Економіка

The recent cyberattack on Colonial Pipeline, the operator of the largest petroleum pipeline in the U.S., shows how internet criminals are increasingly targeting companies and organizations for ransom in what officials and experts term a growing national security threat.These hackers penetrate victims’ computer systems with a form of malware that encrypts the files, then they demand payments to release the data. In 2013, a ransomware attack typically targeted a person’s desktop or laptop, with users paying $100 to $150 in ransom to regain access to their files, according to Michael Daniel, president and CEO of Cyber Threat Alliance.“It was a fairly minimal affair,” said Daniel, who served as cybersecurity coordinator on the National Security Council under U.S. President Barack Obama, at the RSA Cybersecurity Conference this week.In recent years, ransomware has become a big criminal enterprise. Last year, victim organizations in North America and Europe paid an average of more than $312,000 in ransom, up from $115,000 in 2019, according to a recent report by the cybersecurity firm Palo Alto Networks. The highest ransom paid doubled to $10 million last year while the highest ransom demand grew to $30 million, according to Palo Alto Networks.“Those are some very significant amounts of money,” Daniel said. “And it’s not just individuals being targeted but things like school systems.”Last year, some of the largest school districts in the U.S., including Clark County Public Schools in Nevada, Fairfax County Public Schools in Virginia and Baltimore County Public Schools in Maryland, FILE – In this Sept. 12, 2019, photo, County Sheriff Janis Mangum stands in a control room at the county jail in Jefferson, Ga. A ransomware attack in March took down the office’s computer system.Colonial’s payment wasn’t the largest ransom paid by a single organization. Last year, Garmin, the maker of the popular fitness tracker, reportedly FILE – In this Aug. 22, 2019, file photo, signs on a bank of computers tell visitors that the machines are not working at the public library in Wilmer, Texas. Twenty-two local governments in Texas were hit by ransomeware in August 2019.Last month, the U.S. Justice Department created a task force to develop strategies to combat ransomware.“This is something we’re acutely focused on,” Monaco said.In a report to the Biden administration last month, an industry-backed task force called for a more aggressive response to ransomware.“It will take nothing less than our total collective effort to mitigate the ransomware scourge,” the task force wrote.In a typical ransomware attack, hackers lock a user’s or company’s data, offering keys to unlock the files in exchange for a ransom.But over the past year, hackers have adopted a new extortion tactic. Instead of simply encrypting a user’s files for extortion, cyber actors “exfiltrate” data, threatening to leak or destroy it unless a ransom is paid.Using dedicated leak sites, the hackers then release the data slowly in an effort “to increase pressure on the victim organization to pay the extortion, rather than posting all of the exfiltrated data at once.”In March, cybercriminals used this method when they encrypted a large Florida public school district’s servers and stole more than 1 terabyte of sensitive data, demanding $40 million in return.“If this data is published you will be subject to huge court and government fines,” the Conti cybercrime gang warned a Broward County Public Schools official.The district refused to pay.Cybersecurity experts have a term for this tactic: double extortion. The method gained popularity during the COVID-19 pandemic as cyber criminals used it to extort hospitals and other critical service providers.“They’re looking to increase the cost to the victim,” Meyers said at the RSA conference.Recent attacks show cyber criminals are upping their game. In October, hackers struck Finnish psychotherapy service Vastaamo, stealing the data of 400 employees and about 40,000 patients. The hackers not only demanded a ransom from Vastaamo but also smaller payments from individual patients.This was the first notable case of a disturbing new trend in ransomware attacks, according to researchers at Check Point.“It seems that even when riding the wave of success, threat groups are in constant quest for more innovative and more fruitful business models,” the researchers wrote.
…

Apple’s online marketplace would become a “toxic” mess if the iPhone maker were forced to allow third-party apps without reviewing them, chief executive Tim Cook said in testimony at a high-stakes trial challenging the company’s tight control of its platform.Cook, the last scheduled witness in the case brought by Fortnite maker Epic Games, delivered a strong defense of Apple’s procedures for reviewing and approving all the apps it offers for iPhone and iPad users.”We could no longer make the promise … of privacy, safety and security,” Cook said under questioning from Apple attorney Veronica Moye in federal court in California.Cook said Apple’s review process helps keep out malicious software and other problematic apps, helping create a safe place for consumers.Without this review, the online marketplace “would become a toxic kind of mess,” he said.”It would also be terrible for the developer, because the developer depends on the store being a safe and trusted place.”Cook’s testimony caps a high-profile trial which opened earlier this month in which Apple is accused of abusing a monopoly on its marketplace by creating a “walled garden” that squeezes app makers.’Not about money’Under cross-examination, Cook sparred with Epic lawyer Gary Bornstein about the profitability of the App Store.Cook disputed Epic’s contention that its profit margin on apps was some 80%, but the exact figure was not disclosed in court due to confidentiality.The Apple executive said the proprietary payments system challenged by Epic was about convenience for consumers, more than about profits.”We always put the user at the center of everything we do,” Cook said. “It has nothing to do with money.”During his testimony, Cook defended Apple’s policy of barring apps directing consumers to other platforms to purchase subscriptions or credits for games and other services.”It would be akin to Best Buy advertising that you can go across the street to the Apple Store to buy an iPhone,” he said.Epic, maker of the popular Fortnite video game, is seeking to force Apple to open up the marketplace to third parties seeking to circumvent Apple’s procedures and commissions of up to 30%.Apple booted Fortnite from its App Store last year after Epic dodged revenue sharing with the iPhone maker.Apple does not allow users of its popular devices to download apps from anywhere but its App Store, and developers have to use Apple’s payment system, which takes its cut.The Epic lawyer also questioned Cook about Apple’s arrangement with Google to be the default search engine for the iPhone maker’s Safari browser, another area scrutinized by antitrust officials.Cook acknowledged that Google pays for this position but added that Apple made the arrangement “in the best interest of the user.”The case before District Court Judge Yvonne Gonzalez Rogers in Oakland comes with Apple feeling pressure from a wide range of app makers over its control of the App Store, which critics say represents monopolistic behavior.The European Union has formally accused Apple of unfairly squeezing out music streaming rivals based on a complaint brought by Sweden-based Spotify and others, which claim the California group sets rules that favor its own Apple Music.A recently formed Coalition for App Fairness, which includes both Spotify and Epic, have called for Apple to open up its marketplace, claiming its commission is a “tax” on rivals.Closing arguments in the bench trial in California were expected early next week, with the judge expected to rule within several weeks.
…

South Korea requested from the United States incentives such as tax deductions and infrastructure construction to ease the U.S. investment of Korean firms, including leading chipmaker Samsung Electronics, its presidential office said Friday.South Korean President Moon Jae-in, in Washington for a summit with U.S. President Joe Biden, told a gathering of U.S. Secretary of Commerce Gina Raimondo, her South Korean counterpart and CEOs of Qualcomm, Samsung and other companies that both countries can benefit by strengthening supply chain cooperation.Biden has advocated for support for the U.S. chip industry amid a global chip shortage that has hit automakers and other industries.He met with executives from major companies including Samsung in April and previously announced plans to invest $50 billion in semiconductor manufacturing and research.Samsung plans to invest $17 billion for a new plant for chip contract manufacturing in the United States, South Korea’s presidential Blue House added in a statement, confirming plans previously reported.In February, documents filed with Texas state officials showed that Samsung is considering Austin, Texas, as one of the sites for a new $17 billion chip plant that the South Korean firm said could create 1,800 jobs.There has been no new public documentation filed on the potential Texas chip plant application since March, the website for the Texas Comptroller of Public Accounts showed Friday.The U.S. Department of Commerce and the Korean industry ministry agreed Friday that for continuous chip industry cooperation, policy measures such as incentive support, joint research and development, cooperation on setting standards, and manpower training and exchange are needed, the Blue House said.Meanwhile, DuPont announced plans to establish an R&D center in South Korea to develop original chip technologies such as photoresist for extreme ultraviolet (EUV) lithography, the Blue House said.
…

The hackers who carried out the massive SolarWinds intrusion were in the software company’s system as early as January 2019, months earlier than previously known, the company’s top official said Wednesday. SolarWinds had previously traced the origins of the hack to the fall of 2019 but now believes that hackers were doing “very early recon activities” as far back as the prior January, according to Sudhakar Ramakrishna, the company’s president and CEO. “The tradecraft that the attackers used was extremely well done and extremely sophisticated, where they did everything possible to hide in plain sight, so to speak,” Ramakrishna said during a discussion hosted by the RSA Conference. The SolarWinds hack, which was first reported last December and which U.S. officials have linked to the Russian government, is one in a series of major breaches that has prompted a major cybersecurity focus from the Biden administration. By seeding the company’s widely used software update with malicious code, hackers were able to penetrate the networks of multiple U.S. government agencies and private sector corporations in an apparent act of cyber-espionage. The U.S. imposed sanctions against Russia last month. Also Wednesday, Ramakrishna apologized for the way the company blamed an intern earlier this year during congressional testimony for poor password security protocols. That public statement, he said, was “not appropriate.” “I have long held a belief system and an attitude that you never flog failure. You want your employees, including interns, to make mistakes and learn from those mistakes and together we become better,” he added. “Obviously you don’t want to make the same mistake over and over again. You want to improve.” 
…