CES-2022 Showcases the Latest Tech Innovations

This year’s Consumer Electronics Show in Las Vegas, Nevada, was smaller this year because of COVID, but, as usual, the event drew companies that are dreaming big. Mariia Prus was among the journalists covering CES-2022, which ended Jan. 8, and has this report narrated by Anna Rice.
Camera: Mariia Prus

your ad here

Microsoft Discloses Malware Attack on Ukraine Government Networks

Microsoft said late Saturday that dozens of computer systems at an unspecified number of Ukrainian government agencies have been infected with destructive malware disguised as ransomware, a disclosure suggesting an attention-grabbing defacement attack on official websites was a diversion. The extent of the damage was not immediately clear.

The attack comes as the threat of a Russian invasion of Ukraine looms and diplomatic talks to resolve the tense stand-off appear stalled.

Microsoft said in a short blog post that amounted to the clanging of an industry alarm that it first detected the malware on Thursday. That would coincide with the attack that simultaneously took some 70 government websites temporarily offline.

The disclosure followed a Reuters report earlier in the day quoting a top Ukrainian security official as saying the defacement was indeed cover for a malicious attack.

Separately, a top private sector cybersecurity executive in Kyiv told The Associated Press how the attack succeeded: The intruders penetrated the government networks through a shared software supplier in a so-called supply-chain attack in the fashion of the 2000 SolarWinds Russian cyberespionage campaign targeting the U.S. government.

Microsoft said in a different, technical post that the affected systems “span multiple government, non-profit, and information technology organizations.” It said it did not know how many more organizations in Ukraine or elsewhere might be affected but said it expected to learn of more infections.

“The malware is disguised as ransomware but, if activated by the attacker, would render the infected computer system inoperable,” Microsoft said. In short, it lacks a ransom recovery mechanism.

Microsoft said the malware “executes when an associated device is powered down,” a typical initial reaction to a ransomware attack.

Microsoft said it was not yet able to assess the intent of the destructive activity or associate the attack with any known threat actors. The Ukrainian security official, Serhiy Demedyuk, was quoted by Reuters as saying the attackers used malware similar to that used by Russian intelligence. He is deputy secretary of the National Security and Defense Council.

A preliminary investigation led Ukraine’s Security Service, the SBU, to blame the web defacement on “hacker groups linked to Russia’s intelligence services.” Moscow has repeatedly denied involvement in cyberattacks against Ukraine.

Tensions with Russia have been running high in recent weeks after Moscow amassed an estimated 100,000 troops near Ukraine’s border. Experts say they expect any invasion would have a cyber component, which is integral to modern “hybrid” warfare.

Demedyuk told Reuters in written comments that the defacement “was just a cover for more destructive actions that were taking place behind the scenes and the consequences of which we will feel in the near future.” The story did not elaborate and Demedyuk could not immediately be reached for comment.

Oleh Derevianko, a leading private sector expert and founder of the ISSP cybersecurity firm, told the AP he did not know how serious the damage was. He said also unknown is what else the attackers might have achieved after breaking into KitSoft, the developer exploited to sow the malware.

In 2017, Russia targeted Ukraine with one of the most damaging cyberattacks on record with the NotPetya virus, causing more than $10 billion in damage globally. That virus, also disguised as ransomware, was a so-called “wiper” that erased entire networks.

Ukraine has suffered the unfortunate fate of being the world’s proving ground for cyberconflict. Russia state-backed hackers nearly thwarted its 2014 national elections and briefly crippling parts of its power grid during the winters of 2015 and 2016.

In Friday’s mass web defacement, a message left by the attackers claimed they had destroyed data and placed it online, which Ukrainian authorities said had not happened.

The message told Ukrainians to “be afraid and expect the worst.”

Ukrainian cybersecurity professionals have been fortifying the defenses of critical infrastructure since 2017, with more than $40 million in U.S. assistance. They are particularly concerned about Russian attacks on the power grid, rail network and central bank.

 

 

your ad here

China Seen Backing ‘Digital Authoritarianism’ in Latin America 

Chinese technology and expertise is making it possible for Venezuela and Cuba to exercise suffocating control over digital communications in the two countries, according to insider accounts and several international investigations. 

Venezuela and Cuba do more to block internet access than any other governments in Latin America, according to the U.S.-based advocacy group Freedom House, which has documented what it describes as “digital authoritarianism” in the region since 2018. 

“Whoever believes that privacy exists in Venezuela through email communications, Twitter, WhatsApp, Facebook and Instagram is wrong. All these tools” are totally subject to government intervention, said Anthony Daquin, former adviser on computer security matters to the Ministry of Justice of Venezuela. 

Daquin participated between 2002 and 2008 in delegations sent by former President Hugo Chávez to China to learn how Beijing uses software to identify Chinese citizens, and to implement a similar system in Venezuela. 

Key to those efforts was the introduction in 2016 of the “carnet de la patria” or homeland card, developed by the Chinese company ZTE. While theoretically voluntary, possession of the cards is required to access a vast range of goods and services, ranging from doctor’s appointments to government pensions. 

The cards were presented as a way to make public services and supply chains more efficient, but critics denounced them as a form of “citizen control.” 

Daquin said China’s role in recent years has been to provide technology and technical assistance to help the Venezuelan government process large amounts of data and monitor people whom the government considers enemies of the state. 

“They have television camera systems, fingerprints, facial recognition, word algorithm systems for the internet and conversations,” he said. 

Daquin said one of the few means that Venezuelans have to communicate electronically free from government monitoring is the encrypted messaging platform Signal, which the government has found it very costly to control. 

The former adviser said Venezuela’s digital surveillance structure is divided into five “rings,” with “Ring 5 being the most trusted, 100 percent Chinese personnel supervising.” 

According to Daquin, the government receives daily reports from the monitors that become the basis for decisions on media censorship, internet shutdowns and arbitrary arrests. 

US accusations against Chinese companies 

Several Chinese technology companies are active in Venezuela, including ZTE, Huawei and the China National Electronics Import & Export Corp. (CEIEC). The latter was sanctioned in 2020 by the U.S. Treasury Department on the grounds that its work in Venezuela had helped the government of President Nicolas Maduro “restrict internet service” and “conduct digital surveillance and cyber operations against political opponents.”

The U.S. Senate Foreign Relations Committee also issued an alert in 2020. In a report, Big Brother, China Digital Authoritarianism, it accused Chinese telecommunications companies of facilitating “digital authoritarianism” around the world and cited Venezuela as a case study. 

Specifically, the committee mentions the existence of a team of ZTE employees working within the facilities of the state telecommunications company CANTV, which manages the homeland card database. 

The document cites an investigation by the Reuters news agency, which reported it was told by CANTV employees that the card system allows them to monitor a vast range of information about individuals, including “birthdays, family information, employment and income, property owned, medical history, state benefits received, presence on social media, membership of a political party and whether a person voted.” 

“Maduro takes full advantage of Chinese hardware and services in his effort to control Venezuelan citizens,” the report says. 

Sophisticated and simple internet blockades 

The Maduro government’s efforts to block access to the internet by domestic opponents are “very crude,” according to Luis Carlos Díaz, president of the Venezuelan chapter of the Internet Society, a U.S.-based nonprofit that advocates for open development of the internet. 

He said it takes nothing more than a phone call from a government official to the operator of a web portal to have a website or social media outlet blocked for a time. 

However, in 2019, Venezuela blocked The Onion Router, or TOR, one of the most sophisticated systems used globally to allow internet users to remain anonymous and bypass censorship. The platform directs messages through a worldwide network of servers so the origin of a message cannot be identified. 

Diaz said that, unlike other recurrent blockades in Venezuela, the TOR hack did require a higher level of knowledge. 

“There, we raised alerts because it was excessively serious,” he told VOA. “It meant that the Venezuelan government was using technology like the one used in China to block users who had TOR, a tool used to circumvent censorship.” 

The TOR blockade lasted a week, and Díaz said he doubts that the Venezuelan government did it by itself, because it lacks the highly trained people needed for such a complex operation. 

China’s role in Cuba 

The internet infrastructure in Cuba was also built with equipment acquired from Chinese companies. The Swedish organization Qurium, in a report published at the beginning of 2020, said it had detected Huawei eSight network management software on the Cuban internet. The purpose of the software is to help filter web searches, according to this organization. 

Cuban dissidents say the only way to access pages censored by the government on the island is through a virtual private network or VPN, which tricks the system into believing that the user is in another country. 

This “is the only way to enter any controlled website,” said journalist Luz Escobar, who converts web content into PDF format or newsletters and sends those by email to users of 14yMedio, an independent digital news outlet that is blocked from uploading its content to the internet. In Cuba, however, “few people master this technique,” she said. 

Internet censorship in Cuba was investigated in 2017 by the Open Observatory of Network Interference (OONI), a volunteer-based organization that monitors internet censorship around the world. The group said it was able to determine that a Chinese company had developed software for public Wi-Fi portals on the island “because they left comments in the source code in Chinese.” 

“We also found a wide use of Huawei equipment,” said Arturo Filastó, a project leader at OONI who had traveled to Cuba and tested various Wi-Fi connection points provided by the government. 

Voice of America asked for comments from the three government entities in question — Cuba, Venezuela and China — but did not receive responses from any of them before publication. 

China continues to tutor countries with an “authoritarian tendency” 

In a 2021 report on internet censorship, Freedom House said Venezuelan officials, along with representatives from 36 other countries including Saudi Arabia and Syria, participated in Chinese government training and seminars on new media and information management. 

China has organized forums such as the World Internet Conference in 2017 “where it imparts its norms to authoritarian-leaning governments,” the report concluded. 

Justin Sherman, an information security expert at the Atlantic Council’s Cyber Statecraft Initiative, told VOA that Chinese companies like Huawei and ZTE have “been involved all over the world, not just in Venezuela, in creating programs of internet censorship surveillance for governments, intelligence services and police agencies.” 

Sherman said it is not clear whether Chinese companies sell their surveillance technology to authoritarian governments solely for profit. The thesis of the 2020 Senate Relations Committee report is that there is an interest in China to go beyond the sale of its technology services to extend its policy of “digital authoritarianism in the world.” 

This article originated in VOA’s Latin America Division.

your ad here

EU Condemns Cyberattack on Ukraine, NATO Pledges ‘Enhanced Cyber Cooperation’

European Union officials have condemned Friday’s cyberattack on Ukraine that shut down government and emergency services websites and pledged to use EU resources to assist the nation.

Ukraine’s foreign ministry reported Friday the websites of the country’s cabinet — seven ministries, including the treasury, the national emergency service and the state services, where Ukrainians’ electronic passports and vaccination certificates are stored — were temporarily unavailable Friday as a result of the hack.

The websites contained a message in Ukrainian, Russian and Polish, saying Ukrainians’ personal data has been leaked into the public domain. The message said, in part, “Be afraid and expect the worst. This is for your past, present and future.”

Ukraine’s State Service of Communication and Information Protection told the Associated Press there was no evidence personal data has been leaked.

In a statement, NATO Secretary General Jens Stoltenberg strongly condemned the attacks, saying the alliance’s cyber experts have been exchanging information with their Ukrainian counterparts on “the current malicious cyber activities.” He said NATO allied experts in the country also are supporting the Ukrainian authorities.

“In the coming days, NATO and Ukraine will sign an agreement on enhanced cyber cooperation, including Ukrainian access to NATO’s malware information sharing platform,” Stoltenberg said in a statement.

Speaking to reporters on the sidelines of a meeting of EU foreign ministers in Brest, France, EU Foreign Affairs chief Josep Borrell issued the “strongest condemnation” of the attack and said an emergency meeting of the EU political committee would be held to discuss how to react. He pledged to “mobilize all our resources to help Ukraine” increase its cyberattack-resistance capability.

When asked if he knew who was behind the attack, Borrell said they are still investigating, noting it is often difficult to trace cyberattacks, though he added “I don’t have any proof, but one can guess …”

Ukraine’s foreign ministry said Russia has a long history of such attacks. The incident also follows weeks of apparently failed diplomatic efforts to de-escalate tensions on the border with Russia and Ukraine where Moscow has amassed an estimated 100,000 troops and equipment, raising fears of an imminent invasion.

Russia insists the troops are there for its own protection, but is demanding NATO provide guarantees it will stop its eastward expansion, beginning with not allowing Ukraine to join the alliance, a move Moscow perceives as a threat. NATO has repeatedly rejected that request, saying Russia has no veto over NATO membership.

Some information for this report was provided by The Associated Press, Reuters and Agence France-Presse.

your ad here

SpaceX Rocket Lifts Off with South African Satellites on Board

A SpaceX rocket launch Thursday carried three small South African-made satellites that will help with policing South African waters against illegal fishing operations.

Produced at the Cape Peninsula University of Technology, the satellites could also be used to help other African countries to protect their coastal waters.

SpaceX’s billionaire boss Elon Musk has given three nano satellites produced in his birth country, South Africa, a ride into space.

The company’s Falcon rocket launched from Cape Canaveral in the U.S. state of Florida with 105 spacecraft on board. All three South African satellites deployed successfully.

This mission, known as Transporter 3, is part of SpaceX’s rideshare program which in two previous outings has put over 220 small satellites into orbit.

The three South African nano satellites on this trip were designed at the Cape Peninsula University of Technology’s Africa Space Innovation Centre.

The institution’s deputy vice chancellor for research, technology and innovation Professor David Phaho says “it marks a quantum leap in terms of South Africa’s capability to participate in the space sector. As you can imagine the issue of oceans economy has become topical globally. And the fact that we’ve developed this capacity in South Africa, and we are launching this (sic) satellites will go a long way in enhancing our capabilities to monitor our coastline and grow our economy.”

Phaho notes the university has been building up to the launch of these satellites, known collectively as MDASat-1, with a previous satellite launch in 2018.

“These three satellites, there was a precursor to these current three satellite constellation. Zcube2 is the most advanced nano satellite developed on the African continent and it was launched in December 2018 so these ones are basically part and parcel of that development. And they are probably the most advanced nano satellites developed on the African continent,” Phaho expressed.

Stephen Cupido studied at the space center and graduated in 2014. Today, he works here as a software engineer and points out that “it’s been a ride, it’s been amazing, ups and downs but this is definitely an up today. Just to get everything ready for today has been a lot of pressure.”

And the interaction with SpaceX has been complicated he says laughing “but it’s necessary. We are putting objects in space and space is for everyone, we have to keep it safe for everybody so we understand the paperwork involved but we’ve got all the information through to them. They’re launching our satellite so everything is in order.”

The university paid almost $260,000 to secure its spot on the SpaceX craft. It says it hopes to continue the relationship with Elon Musk’s company. 

your ad here

Hong Kong COVID-19 Tracking App Spurs Opposition

A new Hong Kong mandate that restaurants and other establishments require use of an app aimed at recording people’s locations and telling them if they have been near a COVID-19 patient has spurred opposition from the city’s pro-democracy voices.

The LeaveHomeSafe app scans a two-dimensional QR barcode at taxis and other locations. If a COVID-19 patient has been there, the app will alert users and provide health advice. The government required the use of the app Dec. 9 in all indoor premises including government buildings, restaurants, public facilities, and karaoke venues. Those over the age of 65, 15 years or younger, the homeless and those with disabilities are exempt.

Previously Hong Kongers could record these movements using a paper form, but the cursive characters written by opposition Hong Kongers or pro-democracy activists expressing their distrust in government were often illegible for authorities.

Hong Kongers believe the app can be a tool used by authorities to monitor citizens, according to a human rights advocate.

“Given Beijing’s use of mass surveillance in China, many Hong Kong people suspect that the app is one way for the Hong Kong and Beijing governments to normalize the use of government surveillance in Hong Kong,” Human Rights Watch senior China researcher Maya Wang told VOA by email.

An office worker in her 20s entering a Taiwanese restaurant recently was one of the Hong Kongers harboring doubts about the app. Before entering the restaurant, she said she stopped texting on her phone to use a second phone to scan the restaurant’s QR code using LeaveHomeSafe.

“It’s an act of human right and privacy violation as we can no longer choose the way we live and the app is part of the digital surveillance system,” she told VOA, referring to the government app.

Government officials sought to allay such privacy concerns last February, as health secretary Sophia Chan said the COVID-19 tracking app would not send personal data to the authorities.

“The fact is there is no issue of data privacy, because the data would be just stored in the phone of the person. There is no platform that collects those data,” Chan told reporters.

Hong Kong also has a new Health Code app for people to show they have not been exposed to COVID-19 to travel to mainland China, using LeaveHomeSafe records. The LeaveHomeSafe privacy statement says users are required to upload their visit records from the app to the health code system “only with their express consent” and “at their sole discretion.”

 

“The visit record, which by itself in isolation is not personal data, will be kept in users’ mobile phones for 31 days and will then be erased automatically,” the privacy statement adds.

The government announced the requirement for broader use of the LeaveHomeSafe app in November, before the omicron variant and when Hong Kong’s confirmed infection number was in single digits.

The government said in a statement then it had made the decision “amid the severe COVID-19 pandemic situation across the world” and that “it strives to foster favourable conditions for resuming cross-boundary travel with the Mainland and cross-border travel in the future.”

Wang said Hong Kongers are right to be suspicious of the government’s intentions with the tracing app.

Even though Hong Kong differs from China in significant ways, such as a privacy ordinance that protected people’s privacy for many years, she said, “these legal protections are increasingly being undermined as Beijing and Hong Kong governments do away with other protections of civil liberties, such as a free press and freedom of expression.”

The announcement of the mandate followed a clampdown on the use of the fake version of the app in the same month. The police arrested five people for using fake apps.

Two were confirmed to be arrested on suspicion of using false instruments — the same charge for using a falsified passport or fabricated visa to enter the city — that can send offenders to prison for up to 14 years and incur up to about $19,000 in penalty.

Officials have long been wary of certain residents’ opposition to the use of the app. In September, the police arrested three core members, aged 18-20, of the pro-democracy student activism group Student Politicism under the national security law.

They have been charged with conspiracy to incite subversion for “stirring hatred towards the government … including urging people not to use the LeaveHomeSafe app and to fill in fake [personal] information on the paper forms,” Steve Li Kwai-wah, superintendent of the police national security department told media in a September press conference.

Eric Lai, researcher at Georgetown University’s Center for Asian Law and the former spokesperson of the now-disbanded protest organizer Civil Human Rights Front, said the measure seeks to “repress” Hong Kongers’ rights.

“The government of Hong Kong has a track record of using COVID-preventive measures to repress the exercise of citizen’s rights, such as the use of social distancing rules to criminalize citizens protesting in public sites” he told VOA by email.

The police were accused of targeting restaurants and shops that support democracy by conducting checks only in such shops, according to local media StandNews, which is now closed.

Many of such shops complained about losing the freedom not to use the app and said they would offer carry-out orders that do not require its use instead.

 

 

 

your ad here

World Economic Forum Warns Cyber Risks Add to Climate Threat

Cyberthreats and the growing space race are emerging risks to the global economy, adding to existing challenges posed by climate change and the coronavirus pandemic, the World Economic Forum said in a report Tuesday.  

The Global Risks Report is usually released ahead of the annual elite winter gathering of CEOs and world leaders in the Swiss ski resort of Davos, but the event has been postponed for a second year in a row because of COVID-19. The World Economic Forum still plans some virtual sessions next week. 

Here’s a rundown of the report, which is based on a survey of about 1,000 experts and leaders:  

World outlook 

As 2022 begins, the pandemic and its economic and societal impacts still pose a “critical threat” to the world, the report said. Big differences between rich and poor nations’ access to vaccines mean their economies are recovering at uneven rates, which could widen social divisions and heighten geopolitical tensions. 

By 2024, the global economy is forecast to be 2.3% smaller than it would have been without the pandemic. But that masks the different rates of growth between developing nations, whose economies are forecast to be 5.5% smaller than before the pandemic, and rich countries, which are expected to expand 0.9%.  

Digital dangers 

The pandemic forced a huge shift — requiring many people to work or attend class from home and giving rise to an exploding number of online platforms and devices to aid a transformation that has dramatically increased security risks, the report said.  

“We’re at the point now where cyberthreats are growing faster than our ability to effectively prevent and manage them,” said Carolina Klint, a risk management leader at Marsh, whose parent company Marsh McLennan co-authored the report with Zurich Insurance Group and SK Group.  

Cyberattacks are becoming more aggressive and widespread, as criminals use tougher tactics to go after more vulnerable targets, the report said. Malware and ransomware attacks have boomed, while the rise of cryptocurrencies makes it easy for online criminals to hide payments they have collected.  

While those responding to the survey cited cybersecurity threats as a short- and medium-term risk, Klint said the report’s authors were concerned that the issue wasn’t ranked higher, suggesting it’s a “blind spot” for companies and governments. 

Space race 

Space is the final frontier — for risk.  

Falling costs for launch technology has led to a new space race between companies and governments. Last year, Amazon founder Jeff Bezos’ space tourism venture Blue Origin and Virgin Galactic’s Richard Branson took off, while Elon Musk’s Space X business made big gains in launching astronauts and satellites.  

Meanwhile, a host of countries are beefing up their space programs as they chase geopolitical and military power or scientific and commercial gains, the report said.  

But all these programs raise the risk of friction in orbit.  

“Increased exploitation of these orbits carries the risk of congestion, an increase in debris and the possibility of collisions in a realm with few governance structures to mitigate new threats,” the report said.  

Space exploitation is one of the areas that respondents thought had among the least amount of international collaboration to deal with the challenges.  

Experts and leaders responding to the survey “don’t believe that much is being done in the best possible way moving forward,” World Economic Forum’s managing director, Saadia Zahidi, said at a virtual press briefing from Geneva.  

Other areas include artificial intelligence, cyberattacks and migration and refugees, she said.  

Climate crisis  

The environment remains the biggest long-term worry.  

The planet’s health over the next decade is the dominant concern, according to survey respondents, who cited failure to act on climate change, extreme weather, and loss of biodiversity as the top three risks.  

The report noted that different countries are taking different approaches, with some moving faster to adopt a zero-carbon model than others. Both approaches come with downsides. While moving slowly could radicalize more people who think the government isn’t acting urgently, a faster shift away from carbon intense industries could spark economic turmoil and throw millions out of work.  

“Adopting hasty environmental policies could also have unintended consequences for nature,” the report added. “There are still many unknown risks from deploying untested biotechnical and geoengineering technologies.” 

your ad here

US Cyber Officials Bracing for ‘Log4j’ Vulnerability Fallout

U.S. cybersecurity officials are still sounding an alarm about the so-called Log4j software vulnerability more than a month after it was first discovered, warning some criminals and nation state adversaries may be waiting to make use of their newfound access to critical systems.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) said Monday that the vulnerability, also known as Log4shell, has been subject to widespread exploitation by criminals over the past several weeks, but that more serious and damaging attacking could still be in the works.

“We do expect Log4Shell to be used in intrusions well into the future,” CISA Director Jen Easterly told reporters during a phone briefing, adding, “at this time we have not seen the use of Log4shell resulting in significant intrusions.”

“This may be the case because sophisticated adversaries have already used this vulnerability to exploit targets and are just waiting to leverage their new access until network defenders are on a lower alert,” she said.

The vulnerability in the open-source software produced by the U.S.-based Apache Software Foundation, was first discovered in late November by the Chinese tech giant Alibaba. The first warnings to the public went out in early December. 

Cybersecurity officials and experts initially described the flaw in the software as perhaps the worst vulnerability ever discovered, noting the software’s widespread use – in at least 2,800 products used by both private companies and governments around the world.

CISA on Monday said the vulnerability has impacted hundreds of millions of devices around the world, with many software vendors racing to issue security patches to their customers.

So far, U.S. agencies appear to be unscathed.

“We, at this point, are not seeing any confirmed compromises of federal agencies across the broader country, including critical infrastructure,” CISA Executive Assistant Director for Cybersecurity Eric Goldstein told reporters.

But he cautioned the danger has not yet passed despite the lack of destructive attacks by sophisticated hacking groups and foreign adversaries.

“It is certainly possible that that may change, that adversaries may be utilizing this vulnerability to gain persistent access that they could use in the future, which is why we are so focused on remediating the vulnerability across the country and ensuring that we are detecting any intrusions if and when they arise,” he said.

Yet there are reports that other countries have already been targeted by cyber actors seeking to exploit the software vulnerability.

Belgium’s Ministry of Defense said last month that some of its computer systems went down last month following an attack, in which the Log4j vulnerability was believed to be exploited.

And some security experts warn other countries, including China, Iran, North Korea and Turkey, have sought to exploit Log4j.

“This activity ranges from experimentation during development, integration of the vulnerabilities to in-the-wild payload deployment, and exploitation against targets to achieve the actor’s objectives,” Microsoft’s Threat Intelligence Center wrote in a blog post last week.

In particular, Microsoft said the Iran cyber threat actor known as Phosphorus, known for launching ransomware attacks, has already modified the Log4j vulnerability for use in attacks, while the Chinese group known as Hafnium has also used it for some targeting activities.

The private cybersecurity firm CrowdStrike separately assessed that a Chinese-based group called Aquatic Panda sought to use the Log4j vulnerability to target an unnamed academic institution.

CISA on Monday said it could not independently confirm such reports, and further said it had yet to discover any ransomware attacks in which the attackers used the Log4j vulnerability to penetrate the victim’s systems.

CISA’s director said one reason could be that “there may be a lag between when this vulnerability is being used and when it is being actively deployed.”

Easterly also warned about information that U.S. officials are unable to see due to the failure of Congress to pass legislation that would require private companies to report cyberattacks – something the White House and many lawmakers have been advocating for some time.

“We are concerned that threat actors are going to start taking advantage of this vulnerability and having impacts in particular on critical infrastructure, and because there is no legislation in place, we will likely not know about it,” she said. 

your ad here

Indian Muslim Women ‘Auction’ App Shows Tech Weaponized for Abuse

Six months ago, pilot Hana Khan saw her picture on an app that appeared to be auctioning scores of Muslim women in India. The app was quickly taken down, no one was charged, and the issue shelved – until a similar app popped up on New Year’s Day.

Khan was not on the new app called Bulli Bai – a slur for Muslim women – that was hawking activists, journalists, an actor, politicians and Nobel Laureate Malala Yousafzai as maids.

Amid growing outrage, the app was taken down, and four suspects arrested this week.

 

The fake auctions that were shared widely on social media are just the latest examples of how technology is being used – often with ease, speed and little expense – to put women at risk through online abuse, theft of privacy or sexual exploitation.

For Muslim women in India who are often abused online, it is an everyday risk, even as they use social media to call out hatred and discrimination against their minority community.

“When I saw my picture on the app, my world shook. I was upset and angry that someone could do this to me, and I became angrier as I realized this nameless person was getting away with it,” said Khan, who filed a police complaint against the first app, Sulli Deals, another pejorative term for Muslim women.

“This time, I felt so much dread and despair that it was happening again to my friends, to Muslim women like me. I don’t know how to make it stop,” Khan, a commercial pilot in her 30s, told the Thomson Reuters Foundation.

Mumbai police said they were investigating whether the Bulli Bai app was “part of a larger conspiracy”.

A spokesperson for GitHub, which hosted both apps, said it had “longstanding policies against content and conduct involving harassment, discrimination, and inciting violence.

“We suspended a user account following the investigation of reports of such activity, all of which violate our policies.”

 

Misconception

Advances in technology have heightened risks for women across the world, be it trolling or doxxing with their personal details revealed, surveillance cameras, location tracking, or deepfake pornographic videos featuring doctored images.

Deepfakes – or artificial, intelligence-generated, synthetic media – are used to create porn, with apps that let users strip clothes off women or swap their faces into explicit videos.

Digital abuse of women is pervasive because “everybody has a device and a digital presence,” said Adam Dodge, chief executive of EndTAB, a U.S.-based nonprofit tackling tech-enabled abuse.

“The violence has become easier to perpetrate, as you can get at somebody anywhere in the world. The order of magnitude of harm is also greater because you can upload something and show it to the world in a matter of seconds,” he said.

“And there is a permanency to it because that photo or video exists forever online,” he added.

The emotional and psychological impact of such abuse is “just as excruciating” as physical abuse, with the effects compounded by the virality, public nature, and permanence of the content online, said Noelle Martin, an Australian activist.

At 17, Martin discovered her image had been photoshopped into pornographic images and distributed. Her campaign against image-based abuse helped change the law in Australia.

But victims struggle to be heard, she said.

“There is a dangerous misconception that the harms of technology-facilitated abuse are not as real, serious, or potentially lethal as abuse with a physical element,” she said.

“For victims, this misconception makes speaking out, seeking support, and accessing justice much more difficult.”

 

Persecution

Tracking lone creators and rogue coders is hard, and technology platforms tend to shield anonymous users who can easily create a fake email or social media profile.

Even lawmakers are not spared: in November, the U.S. House of Representatives censured Republican Paul Gosar over a photoshopped anime video that showed him killing Democrat Alexandra Ocasio-Cortez. He then retweeted the video.

 

“With any new technology we should immediately be thinking about how and when it will be misused and weaponized to harm girls and women online,” said Dodge.

“Technology platforms have created a very imbalanced atmosphere for victims of online abuse, and the traditional ways of seeking help when we are harmed in the physical world are not as available when the abuse occurs online,” he said .

Some technology firms are taking action.

Following reports that its AirTags – locator devices that can be attached to keys and wallets – were being used to track women, Apple launched an app to help users shield their privacy.

In India, the women on the auction apps are still shaken.

Ismat Ara, a journalist showcased on Bulli Bai, called it “nothing short of online harassment.”

It was “violent, threatening and intending to create a feeling of fear and shame in my mind, as well as in the minds of women in general and the Muslim community,” Ara said in a police complaint that she posted on social media.

Arfa Khanum Sherwani, also featured for sale, wrote on Twitter: “The auction may be fake but the persecution is real.”

your ad here

Biden Touts Deal Delaying 5G Rollout by AT&T, Verizon

President Joe Biden touted an agreement Tuesday between wireless carriers and U.S. regulators to allow the deployment of 5G wireless technology in two weeks.

AT&T and Verizon said Monday they would delay activating the new service for two weeks following a request by Transportation Secretary Pete Buttigieg. He cited airline industry concerns that the technology’s rollout could interfere with sensitive electronic systems on aircraft and disrupt thousands of daily flights.

The telecommunications giants’ announcement came one day after they maintained they would not postpone the introduction of the service. But they agreed to the delay amid pressure from the White House and aviation unions, and concerns expressed by the U.S. Federal Aviation Administration.

Biden said in a statement Tuesday the “agreement ensures that there will be no disruptions to air operations over the next two weeks and puts us on track to substantially reduce disruptions to air operations when AT&T and Verizon launch 5G on January 19th.”

In an email Tuesday to employees, Verizon Chief Executive Hans Vestberg said the company saw no aviation safety issue with 5G, but added the FAA “intended to disrupt an already difficult time for air travel if we move ahead with our planned activation… We felt that it was the right thing to do for the flying public, which includes our customers and all of us, to give the FAA a little time to work out its issues with the aviation community.”

Buttigieg and FAA Administrator chief Steve Dickson said in a letter sent Monday to AT&T and Verizon that the agencies would not seek any further delays beyond January 19 if there are not any “unforeseen aviation safety issues,” according to Reuters.

The letter also reportedly said the agreement “will give us additional time and space to reduce the impacts to commercial flights.”

Some information in this report came from The Associated Press and Reuters.

your ad here

Wildlife Rangers Use AI to Predict Poachers’ Next Moves

Rangers protecting threatened wildlife in Cambodia are using artificial intelligence to predict poachers’ next moves. Matt Dibble reports.

your ad here

World’s Largest Consumer Electronics Show Goes Hybrid

It’s a chaotic time for the Consumer Electronics Show 2022, the world’s largest technology event. Last-minute COVID-19-related cancellations have wreaked havoc on the organizers’ plans to host exhibitors and welcome visitors in person in Las Vegas and online. But as VOA’s JulieTaboh reports, the show will go on.

your ad here

Twitter Bans US Lawmaker’s Personal Account for COVID-19 Misinformation 

Twitter on Sunday banned the personal account of Rep. Marjorie Taylor Greene for multiple violations of its COVID-19 misinformation policy, according to a statement from the company. 

The Georgia Republican’s account was permanently suspended under the “strike” system Twitter launched in March, which uses artificial intelligence to identify posts about the coronavirus that are misleading enough to cause harm to people. Two or three strikes earn a 12-hour account lock; four strikes prompt a weeklong suspension, and five or more strikes can get someone permanently removed from Twitter. 

In a statement on the messaging app Telegram, Greene blasted Twitter’s move as un-American. She wrote that her account was suspended after tweeting statistics from the Vaccine Adverse Event Reporting System, a government database which includes unverified raw data. 

“Twitter is an enemy to America and can’t handle the truth,” Greene said. “That’s fine, I’ll show America we don’t need them and it’s time to defeat our enemies.” 

Twitter had previously suspended the account for periods ranging from 12 hours to a full week. 

The ban applies to Greene’s personal account, @mtgreenee, but does not affect her official Twitter account, @RepMTG. 

A Greene tweet posted shortly before her weeklong suspension in July claimed that the virus “is not dangerous for non-obese people and those under 65.” According to the U.S. Centers for Disease Control and Prevention, people under 65 account for nearly 250,000 of the U.S. deaths involving COVID-19. 

Greene previously blasted a weeklong suspension as a “Communist-style attack on free speech.” 

your ad here

Solar Power Projects See the Light on Former Appalachian Coal Land

Looking west from Hazel Mountain, Brad Kreps can see forested hills stretching to the Tennessee border and beyond, but it is the flat, denuded area in front of him he finds exciting.

Surface coal mining ended on this site several years ago. But with a clean-up underway, it is now being prepared for a new chapter in the region’s longstanding role as a major energy producer – this time from a renewable source: the sun.

While using former mining land to generate solar energy has long been discussed, this and five related sites are among the first projects to move forward in the coalfields of the central Appalachian Mountains, as well as nationally.

 

Backers say the projects could help make waste land productive and boost economic fortunes in the local area, part of a 250,000-acre (101,171-hectare) land purchase by The Nature Conservancy (TNC) in 2019, one of its largest such acquisitions.

“There’s very little activity going on this land, so if we can bring in a new use like solar, we can bring tax revenue into these counties that are really trying to diversify their economies,” said Kreps, a TNC program director.

Besides creating a new source of green energy, the project offers a model for solar development that does not impinge on forests or farmland, he said.

TNC, a U.S.-based environmental nonprofit, has identified six initial sites for solar plants in the area and is now moving forward with projects on parcels covering about 1,700 acres.

The two companies that have bid to do the work – solar developer Sun Tribe and major utility Dominion Energy – estimate the projects could produce around 120 megawatts (MW) of electricity, potentially enough to power 30,000 homes.

Construction is expected to start in two or three years after pre-development work and permitting are completed.

“This is a ground-breaking model,” said Emil Avram, Dominion’s vice president of business development for renewables in Virginia.

Dominion believes it is the largest utility-scale renewable energy initiative to be developed on former coal mining land, and could be replicated elsewhere, Avram added.

Renewables targets

The U.S. government formally began looking at putting renewable energy installations on disturbed land – including mines, but also contaminated sites and landfills – in 2008.

Since then, the RE-Powering America’s Land program has mapped over 100,000 potential sites covering more than 44 million acres, and helped establish 417 installations producing 1.8 gigawatts (GW) of electricity, according to March data.

A toxic landfill site in New Jersey, for instance, now hosts a 6.5-MW solar installation, while a former steel mill in New York has been turned into a wind farm with capacity of 35 MW.

Yet on mine land, the work has so far been mostly limited to doing inventories and providing technical assistance, resulting in fewer than a half-dozen projects, said Nels Johnson, TNC’s North America director for energy.

That has stunted solar developers’ interest in mine land, he said – a knowledge gap he hopes the new projects can help fill, particularly amid a surging focus on meeting clean energy goals.

“After five to 10 years of almost nobody paying attention to this, there’s an awakening starting to take place,” he said. “As more and more states pass renewable energy commitments, it’s kind of a situation of the dog catching the car.”

Virginia, for instance, has a 2020 clean energy bill that, among other things, pushes for Dominion Energy’s electricity in the state to be carbon-free by 2045.

There are about 100,000 acres affected by coal mining in southwest Virginia alone, said Daniel Kestner, who manages the Innovative Reclamation Program for the state’s energy department.

“Reusing land like former coal mines makes a lot of sense instead of looking at prime farmland … or lands near populated areas where there may be conflict,” he said.

Kestner’s team is now exploring renewable energy development as an approved option for required post-mining reclamation work.

 

‘LIFE AFTER COAL’

Appalachia had harbored a deep-rooted skepticism toward renewable energy, said Adam Wells, regional director of community and economic development with Appalachian Voices, a nonprofit that works in former coal communities.

But recent years have seen a turnaround, he noted, with the recognition that the coal industry – the region’s longstanding main economic driver – will not return to its former strength.

Across the country, the number of coal mines dropped by 62% from 2008 to 2020, based on U.S. government figures, translating into a loss of 100,000 jobs since the mid-1980s, according to the Environmental Defense Fund.

Starting around 2015, Wells said, “it became necessary to talk about what life after coal looks like in Appalachia. And so, as a result, it became safe to talk about solar.”

While the number of jobs from utility-scale solar development does not compare to coal-industry jobs, he said, it could still be significant.

“It does generate notable and meaningful tax revenues for localities at a time of declining revenues from coal,” he added.

For now, communities are watching the shift with a “wait-and-see” attitude, he said.

Dominion Energy’s 50-MW project is the largest of the six local solar initiatives now underway.

While Dominion does not have job and tax revenue estimates for that project, it noted in a recent regulatory filing that 15 newly proposed solar projects across Virginia would generate more than $880 million in economic benefits and support almost 4,200 jobs associated with construction.

The company is under major pressure to increase solar production and is planning for an additional 16,000 MW by 2035, executive Avram said, requiring new capacity of about 1,000 MW annually through that date.

“That will require a fair amount of land – a thousand acres per project, roughly,” he said.

While the initial mine-land project in southwestern Virginia is relatively small, he said, it is an important “stepping stone” in learning how to work on previously disturbed sites.

TNC’s Kreps sees much more opportunity, literally on the horizon.

“There’s hundreds of thousands of acres like this across the region – and in many cases, right now they aren’t creating a lot of economic value,” he said.

His organization, he added, aims to demonstrate “that we can manage these lands for nature outcomes and people outcomes.” 

your ad here

US Seeks New 5G Delay to Study Interference with Planes

U.S. authorities have asked telecom operators AT&T and Verizon to delay for up to two weeks their already postponed rollout of 5G networks amid uncertainty about interference with vital flight safety equipment.

The U.S. rollout of the high-speed mobile broadband technology had been set for December 5, but was delayed to January 5 after aerospace giants Airbus and Boeing raised concerns about potential interference with the devices used by planes to measure altitude.

U.S. Transportation Secretary Pete Buttigieg and the head of the Federal Aviation Administration, Steve Dickson, asked for the latest delay in a letter sent Friday to AT&T and Verizon, two of the country’s biggest telecom operators.

The U.S. letter asked the companies to “continue to pause introducing commercial C-Band service” — the frequency range used for 5G — “for an additional short period of no more than two weeks beyond the currently scheduled deployment date of January 5.”

The companies did not immediately respond to a request for comment.

The U.S. officials’ letter assures the companies that 5G service will be able to begin “as planned in January with certain exceptions around priority airports.”

The officials say their priority has been “to protect flight safety, while ensuring that 5G deployment and aviation operations can co-exist.”

Last February, Verizon and AT&T were authorized to start using 3.7-3.8 GHz frequency bands on December 5, after obtaining licenses worth tens of billions of dollars.

But when Airbus and Boeing raised their concerns about possible interference with airplanes’ radio altimeters, which can operate in the same frequencies, the launch date was pushed back to January. 

The FAA requested further information about the instruments, and it issued directives limiting the use of altimeters in certain situations, which sparked airline fears over the potential costs.

When Verizon and AT&T wrote to federal authorities in November to confirm their intention to start deploying 5G in January, they said they would take extra precautions beyond those required by U.S. law until July 2022 while the FAA completes its investigation.

The conflict between 5G networks and aircraft equipment led French authorities to recommend switching off mobile phones with 5G on planes in February.

France’s civil aviation authority said interference from a signal on a nearby frequency to the radio altimeter could cause “critical” errors during landing. 

your ad here