Technology

Subterms

    More stories

    • 200 Shares129 Views

      in US Politics

      All I want for 2021 is to see Mark Zuckerberg up in court | John Naughton

      by

      It’s always risky making predictions about the tech industry, but this year looks like being different, at least in the sense that there are two safe bets. One is that the attempts to regulate the tech giants that began last year will intensify; the second that we will be increasingly deluged by sanctimonious cant from Facebook & co as they seek to avoid democratic curbing of their unaccountable power.On the regulation front, last year in the US, Alphabet, Google’s corporate owner, found itself facing major antitrust suits from 38 states as well as from the Department of Justice. On this side of the pond, there are preparations for a Digital Markets Unit with statutory powers that will be able to neatly sidestep the tricky definitional questions of what constitutes a monopoly in a digital age. Instead, the unit will decide on a case-by-case basis whether a particular tech company has “strategic market status” if it possesses “substantial, entrenched market power in at least one digital activity” or if it acts as an online “gateway” for other businesses. And if a company is judged to have this status, then penalties and regulations will be imposed on it.Over in Brussels, the European Union has come up with a new two-pronged legal framework for curbing digital power – the Digital Markets Act and the Digital Services Act. The Digital Markets Act is aimed at curbing anti-competitive practices in the tech industry (like buying up potential competitors before they can scale up) and will include fines of 10% of global revenues for infringers. The Digital Services Act, for its part, will oblige social media platforms to take more responsibility for illegal content on their platforms – scams, terrorist content, images of abuse, etc – for which they could face fines of up to 6% of global revenue if they fail to police content adequately. So the US and UK approach focuses on corporate behaviour; the EU approach focuses on defining what is allowed legally.All of this action has been a long time coming and while it’s difficult to say exactly how it will play out, the bottom line is that the tech industry is – finally – going to become a regulated one. Its law-free bonanza is going to come to an end.Joe Biden’s choices for top staff in his administration include a depressing proportion of former tech company stalwartsThe big question, though, is: when? Antitrust actions proceed at a glacial pace because of the complexity of the issues and the bottomless legal budgets of the companies involved. The judge in one of the big American antitrust cases against Google has said that he expects the case to get to court only in late 2023 and then it could run for several years (as the Microsoft case did in the 1990s).The problem with that, as the veteran anti-monopoly campaigner Matt Stoller has pointed out, is that the longer monopolistic behaviour goes on, the more damage (eg, to advertisers whose revenue is being stolen and other businesses whose property is being appropriated) is being done. Google had $170bn in revenue last year and is growing on average at 10-20% a year. On a conservative estimate of 10% growth, the company will add another $100bn to its revenue by 2025, when the case will still be in the court. Facebook, says Stoller, “is at $80bn of revenue this year, but it is growing faster, so the net increase of revenue is a roughly similar amount. In other words, if the claims of the government are credible, then the lengthy case, while perhaps necessary, is also enabling these monopolists to steal an additional $100bn apiece.”What could speed up bringing these monopolists to account? A key factor is the vigour with which the US Department of Justice prosecutes its case(s). In the run-up to the 2020 election, the Democrats in Congress displayed an encouraging enthusiasm for tackling tech monopolies, but Joe Biden’s choices for top staff in his administration include a depressing proportion of former tech company stalwarts. And his vice-president-elect, Kamala Harris, consistently turned a blind eye to the anti-competitive acquisitions of the Silicon Valley giants throughout her time as California’s attorney general. So if people are hoping for antitrust zeal from the new US government, they may be in for disappointment.Interestingly, Stoller suggests that another approach (inspired by the way trust-busters in the US acted in the 1930s) could have useful leverage on corporate behaviour from now on. Monopolisation isn’t just illegal, he points out, “it is in fact a crime, an appropriation of the rights and property of others by a dominant actor. The lengthy trial is essentially akin to saying that bank robbers getting to keep robbing banks until they are convicted and can probably keep the additional loot.”Since a basic principle of the rule of law is that crime shouldn’t pay, an addition of the possibility of criminal charges to the antitrust actions might, like the prospect of being hanged in the morning (pace Dr Johnson), concentrate minds in Facebook, Google, Amazon and Apple. As an eternal optimist, I cannot think of a nicer prospect for 2021 than the sight of Mark Zuckerberg and Sundar Pichai in the dock – with Nick Clegg in attendance, taking notes. Happy new year!What I’ve been readingWho knew?What We Want Doesn’t Always Make Us Happy is a great Bloomberg column by Noah Smith.Far outIntriguing piece on how investors are using real-time satellite images to predict retailers’ sales (Stock Picks From Space), by Frank Partnoy on the Atlantic website.An American dream Lovely meditation on Nora Ephron’s New York, by Carrie Courogen on the Bright Wall/Dark Room website. More

    • 150 Shares199 Views

      in US Politics

      Facts won't fix this: experts on how to fight America's disinformation crisis

      by

      At the beginning of 2021, millions of Americans appear to disagree about one of the most basic facts of their democracy: that Joe Biden won the 2020 presidential election.The consequences of Donald Trump’s repeated, baseless claims of voter fraud will come in several waves, researchers who study disinformation say, even if Trump ultimately hands over power and leaves the White House. And there is no quick or easy way to fix this crisis, they warn. Because when it comes to dealing with disinformation, simply repeating the facts doesn’t do much to change anyone’s mind.In the short term, Trump’s false claims about election fraud have weakened Biden’s ability to address the coronavirus pandemic. “If only 20% of the population is like, ‘You’re not my president, I’m going to double down on my mask resistance,’ or ‘I’m going to continue to have parties over the holidays,’ that means we are going to be even less likely to bring this thing under control,” said Whitney Phillips, a professor of communications at Syracuse University.Over the longer term, the president’s falsehoods may also undermine Biden’s overall governing capability, just as the racist “birther” conspiracy theory, another false claim spread by Trump, helped fuel political resistance to Barack Obama’s presidency. And the damage to Americans’ basic trust in their democracy may have effects far beyond electoral politics.“What does it look like if we don’t have a shared sense of reality?” said Claire Wardle, the executive director of First Draft, a group that researches and combats disinformation. “We’ve seen more conspiracy theories moving mainstream. There’s an increasing number of people who do not believe in the critical infrastructure of a society. Where does that end?”How we got hereAmerica’s current disinformation crisis is the culmination of more than two decades of pollution of the country’s information ecosystem, Wardle said. The spread of disinformation on social media is one part of that story, but so is the rise of alternative rightwing media outlets, the lack of investment in public media, the demise of local news outlets, and the replacement of shuttered local newspapers with hyper-partisan online outlets.This “serious fragmentation” of the American media ecosystem presents a stark contrast with, say, the UK, where during some weeks of the pandemic, 94% of the UK adult population, including 86% of younger people, tuned into the BBC, a taxpayer-funded broadcaster, according to official statistics.And the left and right in the US don’t merely have different sets of media outlets for their different audiences: they have also developed distinct models of information-sharing, Wardle said. Mainstream media outlets still follow a traditional top-down broadcast model: an authoritative source produces the news and sends it out to consumers. The rightwing media ecosystem, which developed through talk radio, on the other hand, operates as a network of media personalities interacting with each other, “a community telling stories to their own community”, Wardle said.Trump has built on that, embracing what Kate Starbird, a University of Washington professor who studies disinformation, on Twitter called a model of “participatory disinformation”.“Trump didn’t just prime his audience to be receptive to false narratives of voter fraud, he inspired them to create them … and then echoed those false claims back at them,” she wrote.Participatory disinformation might actually be “stickier” and more effective than “top-down propaganda”, Starbird argued, in part because of the “positive reinforcement” of Trump supporters seeing their “‘discoveries’ repeated by their media & political celebrities”.When their platforms turned out to be ideal environments for making and monetizing participatory disinformation, social media companies were slow to curb its spread.Companies like Twitter and Facebook did not begin putting warning labels on Trump’s false voting fraud claims until very close to the election. Even then, only a handful of his tweets were flagged, Wardle noted, while Trump sent dozens of other tweets pushing the same story and media outlets continued to report on his statements, creating a powerful national narrative about fraud despite the attempts at factchecking.The social media platforms’ decision to finally flag some of Trump’s disinformation right before a consequential election also may have had its own damaging political consequences. “They spent so much time refusing to moderate content that what they’re doing now feels like the worst kind of censorship,” Joan Donovan, the research director at Harvard’s Shorenstein Center on Media, Politics and Public Policy, said. “If they had been doing that for years, it wouldn’t be so shocking.”A new approach?The rapid spread of Trump’s election lies should be a “wake-up call” for the “well-intentioned people” who think that disinformation can be cured by providing “more quality information”, such as encouraging people to eat “more spinach instead of chocolate”, Wardle, who has conducted training sessions for journalists on how to understand and deal with disinformation, said.“We have an emotional relationship to information. It is not rational,” Wardle said. But people who work in the “quality information space”, Wardle’s term for journalists, scientists, researchers and factcheckers, still often act as if information-processing were fundamentally rational, rather than deeply tied to feelings and the way a person expresses their identity.It’s crucial to understand that the way people process information is through entire narratives, not individual facts, Wardle said. Trying to combat disinformation through factchecking or debunking individual false claims just turns into an endless, fruitless game of “whack-a-mole”.Take the New York Times’ banner headline a week after the election: “Election Officials Nationwide Find No Fraud”. The story cited election officials from both political parties in dozens of states.But that reporting, though valuable, wasn’t likely to change many minds, Phillips, the communications professor, said.“There is an enormous percentage of the population who sees the word ‘election official’ and actually, in their brains, decodes that as liberal, anti-Trump,” she said. “If you’re disinclined to trust institutions, who cares what election officials are saying, because they’re corrupt, they’re in bed with Biden and the fake news media.“The impulse to throw facts at these problems is really strong, and it’s understandable,” she said “But simply saying what the facts are is not going to convince minds that aren’t already open.”Conspiracy theorists, in particular, tend not to be very open to falsification of their claims, added Deen Freelon, an associate professor at the University of North Carolina Chapel Hill who studies social media and politics. “Almost any new piece of evidence or fact can be converted to the conspiracy theory perspective.”Research has also shown that disinformation and conspiracy theories are often deeply intertwined with racial prejudice and hatred, he added. Some of this year’s most dangerous disinformation, about the seriousness of coronavirus pandemic, which disproportionately killed black Americans, and about Trump supposedly winning the election, based on the argument that votes in majority-black cities were fraudulent and should not be counted, were clearly influenced by white Americans’ racial views, he noted.It’s no accident, Freelon said, that some of the same people suggesting Covid is a myth are also arguing that black votes are illegitimate.‘A lot of the country’s been taken’While it is possible to engage with people who believe deeply in false narratives, and sometimes change their minds, that work is most successful on an individual basis, with people who know each other well, experts said.It’s helpful to understand someone’s fundamental framework for viewing the world, including whom they view as the “good guys” and the “bad guys”, in order to understand what kind of additional information might sway them, Phillips said.“The other thing that makes people move on this – it’s corny – is love,” Freelon added. “People who love you, your family, people who are willing to engage.”But disinformation is also sustained by personal relationships.“Nearly all conspiracy theories are supported by social connections and ties. It’s not just one person subscribing to this in isolation, but a network of people who support each other in their beliefs,” Freelon said. “Leaving the group means at a minimum betraying those friends and cutting those social ties.”There are other emotional barriers to people changing their minds.“Nobody anywhere likes to feel like they’ve been duped,” said Shafiqah Hudson, an author and researcher who has studied online disinformation campaigns. “We will fight tooth and nail as humans to avoid feeling foolish. That’s why you see people double down. Nobody wants to feel like they’ve been taken, but a lot of the country’s really been taken.”While personal relationships can help to combat disinformation, many Americans have simply given up trying to fight relatives’ false beliefs.During the holidays in the US, “people are muting their uncles [on social media] or refusing to talk to their mom,” Wardle said.“I am worried,” she said. “If you have two different senses of reality, with two different sets of actors who don’t trust the other side, who are not open to listening to the other side, that’s not how democracy functions.” More

    • 138 Shares129 Views

      in US Politics

      Biden mulls punishments for Russia over suspected role in government hack

      by

      As president-elect Joe Biden weighed options to punish Russia for its suspected hacking of US government agencies and companies, one leading Republican accused Moscow of “acting with impunity” and others called for retaliatory strikes.Biden’s choices once he assumes office on 20 January range from financial sanctions to revenge cyberattacks on Russian interests, according to transition team sources. Donald Trump, meanwhile, maintains the hacking could be the work of China, despite the certainty of his own secretary of state, Mike Pompeo that Russia was behind the attacks.On Sunday, Republican senator Mitt Romney – a frequent Trump critic – said Vladimir Putin’s government had effectively invaded America.“What this invasion underscores is that Russia acted with impunity,” Romney told NBC’s Meet the Press. “They didn’t fear what we would be able to do from a cyber capacity. They didn’t think that our defence systems were particularly adequate. And they apparently didn’t think that we would respond in a very aggressive way.“This demands a response, and the response you’d expect to occur would be a cyber response. I don’t know if we have the capacity to do that in a way that would be of the same scale or even greater scale than what Russia has applied to us, but this is something we have to address as soon as possible.”John Barasso, a Republican senator from Wyoming, told Fox News Sunday the US had been “blindsided”.“Six different agencies have been attacked in our government and this has been going on since March,” he said. “We need to have a forceful, effective punishing response so people pay a price for this and think twice about doing it again.”Any response is unlikely to come in Trump’s 31 remaining days in the White House. Other than a critical tweet on Saturday, Trump has kept silent regarding the hack.“I think we’ve come to recognise that the president has a blind spot when it comes to Russia,” Romney, a member of the Senate homeland security committee, told CNN’s State of the Union. “But I think that the president-elect is a clear-eyed, intelligent individual and he’s going to assess Russia and their capabilities in an appropriate way.”Mark Warner of Virginia, the leading Democrat on the Senate intelligence committee, told ABC’s This Week: “When the president of the United States tries to deflect or is not willing to call out the adversary as we make that attribution, he is not making our country safer.“I sometimes think we disproportionately spend on tanks, ships and guns when we should be better protecting on cyber. And there are international implications of this attack as well. We need to be very clear with an affirmative cyber doctrine that says [if] you do this kind of broad-based, indiscriminate attack, you will bear the consequences.”A Biden source told Reuters the new president could step up counter cyber-espionage, with the goal of deterrence and diminishing the potency of Russian cyber spying. But Biden’s team will need better intelligence. Access to presidential briefings was delayed until about three weeks ago as Trump disputed election results.On Sunday, incoming White House chief of staff Ron Klain told CBS’s Face the Nation: “We should be hearing a clear and unambiguous allocation of responsibility from the White House, from the intelligence community. They’re the people in charge. They’re the ones who should be making those messages and delivering the ascertainment of responsibility.“Instead, what we’ve heard is one message from the secretary of state, a different message from the White House, a different message from the president’s Twitter feed. We have been briefed on this. But again, I think in terms of publicly communicating the position of our government that has to come from the current government and it should be coming in a clear and unambiguous voice.”Romney likened Russia’s suspected attack to the US assault on Baghdad during the Iraq war in 2003.“You saw the videos of the rockets going across the city and slamming into various buildings and the places they attacked, of course, were the communication centers and the utility centers,” he told NBC. “You can bring a country to its knees if people don’t have electricity, don’t have water and can’t communicate.“Basically what Russia appears to have done [is] put themselves in those systems in our country. They don’t need rockets to take those things out. They potentially have the capability to take out all of those things remotely at very small cost.”Christopher Krebs, fired by Trump last month as director of the US Cybersecurity and Infrastructure Security Agency (Cisa) for publicly debunking the president’s false claims of election fraud, agreed that the hack was likely the work of the Russian foreign intelligence service SVR. But he doubted Romney’s assessment about what Russia might do with the harvested data.“The [SVR] are intelligence collectors,” Krebs told CNN. “They’re looking for policy decisions, they’re looking for diplomatic negotiations in federal agencies. They’re typically not the ones to run the destructive types of attacks, and they typically don’t work with the other parts of the Russian government.“That doesn’t mean they can’t hand off access, but for now I think this is more of a intelligence collection operation. The thing that really concerns me about this particular campaign by the Russians was the indiscriminate nature of the supply chain targeting, the fact that they have potentially compromised 18,000 companies. That to me is outside of the bounds of what we’ve seen recently of espionage activities.”Klain echoed Krebs’ caution about what Russia might be hoping to achieve, but added: “In terms of the measures that a Biden administration would take in response to an attack like this, I want to be very clear. It’s not just sanctions. It’s also steps and things we could do to degrade the capacity of foreign actors to repeat this sort of attack.” More

    • 188 Shares159 Views

      in US Politics

      What we know – and still don’t – about the worst-ever US government cyber attack

      by

      Nearly a week after the US government announced that multiple federal agencies had been targeted by a sweeping cyber attack, the full scope and consequences of the suspected Russian hack remain unknown.Key federal agencies, from the Department of Homeland Security to the agency that oversees America’s nuclear weapons arsenal, were reportedly targeted, as were powerful tech and security companies, including Microsoft. Investigators are still trying to determine what information the hackers may have stolen, and what they could do with it.Donald Trump has still said nothing about the attack, which federal officials said posed a “grave risk” to every level of government. Joe Biden has promised a tougher response to cyber attacks but offered no specifics. Members of Congress are demanding more information about what happened, even as officials scrambling for answers call the attack “significant and ongoing”.Here’s a look at what we know, and what we still don’t, about the worst-ever cyber attack on US federal agencies.What happened?The hack began as early as March, when malicious code was snuck into updates to a popular software called Orion, made by the company SolarWinds, which provides network-monitoring and other technical services to hundreds of thousands of organizations around the world, including most Fortune 500 companies and government agencies in North America, Europe, Asia and the Middle East.That malware in the updates gave elite hackers remote access to an organization’s networks so they could steal information. The apparent months-long timeline gave the hackers ample opportunity to extract information from many targets, including monitoring email and other internal communications.Microsoft called it “an attack that is remarkable for its scope, sophistication and impact”.Who has been affected so far?At least six US government departments, including the energy, commerce, treasury and state departments, are reported to have been breached. The National Nuclear Security Administration’s networks were also breached, Politico reported on Thursday.Dozens of security and other technology firms, as well as non-governmental organizations, were also affected, Microsoft said in a statement Thursday. While most of those affected by the attack were in the US, Microsoft said it had identified additional victims in Canada, Mexico, Belgium, Spain, the United Kingdom, Israel and the United Arab Emirates.“It’s certain that the number and location of victims will keep growing,” Microsoft added.Who is responsible for the attack?While the US government has not yet officially named who is responsible for the attack, US officials have told media outlets they believe Russia is the culprit, specifically SVR, Russia’s foreign intelligence outfit.We must act as if the Russian government has control of all the networks it has penetratedAndrei Soldatov, an expert on Russia’s spy agencies and the author of The Red Web, told the Guardian he believes the hack was more likely a joint effort of Russia’s SVR and FSB, the domestic spy agency Putin once headed.Russia has denied involvement: “One shouldn’t unfoundedly blame the Russians for everything,” a Kremlin spokesman said on Monday.The infiltration tactic involved in the current hack, known as the “supply-chain” method, recalled the technique Russian military hackers used in 2016 to infect companies that do business in Ukraine with the hard-drive-wiping NotPetya virus – the most damaging cyber-attack to date.What information has been stolen, and how is it being used?That’s remains deeply unclear.“This hack was so big in scope that even our cybersecurity experts don’t have a real sense yet in the terms of the breadth of the intrusion itself,” Stephen Lynch, the head of the House of Representatives’ oversight and reform committee, said after attending a classified briefing Friday.Thomas Rid, a Johns Hopkins cyberconflict expert, told the Associated Press that it was likely that the hackers had harvested such a vast quantity of data that “they themselves most likely don’t know yet” what useful information they’ve stolen.What can be done to fix the networks that have been compromised?That’s also unclear, and potentially very difficult.“Removing this threat actor from compromised environments will be highly complex and challenging for organizations,” said a statement from the Cybersecurity and Infrastructure Security Agency (Cisa) on Thursday.One of Trump’s former homeland security advisers, Thomas Bossert, has already said publicly that a real fix may take years, and be both costly and challenging.“It will take years to know for certain which networks the Russians control and which ones they just occupy,” Bossert wrote in a New York Times op-ed on Wednesday. “The logical conclusion is that we must act as if the Russian government has control of all the networks it has penetrated.”“A ‘do-over’ is mandatory and entire new networks need to be built – and isolated from compromised networks,” he wrote.How has Trump responded?As of Friday afternoon, the US president had still said nothing to address the attack.The Republican senator and former presidential candidate Mitt Romney has criticized Trump’s silence as unacceptable, particularly in response to an attack he said was “like Russian bombers have been repeatedly flying undetected over our entire country”.“Not to have the White House aggressively speaking out and protesting and taking punitive action is really, really quite extraordinary,” Romney said.How has Biden responded?So far, there’s been tough talk but no clear plan from the president-elect.“We need to disrupt and deter our adversaries from undertaking significant cyberattacks in the first place,” Biden said. “We will do that by, among other things, imposing substantial costs on those responsible for such malicious attacks, including in coordination with our allies and partners.”“There’s a lot we don’t yet know, but what we do know is a matter of great concern,” Biden said.Could this attack have been prevented or deterred?“What we could have done is had a coherent approach and not been at odds with each other,” said Fiona Hill, a Russia expert and former Trump National Security Council member, to PBS NewsHour this week, criticizing conflict and dysfunction within the Trump administration and between the US and its allies on Russia-related issues.If “we don’t have the president on one page and everybody else on another, and we’re working together with our allies to push back on this, that would have a serious deterrent effect”, Hill said.Other cybersecurity experts said the federal government could also do more to simply keep up to date on cybersecurity issues, and said the Trump administration had failed on this front, including by eliminating the positions of White House cybersecurity coordinator and state department cybersecurity policy chief.“It’s been a frustrating time, the last four years. I mean, nothing has happened seriously at all in cybersecurity,” said Brandon Valeriano, a Marine Corps University scholar and adviser to a US cyber defense commission, to the Associated Press.What options does the US have to respond politically to this kind of attack?Some experts are arguing that the US government needs to do more to punish Russia for its apparent interference. The federal government could impose formal sanctions on Russia, as when the Obama administration expelled Russian diplomats in retaliation for Kremlin military hackers’ meddling in Donald Trump’s favor in the 2016 election. Or the US could fight back more covertly by, for instance, making public details of Putin’s own financial dealings.But, as the Guardian’s Luke Harding pointed out, cyber attacks are “cheap, deniable, and psychologically effective”, and Biden’s options for responding to Russia’s aggression are limited.“The answer eluded Barack Obama, who tried unsuccessfully to reset relations with Putin. The person who led this doomed mission was the then secretary of state, Hillary Clinton, herself a Russian hacking victim in 2016,” Harding wrote.What are other potential consequences of the hack?SolarWinds may face legal action from private customers and government entities affected by the breach. The company filed a report with the Securities and Exchange Commission on Tuesday detailing the hack.In it, the company said total revenue from affected products was about $343m, or roughly 45% of the firm’s total revenue. SolarWinds’ stock price has fallen 25% since news of the breach first broke.Moody’s Investors Service said Wednesday it was looking to downgrade its rating for the company, citing the “potential for reputational damage, material loss of customers, a slowdown in business performance and high remediation and legal costs”.The Associated Press contributed reporting. More

    • 200 Shares129 Views

      in US Politics

      Orion hack exposed vast number of targets – impact may not be known for a while

      by

      If there is one silver lining to the months-long global cyber-espionage campaign discovered when a prominent cybersecurity firm learned it had been breached, it might be that the sheer numbers of potentially compromised entities offers them some protection.By compromising one piece of security software – a security tool called Orion developed by the Texan company SolarWinds – the attackers gained access to an extraordinary array of potential targets in the US alone: more than 425 of the Fortune 500 list of top companies; all of the top 10 telecommunications companies; all five branches of the military; and all of the top five accounting firms.But they are just a fraction of SolarWinds’ 300,000 global customers, which also include UK government agencies and private sector companies.For now, we only have only confirmation from investigators that the US Treasury and commerce departments were attacked. The hack, attributed to Russian state actors, took the form of a so-called supply chain attack. Rather than directly attacking the US government, the attackers succeeded in compromising the automatic update function built into Orion.That breach provided the foothold the attackers needed to begin monitoring internal emails at the departments. By hacking SolarWind and inserting weaknesses into the Orion software at source, the attackers simply had to wait until their targets downloaded and ran a fake software security update.Thankfully, even then, the full attack was a technically challenging manoeuvre. In order to stay below the radar of the US government’s own security teams, the update was programmed to sit silently for two weeks after it was installed, and then to only upload stolen data in small quantities so that it could be disguised as normal Orion traffic.That, investigators say, means it is unlikely that the perpetrators made the most of the widespread access they could have gained. Rather than exfiltrating untold gigabytes of stolen data to peruse at their leisure, the attackers had to operate in a much more labour-intensive fashion, navigating through the government network as quietly as possible, and only uploading data already presumed to be valuable.At the moment it is not clear how much information was taken, and what other departments and entities the hackers chose to enter.Nevertheless, the US Cybersecurity and Infrastructure Security Agency issued an emergency directive late on Sunday night advising all federal civilian agencies to “review their networks for indicators of compromise and disconnect or power down SolarWinds Orion products immediately”. The acting director, Brandon Wales, said the compromise “poses unacceptable risks” to the security of federal networks.The long-term impact of the hack is unlikely to be known for a while, if at all. Although journalists and the public think about the impact of attacks simply in terms of any striking secrets revealed, cyber-warfare tends to have multiple goals.As well as looking for ill-guarded secrets of individuals, this sort of attack can be used to map how organisations work and their structural vulnerabilities, with a view to potentially exploiting them at a later point..More broadly, cyber operations like this undermine confidence in existing security measures and hand a propaganda coup to the country directing the attack.Silently eavesdropping on high-value targets is a labour-intensive job – particularly if the attacker wants to stay hidden, and for now it appears that the temptation to eavesdrop on internal communications at the US treasury and commerce departments was the most compelling.If other customers of SolarWinds do not find evidence that they were under surveillance, they will take solace in the fact that the US government was too big a target to pass up. More

    • 88 Shares159 Views

      in World Politics

      Five Tools We Need to Fight Disinformation

      by

      According to the GLOBSEC Trends 2020 report, across Central and Eastern Europe, 34% believe that COVID-19 is a hoax designed to manipulate populations. With hundreds of deaths around the world occurring as a result of disinformation related to the coronavirus, the pandemic has demonstrated the critical importance of limiting the impact of disinformation on our societies.

      COVID-19 Conspiracy Theories Have Real-World Consequences

      READ MORE

      Only an approach that encompasses all of society can truly improve resilience to disinformation. It needs to consist of five elements, none of which can be neglected if we want to create a healthier information environment. These are: legal instruments on European or national level, disinformation demonetization, responsible digital citizenship, quality journalism and strategic communication. All these elements require cooperation from public officials and state institutions, the research community, civil society actors as well as citizens.

      Basic Rules

      EU member states need to actively contribute to the swift implementation of the proposed Digital Services Act and the European Democracy Action Plan that will establish much-needed boundaries for digital space. Non-members can work to adopt legislation modeled on the European code and collaborate with the EU to set basic rules in line with the principle that what is illegal offline is illegal online. For example, if Holocaust denial is illegal in countries such as Austria or Slovakia, such content should not be acceptable on digital platforms that either have community standards that are not in line with legislation in which these platforms operate or because of a failure to uphold those standards.

      Furthermore, regulation needs to foster transparency and accountability in areas such as content ranking and moderation. These instruments, if implemented properly with all key stakeholders such as digital platforms, the research community, civil society and technology specialists on board, could significantly limit the reach of harmful content.

      Defunding Disinformation

      According to the Global Disinformation Index, the estimated yearly profit generated by disinformation websites come to $235 million, propelling disinformation actors to incredible influence. Legal instruments can help disrupt the economy of disinformation by ensuring that ad agencies will not be able to place ads on sites spreading fake news, hate speech and conspiracy theories. Google already announced that it will defund ads on webpages promoting COVID-19 conspiracy theories. However, implementation of this policy is questionable due to a lack of transparency measures and standardized monitoring. Similarly, social media platforms should not be allowed to place ads next to hate speech and disinformation.

      In this effort, civil society organizations have been paving the way, with projects such as Slovakia’s konspiratori.sk, Czech nelez.cz or, in the US, the Anti-Defamation League’s Stop Hate for Profit. They are based on raising awareness of disinformation outlets while inviting companies to opt out of placing ads on such channels. Freedom of speech does not mean the right to profit from disinformation. Demonetizing disinformation would lead to an immediate improvement in the quality of the information environment as it would limit the reach of disinformation by removing economic incentives that drive it.

      Responsible Digital Citizenship

      Many citizens have been caught unprepared for the radical changes to information consumption and production in the wake of the information revolution. Without the necessary education and skills, users often share content without checking their sources, unaware of the fact that they are unwittingly helping to spread hate and false information. We all need to accept the fact that responsible citizenship extends to online sphere as well.

      It is crucial to include the concept of responsible digital citizenship for all age groups in teaching curricula starting from elementary schools. Similar training could be implemented in employment onboarding schemes. It should cover all aspects of digital footprints such as personal data protection, norms of online conduct and the consequences of sharing malign information among our communities.

      Quality Journalism

      Another factor in the disinformation equation is that quality journalism has suffered globally in the wake of the 2008 financial crisis and with the rise of social media. Independent journalism needs to be systematically supported, possibly by taxing tech giants and using a portion of that money to fund media resources. As one of the cornerstones of functioning democracies, the demise of local outlets is highly worrying. Support for local news and the protection of investigative journalists from threats and attacks would work as a strong antidote to the increasing dissemination of toxic content.

      Strategic Communication

      Often, state administrations and European institutions suffer from an inability to communicate their messages in an accessible and engaging way. It is of the utmost importance that all state institutions, from regional to federal, proactively communicate their activities and benefits to citizens because in the absence of such communication, an information void is created that can be easily abused by malign actors.

      Strategic communication is the go-to tool when striving to build trust with constituencies. Such trust will also likely be the determining factor in the relative success of overcoming the pandemic, as people’s willingness to get vaccinated against COVID-19 correlates with trust in public institutions.

      Regulation and demonetizing disinformation are reactive steps that address a social wound that has been left untreated for too long. But proactive measures of fostering responsible digital citizenship, supporting quality journalism and conducting efficient strategic messaging will help increase democratic’ resilience to influence operations. Even partial progress in each of these five domains would lead to massive improvements in the quality of our shared information environment.  

      The views expressed in this article are the author’s own and do not necessarily reflect Fair Observer’s editorial policy. More

    • 113 Shares99 Views

      in US Politics

      US treasury hacked by foreign government group – report

      by

      Hackers backed by a foreign government have been monitoring internal email traffic at the US treasury department and an agency that decides internet and telecommunications policy, according to people familiar with the matter.“The United States government is aware of these reports and we are taking all necessary steps to identify and remedy any possible issues related to this situation,” said national security council spokesman John Ullyot.There is concern within the US intelligence community that the hackers who targeted the treasury department and the commerce department’s national telecommunications and information administration used a similar tool to break into other government agencies, according to three people briefed on the matter. The people did not say which other agencies.The hack is so serious it led to a national security council meeting at the White House on Saturday, said one of the people familiar with the matter.The hack involves the NTIA’s office software, Microsoft’s Office 365. Staff emails at the agency were monitored by the hackers for months, sources said.A Microsoft spokesperson did not immediately respond to a request for comment.The hackers are “highly sophisticated” and have been able to trick the Microsoft platform’s authentication controls, according to a person familiar with the incident, who spoke on condition of anonymity because they were not allowed to speak to the press.“This is a nation state,” said a different person briefed on the matter. “We just don’t know which one yet.“The full scope of the hack is unclear. The investigation is still in its early stages and involves a range of federal agencies, including the FBI, according to the three people familiar with the matter.The FBI, homeland security department’s cybersecurity division, known as CISA, and US national security agency did not immediately respond to a request for comment. More

    • 125 Shares199 Views

      in US Politics

      Facebook faces antitrust allegations over deals for Instagram and WhatsApp

      by

      Facebook is expecting significant new legal challenges, as the US Federal Trade Commission and a coalition of attorney generals from up to 40 states are preparing antitrust suits.
      [embedded content]
      Although the specific charges in both cases remain unclear, the antitrust allegations are expected to center on the tech giant’s acquisition of two big apps: a $1bn deal to buy the photo-sharing app Instagram in 2012, and the $19bn purchase of the global messaging service WhatsApp in 2014. Together, the buys brought the top four social media companies worldwide under Facebook’s control. The purchases would constitute antitrust violations if Facebook believed the companies were viable competitors.
      At the time of its acquisition, Instagram had 30 million users, and, even though it was growing rapidly, it wasn’t yet making money. WhatsApp boasted more than 450 million monthly active users when it was acquired. “WhatsApp is on a path to connect 1 billion people,” Zuckerberg said in a statement at the time.
      The FTC cleared Facebook for the acquisitions when they occurred, and the company is hoping to leverage those approvals in mounting a defense. Facebook executives have also argued their company has helped the apps grow.
      But Facebook has come under greater scrutiny since the deals were done, and the FTC launched a new investigation into the potential antitrust violations in 2019.
      The FTC probe will build on findings from a separate inquiry conducted by the US House Judiciary subcommittee, which released millions of documents that appeared to show that Facebook executives, including CEO Mark Zuckerberg, were concerned the apps could become competition, before aggressively pursuing them.
      In one 2012 email, made public through the House investigation, Zuckerberg highlighted how Instagram had an edge on mobile, an area where Facebook was falling behind. In another, the CEO said Instagram could hurt Facebook even if it doesn’t become huge. “The businesses are nascent but the networks are established, the brands are already meaningful and if they grow to a large scale they could be disruptive to us,” Zuckerberg wrote. Instagram’s co-founder also fretted that his company might be targeted for destruction by Zuckerberg if he refused the deal.
      The FTC is expected to vote on a possible suit this week. Three of the five-member commission are believed to be in favor of the move, including chair Joseph Simons, who is expected to leave the agency before the new Biden administration is sworn in, Politico reported.
      Commissioners also have to decide where to file the suit: in federal court, which would leave the outcome to a judge; or in the FTC, where the commission could ultimately decide.
      The suit expected from the bipartisan coalition of states is headed by New York attorney general Letitia James. While details of their complaint are also scant, several states’ top law enforcement offices launched probes into Facebook’s acquisitions last year, adding to the pressure put on the company by federal regulators.
      Facebook did not respond to a request for comment.
      Facebook’s possible legal challenges come as a growing number of US lawmakers are arguing that companies including Amazon, Google, Facebook and Apple have amassed too much power and should be reined in.
      These companies “wield their dominance in ways that erode entrepreneurship, degrade Americans’ privacy online, and undermine the vibrancy of the free and diverse press”, the House judiciary committee concluded in its nearly 500-page report.
      “The result is less innovation, fewer choices for consumers, and a weakened democracy.”
      President-elect Joe Biden, too, has been critical of the tech companies. “Many technology giants and their executives have not only abused their power, but misled the American people, damaged our democracy and evaded any form of responsibility,” said Biden spokesperson Matt Hill to the New York Times. “That ends with a President Biden.”
      In May, Facebook took over Giphy, a hugely popular moving-image app, with plans to integrate it with Instagram. Late last month, the company also announced plans to acquire Kustomer, an e-commerce app.
      “This deal is about providing more choices and better products for consumers,” a company spokesman said in a statement to the New York Times. “The key to Facebook’s success has always been innovation, with M&A being just a part of our overall business strategy, and we will continue to demonstrate to regulators that competition in the technology sector is vibrant.” More