Економіка

Videos of kids having fun are among the most popular on YouTube. They are also a fast-growing business, one that critics say comes with little regulation and oversight to protect children on either side of the screen. Michelle Quinn reports.
Producer: Michelle Quinn
…

For at least the third time since the beginning of this year, the U.S. government is investigating a hack against federal agencies that began during the Trump administration but was only recently discovered, according to senior U.S. officials and private sector cyber defenders.  It is the latest supply chain cyberattack, highlighting how sophisticated, often government-backed groups are targeting vulnerable software built by third parties as a steppingstone to sensitive government and corporate computer networks.  The new government breaches involve a popular virtual private network (VPN) known as Pulse Connect Secure, which hackers were able to break into as customers used it.  More than a dozen federal agencies run Pulse Connect Secure on their networks, according to public contract records. An emergency cybersecurity directive last week demanded that agencies scan their systems for related compromises and report back.  The results, collected Friday and analyzed this week, show evidence of potential breaches in at least five federal civilian agencies, said Matt Hartman, a senior official with the U.S. Cybersecurity Infrastructure Security Agency.  “This is a combination of traditional espionage with some element of economic theft,” said one cybersecurity consultant familiar with the matter. “We’ve already confirmed data exfiltration across numerous environments.”  The Ivanti logo and cyber binary codes are seen in this illustration taken April 20, 2021.The maker of Pulse Connect Secure, Utah-based software company Ivanti, said it expected to provide a patch to fix the problem by this coming Monday, two weeks after it was first publicized. Only a “very limited number of customer systems” had been penetrated, it added.  Over the last two months, CISA and the FBI have been working with Pulse Connect Secure’s maker and victims of the hack to kick out the intruders and uncover other evidence, said another senior U.S. official who declined to be named but is responding to the hacks. The FBI, Justice Department and National Security Agency declined to comment.  The U.S. government’s investigation into the Pulse Connect Secure activity is still in its early stages, said the senior U.S. official, who added the scope, impact and attribution remain unclear.  Security researchers at U.S. cybersecurity firm FireEye and another firm, which declined to be named, say they’ve watched multiple hacking groups, including an elite team they associate with China, exploiting the new flaw and several others like it since 2019.  FILE – Security firm FireEye’s logo is seen outside the company’s offices in Milpitas, California.In a statement last week, Chinese Embassy spokesperson Liu Pengyu said China “firmly opposes and cracks down on all forms of cyberattacks,” describing FireEye’s allegations as “irresponsible and ill-intentioned.”  The use of VPNs, which create encrypted tunnels for connecting remotely to corporate networks, has skyrocketed during the COVID-19 pandemic. Yet with the growth in VPN usage so too has the associated risk.  “This is another example in a recent pattern of cyber actors targeting vulnerabilities in widely used VPN products as our nation largely remains in remote and hybrid work postures,” Hartman said.  Three cybersecurity consultants involved in responding to the hacks told Reuters that the victim list is weighted toward the United States and so far includes defense contractors, civilian government agencies, solar energy companies, telecommunications firms and financial institutions.  The consultants also said they were aware of fewer than 100 combined victims so far between them, suggesting a fairly narrow focus by the hackers.  Analysts believe the malicious operation began around 2019 and exploited older flaws in Pulse Connect Secure and separate products made by cybersecurity firm Fortinet before invoking the new vulnerabilities.  Hartman said the civilian agency hacks date to at least June 2020.  Hacking the supplyA recent report by the Atlantic Council, a Washington think tank, studied 102 supply chain hacking incidents and found they surged the last three years. Thirty of the attacks came from government-backed groups, primarily in Russia and China, the report said.  The Pulse Connect Secure response comes as the government is still grappling with the fallout of three other cyberattacks.  FILE – The SolarWinds logo is seen outside its headquarters in Austin, Texas, Dec. 18, 2020.The first is known as the SolarWinds hack, in which suspected Russian government hackers commandeered the company’s network management program to burrow inside nine federal agencies.  A weakness in Microsoft’s email server software, named Exchange, exploited by a different group of Chinese hackers, also required a massive response effort, although there was ultimately no impact to federal networks, according to U.S. officials.  Then a weakness at a maker of programming tools called Codecov left thousands of customers exposed inside their coding environments, the company disclosed this month.  Some government agencies were among the customers whose credentials were taken by the Codecov hackers for further access to code repositories or other data, according to a person briefed on the investigation. Codecov, the FBI and the Department of Homeland Security declined to comment on that case.  The U.S. plans to address some of these systemic issues with an upcoming executive order that will require agencies to identify their most critical software and promote a “bill of materials” that demands a certain level of digital security across products sold to the government.  “We think [this is] the most impactful way to really impose costs on these adversaries and make it that much harder,” said the senior U.S. official. 
…

The decision by global media giants to comply with demands by the Turkish government to open offices in Turkey is prompting concerns about media freedoms. Press freedom advocates say because the companies will now be subject to Turkish laws, that could mean Turkey’s people will no longer have a venue to freely express their views. For VOA, Dorian Jones reports from Istanbul. 
…

An FBI operation that gave law enforcement remote access to hundreds of computers to counter a massive hack of Microsoft Exchange email server software is a tool that is likely to be deployed “judiciously” in the future as the Justice Department, aware of privacy concerns, develops a framework for its use, a top national security official said Wednesday.The department this month announced that it had obtained a warrant from a federal judge in Texas to remove web shells, or malicious code that gives hackers a foothold into networks, from hundreds of vulnerable computers affected by a hack that Microsoft has blamed on a group operating from China.The FBI operation was designed to disrupt the effects of a hack that affected many thousands of servers running the Microsoft Exchange email program. Many victims took steps on their own to safeguard their systems, but for those that who did not, the Justice Department stepped in to do it for them with a judge’s approval.It was the virtual equivalent of police going around the neighborhood locking doors that criminals had opened remotely.”We have a decision to make, which is are we going to go ahead and do that action ourselves or are we just going to leave that malware there, sort of unremediated,” said Assistant Attorney General John Demers, speaking at a virtual discussion hosted by the Project for Media & National Security at George Washington University.He said the operation was one of the very first of its kind and was the subject of extensive discussion by the FBI and the Justice Department. The department is figuring out how it plans to use that capability in the future.”We don’t yet have sort of worked out what our criteria are going to be going forward,” Demers said. “Now that we’ve had this experience, that’s the kind of discussion we’re having internally now.”This is not a tool of first resort that we’re going to be using a couple times a week as different intrusions come up,” he added. “This does require working with the private sector on the right solution. It does require testing to be sure that you’re not going to otherwise disrupt someone’s computer system.”Such operations will be done judiciously in the future, he said.Demers acknowledged concerns from some privacy advocates that the government, without permission of the computer system operators, had gained remote access and removed the web shells.But he pointed out that the department did obtain a judge’s permission and said the government felt compelled to act because, after a period of several weeks, there were still unremediated web shells that continued to serve as access point for “hackers of all stripes.””And so the choice that the government had was just continue to leave those open or take the court-authorized action that we did, and ultimately we decided to move ahead,” Demers said. “But to the extent possible before then, we had been notifying every victim that we could identify of the intrusion.”
…

America’s reengagement with various international organizations coincides with a weird new era: that of virtual diplomacy. Since the coronavirus pandemic made travel unsafe, world leaders have taken their diplomacy digital, opening up new possibilities for engagement — but also, new concerns about fairness and transparency, and the occasional awkward moment. VOA’s Anita Powell follows this story — virtually, of course — and reports from Johannesburg.Camera: Zaheer Cassim/Nike Ching (cellphone video)   
Producer: Jon Spier 
…

American astronaut Michael Collins, who stayed behind in the command module of Apollo 11 on July 20, 1969, while Neil Armstrong and Buzz Aldrin traveled to the lunar surface to become the first humans to walk on the moon, died on Wednesday at age 90, his family said.
A statement released by his family said Collins died of cancer.
Often described as the “forgotten” third astronaut on the historic mission, Collins remained alone for more than 21 hours until his two colleagues returned in the lunar module. He lost contact with mission control in Houston each time the spacecraft circled the dark side of the moon.
“Not since Adam has any human known such solitude as Mike Collins,” the mission log said, referring to the biblical figure.
Collins wrote an account of his experiences in his 1974 autobiography, “Carrying the Fire,” but largely shunned publicity.
“I know that I would be a liar or a fool if I said that I have the best of the three Apollo 11 seats, but I can say with truth and equanimity that I am perfectly satisfied with the one I have,” Collins said in comments released by NASA in 2009.
Collins was born in Rome on Oct. 31, 1930 – the same year as both Armstrong and Aldrin. He was the son of a U.S. Army major general and, like his father, attended the U.S. Military Academy at West Point, New York, graduating in 1952.
Like many of the first generation of American astronauts, Collins started out as an Air Force test pilot.
In 1963, he was chosen by NASA for its astronaut program, still in its early days but ramping up quickly at the height of the Cold War as the United States sought to push ahead of the Soviet Union and fulfill President John F. Kennedy’s pledge of landing a man on the moon by the end of the decade.
Collins’ first voyage into space came in July 1966 as pilot on Gemini X, part of the missions that prepared NASA’s Apollo program. The Gemini X mission carried out a successful docking with a separate target vehicle.
His second, and final, spaceflight was the historic Apollo 11.
He avoided much of the media fanfare that greeted the astronauts on their return to Earth, and was later often critical of the cult of celebrity.
After a short stint in government, Collins became director of the National Air and Space Museum, stepping down in 1978. He was also the author of a number of space-related books.
His strongest memory from Apollo 11, he said, was looking back at the Earth, which he said seemed “fragile.”
“I really believe that if the political leaders of the world could see their planet from a distance of 100,000 miles, their outlook could be fundamentally changed. That all-important border would be invisible, that noisy argument silenced,” he said.
His family’s statement said they know “how lucky Mike felt to live the life he did.”
“Please join us in fondly and joyfully remembering his sharp wit, his quiet sense of purpose, and his wise perspective, gained both from looking back at Earth from the vantage of space and gazing across calm waters from the deck of his fishing boat.”
…

The family of the late Lee Kun-hee, the chairman of South Korea’s Samsung Electronics, says it will pay $10.8 billion in taxes on the inheritance from his massive estate, the largest paid in South Korean history. Lee died last October leaving an estate estimated at more than $23 billion.   The family, which includes his wife and three children, says it will split payments of the hefty tax bill in six installments over five years, with the first payment coming this month.  It is believed they will use the shares they hold in the vast family-run conglomerate as a means to pay the taxes.People pass by Samsung Electronics’ shop in Seoul, South Korea, April 28, 2021.The Lee family will also donate the late patriarch’s vast collection of fine art to two state-run museums and other organizations to help ease the burden of the tax bill.  The collection includes rare Korean artifacts and works by such legendary artists as Pablo Picasso, Salvador Dali, Paul Gauguin and Claude Monet.   The family has also agreed to donate $900 million to build a new hospital devoted to treating infectious diseases, fund research on vaccines and treatment, and support a program that treats children suffering from cancer and rare diseases.   Under the elder Lee, Samsung Electronics became the crown jewel of the Samsung conglomerate, the biggest in South Korea, with holdings in such sectors as shipbuilding, insurance and trading.   Samsung Electronics is the world’s largest maker of semiconductors, smartphones and other consumer electronics.  But the family has been mired in a host of corruption scandals, with Lee’s son, Jae-yong, currently serving a two-and-a-half year prison sentence in connection with the scandal that brought down former President Park Geun-hye. 
…

The UK government on Wednesday became the first country to announce it will regulate the use of self-driving vehicles at slow speeds on motorways, with the first such cars possibly appearing on public roads as soon as this year. Britain’s transport ministry said it was working on specific wording to update the country’s highway code for the safe use of self-driving vehicle systems, starting with Automated Lane Keeping Systems (ALKS) — which use sensors and software to keep cars within a lane, allowing them to accelerate and brake without driver input. The government said the use of ALKS would be restricted to motorways, at speeds under 37 miles (60 km) per hour. The UK government wants to be at the forefront of rolling out autonomous driving technology and the transport ministry forecasts by 2035 around 40% of new UK cars could have self-driving capabilities, creating up to 38,000 new skilled jobs. “The automotive industry welcomes this vital step to permit the use of automated vehicles on UK roads, which will put Britain in the vanguard of road safety and automotive technology,” Mike Hawes, CEO of car industry lobby group the Society of Motor Manufacturers and Traders, said in a statement. Limits of technologyBut insurance companies warn that Britain’s goal of being a leader in adopting self-driving cars could backfire unless automakers and regulators spell out the current limitations of the technology available today. They say calling ALKS “automated,” or using the synonymous term “self-driving,” will confuse British drivers into thinking the cars can drive themselves, causing accidents and risking a public backlash against the technology. “Aside from the lack of technical capabilities, by calling ALKS automated our concern also is that the UK Government is contributing to the confusion and frequent misuse of assisted driving systems that have unfortunately already led to many tragic deaths,” said Matthew Avery, research director at Thatcham Research, which has tested ALKS systems. The dangers of drivers apparently misunderstanding the limits of technology has been an issue in the United States, where regulators are reviewing about 20 crashes involving Tesla’s driver assistance tools, such as its “Autopilot” system. 
 
…