За словами почесного консула, таке рішення уряд ухвалив через міграційну кризу на кордоні Білорусі з ЄС
…
ukrlines skype чат
популярні новини
Cybersecurity experts say Microsoft’s recent disclosure that alleged Russian hackers successfully attacked several IT service providers this year is a sign that many U.S. IT companies have underinvested in security measures needed to protect themselves and their customers from intrusions.
But a U.S.-based association of IT professionals says the industry’s efforts to combat foreign hacking attacks are hampered by their customers not practicing good cyber habits and by the federal government not doing enough to punish and deter the hackers.
In an October 24 blog post, Microsoft said a Russian nation-state hacking group that it calls Nobelium spent three months attacking companies that resell, customize and manage Microsoft cloud services and other digital technologies for public and private customers. Microsoft said it informed 609 of those companies, known as managed service providers, or MSPs, that they had been attacked 22,868 times by Nobelium from July 1 to October 19 this year.
‘Well-known techniques’
As of its October 24 blog post, Microsoft said it determined that “as many as 14” of the resellers and service providers had been compromised in the Nobelium attacks, which it said involved the use of “well-known techniques, like password spray and phishing, to steal legitimate credentials and gain privileged access.”
Nobelium is the same group that Microsoft said was responsible for last year’s cyberattack on U.S. software company SolarWinds. That attack involved inserting malicious code into SolarWinds’ IT performance monitoring system, Orion, and gave the hackers access to the networks of thousands of U.S. public and private organizations that use Orion to manage their IT resources.
The White House said in April that it believed the perpetrators of the SolarWinds hack were part of the Russian foreign intelligence service, or SVR.
In an October 29 statement published by Russian network RBC TV, Russia’s foreign ministry dismissed as “groundless” Microsoft’s accusation that SVR was behind the recent cyberattacks on IT companies. It also said Microsoft should have shared data on the attacks with the Russian government’s National Coordination Center for Computer Incidents to aid a “professional and effective dialogue to … identify those involved.”
VOA asked Microsoft whether the company had communicated with Moscow regarding the latest hacking incidents, but Microsoft declined to comment.
It also has not disclosed the names or locations of any of the targeted or compromised IT companies.
Charles Weaver, chief executive of the U.S.-based International Association of Cloud and Managed Service Providers, also known as MSPAlliance, told VOA that he had not heard of any of his organization’s members being affected by the latest Nobelium attacks.
MSPAlliance describes itself as the world’s largest industry group for people who manage hardware, software and cloud computing services for customers. It says it has more than 30,000 members worldwide, about two-thirds of them based in North America.
Insufficient attention
The apparently successful cyberattacks on Microsoft-linked IT companies are a sign that U.S. MSPs are not putting enough priority on cybersecurity, said Jake Williams, a chief technology officer at U.S. cybersecurity company BreachQuest and a former U.S. National Security Agency elite hacking team member.
“The profit margins for MSPs are often razor-thin, and in the majority of cases, they compete purely on cost,” Williams told VOA in an interview. “Any work they do that doesn’t directly translate to additional revenue is generally not happening.”
One cybersecurity practice that more MSPs should adopt is the sharing of information with U.S. authorities about hacking incidents, said James Curtis, a cybersecurity program director at Webster University in Missouri, in a conversation with VOA’s Russian Service.
Curtis, a retired U.S. Air Force cyber officer and a former IT industry executive, said MSPs do not like to admit they have been hacked.
“They don’t want to share that their users’ information has been stolen, because it may hurt their bottom line and may hurt their stock prices, and so they try to handle that internally,” he said.
“The MSP community is not perfect,” Weaver said. “Our members face a lot of cyberattacks and their job is to protect their customers against these things. For 21 years, MSPAlliance has strived to promote best practices for our global community, and we will continue to incrementally improve as fast and as often as we can.”
But Weaver said criticism of MSPs for not devoting enough attention to cybersecurity is misplaced.
Customer practices
“MSPs have been urging their customers to make easy and inexpensive fixes such as adopting multifactor authentication to back up their data to the cloud,” Weaver said. “But I personally have witnessed a lot of nonconformity amongst the customers. They have to be the ones that ultimately pay for and allow MSPs to deploy those fixes.”
The Biden administration also has used a variety of tools this year to try to protect U.S. targets from Russian and other foreign hackers. In May, President Joe Biden issued an executive order for U.S. authorities to tighten cybersecurity contractual requirements for IT companies that work with the federal government. The order said the companies should be required to share more information with federal agencies about cyber incidents impacting the IT services provided to those agencies.
In an earlier action in April, the Biden administration sanctioned six Russian technology companies for providing support to what it called malicious cyber activities of Russia’s intelligence services.
Senior U.S. officials also have used diplomacy to try to expand international participation in a Counter-Ransomware Initiative (CRI). A U.S. National Security Council statement issued Wednesday said deputy national security adviser Anne Neuberger briefed representatives of 35 countries Tuesday on the outcome of last month’s first CRI meeting of experts from law enforcement, cybersecurity, financial regulators and foreign affairs ministries.
Chris Morgan, an intelligence analyst at Britain-based cybersecurity company Digital Shadows, told VOA the stronger cybersecurity practices mandated by the U.S. government for federal contractors will not necessarily be voluntarily adopted by IT companies working in the private sector. One such mandated practice is for federal contractors to adopt a “zero-trust” security model, in which users who log in to a network are not automatically trusted to do whatever they like within that network but must instead undergo continual authentication.
Larger government role
“Implementing zero-trust is a real change in the way that your network is managed and comes with significant costs. I think that’s the reason why a lot of companies are quite hesitant to do so,” Morgan said. “I think a lot of people would like the U.S. government to take a more active role in combating cybercrime [through promoting measures like zero-trust].”
Weaver, of MSPAlliance, said applying federal cybersecurity regulations to the entire private sector is not a good idea because different industries, such as banking, health care and energy, have different IT needs.
He also said the U.S. government could effectively curb ransomware attacks by doing more to hold the perpetrators accountable.
“Cyberattacks are a big business, yet the hackers are in countries beyond the reach of our law enforcement,” Weaver said. “So you have a business model that has no disincentive to stop. And all we have are the IT guardians against those attacks. I just don’t think that putting regulations on the guardians is going to solve this.”
…
China now depends almost entirely on its own online content providers, as the number of big foreign companies in the market, such as Yahoo and LinkedIn, keeps dwindling, giving the government a boost in controlling the internet, analysts say.
On Monday the Silicon Valley internet service provider Yahoo closed all of its services in China, following LinkedIn’s pullout announcement in October and earlier blockages of Google content.
In an e-mailed statement, Yahoo cited an “increasingly challenging business and legal environment in China.” Many Yahoo services were largely blocked in China, where the email and search engine provider has operated since 1999.
“My first reaction was, I didn’t know Yahoo was still alive in China,” said Danny Levinson, Beijing-based head of technology at the seed investment firm Matoka Capital.
Domestic services flourish
Chinese netizens seldom use Yahoo or other major Silicon Valley internet services, especially for media and communications, as domestic rivals have flourished over the past two decades. The government can handily monitor local providers for what it considers subversive content by calling in company managers for discipline.
Chinese use China-based WeChat for the bulk of their daily communication, watch TikTok videos instead of YouTube and check China’s Baidu.com rather than Wikipedia. Alibaba, headquartered in Hangzhou, takes care of e-commerce, although foreign rivals can still get into China given their trade’s lack of political sensitivity.
“They had all the ingredients in place,” said Kaiser Kuo, a U.S.-based podcaster who has worked in Chinese tech. “You had a really large, very fast-growing market. There was a need for people to come in with services that were catered to Chinese language users and Chinese tastes. On top of that, it was so cutthroat that foreign internet companies just couldn’t compete very well.”
The roughly 1 billion Chinese who use the internet have spawned an industry with an operating revenue of about $155 billion in the first 11 months of 2019, up 22.4% over the same months of 2018, according to Caixin Globa, a Chinese economic news-focused website.
Chinese mass media have said the country aims to become technologically self-sufficient by 2030 and get around U.S. government bans on doing business with some of its flagship companies.
Chinese netizens contacted this week say they’re unfazed by Yahoo’s withdrawal. Many Chinese have never visited Yahoo’s homepage, one veteran Beijing internet user said.
Laws discourage foreign providers
China has monitored the internet for two decades, by blocking websites and filtering social feeds, to intercept anti-government material. Its latest effort, the Data Security Law, restricts outflows of sensitive data from China and requires internet operators to give their internal data to law enforcement agencies.
Getting around that law can be costly and upset users outside China who oppose censorship, some analysts say.
“If there was a platform that was willing to go into China and completely cede control to the Chinese government and regulators to manage that, I think there would be an opportunity to grow, but so far most companies have chosen not to,” said Zennon Kapron, director of the finance industry research firm Kapronasia.
China previously blocked Facebook, Google and most other global social media sites and search engines as well as flagship Western news websites. Foreign media content providers “haven’t been really there for a long time in force,” said Ma Rui, founder of the San Francisco-based consultancy Tech Buzz China.
Users in China can still access foreign internet content by using a virtual private network, but authorities search out and block overseas-based VPNs that are not authorized for specific companies doing business in China. The “efficacy” of VPNs to stop filtering or blocking of content has declined over the years, Levinson said.
Emailing can still take care of Chinese people’s overseas business matters, Ma said, while foreign companies active in China normally use WeChat. China, however, does not allow end-to-end encrypted e-mail or chats.
“The email gets through, but based on the originating DNS [domain name system], it might get blocked, and it might get filtered. So it’s not a 100 percent panacea, but for normal business communication it’ll be fine,” Levinson said.
China’s constitution affords its citizens freedom of speech and press, but authorities target web content that the government believes will expose state secrets or might endanger the country, according to the Council on Foreign Relations, a research group.
…
Social media behemoth Facebook is facing public and regulatory scrutiny after the disclosure of thousands of pages of internal documents by a whistleblower who used to work for the company.
What are the Facebook papers?
After compiling the documents while working as a Facebook product manager, Frances Haugen distributed them to a group of 17 U.S. news organizations that collaborated on a project to individually publish stories on their findings.
The stories, released on a coordinated day in late October, portray Facebook as pursuing audience growth and profits while ignoring how people were using the platform to spread hate and misinformation.
The documents showed Facebook particularly struggled with monitoring for hate speech, inflammatory rhetoric and misinformation by users posting in certain countries, including some that Facebook had determined were at the most risk for real-world consequences of such abuses.
The failures included both inadequate artificial intelligence systems and not enough human moderators who speak the many languages spoken by Facebook users.
Who else received them?
In addition to providing the documents to journalists, Haugen has also made them available to the U.S. Securities and Exchange Commission and the U.S. Congress. Haugen has also appeared before the Senate Commerce Committee and testified before the British Parliament.
Haugen used her smartphone camera to capture the documents.
Why are they important?
The company has massive global reach. Facebook had 2.74 billion active users as of the end of September, according to company statistics. That is about 1 out of every 3 people on the planet, and the company also operates other popular services such as WhatsApp and Instagram.
How has Facebook responded?
Facebook spokesperson Mavis Jones said in a statement that the company is working to stop abuse on its platform in places where there is a higher risk of conflict, and that it has native speakers to review content in 70 languages.
Founder Mark Zuckerberg spoke during a quarterly earnings conference call Monday and said Facebook is facing “a coordinated effort to selectively use leaked documents to paint a false picture of our company.”
Some information for this report came from the Associated Press, the Agence France-Presse and Reuters.
…
The U.S. government has added four foreign technology companies to its restricted companies list, saying they “developed and supplied spyware to foreign governments” and that the spyware was used “to maliciously target government officials, journalists, businesspeople, activists, academics, and embassy workers.”
The State Department accused the companies of “engaging in activities contrary to the national security or foreign policy interests of the United States.”
The companies are Israel’s NSO Group and Candiru, Russia’s Positive Technologies, and Singapore’s Computer Security Initiative Consultancy PTE. LTD.
These companies will now face severe restrictions in exporting their products to the U.S., and it will make it difficult for U.S. cybersecurity firms to sell them information that could be useful in developing their products.
“This effort is aimed at improving citizens’ digital security, combating cyber threats, and mitigating unlawful surveillance,” the State Department said.
According to Reuters, both NSO Group and Candiru have been accused of selling their products to authoritarian regimes. NSO said it takes actions to prevent the abuse of its products.
Positive Technologies has been in the crosshairs before, having been sanctioned by the Biden administration for allegedly providing assistance to Russian security forces. The company said it has done nothing wrong.
None of the companies commented on their blacklisting.
Some information in this report comes from Reuters.
Read More