporganization[.]world”, and “trumporganizations[.]com”.

“Domains such as these could suggest social engineering associated with U.S. political topics,” Jones said. “We have no evidence that these domains were operationalized or used to target anyone affiliated with the Trump family or properties.”

Facebook, which discovered the hacking campaign, did not comment on whether Iran managed to steal any critical or sensitive data.

U.S. military officials also declined to speak about what, if anything, the Iranian hackers were able to steal.

“For operational security purposes, U.S. Cyber Command does not discuss operations, intelligence and cyber planning,” a spokesperson told VOA.

“The threats posed by social media interactions are not unique to any particular social media platform and Department of Defense personnel must be cautious when engaging online,” the spokesperson added.

‘Significant threat’

U.S. intelligence officials have been increasingly concerned about Iran’s growing capabilities and aggressiveness in cyberspace.

In its annual Worldwide Threat Assessment, published in April, the Office of the Director of National Intelligence called Tehran “a significant threat to the security of U.S. and allied networks and data.”

“We expect Tehran to focus on online covert influence, such as spreading disinformation about fake threats or compromised election infrastructure and recirculating anti-U.S. content,” the report said.

The U.S. intelligence community, earlier this year, also accused Iran of meddling in the 2020 U.S. presidential election, carrying out a “multi-pronged covert influence campaign intended to undercut former President Trump’s reelection prospects.”

U.S. officials said part of that effort involved hacking voter registration systems in at least one U.S. state and using the information to send prospective voters threatening emails.

More recently, the cybersecurity firm Proofpoint said a separate Iranian hacker collective with ties to the IRGC, known as TA453 and Charming Kitten, posed as British university professors to steal information and research from think tanks and academics.
…

The U.S. government said Thursday it will begin offering up to $10 million for information to identify or locate malicious cyber actors working on behalf of a foreign government that are trying to cripple the internet operations of American businesses and infrastructure.The new reward was announced as the U.S. faces a growing threat from ransomware attacks – the demand from foreign entities that U.S. corporations and institutions pay millions of dollars to unlock critical technology systems that hackers have seized. The attacks have usually originated overseas, frequently from Russia, according to U.S. officials.Already this year, one of the largest pipeline operators in the U.S., a major meat processing company and, most recently, hundreds of small businesses have been hit by ransomware, forcing companies to pay millions of dollars to restore their operations or risk losing vital data.The U.S. says that about $350 million in ransom was paid to malicious cyber actors in 2020, a more than 300% increase from the year before.The U.S. State Department said it has created a new Tor-based channel to let potential sources anonymously report tips on malicious activity.At the same time, the departments of Justice and Homeland Security created a new website, stopransomware.gov, with information for organizations to learn how to protect themselves and respond to attacks.Homeland Security Secretary Alejandro Mayorkas told CNN it is a “one-stop shop” for information on “how one can prevent oneself from becoming a victim of ransomware, and should one become a victim, how one can work with the federal government in partnership to address the situation.”“Of course, we advise they not pay that ransom,” he said.  In a statement, Attorney General Merrick Garland said the government alone cannot prevent the ransomware attacks.“It is critical for business leaders across industries to recognize the threat, prioritize efforts to harden their systems and work with law enforcement by reporting these attacks promptly,” Garland said.
…

The State Department will offer rewards up to $10 million for information leading to the identification of anyone engaged in foreign state-sanctioned malicious cyber activity against critical U.S. infrastructure — including ransomware attacks — and the White House has launched a task force to coordinate efforts to stem the ransomware scourge.The Biden administration is also launching the website stopransomware.gov to offer the public resources for countering the threat and building more resilience into networks, a senior administration official told reporters.Another measure being announced Thursday to combat the ransomware onslaught is from the Financial Crimes Enforcement Network at the Treasury Department. It will engage banks, technology firms and others on better anti-money-laundering efforts for cryptocurrency and more rapid tracing of ransomware proceeds, which are paid in virtual currency.  Officials are hoping to seize more extortion payments in ransomware cases, as the FBI did in recouping most of the $4.4 million ransom paid by Colonial Pipeline in May.The rewards are being offered under the State Department’s Rewards for Justice program. It will offer a tips-reporting mechanism on the dark web to protect sources who might identify cyber attackers and/or their locations, and reward payments may include cryptocurrency, the agency said in a statement.  The administration official would not comment on whether the U.S. government had a hand in Tuesday’s online disappearance of REvil, the Russian-linked gang responsible for a July 2 supply chain ransomware attack that crippled well over 1,000 organizations globally by targeting Florida-based software provider Kaseya. Ransomware scrambles entire networks of data, which criminals unlock when they get paid.Cybersecurity experts say REvil may have decided to drop out of sight and rebrand under a new name, as it and several other ransomware gangs have done in the past to try to throw off law enforcement.Another possibility is that Russian President Vladimir Putin actually heeded President Joe Biden’s warning of repercussions if he didn’t rein in ransomware criminals, who enjoy safe harbor in Russia and allied states.That seemed improbable, however, given Kremlin spokesman Dmitry Peskov’s statement to reporters Wednesday that he was unaware of REvil sites disappearing.”I don’t know which group disappeared where,” he said. He said the Kremlin deems cybercrimes “unacceptable” and meriting of punishment, but analysts say they have seen no evidence of a crackdown by Putin.
 
…

It began in February with a tweet by pop star Rihanna that sparked widespread condemnation of Indian Prime Minister Narendra Modi’s handling of massive farmer protests near the capital, souring an already troubled relationship between the government and Twitter.Moving to contain the backlash, officials hit Twitter with multiple injunctions to block hundreds of tweets critical of the government. Twitter complied with some and resisted others.Relations between Twitter and Modi’s government have gone downhill ever since.At the heart of the standoff is a sweeping internet law that puts digital platforms like Twitter and Facebook under direct government oversight. Officials say the rules are needed to quell misinformation and hate speech and to give users more power to flag objectionable content.Critics of the law worry it may lead to outright censorship in a country where digital freedoms have been shrinking since Modi took office in 2014.Police have raided Twitter’s offices and have accused its India chief, Manish Maheshwari, of spreading “communal hatred” and “hurting the sentiments of Indians.” Last week, Maheshwari refused to submit to questioning unless police promised not to arrest him.On Wednesday, the company FILE – In this Feb. 25, 2021, photo, India’s Information Technology Minister Ravi Shankar Prasad, left, and Information and Broadcasting Minister Prakash Javadekar new regulations for social media companies and digital streaming websites.Tech companies also must assign staff to answer complaints from users, respond to government requests and ensure overall compliance with the rules.Twitter missed a three-month deadline in May, drawing a strong rebuke from the Delhi High Court. Last week, after months of haggling with the government, it appointed all three officers as required.“Twitter continues to make every effort to comply with the new IT Rules 2021. We have kept the Government of India apprised of the progress at every step of the process,” the company said in a statement to the Associated Press.Apar Gupta, executive director of the Internet Freedom Foundation, says he worries the rules will lead to numerous cases against internet platforms and deter people from using them freely, leading to self-censorship. Many other critics say Modi’s Hindu nationalist government is imposing what they call a climate of “digital authoritarianism.”“If it becomes easier for user content to be taken down, it will amount to the chilling of speech online,” Gupta said.The government insists the rules will benefit and empower Indians.“Social media users can criticize Narendra Modi, they can criticize government policy, and ask questions. I must put it on the record straight away . . . But a private company sitting in America should refrain from lecturing us on democracy” when it denies its users the right to redress, the ex-IT minister, Ravi Shankar Prasad, told the newspaper The Hindu last month.FILE – India’s Prime Minister Narendra Modi.Despite the antagonisms between Modi and Twitter, he has been an enthusiastic user of the platform in building popular support for his Bharatiya Janata Party. His government has also worked closely with the social media giant to allow Indians to use Twitter to seek help from government ministries, particularly during health emergencies. Bharatiya Janata Party’s social media team has meanwhile been accused of initiating online attacks against critics of Modi.Still, earlier internet restrictions had already prompted the Washington-based Freedom House to list India, the world’s most populous democracy, as “partly free” instead of “free” in its annual analysis.The law announced in February requires tech companies to aid police investigations and help identify people who post “mischievous information.” That means messages must be traceable, and experts say this it could mean end-to-end encryption would not be allowed in India.Facebook’s WhatsApp, which has more than 500 million users in India, has sued the government, saying breaking encryption, which continues for now, would “severely undermine the privacy of billions of people who communicate digitally.”Officials say they only want to trace messages that incite violence or threatening national security. WhatsApp says it can’t selectively do that.“It is like you are renting out an apartment to someone but want to look into it whenever you want. Who would want to live in a house like that?” said Khursheed of Laminar Global.The backlash over online freedom of expression, privacy and security concerns comes amid a global push for more data transparency and localization, said Kolla, the tech expert.Germany requires social media companies to devote local staff and data storage to curbing hate speech. Countries like Vietnam and Pakistan are drafting legislation similar to India’s. In Turkey, social media companies complied with a broad mandate for removing content only after they were fined and faced threats to their ad revenues.Instead of leaving, some companies are fighting the new rules in the courts, where at least 13 legal challenges have been filed by news publishers, media associations and individuals. But such cases can stretch for months or even years.Mishi Choudhary, a technology lawyer and founder of India’s Software Freedom Law Center, says that under the rules, social media platforms might lose their safe harbor protection, which shields them from legal liability over user-generated content. Courts have to decide that on a case-by-case basis, she said. And their legal costs would inevitably soar.“You know how it is in India. The process is the punishment,” Choudhary said. “And until we get to a place where the courts will actually come and tell us what the legal position is and determine those legal positions, it is open season for tech backlash.” 
…

British Prime Minister Boris Johnson vowed Wednesday to enact measures to protect British professional soccer players from online abuse. Punishment for someone found guilty of such abuse could include banishment from games. The move comes after online abuse, some of it racist, was directed at three Black players for the English national team who missed their penalty shots in the Euro 2020 final shootout on Sunday, leading to an Italian win. According to the Guardian newspaper, an analysis of 585,000 social media posts directed at the English team during the entire Euro 2020 tournament found that 44 messages were explicitly racist. More than 2,000 were “abusive.” “I do think that racism is a problem in the United Kingdom, and I believe it needs to be tackled. And it needs to be stamped out with some of the means that I’ve described this morning,” Johnson told Parliament as he announced his plan. “I repeat that I utterly condemn and abhor the racist outpourings that we saw on Sunday night. And so, what we’re doing today is taking practical steps to ensure that the football banning order regime is changed, so that if you are guilty of racist abuse online of footballers, then you will not be going to the match — no ifs, no buts, no exemptions and no excuses,” he added. But it’s unclear how much of the online abuse actually comes from the U.K. The Daily Mail reported that the Premier League, the top division of professional soccer in England, found that roughly 70% of online abuse directed at British professional soccer players comes from outside the U.K. According to Yahoo News, the Greater Manchester Police said they had arrested a man Wednesday for social media posts directed at players for England’s national team. Johnson added that in addition to going after internet trolls, his government would potentially fine social media companies if they failed to quickly remove offensive content. “Last night, I met representatives of Facebook, of Twitter, of TikTok, of Snapchat, of Instagram, and I made it absolutely clear to them that we will legislate to address this problem in the Online Harms Bill. And unless they get hate and racism off their platforms, they will face fines amounting to 10% of their global revenues,” Johnson said. Some information in this report comes from Reuters. 
 
…